The following commit has been merged into the x86/seves branch of tip:

Commit-ID:     e5ceb9a02402b984feecb95a82239be151c9f4e2
Gitweb:        
https://git.kernel.org/tip/e5ceb9a02402b984feecb95a82239be151c9f4e2
Author:        Arvind Sankar <nived...@alum.mit.edu>
AuthorDate:    Sat, 10 Oct 2020 15:11:10 -04:00
Committer:     Borislav Petkov <b...@suse.de>
CommitterDate: Mon, 19 Oct 2020 12:47:21 +02:00

x86/boot/64: Initialize 5-level paging variables earlier

Commit

  ca0e22d4f011 ("x86/boot/compressed/64: Always switch to own page table")

started using a new set of pagetables even without KASLR.

After that commit, initialize_identity_maps() is called before the
5-level paging variables are setup in choose_random_location(), which
will not work if 5-level paging is actually enabled.

Fix this by moving the initialization of __pgtable_l5_enabled,
pgdir_shift and ptrs_per_p4d into cleanup_trampoline(), which is called
immediately after the finalization of whether the kernel is executing
with 4- or 5-level paging. This will be earlier than anything that might
require those variables, and keeps the 4- vs 5-level paging code all in
one place.

Fixes: ca0e22d4f011 ("x86/boot/compressed/64: Always switch to own page table")
Signed-off-by: Arvind Sankar <nived...@alum.mit.edu>
Signed-off-by: Borislav Petkov <b...@suse.de>
Reviewed-by: Joerg Roedel <jroe...@suse.de>
Tested-by: Joerg Roedel <jroe...@suse.de>
Tested-by: Kirill A. Shutemov <kirill.shute...@linux.intel.com>
Link: https://lkml.kernel.org/r/20201010191110.4060905-1-nived...@alum.mit.edu
---
 arch/x86/boot/compressed/ident_map_64.c |  6 ------
 arch/x86/boot/compressed/kaslr.c        |  8 --------
 arch/x86/boot/compressed/pgtable_64.c   | 16 ++++++++++++++++
 3 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/arch/x86/boot/compressed/ident_map_64.c 
b/arch/x86/boot/compressed/ident_map_64.c
index 063a60e..c6f7aef 100644
--- a/arch/x86/boot/compressed/ident_map_64.c
+++ b/arch/x86/boot/compressed/ident_map_64.c
@@ -33,12 +33,6 @@
 #define __PAGE_OFFSET __PAGE_OFFSET_BASE
 #include "../../mm/ident_map.c"
 
-#ifdef CONFIG_X86_5LEVEL
-unsigned int __pgtable_l5_enabled;
-unsigned int pgdir_shift = 39;
-unsigned int ptrs_per_p4d = 1;
-#endif
-
 /* Used by PAGE_KERN* macros: */
 pteval_t __default_kernel_pte_mask __read_mostly = ~0;
 
diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
index b59547c..b92fffb 100644
--- a/arch/x86/boot/compressed/kaslr.c
+++ b/arch/x86/boot/compressed/kaslr.c
@@ -840,14 +840,6 @@ void choose_random_location(unsigned long input,
                return;
        }
 
-#ifdef CONFIG_X86_5LEVEL
-       if (__read_cr4() & X86_CR4_LA57) {
-               __pgtable_l5_enabled = 1;
-               pgdir_shift = 48;
-               ptrs_per_p4d = 512;
-       }
-#endif
-
        boot_params->hdr.loadflags |= KASLR_FLAG;
 
        if (IS_ENABLED(CONFIG_X86_32))
diff --git a/arch/x86/boot/compressed/pgtable_64.c 
b/arch/x86/boot/compressed/pgtable_64.c
index 7d0394f..5def167 100644
--- a/arch/x86/boot/compressed/pgtable_64.c
+++ b/arch/x86/boot/compressed/pgtable_64.c
@@ -8,6 +8,13 @@
 #define BIOS_START_MIN         0x20000U        /* 128K, less than this is 
insane */
 #define BIOS_START_MAX         0x9f000U        /* 640K, absolute maximum */
 
+#ifdef CONFIG_X86_5LEVEL
+/* __pgtable_l5_enabled needs to be in .data to avoid being cleared along with 
.bss */
+unsigned int __section(.data) __pgtable_l5_enabled;
+unsigned int __section(.data) pgdir_shift = 39;
+unsigned int __section(.data) ptrs_per_p4d = 1;
+#endif
+
 struct paging_config {
        unsigned long trampoline_start;
        unsigned long l5_required;
@@ -198,4 +205,13 @@ void cleanup_trampoline(void *pgtable)
 
        /* Restore trampoline memory */
        memcpy(trampoline_32bit, trampoline_save, TRAMPOLINE_32BIT_SIZE);
+
+       /* Initialize variables for 5-level paging */
+#ifdef CONFIG_X86_5LEVEL
+       if (__read_cr4() & X86_CR4_LA57) {
+               __pgtable_l5_enabled = 1;
+               pgdir_shift = 48;
+               ptrs_per_p4d = 512;
+       }
+#endif
 }

Reply via email to