Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp2123121rwl;
        Sat, 8 Apr 2023 08:10:44 -0700 (PDT)
X-Google-Smtp-Source: AKy350Y47vfQiLAs1ZVMeJmDlfPID6WoM96iII8sP+xewN4xB/c/C0QbSroNKCTShL5N/LGC+lBG
X-Received: by 2002:a17:906:2a48:b0:933:4d37:82b2 with SMTP id k8-20020a1709062a4800b009334d3782b2mr2390024eje.57.1680966644296;
        Sat, 08 Apr 2023 08:10:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1680966644; cv=none;
        d=google.com; s=arc-20160816;
        b=YUajpgUSK1lpLMMRfdZRcU2xWjm6l7nDrlmMHY8yEeaouoc3tNvoKR96jvJ+j0JXfE
         ygiuvmyb1rmqOo09Sa4xPJ0R8JGClBLLrPQolDUenlkFvkHfBGjn4LykzSCMLye0RBLM
         N5iEMjKwrDgMQSlRihV96xL27uqri/l+O5Rqnld/CGoFVDi6qTRgAdv8dooVtGh3q+5O
         n/+5NR+0EeHkUMfdhRtq0N7FwmoBF5DubTeuFsPW54N8PV9R3kDYWtDOl58tQV4yN7+9
         V3cFPfT92yplGZKICj5XVw2CXE7czvnpYbuGbpGKsJYszWNpdNq9pFmsro/xldEteC6q
         Avdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:message-id:user-agent
         :references:in-reply-to:subject:cc:to:from:date:mime-version
         :dkim-signature:dkim-filter;
        bh=GGK8J8ROSB8RdorZJID1wyP7viogzq8rSNKxlSR5gEM=;
        b=CZp9sXtsspiLxeOvtTwVBR8ohO1AhI0rW6X9Jb9YqDUKPwZAqVCBQ8b+sqvcdf/KRd
         A8ur+8Y8xwU6oKMGstqHQAo7GWMKWuzrLdXVdi9gsl3lCIG/lXGzl2cDYzGFQKWLUg4F
         uUxeTYxvDfNZtP7c0bdfrTCTpJU2dSq1SskKYXR9ljImD1JPp8QTvCcfPNrt2YmBbonF
         vGsWeWl1BKWQjfSlXMBCUzSJt+kNKNqeEYYq6E+uYOeivokpQhrKzIMhi6HeAuaKTWMX
         l+hpQC/WCcJlxIWnreObHtvrKXZtizUGgv0xTUCr31DFwKD1FQPqE1r+AOyj5C34MVWz
         uCkQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@ispras.ru header.s=default header.b=qkW7h3uF;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id hp7-20020a1709073e0700b00946e67fcf7fsi6540716ejc.124.2023.04.08.08.10.20;
        Sat, 08 Apr 2023 08:10:44 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ispras.ru header.s=default header.b=qkW7h3uF;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229588AbjDHPJO (ORCPT <rfc822;aprilthirty60@gmail.com>
        + 99 others); Sat, 8 Apr 2023 11:09:14 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46396 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229456AbjDHPJN (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 8 Apr 2023 11:09:13 -0400
Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58B263581;
        Sat,  8 Apr 2023 08:09:12 -0700 (PDT)
Received: from mail.ispras.ru (unknown [83.149.199.84])
        by mail.ispras.ru (Postfix) with ESMTPSA id A23EF44C1018;
        Sat,  8 Apr 2023 15:09:10 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru A23EF44C1018
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru;
        s=default; t=1680966550;
        bh=GGK8J8ROSB8RdorZJID1wyP7viogzq8rSNKxlSR5gEM=;
        h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
        b=qkW7h3uFhxQENtEMvCwovNUZ1V5vIFL8XJpjCB48UfQQGAejq4BVt/MLhg63AQv1Y
         OGvcwUsx4UxnIaB2MLHzeZsqzpE7WesfbUSqVKMuqmEhn7ivRlPVrxeecwAKFmBZy8
         iUMLvkw+Ip6OHkVgxitYXHED+eupzRK3q7iaJWjQ=
MIME-Version: 1.0
Date:   Sat, 08 Apr 2023 18:09:10 +0300
From:   Evgeniy Baskov <baskov@ispras.ru>
To:     Borislav Petkov <bp@alien8.de>
Cc:     Ard Biesheuvel <ardb@kernel.org>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Alexey Khoroshilov <khoroshilov@ispras.ru>,
        Peter Jones <pjones@redhat.com>,
        Gerd Hoffmann <kraxel@redhat.com>,
        "Limonciello, Mario" <mario.limonciello@amd.com>,
        joeyli <jlee@suse.com>, lvc-project@linuxtesting.org,
        x86@kernel.org, linux-efi@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [PATCH v5 03/27] x86/boot: Set cr0 to known state in trampoline
In-Reply-To: <20230405175441.GFZC214WxyhULbtl3P@fat_crate.local>
References: <cover.1678785672.git.baskov@ispras.ru>
 <63368ff665956a64f07aee9bc863b70c86b8b0c8.1678785672.git.baskov@ispras.ru>
 <20230405175441.GFZC214WxyhULbtl3P@fat_crate.local>
User-Agent: Roundcube Webmail/1.4.4
Message-ID: <6910b36b28213b4b47bd3173d7be47f3@ispras.ru>
X-Sender: baskov@ispras.ru
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
        DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
        autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2023-04-05 20:54, Borislav Petkov wrote:
> On Tue, Mar 14, 2023 at 01:13:30PM +0300, Evgeniy Baskov wrote:
>> Ensure WP bit to be set to prevent boot code from writing to
>> non-writable memory pages.
>> 
>> Tested-by: Mario Limonciello <mario.limonciello@amd.com>
>> Signed-off-by: Evgeniy Baskov <baskov@ispras.ru>
>> ---
>>  arch/x86/boot/compressed/head_64.S | 5 ++---
>>  1 file changed, 2 insertions(+), 3 deletions(-)
>> 
>> diff --git a/arch/x86/boot/compressed/head_64.S 
>> b/arch/x86/boot/compressed/head_64.S
>> index 03c4328a88cb..01fa42d31648 100644
>> --- a/arch/x86/boot/compressed/head_64.S
>> +++ b/arch/x86/boot/compressed/head_64.S
>> @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src)
>>  	pushl	$__KERNEL_CS
>>  	pushl	%eax
>> 
>> -	/* Enable paging again. */
>> -	movl	%cr0, %eax
>> -	btsl	$X86_CR0_PG_BIT, %eax
>> +	/* Enable paging and set CR0 to known state (this also sets WP flag) 
>> */
>> +	movl	$CR0_STATE, %eax
> 
> This sets a lot more than WP. Why?

Because there are code paths where cr0 state is not initialized
(e.g. the EFISTUB code path) and it's better to know it exactly.
Although we don't actually care about MP, ET, NE and AM flags, but they
should be all supported, so the choice was arbitrary. Also they are 
already
initialized to this value on one code path -- when the kernel started 
its
execution via startup_32.

Thanks.