Received: by 2002:a05:7412:cfc7:b0:fc:a2b0:25d7 with SMTP id by7csp2426416rdb; Wed, 21 Feb 2024 07:22:15 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXugnF4Buv/rcXYyAPtJvboLIPtVJ5sl4ktQdotckrCBmIUV+eZt3IiCqG154A59yskvboPYCUUTwbZP85c3siOM6JjQBXUzED1MgHJ8A== X-Google-Smtp-Source: AGHT+IHJP1x2h7u43aMtF8wzKjII6VgyACLyhTLavIewBL5db1LuHY8rB9V2v8MotfzEbf0scGz/ X-Received: by 2002:a05:6a21:3183:b0:1a0:708a:4f6e with SMTP id za3-20020a056a21318300b001a0708a4f6emr17965424pzb.41.1708528935561; Wed, 21 Feb 2024 07:22:15 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708528935; cv=pass; d=google.com; s=arc-20160816; b=xuZgZZk1Sv1h/BQF6lC3QOiiR1Mn+o+xNeAjQYughw2VJ6U4AFI3X6TA7xy3pK12vI uN0VGVnsBxxaV6xJ4TqDHOWQ8CNLWqOpTLiyLHY7RciDcpKetW+DWRem0XWGcdRhsF+A XnuMsJIQgseTPtZV7me4wv8OOwgW7bCPvulVLbGkKcTBHTe6YsPj0mOmVBZbw89bVvoq 3sJ9h6gB0KfVZHF0CfZ+/2ra6ATIsxIbH/BKh1VJmkiQSf/BXkMeTs7clQcmgAn1BR4r 9+/cMu77nQH/euln3OtB3grdpz46j2yQVBh6HMi0DLUlVJ6/w2qO4KCDWt2W6ahzppN0 F7Cw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=ePZHUj5LUCPpE5Mosu90DBz2D4k7SKlgOf7UzKRj0RI=; fh=q9QN59JAk38ThiWGcNt9FPEhdrebSjjna4c0+9yLlFc=; b=ZYFL2hOBuYMz4k7V0nQDwGqdLbm/rFhH5DXnz1L4ht38E4547Yij5CY3TwCG9Lilhe aV8yeWhuZARfI3T5swZHbmyJ1ibKEaJ5I0b/0QQhAk7c8n/hd+lmK9JNp3UTWAzJ5mwk c4hKkMa1nG+20NCNffEgBv37zsHqPq2w5kn5KDdv6s5SfKq19NINB0BP1Gh0lz3/pvwe lgB0fq69ZTKPnPz7x1tyY+rBYglnbzZRIdZjpf9fUB2P7jFCT/JPRMZ/EMVF5lOWKq2n GfVYRZdnsyuNuKnzBhJ1Ek2IcKUIHoPpBFEYiEZ95rDKD6ZlxDtCdHa0OlEIOaWJSn9p rkiw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=fBjZWblP; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-74945-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-74945-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id dr8-20020a056a020fc800b005d8b57bc704si8202737pgb.389.2024.02.21.07.22.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 21 Feb 2024 07:22:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-74945-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=fBjZWblP; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-74945-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-74945-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id D3B64B28FBF for ; Wed, 21 Feb 2024 14:53:27 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 044097FBC0; Wed, 21 Feb 2024 14:53:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="fBjZWblP" Received: from mail-lj1-f169.google.com (mail-lj1-f169.google.com [209.85.208.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3E0697FBB8; Wed, 21 Feb 2024 14:53:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.169 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708527188; cv=none; b=JX7XsvoQVpwOpNHWROCIEHXalf9hMSK43pByv+8W1wAqqvz0Ajlj/Z1iXv1/CAtQ8QHdopg0l7qcQvjPPIrDnzWzHQxQ3rkRCKMMD/QHeG/PK5Flu5eexxQuaxoqQSm4nMptLd2mxM7leTK77GJuGaqxWyQa+uUZ8cZ/MQV0Lww= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708527188; c=relaxed/simple; bh=GFG4jC7AMNHM9If0p4IbWL9b/Wg/EsXkiJXlP51yvcM=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=VVka0KtHubJHvbqDmAWQ6VkSCzteAOkKWCRyjZBuf3IHoWB1jNqpFQdvy+6NlWFVvMVML/j2NfB5c8ICsDQLItRsG5ZYgQaMoCgB1T5Qt2QOPMtNTTzOaD0sZEmVY4I4jVyuqCozBR6VU5OlOBcBdRxYU5cyFYmYjOucipMFNhQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=fBjZWblP; arc=none smtp.client-ip=209.85.208.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-lj1-f169.google.com with SMTP id 38308e7fff4ca-2d09cf00214so75688401fa.0; Wed, 21 Feb 2024 06:53:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708527184; x=1709131984; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=ePZHUj5LUCPpE5Mosu90DBz2D4k7SKlgOf7UzKRj0RI=; b=fBjZWblP/JbgAMOhCRrVKe8jWetlISDn9YEc3FZ18++H9/CVvho5AIb3TjkOlProUW ce9+MK3vGW4TcDmo+NLvQ/lsyXZRa2qEZctNs8+F/BpPk1yu/DU2lT+2EMO+usI3lcJ6 1WNYjC4jLgtKAb9Ne5+3wjWGbtt7txQ4Q4CxSx+nA2RRJ3cBPxNZVHinAxhdMV9s0smm wViMOdtwCrvBG5QqvPLC8PL3ttQ1r4pHfusIrZNKkHGn/9MGGIR0jeUXeCmZr10pjoQS Dtcif7s4/KXrST5LBWBKg7+8Iw2Az1SPcGnm4+7lz4FNj2PM921XflhVKxizPab70uv8 7XuA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708527184; x=1709131984; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ePZHUj5LUCPpE5Mosu90DBz2D4k7SKlgOf7UzKRj0RI=; b=t+Su6IDeyLufaYFKIVzntmXghYlXPMWWKaj6IiLOnf5aj1+eSuaoc1ykDm1fixng98 N6bWLbL3/uy5HjDpYIthm9gLhF7aLOEKQG9s8L2tGcqciBkt+Y0qRvJaRX4JjtOquoFF AZHAB6p/gvcVsOpxSLWM7LTroQoXuY0wHg3bcW4K79k1+bbE8yqLIoFWEIdbjithioF7 wGa1Pmwz+mWfIl7etIxU1OYObuqs5sIZtadu6GpWfvwd7H16xQ59LHsK7wwMn3l1bEZL LVt2AAKHciuN2/z+taqC/y6TEW6Ub56tCpzyS0veIN5Luw65lr6q7jMhZWqiYDDqFGku wMMw== X-Forwarded-Encrypted: i=1; AJvYcCUR6s+1JMBF4fLeS9c/hQM6rH4kunlh0IIYua7jHBcaLGgdkkDLdrc5h0y8vV4cNL2WaG6mcvixTMHH2gUSRmwmIAq5Neb2mjFnvQ== X-Gm-Message-State: AOJu0Ywf+1TzBPwdXyRCfjoJiX3lrRxRvNiUD5zh7D8Y9Z+tdNdx7ptI 40TUOoWqQ99DVZlTbyj+9dQ1s254PK/H2T5sOi1NDEK63wTYV0Or+ij2yOTJHfLrOew+/N28z5T XFOl1dUwz2dc283Oie6KRiUz66w== X-Received: by 2002:a2e:b006:0:b0:2d2:3695:c18 with SMTP id y6-20020a2eb006000000b002d236950c18mr6696084ljk.19.1708527184231; Wed, 21 Feb 2024 06:53:04 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240221113506.2565718-18-ardb+git@google.com> <20240221113506.2565718-25-ardb+git@google.com> In-Reply-To: <20240221113506.2565718-25-ardb+git@google.com> From: Brian Gerst Date: Wed, 21 Feb 2024 09:52:53 -0500 Message-ID: Subject: Re: [PATCH v5 07/16] x86/startup_64: Simplify CR4 handling in startup code To: Ard Biesheuvel Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Kevin Loughlin , Tom Lendacky , Dionna Glaze , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Andy Lutomirski , Arnd Bergmann , Nathan Chancellor , Nick Desaulniers , Justin Stitt , Kees Cook , linux-arch@vger.kernel.org, llvm@lists.linux.dev Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Feb 21, 2024 at 6:35=E2=80=AFAM Ard Biesheuvel wrote: > > From: Ard Biesheuvel > > When paging is enabled, the CR4.PAE and CR4.LA57 control bits cannot be > changed, and so they can simply be preserved rather than reason about > whether or not they need to be set. CR4.MCE should be preserved unless > the kernel was built without CONFIG_X86_MCE, in which case it must be > cleared. > > CR4.PSE should be set explicitly, regardless of whether or not it was > set before. > > CR4.PGE is set explicitly, and then cleared and set again after > programming CR3 in order to flush TLB entries based on global > translations. This makes the first assignment redundant, and can > therefore be omitted. > > Signed-off-by: Ard Biesheuvel > --- > arch/x86/kernel/head_64.S | 24 +++++++------------- > 1 file changed, 8 insertions(+), 16 deletions(-) > > diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S > index fb2a98c29094..426f6fdc0075 100644 > --- a/arch/x86/kernel/head_64.S > +++ b/arch/x86/kernel/head_64.S > @@ -185,6 +185,8 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L= _GLOBAL) > addq $(init_top_pgt - __START_KERNEL_map), %rax > 1: > > + /* Create a mask of CR4 bits to preserve */ > + movl $(X86_CR4_PAE | X86_CR4_LA57), %edx > #ifdef CONFIG_X86_MCE > /* > * Preserve CR4.MCE if the kernel will enable #MC support. > @@ -193,20 +195,13 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM= _L_GLOBAL) > * configured will crash the system regardless of the CR4.MCE val= ue set > * here. > */ > - movq %cr4, %rcx > - andl $X86_CR4_MCE, %ecx > -#else > - movl $0, %ecx > + orl $X86_CR4_MCE, %edx > #endif > + movq %cr4, %rcx > + andl %edx, %ecx > > - /* Enable PAE mode, PSE, PGE and LA57 */ > - orl $(X86_CR4_PAE | X86_CR4_PSE | X86_CR4_PGE), %ecx > -#ifdef CONFIG_X86_5LEVEL > - testb $1, __pgtable_l5_enabled(%rip) > - jz 1f > - orl $X86_CR4_LA57, %ecx > -1: > -#endif > + /* Even if ignored in long mode, set PSE uniformly on all logical= CPUs. */ > + btsl $X86_CR4_PSE_BIT, %ecx > movq %rcx, %cr4 This CR4 write now does the global flush - see below. > > /* Setup early boot stage 4-/5-level pagetables. */ > @@ -226,11 +221,8 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_= L_GLOBAL) > * Do a global TLB flush after the CR3 switch to make sure the TL= B > * entries from the identity mapping are flushed. > */ This comment is misleading now since it's the first CR4 write above (with PGE clear) that actually does the global flush. > - movq %cr4, %rcx > - movq %rcx, %rax > - xorq $X86_CR4_PGE, %rcx > + btsl $X86_CR4_PGE_BIT, %ecx > movq %rcx, %cr4 > - movq %rax, %cr4 > > /* Ensure I am executing from virtual addresses */ > movq $1f, %rax > -- > 2.44.0.rc0.258.g7320e95886-goog > Brian Gerst