Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp919235rwd; Thu, 8 Jun 2023 09:24:32 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6VzariL/wHzNcGrgUTlmyJQuh69ws9gzTyZi71o92EwT25FPPGBVXqMuth5Bt7xgE/27s7 X-Received: by 2002:a05:6a00:984:b0:640:defd:a6d5 with SMTP id u4-20020a056a00098400b00640defda6d5mr7468919pfg.12.1686241472300; Thu, 08 Jun 2023 09:24:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686241472; cv=none; d=google.com; s=arc-20160816; b=uZ5X2Zq+rg2l3u272BUX5z6OLMvyni5XFX9pRD/sAMWvllGXgesCyBcPKz7c13Bfk4 UsVJZH/1+73Y92DUL35LuX7lJCgbbho60GJScFr3bjaoiZEZbGFWdW+Ulrud6+YjUkkt 9Lh5ksbp8MvtT2uXxJXF/BBxfp8yV5ELLC2nNqRBEHwOqsCj7LAU22fKaXTOEVfELeQR AbgXTGVLifE4NEbK+J8B4nStXwp/RsvTEh5VORX7PisXsm4jTxyrU25F9+xmDKMf8B04 0w3vdQiVaaBQ/tsK+vryAOqGFrwmjv3VEyk6Ucx0fbizn5eZAMTTnM760I2YkazQVAnV Be2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=33KP1xnRJIF0pLM9SYink4pnxKoBoUqSDZbDpY577aM=; b=feW0sZT7dlmAMf5MB6bSoaVjh0cdtz9OudgdG4aeeIt+p3+/usC2uQiYZsSn2/TDqq BtzQNUpdMJP/+EiZlD1zg7qkEkQD4UILu3JU21RYYMtN96XJOLMRbpA+cCOb9mAIV/OI eYvB6nJxBGULEg864YGLbXrU+V3fJ+ngYStZ+go14Pg/Wc1suqFXB+gMy39W78VVoJdr 444XOyGqpAnBAap9kTazj54CBtr4qimDtcVMViq6JuWwBMqd/lK5r7qe+P1asRYprEK9 E9+BHXjRQaRHrVoksAMM9Zg/ATj1neNZHHcwrIuntPByiivjvjcsIRLnrYVnPlC7Eri7 x6BA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=E7GSQKuk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u186-20020a6385c3000000b00520dfb861fbsi1192926pgd.416.2023.06.08.09.24.18; Thu, 08 Jun 2023 09:24:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=E7GSQKuk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233157AbjFHQKZ (ORCPT + 99 others); Thu, 8 Jun 2023 12:10:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56046 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233051AbjFHQKX (ORCPT ); Thu, 8 Jun 2023 12:10:23 -0400 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D8A2F1FDF; Thu, 8 Jun 2023 09:10:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1686240622; x=1717776622; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=6pjyKOoy7arAWPVn5V85eq2ZYV5aLec/VZcsAEX55EQ=; b=E7GSQKukzRQSc0VAfT3HLLEMufdEcHsc8GLKjty0OYayld4Fjp4BHRgg QWmtdRTlkYcIiIn6ZdObgsoyfrJPXM3Rn5UX+06aHJTZ+G8tC5B7Y7XbP VkPwV/zcng++y6xTQQaxhRPxZkhOhi3jMQFn1zPPoRhffnIZyeTnHmcss 6CMzdJ7vZVggYo0/18aDcvg6kwZS0578tFS/sEc6kLIs+llnytxY+5zeh uvfAyYllHwnvcZsKo7yUaiMlP2zuK/wLiU3DPgYD93Rg4qUL3qqLxWXt7 uOkrx2nOlklzYgXLN9CRLSedQrXs9B0YJjqikELHHJpWFW+xsLrjBi/lx g==; X-IronPort-AV: E=McAfee;i="6600,9927,10735"; a="336986136" X-IronPort-AV: E=Sophos;i="6.00,227,1681196400"; d="scan'208";a="336986136" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jun 2023 09:10:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10735"; a="884249892" X-IronPort-AV: E=Sophos;i="6.00,227,1681196400"; d="scan'208";a="884249892" Received: from yjiang5-mobl.amr.corp.intel.com (HELO localhost) ([10.144.161.97]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jun 2023 09:10:22 -0700 Date: Thu, 8 Jun 2023 09:10:20 -0700 From: Yunhong Jiang To: Ard Biesheuvel Cc: linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , Dave Young , Mario Limonciello , Kees Cook , Tom Lendacky , "Kirill A . Shutemov" , Linus Torvalds , Joerg Roedel Subject: Re: [PATCH v5 13/20] x86/efistub: Perform 4/5 level paging switch from the stub Message-ID: <20230608161020.GA69@yjiang5-mobl.amr.corp.intel.com> References: <20230607072342.4054036-1-ardb@kernel.org> <20230607072342.4054036-14-ardb@kernel.org> <20230607201924.GD3110@yjiang5-mobl.amr.corp.intel.com> <20230608004342.GA4340@yjiang5-mobl.amr.corp.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_PASS, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 08, 2023 at 08:34:38AM +0200, Ard Biesheuvel wrote: > On Thu, 8 Jun 2023 at 02:43, Yunhong Jiang > wrote: > > > > On Wed, Jun 07, 2023 at 10:31:43PM +0200, Ard Biesheuvel wrote: > > > On Wed, 7 Jun 2023 at 22:19, Yunhong Jiang > > > wrote: > > > > > > > > On Wed, Jun 07, 2023 at 09:23:35AM +0200, Ard Biesheuvel wrote: > ... > > > > > +efi_status_t efi_setup_5level_paging(void) > > > > > +{ > > > > > + u8 tmpl_size = (u8 *)&trampoline_ljmp_imm_offset - (u8 *)&trampoline_32bit_src; > > > > > + efi_status_t status; > > > > > + u8 *la57_code; > > > > > + > > > > > + if (!efi_is_64bit()) > > > > > + return EFI_SUCCESS; > > > > > + > > > > > + /* check for 5 level paging support */ > > > > > + if (native_cpuid_eax(0) < 7 || > > > > > + !(native_cpuid_ecx(7) & (1 << (X86_FEATURE_LA57 & 31)))) > > > > > + return EFI_SUCCESS; > > > > > + > > > > Do we need to check the need_toggle here instead of at efi_5level_switch and > > > > skip the whole setup if no need to switch the paging level? Sorry if I missed > > > > any point. > > > > > > > > > > No. There are reasons why firmware might run with 5 levels, and switch > > > to 4 levels at ExitBootServices() time. > > > > The need_toggle check at efi_5level_switch(), "need_toggle = want_la57 ^ > > have_la57", should cover this scenario, right? If we check need_toggle on > > efi_setup_5level_paging() and it's false, then we don't need the setup in > > efi_setup_5level_paging(), right? I don't see the la57_toggle() called on other > > places. > > > > Or I misunderstand your response? > > > > The actual, current number of paging levels could be 5 during > efi_setup_5level_paging() and 4 during efi_5level_switch(). So whether > we need to toggle can only be decided at switch time, at which point > we can no longer allocate memory. So the allocation logic in > efi_setup_5level_paging() cannot depend on the actual number of > levels, only on whether or not 5 level paging is supported at all (in > which case a switch is never needed) Oh, I didn't realize that. Thank you for the clarification.