Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp8470728rwl; Sat, 31 Dec 2022 06:22:50 -0800 (PST) X-Google-Smtp-Source: AMrXdXtKHrjTXmxXRYzIT/bfy4uwXR6s2QhwEM5iD81HZm3eM5ff0urYbQgrshLX8YCoeV3y+F5c X-Received: by 2002:a17:90b:110a:b0:223:2001:4ee8 with SMTP id gi10-20020a17090b110a00b0022320014ee8mr38137823pjb.27.1672496570117; Sat, 31 Dec 2022 06:22:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672496570; cv=none; d=google.com; s=arc-20160816; b=kNZI+x/41wkGZa/8dRh0pkBMIzlmZWu4pMuDt7HKnbLUoAQsC5NupdyU+rLlnvSw9O tLJA/UT9K7nGJL8/xwbNJe8Vbs86WsEWY0FfSc2Uyb0s8/HlzsHMWeMRkGjNEAvZCbKb oFfuOjqjzMfM3+uXhsNYvWgzGl3j1y9Vwuc7h8cMFvp9hsLXNParxk/I3JPBbUWJvq/W 6qID6Y52fQhq9juHNyAO7jz3yjvqGRB5n2/TQGMl3R+ZHG0HOpy1TnP/qQ/40DccH9Jf xN5+lWkOaVHL9jS8AewxlZi/A69fG/YjH8JhJIhAmzPVNO/glDd2Bp6gzQS+NFc/cbjh mcoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=I3EXbAZF0ZkXHlsBF39+Z27ZqrvJyxmcMZ2q51Q1/4c=; b=yo3dqkkDWN5Whte9BRlmDUeDJTNHg4D53NChnqIVjw8CsxHK2/grgqf1VF7Hx0LxQR a9vksda9lxLLR/oQPqKwK9f9rdO61yrLOR2S+5FHtyzc+8UsJkhoC/i6//v8hrJBbLBd cu2169jW/XErxS+B5UlZizSaUb1TPDAQcqmTPFn3uohaC9zXRZdLzx/8SQ8rhgLThp3U rk6uhw6jqp/+TKaVCbF/C5xOtV7jLwY9Y0gjPwjZnws1UlXWrpAGKWcyMSKYOxF8UpWS K7aqKpOlITV9ln6QoLdt5j2UgTaAD78HHgHMFaZhtOpNBhag1NCird5UPMTxDAg1qS95 dFLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=J0VgweoX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id qe2-20020a17090b4f8200b00218c111625csi30806832pjb.150.2022.12.31.06.22.41; Sat, 31 Dec 2022 06:22:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@zx2c4.com header.s=20210105 header.b=J0VgweoX; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=zx2c4.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231990AbiLaNoS (ORCPT + 62 others); Sat, 31 Dec 2022 08:44:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54652 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229484AbiLaNoQ (ORCPT ); Sat, 31 Dec 2022 08:44:16 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3F81E5FE6 for ; Sat, 31 Dec 2022 05:44:16 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 02E6EB8010F for ; Sat, 31 Dec 2022 13:44:15 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B72E8C433D2; Sat, 31 Dec 2022 13:44:12 +0000 (UTC) Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="J0VgweoX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1672494251; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=I3EXbAZF0ZkXHlsBF39+Z27ZqrvJyxmcMZ2q51Q1/4c=; b=J0VgweoXjwAHO1a/91Zlb2Q+CTc5BruXxZkyPJ95acGGShgImBWr2aCaY/RCi5SD8viTvq LdE+PDwk0i3w43Xxi5jTWdCEeb6b3w7kwWYTrKKjRX04gpQNloMEDNTB3etU5r3ClfF517 Mc7u19KscXmsJD4jqqCS+C6qcCw0i1c= Received: by mail.zx2c4.com (ZX2C4 Mail Server) with ESMTPSA id dc77abb8 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Sat, 31 Dec 2022 13:44:11 +0000 (UTC) Date: Sat, 31 Dec 2022 14:44:08 +0100 From: "Jason A. Donenfeld" To: Borislav Petkov Cc: "H. Peter Anvin" , pbonzini@redhat.com, ebiggers@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, qemu-devel@nongnu.org, ardb@kernel.org, kraxel@redhat.com, philmd@linaro.org Subject: Re: [PATCH qemu] x86: don't let decompressed kernel image clobber setup_data Message-ID: References: <46466e54-25c3-3194-8546-a57cd4a80d9d@zytor.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Dec 31, 2022 at 02:40:59PM +0100, Borislav Petkov wrote: > On Fri, Dec 30, 2022 at 05:06:55PM -0800, H. Peter Anvin wrote: > > This needs to be something like: > > > > kernel_add_identity_map(sd_addr, sd_addr + sizeof(*sd)); > > kernel_add_identity_map(sd_addr + sizeof(*sd), > > sd_addr + sizeof(*sd) + sd->len); > > It still #PFs with that: > > (gdb) bt > #0 0xffffffff84738576 in native_halt () at ./arch/x86/include/asm/irqflags.h:57 > #1 halt () at ./arch/x86/include/asm/irqflags.h:98 > #2 early_fixup_exception (regs=regs@entry=0xffffffff84007dc8, trapnr=trapnr@entry=14) at arch/x86/mm/extable.c:340 > #3 0xffffffff846ff465 in do_early_exception (regs=0xffffffff84007dc8, trapnr=14) at arch/x86/kernel/head64.c:424 > #4 0xffffffff846ff14f in early_idt_handler_common () at arch/x86/kernel/head_64.S:483 > #5 0xc149f9894908788d in ?? () > #6 0xffffffffff2003fc in ?? () > #7 0x0000000000000010 in fixed_percpu_data () > #8 0xdffffc0000000000 in ?? () > #9 0xffffffff84007ea8 in init_thread_union () > #10 0xffffffffff20088d in ?? () > #11 0x0000000000000000 in ?? () > > /me goes to dig more. Are you using patch v1 minus the 62 MiB thing? If you haven't applied patch v1 and then removed the 62 MiB limitation in it, then you've misunderstood the conversation again. Please see my reproduction steps to Peter: https://lore.kernel.org/lkml/Y68K4mPuz6edQkCX@zx2c4.com/ Jason