Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp2123121rwl; Sat, 8 Apr 2023 08:10:44 -0700 (PDT) X-Google-Smtp-Source: AKy350Y47vfQiLAs1ZVMeJmDlfPID6WoM96iII8sP+xewN4xB/c/C0QbSroNKCTShL5N/LGC+lBG X-Received: by 2002:a17:906:2a48:b0:933:4d37:82b2 with SMTP id k8-20020a1709062a4800b009334d3782b2mr2390024eje.57.1680966644296; Sat, 08 Apr 2023 08:10:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680966644; cv=none; d=google.com; s=arc-20160816; b=YUajpgUSK1lpLMMRfdZRcU2xWjm6l7nDrlmMHY8yEeaouoc3tNvoKR96jvJ+j0JXfE ygiuvmyb1rmqOo09Sa4xPJ0R8JGClBLLrPQolDUenlkFvkHfBGjn4LykzSCMLye0RBLM N5iEMjKwrDgMQSlRihV96xL27uqri/l+O5Rqnld/CGoFVDi6qTRgAdv8dooVtGh3q+5O n/+5NR+0EeHkUMfdhRtq0N7FwmoBF5DubTeuFsPW54N8PV9R3kDYWtDOl58tQV4yN7+9 V3cFPfT92yplGZKICj5XVw2CXE7czvnpYbuGbpGKsJYszWNpdNq9pFmsro/xldEteC6q Avdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:user-agent :references:in-reply-to:subject:cc:to:from:date:mime-version :dkim-signature:dkim-filter; bh=GGK8J8ROSB8RdorZJID1wyP7viogzq8rSNKxlSR5gEM=; b=CZp9sXtsspiLxeOvtTwVBR8ohO1AhI0rW6X9Jb9YqDUKPwZAqVCBQ8b+sqvcdf/KRd A8ur+8Y8xwU6oKMGstqHQAo7GWMKWuzrLdXVdi9gsl3lCIG/lXGzl2cDYzGFQKWLUg4F uUxeTYxvDfNZtP7c0bdfrTCTpJU2dSq1SskKYXR9ljImD1JPp8QTvCcfPNrt2YmBbonF vGsWeWl1BKWQjfSlXMBCUzSJt+kNKNqeEYYq6E+uYOeivokpQhrKzIMhi6HeAuaKTWMX l+hpQC/WCcJlxIWnreObHtvrKXZtizUGgv0xTUCr31DFwKD1FQPqE1r+AOyj5C34MVWz uCkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=qkW7h3uF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hp7-20020a1709073e0700b00946e67fcf7fsi6540716ejc.124.2023.04.08.08.10.20; Sat, 08 Apr 2023 08:10:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@ispras.ru header.s=default header.b=qkW7h3uF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229588AbjDHPJO (ORCPT + 99 others); Sat, 8 Apr 2023 11:09:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46396 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229456AbjDHPJN (ORCPT ); Sat, 8 Apr 2023 11:09:13 -0400 Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58B263581; Sat, 8 Apr 2023 08:09:12 -0700 (PDT) Received: from mail.ispras.ru (unknown [83.149.199.84]) by mail.ispras.ru (Postfix) with ESMTPSA id A23EF44C1018; Sat, 8 Apr 2023 15:09:10 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru A23EF44C1018 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru; s=default; t=1680966550; bh=GGK8J8ROSB8RdorZJID1wyP7viogzq8rSNKxlSR5gEM=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=qkW7h3uFhxQENtEMvCwovNUZ1V5vIFL8XJpjCB48UfQQGAejq4BVt/MLhg63AQv1Y OGvcwUsx4UxnIaB2MLHzeZsqzpE7WesfbUSqVKMuqmEhn7ivRlPVrxeecwAKFmBZy8 iUMLvkw+Ip6OHkVgxitYXHED+eupzRK3q7iaJWjQ= MIME-Version: 1.0 Date: Sat, 08 Apr 2023 18:09:10 +0300 From: Evgeniy Baskov To: Borislav Petkov Cc: Ard Biesheuvel , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , "Limonciello, Mario" , joeyli , lvc-project@linuxtesting.org, x86@kernel.org, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v5 03/27] x86/boot: Set cr0 to known state in trampoline In-Reply-To: <20230405175441.GFZC214WxyhULbtl3P@fat_crate.local> References: <63368ff665956a64f07aee9bc863b70c86b8b0c8.1678785672.git.baskov@ispras.ru> <20230405175441.GFZC214WxyhULbtl3P@fat_crate.local> User-Agent: Roundcube Webmail/1.4.4 Message-ID: <6910b36b28213b4b47bd3173d7be47f3@ispras.ru> X-Sender: baskov@ispras.ru Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2023-04-05 20:54, Borislav Petkov wrote: > On Tue, Mar 14, 2023 at 01:13:30PM +0300, Evgeniy Baskov wrote: >> Ensure WP bit to be set to prevent boot code from writing to >> non-writable memory pages. >> >> Tested-by: Mario Limonciello >> Signed-off-by: Evgeniy Baskov >> --- >> arch/x86/boot/compressed/head_64.S | 5 ++--- >> 1 file changed, 2 insertions(+), 3 deletions(-) >> >> diff --git a/arch/x86/boot/compressed/head_64.S >> b/arch/x86/boot/compressed/head_64.S >> index 03c4328a88cb..01fa42d31648 100644 >> --- a/arch/x86/boot/compressed/head_64.S >> +++ b/arch/x86/boot/compressed/head_64.S >> @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src) >> pushl $__KERNEL_CS >> pushl %eax >> >> - /* Enable paging again. */ >> - movl %cr0, %eax >> - btsl $X86_CR0_PG_BIT, %eax >> + /* Enable paging and set CR0 to known state (this also sets WP flag) >> */ >> + movl $CR0_STATE, %eax > > This sets a lot more than WP. Why? Because there are code paths where cr0 state is not initialized (e.g. the EFISTUB code path) and it's better to know it exactly. Although we don't actually care about MP, ET, NE and AM flags, but they should be all supported, so the choice was arbitrary. Also they are already initialized to this value on one code path -- when the kernel started its execution via startup_32. Thanks.