Received: by 2002:ab2:2997:0:b0:1ec:cbc4:63fb with SMTP id n23csp342644lqb; Thu, 29 Feb 2024 02:38:12 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCW0tY30pDAbmOohVQeFBw7DJ3j7vbhIAFt2HBFzoGAcYwFaU9sD8tx/oUbFBMaknnYJaMz+Rs1w9mPAAZRNwUlMoAEcI0oTJnMbf5Cvxw== X-Google-Smtp-Source: AGHT+IFrlZViNo7rSO/aEE9+RqlGWcWZoNlSawmYyndo/bgs6hDODu9s+IPCfoa7kU6LywglzAJ2 X-Received: by 2002:a17:903:22c7:b0:1d9:9e4f:c0b3 with SMTP id y7-20020a17090322c700b001d99e4fc0b3mr1932846plg.64.1709203092108; Thu, 29 Feb 2024 02:38:12 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709203092; cv=pass; d=google.com; s=arc-20160816; b=yp6Yt0a+QR5orTT0Lkpt6ZOTKkhES5w0i60Pfa6RY+crNWHou9/lrMCiCpAyet5csI eXmsM9dD94lKyDeI25iKQT8/QeO8FcxsdJrunoJzFk3vWIZAJlQgnW4282GTx6wgqbrC 1Zk/KURkQBdwtOYnuQ20X0oFMSa796KfWa0bHO5KLtHDx4px3tpi8DY5c9xDhzld4vjI 24nkMCWTpULTjfl8oK96phBDuxLHj8aucC24pQqW4pQpj06lA6DPJuKudy1Yt2pNA02v NQ8Z6GlJCYI1xXLSgfZuXZ5sg9Rg56ucl52Pfv2pt4aRjddsLQZaGBZsV0jtuJLjrkD5 46Zw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=0StLIprXskarneurs0igA75jz9KvpMszEkdlQp9iLBg=; fh=P9FZDZWaQO629a0BbHAoZYKMhxyRaUt1DysaRvvGFuE=; b=qZ7Puf/vAwr+lIMJszKLH4/NYvX7Exx1IHKTZ9EPUh1XQTLUVlbd4NlYq7pibTO8tT /VT0/3KwleOrPnoKGC20Ip5Shu6Nd5ZTjkbwHSo27bVH1eYWNdu1Qht+er05gXQXUo0Q lpeaYJOkua9kSfhY4XbhulRTGplLrRGATUWLliHGRVvr//vf5jxTG1UwBEJ8c1oRJfuB 28h+6chsA5ykd1Ev+5+pBI1AIgPc1T0KYJ3eB7xIaOjic2WPBq77IMJjAMwb4LQGyCL0 JlcCq0D8V7Hg8XQ11bSs3zrA172wxi87r/Hx6C7+e/VOzkknlCsJdOyZBwoGRZbh6qtU VmcQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=LR15xKGC; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-86561-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86561-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id y23-20020a17090264d700b001dc76797a4esi1018074pli.375.2024.02.29.02.38.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Feb 2024 02:38:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-86561-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=LR15xKGC; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-86561-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-86561-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id C4DF52867DC for ; Thu, 29 Feb 2024 10:38:11 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 807B479DC3; Thu, 29 Feb 2024 10:38:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="LR15xKGC" Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7CAFB651A1 for ; Thu, 29 Feb 2024 10:38:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709203086; cv=none; b=JRQbWYZmQZnKm+v9o/RJTbxiLyjoHnmVcfa1q+enL5m3Uu9dxWzip6QbO8Tc7kZHKO3vrouCAbwU9OAcYQWU3MfEtrgTh1TofIG64qnUwtYSeXUshvXHolvh0FVjjtUYTGHAt6fxX6kmq0WKHi7QMw44wcHuiPtMNntXpbOwJ5o= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709203086; c=relaxed/simple; bh=C1LH26YhXc3fHATx6eQEtJ6WdmRuT1TXi+gudRwwMaA=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=uDUMBEv90AgHcCl2Nn0bSLKObYAAR08oIjZuDiyBRbq1MxooiWEk1YAH2pFfq9o5RBa4XIwujIAk4tdK4Squ2+Za4gIpP/uWL+ySRuY2e3rinljAWAyX4TrhRTgNSB67I8+L5Zo4plB3BYHv0OzpZL6bwlrdYxZh+d+WnE6+eTM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=LR15xKGC; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id D6DF940E0028; Thu, 29 Feb 2024 10:38:00 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id qNk3YuGXQug9; Thu, 29 Feb 2024 10:37:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1709203077; bh=0StLIprXskarneurs0igA75jz9KvpMszEkdlQp9iLBg=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=LR15xKGCawRu9vpsUebpRU7e5dQg2S8FI3uGokogXeFWtgGznj1saZkC5Y16bRWuP JoPa+2lz0+10vUEczmM8A8l4j3N7m+E30D3lpdk7zPg1xGgIja94qNAfAHjx0KI9qN BmIi5JmMgwJIwsmaBwPBnD8N3FqOP5lStc9zSVRH5J1EmBOvcJFD4wO8g7V2oojPAf q66PetU2SEg1hiqlR7aMOmPpgyT6GTdd3B6NQ/Q9il1T54YNhvWUM06gmyfRVqZxY3 QiDCQnhMCrlbq/M81Qw4uxX5As/ABDaYlnwB1DWIIZWefitKRGmInBexM/86V4kgR/ nFIYF0ca17++/msxsYNVfZ+fGaOpzQuGXHY3FBkLG71qybIVn7/zCoHuDG0zC+mfzi YOw3wdKOPcvktVmMApPJuERFWZCqvgPMD8gFVI3aWGswSuVlIBTwWzNPwG6JEd1Qg/ DwmbVZDBlQS0LaYWd+E0F6U6viizq8/Qa879JEldZjVgBWlTOdUWQNL8G5k+ybSkea QXCqGLlXmAU4rUGMHF30lmdUqJe550d09xZdoGY1QMFW6WdezvhBr/LNZ5fpK/Z7tJ i51h3e32dMb7k+vb4cK0Zdt54oYLTy0+NIuitbqwmt77+Rx7DmvYzDoQ8l+kBBc94J ssZTJjuJXq36ZsOU502t9HDM= Received: from zn.tnic (pd953021b.dip0.t-ipconnect.de [217.83.2.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id AC52040E0196; Thu, 29 Feb 2024 10:37:46 +0000 (UTC) Date: Thu, 29 Feb 2024 11:37:40 +0100 From: Borislav Petkov To: Ard Biesheuvel Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Kevin Loughlin , Tom Lendacky , Dionna Glaze , Thomas Gleixner , Ingo Molnar , Dave Hansen , Andy Lutomirski , Brian Gerst Subject: Re: [PATCH v7 4/9] x86/startup_64: Simplify virtual switch on primary boot Message-ID: <20240229103740.GKZeBedEybE0IeOXUG@fat_crate.local> References: <20240227151907.387873-11-ardb+git@google.com> <20240227151907.387873-15-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20240227151907.387873-15-ardb+git@google.com> First Reviewed-by: Borislav Petkov (AMD) for the patch. On Tue, Feb 27, 2024 at 04:19:12PM +0100, Ard Biesheuvel wrote: > + /* > + * Switch to early_top_pgt which still has the identity mappings > + * present. I was wondering why we've had this "discrepancy" forever - the boot CPU would have early_top_pgt *with* the ident mappings while the APs would do init_top_pgt. But we end up loading init_top_pgt on the BSP too in init_mem_mapping() so there's a short time during boot where we have this difference. I haven't found a reason to have it yet except "why bother"... And now some details just for future reference: On the BSP: => 0x10000a0: mov %rax,%cr3 cr3 0x9922000 111850: ffffffff89922000 8192 OBJECT GLOBAL DEFAULT 22 early_top_pgt (gdb) p/x early_top_pgt $3 = {{pgd = 0x9924063}, {pgd = 0x9924063}, {pgd = 0x0} , {pgd = 0x2418067}} first two PGDs and the last one are populated. On the AP: cr3 0x2416000 104747: ffffffff82416000 8192 OBJECT GLOBAL DEFAULT 12 init_top_pgt (gdb) p/x (long[512])*0xffffffff82416000 $8 = {0x0 , 0xbe01067, 0x0 , 0xc000067, 0xc001067, 0xc002067, 0xc003067, 0xc004067, 0xc005067, 0xc006067, 0xc007067, 0xc008067, 0xc009067, 0xc00a067, 0xc00b067, 0xc00c067, 0xc00d067, 0xc00e067, 0xc00f067, 0xc010067, 0xc011067, 0xc012067, 0xc013067, 0xc014067, 0xc015067, 0xc016067, 0xc017067, 0xc018067, 0xc019067, 0xc01a067, 0xc01b067, 0xc01c067, 0xc01d067, 0xc01e067, 0xc01f067, 0xc020067, 0xc021067, 0xc022067, 0xc023067, 0xc024067, 0xc025067, 0xc026067, 0xc027067, 0xc028067, 0xc029067, 0xc02a067, 0xc02b067, 0xc02c067, 0xc02d067, 0xc02e067, 0xc02f067, 0xc030067, 0xc031067, 0xc032067, 0xc033067, 0xc034067, 0xc035067, 0xc036067, 0xc037067, 0xc038067, 0xc039067, 0xc03a067, 0xc03b067, 0xc03c067, 0xc03d067, 0xc03e067, 0xc03f067, 0x0, 0x0, 0x7ffd3067, 0x0 , 0x7ffd1067, 0x0, 0x9b11067, 0x2418067} and that one becomes the swapper_pg_dir which is the kernel pagetable we use. PTI then does two separate ones, which is a whole different topic. :-) -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette