Received: by 2002:ab2:4a89:0:b0:1f4:a8b6:6e69 with SMTP id w9csp152048lqj; Wed, 10 Apr 2024 06:54:38 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUdOIemKnpaH7ac43kVYziJErYxu/ZlsVsQeiclcCID0qRlRjnZdNihClM3fQONWJs689N8zFyCeBYjaxuBZ0TfP91stmE8x0mHiPUL5A== X-Google-Smtp-Source: AGHT+IFfSxJCkZ8IGN4m7+GxC9wUtNZr5S20NeXYEw3ow+ewGV5I/VicCPiU8wC2guE3tY9Xz9jO X-Received: by 2002:a05:620a:d59:b0:78d:36e0:2b5b with SMTP id o25-20020a05620a0d5900b0078d36e02b5bmr2506477qkl.68.1712757278624; Wed, 10 Apr 2024 06:54:38 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712757278; cv=pass; d=google.com; s=arc-20160816; b=lngJ1b49FCP+WvsCb5NsTtYr+0UO+QEiHD/pE1lQKchxWen0436vNuynLdazibpfbm s4RpVdYUCEXtIRWqtnx75P1msn/86ESMcFVUjmmTXgTLzmrrRF3fXJfEAJ1/9rRXxd9J pupohbPZr2NUCdx6awjxKPZds6S3tvIZQKZoqIhgRLgVoJyAeOe7PZxe9p8eMC1zaWNj Gql7rgE1+SR8HbSX5Lzb5ZAzp5A8XAttrNeyDpCuuE6Hsj9KvUbDYrszGoOxRf43udGp j2YXO8ifBoIfaNQh2WnofwfA5Y3MuMA3ryHLrs50K6nsq7PvE0nw1NxYOG0ZCsZ8lb0y uotw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :dkim-signature; bh=/Iij52kV7Snsf9Iq6Yke8WLA2eX5U84RgnEjsIxvRjA=; fh=3v1qnKVg88J/Z/kS0hjhZwfxIrtmo8cCD6aJp0zdLCc=; b=0bI8sZpi3Gb3qZJg94RnlXQs6HCOS1fCLKOQo3B6qzmO0HUPqPMOfkeu3A8UXW+ODm +r4wGt9wvCxxcehv6rG04cyExmXiFgSZ18VkhTodFkpfLo6idqDhWh/TVYVRrYraL8E8 L+PS1fEUPefurlcHDVi5OlCCom3Ps2wC7/tcf/B0K2LrMPyL6a4hmyPe7TL+OUyrS2/l eEscWrASC+LH09MsBxTuk9B6w2b2tIdEXm30Vw89NU9NmCPzZ3lBl/UDuXAk+YUE0asF jAL0DCtqb8ifA6pJLzcsU4b2ImlNUcPKqAUZyNP+fh0lvoiDDAJQJzRz0uJl6XHd5M8u vNVw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=My09kEbP; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-138671-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-138671-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id m12-20020ae9e70c000000b0078d753ec390si2558089qka.515.2024.04.10.06.54.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 10 Apr 2024 06:54:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-138671-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=My09kEbP; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-138671-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-138671-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0F26C1C25240 for ; Wed, 10 Apr 2024 13:54:36 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6356A179218; Wed, 10 Apr 2024 13:46:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="My09kEbP" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A3C0179211 for ; Wed, 10 Apr 2024 13:46:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712756777; cv=none; b=aTi67dqKFedCFffHVWwE9e27RNds3iRYpZp4W0gTt9DdnBzQot7CGzyXT4LVd6eH4Y90tubjNt13KGVG1nXl7aoxmBAtaIy0jKrtKE/6CCHQ34yIgDdSZhx3lheJyKZA+Am61TMMOgwd8Cg4VZUxaazb7HEEeYB5fn7e9OrMoss= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712756777; c=relaxed/simple; bh=HK7tzglHO1mGwIZMuKVgNT3TKyVNovyIlNjN9sB7whY=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=XvTZehGQ97usqrnhC1mANJV0OkT2PnxqSVrAIO0JUsVpqPk9vr5aklITYRC6RCnkorfdUJXGnl15V8ND3hugv1m9R7TJWED6tqoD4wLrClcpHpfWlxzkQ6S2CxM2R+SiNNtf96Wa9unYt0aYrvYPqYUEVwcAcTMYzg1lWnNnMlU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=My09kEbP; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 29F14C43394 for ; Wed, 10 Apr 2024 13:46:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1712756777; bh=HK7tzglHO1mGwIZMuKVgNT3TKyVNovyIlNjN9sB7whY=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=My09kEbPVhjDZl664qcsJdW7gXUIQGFFMH21A6dwQPmEyesveeIR2zVScqK7XE/Bg qYXak0758dSpAIqRMbuzB6ZC+mmWM3ZUauwr0VUg5heYigk4DyAhpgngiJg9gVgfYH Rl00wiBsn6+CkTDGWrFJiOFlROPlLIArEkDmLKDk6MIdBRv5njVA+7usp9OV+VcmB2 JDVtFJxp9PdY//dnOejt1azVl8cMukZO+ZBQR23cgjzXZa1f/a1RzIvWr9Er6/iMxl ofO4b7JeB3xCYKJGfIDHloo34zW/djIwCDnm+F8NO14i7SBoP1erbRUb3Ectdj9vbH 41yN2IQFAMg/A== Received: by mail-lj1-f176.google.com with SMTP id 38308e7fff4ca-2d700beb6beso73299771fa.2 for ; Wed, 10 Apr 2024 06:46:17 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCUerSdqOiNyxlawlQYanT7vKpF+6+dQHOA9p3WH6O+OmvHIFo9X2Lusv1JHqqKQrUTF97wjJC6E2gg5Jmk0lJiNSc895kvDWHYUyVZH X-Gm-Message-State: AOJu0YwyRF6mufl6bQIYUqTLWSYwN3uFTW6jeXzZZW4GiemhKVF0oC1U gCdF7uPzDskTsPUm1NUeAOZw3P9HnDu27S3nixptZlF6AtWK1Xec2nnPWvac/KZrn/JDbGIqMcE 26c0GTaid5rIwtWrall9FmbtX2hc= X-Received: by 2002:a2e:91cd:0:b0:2d6:b0b5:bb12 with SMTP id u13-20020a2e91cd000000b002d6b0b5bb12mr2025156ljg.18.1712756775490; Wed, 10 Apr 2024 06:46:15 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240410102520.348017-2-ardb+git@google.com> In-Reply-To: From: Ard Biesheuvel Date: Wed, 10 Apr 2024 15:46:03 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] x86/boot/64: Clear CR4.PGE to disable global 1:1 mappings To: Ingo Molnar Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, x86@kernel.org, Conrad Grobler , Kevin Loughlin Content-Type: text/plain; charset="UTF-8" On Wed, 10 Apr 2024 at 14:58, Ingo Molnar wrote: > > > * Ard Biesheuvel wrote: > > > From: Ard Biesheuvel > > > > The early 64-bit boot code must be entered with a 1:1 mapping of the > > bootable image, but it cannot operate without a 1:1 mapping of all the > > assets in memory that it accesses, and therefore, it creates such > > mappings for all known assets upfront, and additional ones on demand > > when a page fault happens on a memory address. > > > > These mappings are created with the global bit G set, as the flags used > > to create page table descriptors are based on __PAGE_KERNEL_LARGE_EXEC > > defined by the core kernel, even though the context where these mappings > > are used is very different. > > > > This means that the TLB maintenance carried out by the decompressor is > > not sufficient if it is entered with CR4.PGE enabled, which has been > > observed to happen with the stage0 bootloader of project Oak. While this > > is a dubious practice if no global mappings are being used to begin > > with, the decompressor is clearly at fault here for creating global > > mappings and not performing the appropriate TLB maintenance. > > > > Since commit > > > > f97b67a773cd84b ("x86/decompressor: Only call the trampoline when changing paging levels") > > > > CR4 is no longer modified by the decompressor if no change in the number > > of paging levels is needed. Before that, CR4 would always be set to a > > known value with PGE cleared. > > So if we do this for robustness & historical pre-f97b67a773cd84b > quirk-reliance's sake, I'd prefer if we loaded a known CR4 value again, > instead of just turning off the PGE bit. > > It's probably also a tiny bit faster, as no CR4 read has to be performed. > Fair enough. I'll go and change that.