Received: by 2002:a05:7412:d1aa:b0:fc:a2b0:25d7 with SMTP id ba42csp551755rdb; Mon, 29 Jan 2024 10:07:29 -0800 (PST) X-Google-Smtp-Source: AGHT+IHOA5fgXq1+ig57plTn4dQpbATAB/9zjmERYiM6LklqUup5J/9x7sMegb5aUZacxUlePqr3 X-Received: by 2002:a05:620a:171e:b0:783:e177:1a8c with SMTP id az30-20020a05620a171e00b00783e1771a8cmr5739119qkb.26.1706551649226; Mon, 29 Jan 2024 10:07:29 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706551649; cv=pass; d=google.com; s=arc-20160816; b=p7oQ6vhpzDT84nLC1QuqXfPA6aSO2WmeuyPfW0K68hkKzkhHbTas8JsXSFB6PIJLcH z7ke475VzTP7gH/koQJhJYgCRyLkAUEvKolg888j+DbUcz+hgWFBzRfVEG7pM/PY8IOW ZVQ19dpFDNISnlhof5owZXnFg+KzXYmbxKUOVdfR48Oy3yvAsc31Z09JJWD5IzBMk1RJ oMey+UGCuFI+wcCH7L1lotaqatExkoRN/psl4fPxkbwaRckGISHttzQSOff5i8QzX2Uj BDLoXmgD7IkKRZaQv2JE2r6TsuKNLDGOeTuVmKoQMwSjBytiJD9oibxUMkVm3aZCGc+m twGA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=doBLlrV3uqsZT11TuQPgH059AZeb19QGBGbs9zJgK3U=; fh=fMhMPvo8duafGkM4xZHdH7fULbau3etefTGsKa+Qy7I=; b=xxTWmqWnCB7Se+uPHfZHcq+QpITe1VhvbQyrWJk9o90EAT7RylOQdqGBkTi8cXHius p1mcvhJVh3q51PQGHd7bcuQqbRsEtR/aTq0qhzKn0XA5HqP3lrvxOGHzTn/W9YUYreBM UqvsgO0Roe6vE129K7TEQkn3/Zv7Nqgckjc+Ctn9TJPWHmplBL3ZmW+eN/xaSIVD7IP3 uFk3O+qyflTZRo2hCKgiUybCR/7Crv2OthJ2SZ9ngyCDNwzhOMzYV52E06zxy0HgUVj9 muh2jgrkjNMmt1I6i51zkvciZdh1rAkPnlS8QyJyE67Tx/GAGNmCKxDkTYnRVm1IMmQA celA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=y3Ia4pFK; arc=pass (i=1 spf=pass spfdomain=flex--ardb.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-43274-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43274-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d21-20020a05620a241500b00783648556a8si9125600qkn.662.2024.01.29.10.07.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Jan 2024 10:07:29 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-43274-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=y3Ia4pFK; arc=pass (i=1 spf=pass spfdomain=flex--ardb.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-43274-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-43274-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id C266C1C246BE for ; Mon, 29 Jan 2024 18:07:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 716653F9FE; Mon, 29 Jan 2024 18:05:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="y3Ia4pFK" Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C139F76059 for ; Mon, 29 Jan 2024 18:05:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706551549; cv=none; b=Odc2p8emXGqA/TkhNVip5mWTNXdSAxjUZ+0+PgZTPaEPcvMaCo6/zlhgeANgQk0gY2GD58JEsfSGhTbjciRPfUk3whnysUSO+FbUeTJqmMRCpZa6SfRDqxvnDFg6FsbjwEfPJ3bMFKckoMcDobDBhUJ2xUbn7a3HxDnjlPMzRGc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706551549; c=relaxed/simple; bh=WA3GaPDqZzEz1qs5YrhEzMU8VCRLnQnkxmbA8Q+jrL4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Wa3NhDkpgrYWcTY4NdMqKMLkYT2B8L8iNfTnmY5IA5Qbatcv67eqgiJ9cAIu97jDaTzKFzoFRbNxg6fbW43q9K0ebgST38KdfIezZOxozC4vU6+vwX3HFuwqj8bELsPXSjlKeo4xEDyEFvM/efKp2TNrlPlAJbF5JelyS4Yzy+Y= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=y3Ia4pFK; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-40efbba82c8so2990235e9.0 for ; Mon, 29 Jan 2024 10:05:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1706551546; x=1707156346; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=doBLlrV3uqsZT11TuQPgH059AZeb19QGBGbs9zJgK3U=; b=y3Ia4pFKd0uLGRgSsnlMraO2Q/3Y3NGRaXEXs8QsSUuoOTw1rAbM+mXZ82yV/omYhv XccppK2eiv3Jl03XxiZUgP8UF8pEyeiCVCfXHFXnhc7hVPtZkpdANwuoL0fD8H9Rmt1p e24HoU3f9CvglTesVnzSwcQvjIGhPyEHnfnf88ru/oRfiRpa2AOsd4su0KaZlhI8aWxx hWbh8PNf5EbVfaDyajni5DJTK7lDkVEs8MFoOND73cWeA/0hkhXJeJsYbK5ZVamR79qm TModA3gQriAqvhPhMRfXec2EpZhSOIRLfX9JBufqkREv2t9Lho36uCGrHIwFJDYAMAN+ 5+TQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706551546; x=1707156346; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=doBLlrV3uqsZT11TuQPgH059AZeb19QGBGbs9zJgK3U=; b=pIhuB/bC3dYeXXevgANqMSGMyoHIisZVBwNjWMVW6he2s9/fDk2HRWTP6mo4ZWp4h+ oAwqf4JrfWwhHaZsp3ckE4zVbUQfvwdv3KfbO+dfMB0poWcV5zSx64uVWoBPxkOZ9R23 nHdy5/4I8fxDqoQBR6AFzeCvaTdqDSL08II06u3PgTJYnvXerp9JYp45R80sZ7g1/5Tn wGm2OB/hNrEZ9/8GL/mGkiQB6Kg5x9lFvasIPXvGYUpD6sM4aTEkrM4HpKI2Q6s+cXT/ SqUFt1+Px8GChj6IKHShzXrCsl0NfZa5XiCYHJA0d9g9p/nBqjF9h5UCcrxAbgLYvb73 Mphw== X-Gm-Message-State: AOJu0YwHd19rKFn1sQ4lYOCbPS/uS3I+uRALgDIQBGCkEgbs7nSUYTy/ ckaFqG4FlfKWeBuyZ8UqCrC6mc7G3lVDGNjm3yxFD75ZM0g6PuVzslTSFu+0QwerlDPQjScrzFm CWQDur3Mwaic9ONX/66AQToMBA+bnYwjpQg/cxA0xmL7eXcSD5t5t5H8GQBY9/Httg5FTZ9TrAx 1rAFf34+OyD3HKYC+6iFsX9PRmKP87OQ== X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:600c:6003:b0:40e:fc7f:56d5 with SMTP id az3-20020a05600c600300b0040efc7f56d5mr2818wmb.2.1706551545993; Mon, 29 Jan 2024 10:05:45 -0800 (PST) Date: Mon, 29 Jan 2024 19:05:10 +0100 In-Reply-To: <20240129180502.4069817-21-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240129180502.4069817-21-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=3319; i=ardb@kernel.org; h=from:subject; bh=+6neEz5nbm/aVlO1e2fNUKJ40Al3PcnJxf6DJ7u3+Uc=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIXX7i2sfjtrc7f3APb8q8oWkdEncnIuz/V6+7d5ssnK9v rNa2+qNHaUsDGIcDLJiiiwCs/++23l6olSt8yxZmDmsTCBDGLg4BWAilawM/8NErkz3/zatq/+f L/fj020ntBoMtp0V9dVZ1bdptmTND2dGhnnC9kwqy0+rX35ZxMBYltTQvDvxIHejVca1+mRfDqY fPAA= X-Mailer: git-send-email 2.43.0.429.g432eaa2c6b-goog Message-ID: <20240129180502.4069817-28-ardb+git@google.com> Subject: [PATCH v3 07/19] x86/startup_64: Simplify virtual switch on primary boot From: Ard Biesheuvel To: linux-kernel@vger.kernel.org Cc: Ard Biesheuvel , Kevin Loughlin , Tom Lendacky , Dionna Glaze , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Andy Lutomirski , Arnd Bergmann , Nathan Chancellor , Nick Desaulniers , Justin Stitt , Kees Cook , Brian Gerst , linux-arch@vger.kernel.org, llvm@lists.linux.dev Content-Type: text/plain; charset="UTF-8" From: Ard Biesheuvel The secondary startup code is used on the primary boot path as well, but in this case, the initial part runs from a 1:1 mapping, until an explicit cross-jump is made to the kernel virtual mapping of the same code. On the secondary boot path, this jump is pointless as the code already executes from the mapping targeted by the jump. So combine this cross-jump with the jump from startup_64() into the common boot path. This simplifies the execution flow, and clearly separates code that runs from a 1:1 mapping from code that runs from the kernel virtual mapping. Note that this requires a page table switch, so hoist the CR3 assignment into startup_64() as well. Given that the secondary startup code does not require a special placement inside the executable, move it to the .text section. Signed-off-by: Ard Biesheuvel --- arch/x86/kernel/head_64.S | 41 +++++++++----------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index ca46995205d4..953b82be4cd4 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -39,7 +39,6 @@ L4_START_KERNEL = l4_index(__START_KERNEL_map) L3_START_KERNEL = pud_index(__START_KERNEL_map) - .text __HEAD .code64 SYM_CODE_START_NOALIGN(startup_64) @@ -128,9 +127,19 @@ SYM_CODE_START_NOALIGN(startup_64) call sev_verify_cbit #endif - jmp 1f + /* + * Switch to early_top_pgt which still has the identity mappings + * present. + */ + movq %rax, %cr3 + + /* Branch to the common startup code at its kernel virtual address */ + movq $common_startup_64, %rax + ANNOTATE_RETPOLINE_SAFE + jmp *%rax SYM_CODE_END(startup_64) + .text SYM_CODE_START(secondary_startup_64) UNWIND_HINT_END_OF_STACK ANNOTATE_NOENDBR @@ -176,8 +185,15 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) #ifdef CONFIG_AMD_MEM_ENCRYPT addq sme_me_mask(%rip), %rax #endif + /* + * Switch to the init_top_pgt here, away from the trampoline_pgd and + * unmap the identity mapped ranges. + */ + movq %rax, %cr3 -1: +SYM_INNER_LABEL(common_startup_64, SYM_L_LOCAL) + UNWIND_HINT_END_OF_STACK + ANNOTATE_NOENDBR // above /* * Define a mask of CR4 bits to preserve. PAE and LA57 cannot be @@ -195,17 +211,6 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) */ orl $X86_CR4_MCE, %edx #endif - - /* - * Switch to new page-table - * - * For the boot CPU this switches to early_top_pgt which still has the - * identity mappings present. The secondary CPUs will switch to the - * init_top_pgt here, away from the trampoline_pgd and unmap the - * identity mapped ranges. - */ - movq %rax, %cr3 - /* * Do a global TLB flush after the CR3 switch to make sure the TLB * entries from the identity mapping are flushed. @@ -216,14 +221,6 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) movq %rcx, %cr4 jc 0b - /* Ensure I am executing from virtual addresses */ - movq $1f, %rax - ANNOTATE_RETPOLINE_SAFE - jmp *%rax -1: - UNWIND_HINT_END_OF_STACK - ANNOTATE_NOENDBR // above - #ifdef CONFIG_SMP /* * For parallel boot, the APIC ID is read from the APIC, and then -- 2.43.0.429.g432eaa2c6b-goog