Received: by 2002:ab2:6d45:0:b0:1fb:d597:ff75 with SMTP id d5csp218021lqr; Wed, 5 Jun 2024 04:11:05 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW4up57wZbBUFRpTqY5h+n390P8m9QvBzVWE3mTRygDa3IPXGCqn3cuqG9e3tZ6xaaxJeXzC+JYJkvDYCSYon7+6g9QIgD152hDNrazxA== X-Google-Smtp-Source: AGHT+IEZixC2d/7sL62Z4kNSQYCyBmn/rOK01uSFDdw0/QPoRbEC0LTUuMlUTL/o/qwbd/cxszgc X-Received: by 2002:a05:6a00:1caa:b0:6e6:946b:a983 with SMTP id d2e1a72fcca58-703e594a710mr2212701b3a.10.1717585864852; Wed, 05 Jun 2024 04:11:04 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717585864; cv=pass; d=google.com; s=arc-20160816; b=scZlsj1FOVCW6ihLaaaEut2DsBcEPr9a8CaX+6wjt9r6JNRT3oQG5KAUArrdKtdxkP fkRkns7nGPBW3wNLQNYRZGJ7y31vebwaNF2VEIEtEWg5nFd3NcRLBllSeF2LmLYAcPU0 VuLpCh0jzs0uy6MycMOPZginhQS1litnfPiHpB7zEpF4YWDoUWWSAiXTiemtjc70GBRB pXPPvocmpm5qA4VRogLI0gSj8ea4Xwq9yPgrW1vBr/mb+cyxB4a9vmIchMUUYwX3uBqp 9+0bwUlMT1M4Xibh9nsuvAvLFPmssRqc/GSX60LUlA5dyyMYKgsGVFQD/g2b0Kfh2Ga4 brsg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=u8G7LlOZuSGdMErqsnXyAGVosfE3DwlKRA2nP23l5K8=; fh=N9NkrrHQD2KRmcm2nCfLycyWhsaxnh7Et5+fw+mK7lk=; b=iBH3o7RXMK2xrD+ZpVT8Wy+N0HobhJigCPKYR/CtPu/gzcv90GoKvC1/j5BlfM8Q7e 8nKMYfHicg5nr6u5sNQw9xm9EOmzwRBbuU9yPms6FP/aBqYWNYdxiLVRTNeQL6PCR0c5 8WVsPvbJGA3dy34jkPJ5Pw2oG841rshl+YsQnCnoOkoEX9QJMbxK5rnIKGF28TRugVdv xmFCeJDQWmvURKIbTwZ5m7r2Fe3RY2PuT112oXLggOut077BUvTfR/mTj59yF5PhXKMx tLCvwz3JcZPduXOzhmN/8w/4GfGl+9fs/e0l1MbxEg0stRfnMrEClvBafQDxvAHYH0uI aBDg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=aWYDBVHB; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-202237-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-202237-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id 41be03b00d2f7-6c35c17ca6esi9643358a12.616.2024.06.05.04.11.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Jun 2024 04:11:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-202237-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=aWYDBVHB; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-202237-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-202237-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id B031F285C0E for ; Wed, 5 Jun 2024 11:10:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4C0BE19413F; Wed, 5 Jun 2024 11:09:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="aWYDBVHB" Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7EF2219412A for ; Wed, 5 Jun 2024 11:09:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717585790; cv=none; b=sPMEhFVHxZk3NGfF3hpGhQfxwCQyRwH0NM/QeciyCHohgVNRAcYlMtA1iyqKsiD8h6Y67jK5L+KbiwIJhgNZhYnF7cCG6+IFf5k8Zew5hGuJI4LD1HqKDI8Pav3+G7dXO2jIWb84fUHxvrs395Gj1adTM5qMmT5v0iPjY49jP3s= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717585790; c=relaxed/simple; bh=gHYwV3ZcigYKcTefauABwPWAEb9vyy0l/uk5Qsnin7g=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=I8Pzg1HaLYUa/7G80AuK6ri3TFjww5lyPLOMIIcYMawW2wXync9z6GuTDkHL2hhOZsYq/luvjcPAab0HIbGXVikX9EKUYr7Mbltikqib9PyBsTGysLx0RyGguAMEm1tvhtOuo0CMOTMvjKc1xFhxJwmnhM+MeZCXPAumgjEISqQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=aWYDBVHB; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id E13B640E0176; Wed, 5 Jun 2024 11:09:45 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id iJf5bq__s4gN; Wed, 5 Jun 2024 11:09:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1717585781; bh=u8G7LlOZuSGdMErqsnXyAGVosfE3DwlKRA2nP23l5K8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=aWYDBVHBUclEEG1gDdbe+IdXFSR610ZcoZ15fdD8wx7IG52P3H1YvEhtTtsD9nONn EgachKPplm43FJBaLMC5cc6CvfKV8MA6SbwzeUu688pecrXXCwz7NgHD2A/vpnmyDI RyJkAcnNA1Bcw8f8SHu++1GS8A9sSmpx7KeGtYLbr9WzqlMvWymSdqGrctv/FnXRUI /v4rEcLYOYGvvAJI8FsNk9w9gkIU13OJMJIrqITMCtL4fQMOJdLywG351jw+GburS3 bBcRign7gnvOvXogKGlvpwebk/wxjW+WltpUQFOHnmWjW7jokjkP0FCJ6m/EvuLDTe BbqVHmANcg2kg0cCHJdFwMhlxCE6azl8xwW2RkRPsTxwRItOuqsMhQDYruReg6HJyR 6sUhmNdlZGoCqckVBNJY7ipHisko8EqoNU/rhHcBqsr6g313/KLk9HxSbdYRTdPm8l QEZSleJvDkkR2JwNGSKsLLkuvNMWSJaGpvKCmbqrVHmzI08iJxzauhUwV4ccvI/Zqr hfGKSO2De6TDGnPBS6+11FvEK0QNVZDFIWT6waY8YUuOVx+tr/qnezVh6BEbypjMNU E1DdG2C1jyw2gnmyh3zRSpfjkQ0ZIaHNe1mOzFZIIGKdj2pZQ1JRAAcBC7k+puZ9nn A1smz3yi1mW/YVlSH/e7KPoI= Received: from zn.tnic (p5de8ee85.dip0.t-ipconnect.de [93.232.238.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 5225D40E016A; Wed, 5 Jun 2024 11:09:11 +0000 (UTC) Date: Wed, 5 Jun 2024 13:09:04 +0200 From: Borislav Petkov To: Dave Young , ardb@kernel.org, dan.j.williams@intel.com Cc: "Kalra, Ashish" , Mike Rapoport , tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, rafael@kernel.org, hpa@zytor.com, peterz@infradead.org, adrian.hunter@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, jun.nakajima@intel.com, rick.p.edgecombe@intel.com, thomas.lendacky@amd.com, michael.roth@amd.com, seanjc@google.com, kai.huang@intel.com, bhe@redhat.com, kirill.shutemov@linux.intel.com, bdas@redhat.com, vkuznets@redhat.com, dionnaglaze@google.com, anisinha@redhat.com, jroedel@suse.de, kexec@lists.infradead.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec Message-ID: <20240605110904.GWZmBHUHSqCJVQYajF@fat_crate.local> References: <7eb4ca99-679c-4f23-9562-a39b966c28a0@amd.com> <20240603165747.GGZl32C9yrmXJ4nhPT@fat_crate.local> <2343889c-887a-49ce-86df-343737d70d37@amd.com> <20240603171231.GJZl35f-BHvU2Pk3lb@fat_crate.local> <41e085b8-2b45-40ab-9a6f-f4ad975a0b06@amd.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Moving Ard and Dan to To: On Wed, Jun 05, 2024 at 10:28:18AM +0800, Dave Young wrote: > Ok, thanks! I think the right way is creating two patches, one to > remove the __efi_memmap_free, Yap, that f0ef6523475f ("efi: Fix efi_memmap_alloc() leaks") needs revisiting. So AFAIU, the flow is this: In a kexec-ed kernel: 1. efi_arch_mem_reserve() gets called by bgrt, erst, mokvar... whatever to hold on to boot services regions for longer otherwise EFI "implementations" explode. 2. On same kexec-ed kernel, we call into kexec_enter_virtual_mode() because it needs to get the runtime services regions from the first kernel 3. As part of that call, it'll do efi_memmap_init_late->__efi_memmap_init(): if (efi.memmap.flags & (EFI_MEMMAP_MEMBLOCK | EFI_MEMMAP_SLAB)) __efi_memmap_free(efi.memmap.phys_map, and the memory which got allocated in step 1 is gone, thus reverting what efi_arch_mem_reserve() is trying to fix. IOW, we need a EFI_MEMMAP_DO_NOT_TOUCH_MY_MEMORY flag which'll stop this from happening. But I'd prefer it if Ard decides what the right thing to do here is. > another is skip efi_arch_mem_reserve when the EFI_MEMORY_RUNTIME bit > was set already. Can that even happen? Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette