Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp4386116rwd; Tue, 30 May 2023 04:55:32 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7bGPZfugRTZGCDWxffYteCIDICwEvcDsuES3TF5NfIncpDghDtI1TnYwnIfpwpdJpZnuWa X-Received: by 2002:a05:6a20:8e2a:b0:10f:bb1:ca50 with SMTP id y42-20020a056a208e2a00b0010f0bb1ca50mr2507872pzj.10.1685447732090; Tue, 30 May 2023 04:55:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685447732; cv=none; d=google.com; s=arc-20160816; b=rEhTC4QUjPA2kzYtrtmqN+6SJY4mZx9AfQz9CT+HU4DyDHYa/A51njIQ/Xm1B0b1rZ q/QvQiSgKt6ciDvTE3MiSeBzbvqfdnREhni6n390LdJ2e0YHIu6WYminXRlqHdAw4uGw vcwpqfZtYxQqK7KWIcvG1djcM5rPZ+K/dHoIkH0rk0nFRTbBFrAyeSiHgEBQ2rZeNm5y 94q1hQh6Nd6k9Ju+4srF5dVWjUBCn1Vt5xiHh6vZAMQy7RH2tlSxjvSlIQ31Ay3aMhb1 9BjJRT0FsGUTl6uk7uFrm+WhTqyjBzMBOQtKbknKQD9kvF5VA6CEJ2XAtRS5htVYmdiK sfhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=lAY9ShEPJx4E+dOzdVNR3UU0xurbWQvWp43zD7EqNWM=; b=inRXZglNuMr+jPPD8PII60oSsyQnQPCGE32FO7CIF1lgFumB495WI9YZXWwGo60V+6 /iMx2hEsb6L8odeuAvtVzNsEuZT6RMm2rBIMTwo+4SlnoYQRQ3sRv7/h9aaArWDzQYWI HM0RYzskVGaX8vXO0VpKDdsKKMLwobPnt2R+I0WKaGu5TzMy86LbQNA10qNxI2HHFqxs lPmHg07ZvCAl7uOFL0XSo7kpz2fyNd7hBvvtdPYtQJdPumc2wP9/z+cINrt93xqEjOBZ 84yHRS+Fj3b36EHxemnXiHe9iWwoBm1gzL2U9uuroJqHIYeyJKWErSPa/CdktSuBi5YP eShw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RyLtvvYp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h191-20020a6383c8000000b0053fb69cc365si971000pge.238.2023.05.30.04.55.19; Tue, 30 May 2023 04:55:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=RyLtvvYp; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231681AbjE3Loo (ORCPT + 99 others); Tue, 30 May 2023 07:44:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47076 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231963AbjE3Ln6 (ORCPT ); Tue, 30 May 2023 07:43:58 -0400 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C2B93E8 for ; Tue, 30 May 2023 04:43:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685447032; x=1716983032; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=6JK6GfSo8ZIvaNztCv9bRQqNHJQKx6PWj0vQ3SQJIHw=; b=RyLtvvYp+eAq9kGtvvJufNZd6L/2e7n0xCIGakFRVUipWaI5tbRkmSvo 8inveQCu2r4ktBRnpTHs2LjRPmgIgJZdqx0Wem4HWUMlLjCmTRCM76RcL EBldCIi3a1ArS7fHicPS1+gX6HPGAT20Bvi1ZxleDi1Fn/uZKAyA2oNu+ 9rRSIvB8EfcOc2PpCVjCAd6PAN48Swu+42Ni0FaEcC0w6aGuf2r1yijvs +xDgXE7mLICaYh2x6wtwvzYoGiofoSOjk/0/qMbRBuoetZJYyk9aYaJ8i 2n8WREzNhOBQhyblrfxJTa7zmtYdPRxcHomEXsQcUd7lwErsaN9CjreE1 w==; X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="383145414" X-IronPort-AV: E=Sophos;i="6.00,204,1681196400"; d="scan'208";a="383145414" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 May 2023 04:43:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10725"; a="700588786" X-IronPort-AV: E=Sophos;i="6.00,204,1681196400"; d="scan'208";a="700588786" Received: from black.fi.intel.com (HELO black.fi.intel.com.) ([10.237.72.28]) by orsmga007.jf.intel.com with ESMTP; 30 May 2023 04:43:26 -0700 From: Alexander Shishkin To: linux-kernel@vger.kernel.org, x86@kernel.org, Andy Lutomirski , Dave Hansen , Ravi Shankar , Tony Luck , Sohil Mehta , Paul Lai Subject: [RFC v2 12/12] x86/efi: Disable LASS enforcement when switching to EFI MM Date: Tue, 30 May 2023 14:42:47 +0300 Message-Id: <20230530114247.21821-13-alexander.shishkin@linux.intel.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230530114247.21821-1-alexander.shishkin@linux.intel.com> References: <20230530114247.21821-1-alexander.shishkin@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Sohil Mehta [Code is experimental and not yet ready to be merged upstream] PeterZ suggested that EFI memory can be mapped in user virtual address space which would trigger LASS violation upon access. It isn't exactly clear how and when these user address mapping happen. It may be possible this is related to EFI mixed mode. Link:https://lore.kernel.org/lkml/Y73S56t%2FwDIGEPlK@hirez.programming.kicks-ass.net/ stac()/clac() calls in the EFI MM enter and exit functions trigger objtool warnings due to switch_mm() not being classified as func_uaccess_safe. Refer Objtool warnings section #9 in the document tools/objtool/Documentation/objtool.txt. This would need to be resolved before even considering merging. Signed-off-by: Sohil Mehta --- arch/x86/platform/efi/efi_64.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c index 232acf418cfb..20966efcd87a 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c @@ -473,9 +473,14 @@ void __init efi_dump_pagetable(void) * while the EFI-mm is borrowed. mmgrab()/mmdrop() is not used because the mm * can not change under us. * It should be ensured that there are no concurrent calls to this function. + * + * Disable LASS enforcement temporarily when switching to EFI MM since it could + * be mapped into the low 64-bit virtual address space with address bit 63 set + * to 0. */ void efi_enter_mm(void) { + stac(); efi_prev_mm = current->active_mm; current->active_mm = &efi_mm; switch_mm(efi_prev_mm, &efi_mm, NULL); @@ -485,6 +490,7 @@ void efi_leave_mm(void) { current->active_mm = efi_prev_mm; switch_mm(&efi_mm, efi_prev_mm, NULL); + clac(); } static DEFINE_SPINLOCK(efi_runtime_lock); -- 2.39.2