Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp8539100rwi; Tue, 25 Oct 2022 07:55:00 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4CjrnJnQ5t85X42vGGIvcUmTRCHFk9+/lbThqnpAFunmbqTjf02mUNlDtGDPECLIR2tpb2 X-Received: by 2002:a17:90a:588a:b0:212:fa50:7dec with SMTP id j10-20020a17090a588a00b00212fa507decmr16054091pji.190.1666709700637; Tue, 25 Oct 2022 07:55:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666709700; cv=none; d=google.com; s=arc-20160816; b=Lxqv2TB9FVG7/LK0/+Rx/QVIh6C6WixMj2TJlj9IFFF6pYFr4kqGThQpYlO3z0YxjE VVON8slOC1H8EGRHznTLSXFPcn+aiQ2DX5gpeRh9LeTz+fhuHusXpfe0jbn9Fu3cwGIg rBOSOGw5UK91OuWE0LhyvtFruLS+W14HhANSIuQp1elY8H/8xSjgHjTIDEXETbgGlr0F jXCMsK7cAmB18hLxjOtlt9RUb8WGiSvDP9k7NPqH1P27SVa4z/AlFd2ggQbbOLsFLCp5 wIf1I+y4tk/GzIugfkOmAqGAYxfIGEcl4RTRqN0mnxfIipFuS4as7DqI3WL+gw1ZBWuL lhcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-filter; bh=bLo8SKzI6m8S91IVaglgF8mOxCQMqZtqBjyc3705zno=; b=c/6au5crObpidh1emrPCwzyGwgm9KwxBwG1wr2JTQwdCgfwdFJPDD8pXD8VML3OPO5 J3KvsQ4KDTST4p4hbEHkxxN2pGyuaLMJwVf4ONeLapT+R7dnUPMCv68a63K+qnFSh3Rt 2LP5/QcNMwkHbwShnLKON3paw5Qqu6VYPCWb/V6gWfYRF1B1R62hBrCZdx1Xz1Xpp3KM BMnSf+6O6j2n7OYWF/JlzoD9MQDhOoVWjisNWRSKuVnzuujuitaI6ZGaNLB4dCKgcQUX w9LU2Ofvtqey692C+cj7y8NUwWfbC+xoNEgEjD7QbeP6gRTrePXw3wuyCyXtAKrFJD4W +kbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=hnuPICTq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e23-20020a656897000000b0045b1d6c87cfsi3464316pgt.432.2022.10.25.07.54.48; Tue, 25 Oct 2022 07:55:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=hnuPICTq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233092AbiJYONw (ORCPT + 99 others); Tue, 25 Oct 2022 10:13:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46154 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233035AbiJYONp (ORCPT ); Tue, 25 Oct 2022 10:13:45 -0400 Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 232B1ABF20; Tue, 25 Oct 2022 07:13:34 -0700 (PDT) Received: from localhost.localdomain (unknown [83.149.199.65]) by mail.ispras.ru (Postfix) with ESMTPSA id 940B7419E9FC; Tue, 25 Oct 2022 14:13:32 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru 940B7419E9FC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru; s=default; t=1666707212; bh=bLo8SKzI6m8S91IVaglgF8mOxCQMqZtqBjyc3705zno=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hnuPICTqGcCHyv5JohVZn/Iy9SZjGNEZ4lT4u5gTHIXacVP46flHXSp/TI/APoCPh QVNNlkItKMde/F2KIUv617thzrs3mC8aBhh6/PJkKhfuRudq/Lyt9x9f9pqQNQxig0 8wuv2LrjxyIW63fwqPnglCC96nvvlLw25CLJ3wCc= From: Evgeniy Baskov To: Ard Biesheuvel Cc: Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , lvc-project@linuxtesting.org, x86@kernel.org, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH v2 09/23] x86/boot: Remove mapping from page fault handler Date: Tue, 25 Oct 2022 17:12:47 +0300 Message-Id: X-Mailer: git-send-email 2.37.4 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org After every implicit mapping is removed, this code is no longer needed. Remove memory mapping from page fault handler to ensure that there are no hidden invalid memory accesses. Signed-off-by: Evgeniy Baskov --- arch/x86/boot/compressed/ident_map_64.c | 26 ++++++++++--------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index fec795a4ce23..ba5108c58a4e 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -386,27 +386,21 @@ void do_boot_page_fault(struct pt_regs *regs, unsigned long error_code) { unsigned long address = native_read_cr2(); unsigned long end; - bool ghcb_fault; + char *msg; - ghcb_fault = sev_es_check_ghcb_fault(address); + if (sev_es_check_ghcb_fault(address)) + msg = "Page-fault on GHCB page:"; + else + msg = "Unexpected page-fault:"; address &= PMD_MASK; end = address + PMD_SIZE; /* - * Check for unexpected error codes. Unexpected are: - * - Faults on present pages - * - User faults - * - Reserved bits set - */ - if (error_code & (X86_PF_PROT | X86_PF_USER | X86_PF_RSVD)) - do_pf_error("Unexpected page-fault:", error_code, address, regs->ip); - else if (ghcb_fault) - do_pf_error("Page-fault on GHCB page:", error_code, address, regs->ip); - - /* - * Error code is sane - now identity map the 2M region around - * the faulting address. + * Since all memory allocations are made explicit + * now, every page fault at this stage is an + * error and the error handler is there only + * for debug purposes. */ - kernel_add_identity_map(address, end, MAP_WRITE); + do_pf_error(msg, error_code, address, regs->ip); } -- 2.37.4