Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp5593615rwb; Tue, 1 Aug 2023 05:19:03 -0700 (PDT) X-Google-Smtp-Source: APBJJlH/WbHZsruXU40HUVzQSgh11XxWAbeCBeAdyYn7+n/zqa3ZJgxUmKQ0k5oYmLOLZ1TnDLFY X-Received: by 2002:a17:903:485:b0:1b6:649b:92cc with SMTP id jj5-20020a170903048500b001b6649b92ccmr9325928plb.69.1690892342928; Tue, 01 Aug 2023 05:19:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690892342; cv=none; d=google.com; s=arc-20160816; b=f2oal/mYzTBB2pXcCe3kHY14iMoF19bb1JLnc6f9i3S4BWKHyeMPfQ1/JC668Hr0wj yOEWGZO1UMTjm4Z/uqXTGTf9eZYbuSCx0UFqv4tj2aygyDZikCxfhM6biBsW924fRx6O 5LzCGUZrBRTvLFLVujk3EYzx+UPCgiiYVMWFh7j/npLSJLceUHBqOhaeQQWhXzV8OjQQ ZWin82U4mkaFNCCYQ5ZyqNTCZOPh6+NVDeYb9lKj56cDCXUno1Wcmx1iVSL9NTCxt5pW 6BIPtL6IxAetKm/+PbQEZ5VcOoD21ikdgL2eO53ovJmNmxUwMKZRoAwjEKt/wuxp03VG jRmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=4bbzMhauw3DqZb7dndqCmDNe0yMOI9xQBZPaUlZ+3ko=; fh=bUsfhlSxo5mbGO/gV6Q/B6Bpk+EeS6wLgNtVxkEE7VY=; b=gPLukcHs5z44n0adGz1tTDXXFZ4YJ1GXSCyWVUoTVdrazW2XAvcedXobXe2d79b4vq o8RzajMIgeqRwtLla1wuWnj1GuRsxggBEYV9XRM6PIv4cU4dL2h4q/ll6TUkOnuwXuOP esKKvD+OURmtjabDbuuDXfBLbKstADtJowirV2lYgiFS4Kpj92E5UUOTPivvb/5aZMqC WP+2mnvXNgy2w9B9ORmf6CjB5CMQ0O7AHha0B6auRUC4YjrU5D5/rZifVUUec1zZ0F6V AIpTd4Tq5wMRW53NwmQlTK2tyt/xOJOt14gYAPbM5+umg22B5Y7w8W/7Q6fQdYanhLpx I1mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QN99XNTw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kg14-20020a170903060e00b001b87ecb0e5csi8742257plb.126.2023.08.01.05.18.49; Tue, 01 Aug 2023 05:19:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QN99XNTw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232144AbjHALtV (ORCPT + 99 others); Tue, 1 Aug 2023 07:49:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234421AbjHALtI (ORCPT ); Tue, 1 Aug 2023 07:49:08 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AE3F11A; Tue, 1 Aug 2023 04:49:07 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id CD2876155E; Tue, 1 Aug 2023 11:49:06 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 360F9C433CA; Tue, 1 Aug 2023 11:49:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1690890546; bh=/EnFpJVOirRUmcSdhYmxqYtzYmk23apw6/a4SFiS2B8=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=QN99XNTwVXKMQRuZ0FeeyhHWtFRAWS0RLGxnj1uc1q6n6uH3I/oKlEmczVjdVrseS hrqlgiX6IwdlNpQ7XTGDy3ZpUm+3oxrlRV/OlE+ZRCvecShoLp+gH0QrOGkfgxmgE5 gEOtAT51yDZf4yWVaAewvxNIuW+X69OvB4xvrReXmGTcEPtaO54JGH8IU6N2tV4BD7 k8GPk3OJYVH6YLG7gT0yqFv/m7b94sjk861na3qK3k17x5qATLT4ruF4njOB6c/xwR BDrKMvWn2L/W0l24N9pIfMgR9lqtcsS8kJC8hhThGL8jmor91tUvYFbVVbftKyuv2U wc4K2gwcbJ0bQ== Received: by mail-lf1-f52.google.com with SMTP id 2adb3069b0e04-4fe44955decso779608e87.1; Tue, 01 Aug 2023 04:49:06 -0700 (PDT) X-Gm-Message-State: ABy/qLbf/NZlToRrc5FtRsJU7h8JiVOGF6KIyzzxUxaG4D5bCmaivy9d Qx797jpZd6uTkBNPftbPVkUSeghePH2NkFtB/Gk= X-Received: by 2002:a05:6512:1196:b0:4fd:fac4:2137 with SMTP id g22-20020a056512119600b004fdfac42137mr941579lfr.30.1690890544195; Tue, 01 Aug 2023 04:49:04 -0700 (PDT) MIME-Version: 1.0 References: <20230728090916.1538550-1-ardb@kernel.org> <20230728090916.1538550-13-ardb@kernel.org> <20230801114542.GEZMjwZne986ZxI6eG@fat_crate.local> In-Reply-To: <20230801114542.GEZMjwZne986ZxI6eG@fat_crate.local> From: Ard Biesheuvel Date: Tue, 1 Aug 2023 13:48:52 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v7 12/22] x86/decompressor: Call trampoline directly from C code To: Borislav Petkov Cc: linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Evgeniy Baskov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , Dave Young , Mario Limonciello , Kees Cook , Tom Lendacky , "Kirill A . Shutemov" , Linus Torvalds , Joerg Roedel Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 1 Aug 2023 at 13:46, Borislav Petkov wrote: > > On Fri, Jul 28, 2023 at 11:09:06AM +0200, Ard Biesheuvel wrote: > > Instead of returning to the asm calling code to invoke the trampoline, > > call it straight from the C code that sets the scene. That way, the > > struct return type is no longer needed for returning two values, and the > > call can be made conditional more cleanly in a subsequent patch. > > > > This means that all callee save 64-bit registers need to be preserved > > and restored, as their contents may not survive the legacy mode switch. > > > > Acked-by: Kirill A. Shutemov > > Signed-off-by: Ard Biesheuvel > > --- > > arch/x86/boot/compressed/head_64.S | 28 +++++++----------- > > arch/x86/boot/compressed/pgtable_64.c | 30 ++++++++------------ > > 2 files changed, 23 insertions(+), 35 deletions(-) > > > > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > > index 1b0c61d1b389fd37..3f38db557112c155 100644 > > --- a/arch/x86/boot/compressed/head_64.S > > +++ b/arch/x86/boot/compressed/head_64.S > > @@ -430,24 +430,12 @@ SYM_CODE_START(startup_64) > > #endif > > > > /* > > - * paging_prepare() sets up the trampoline and checks if we need to > > - * enable 5-level paging. > > - * > > - * paging_prepare() returns a two-quadword structure which lands > > - * into RDX:RAX: > > - * - Address of the trampoline is returned in RAX. > > - * - Non zero RDX means trampoline needs to enable 5-level > > - * paging. > > - * > > + * set_paging_levels() updates the number of paging levels using a > > I'd say here "configure paging" or so. > > > diff --git a/arch/x86/boot/compressed/pgtable_64.c b/arch/x86/boot/compressed/pgtable_64.c > > index d66639c961b8eeda..649c51935fdec7ef 100644 > > --- a/arch/x86/boot/compressed/pgtable_64.c > > +++ b/arch/x86/boot/compressed/pgtable_64.c > > @@ -16,11 +16,6 @@ unsigned int __section(".data") pgdir_shift = 39; > > unsigned int __section(".data") ptrs_per_p4d = 1; > > #endif > > > > -struct paging_config { > > - unsigned long trampoline_start; > > - unsigned long l5_required; > > -}; > > - > > /* Buffer to preserve trampoline memory */ > > static char trampoline_save[TRAMPOLINE_32BIT_SIZE]; > > > > @@ -29,7 +24,7 @@ static char trampoline_save[TRAMPOLINE_32BIT_SIZE]; > > * purposes. > > * > > * Avoid putting the pointer into .bss as it will be cleared between > > - * paging_prepare() and extract_kernel(). > > + * set_paging_levels() and extract_kernel(). > > */ > > unsigned long *trampoline_32bit __section(".data"); > > > > @@ -106,10 +101,10 @@ static unsigned long find_trampoline_placement(void) > > return bios_start - TRAMPOLINE_32BIT_SIZE; > > } > > > > -struct paging_config paging_prepare(void *rmode) > > +asmlinkage void set_paging_levels(void *rmode) > > So actually "paging_prepare" or "configure_paging" is more to the point > than setting paging levels. When I see set_paging_levels() I wonder what > levels are those and I have to look at the code and go, aaah, 5-level vs > 4-level. > configure_5level_paging()? At least, that conveys to some extent that nothing will happen unless the hardware supports it to begin with.