| Message ID | 63368ff665956a64f07aee9bc863b70c86b8b0c8.1678785672.git.baskov@ispras.ru |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp1673645wrd;
Tue, 14 Mar 2023 03:26:09 -0700 (PDT)
X-Google-Smtp-Source:
AK7set9HNT6v8/5mpYLgVhYVedkW6TYCPkH52X1tV7XAHV53dky95erRLjHrOfMAQpBLS17015Qy
X-Received: by 2002:a17:90a:1905:b0:237:659a:a456 with SMTP id
5-20020a17090a190500b00237659aa456mr37040618pjg.49.1678789569581;
Tue, 14 Mar 2023 03:26:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1678789569; cv=none;
d=google.com; s=arc-20160816;
b=VflbTB1Gcw7Bdze6/Yj7KhMJ59WtjcZg/WoBjaEpTwjT7OBaEpGYJRNJVTlQU70KQk
cEsQKUl0GPBi8zDmSVt21k5aXFrX07q1InIaNaBv6W6YkEMt/PNZMF0Gu6oukxl7YfFc
4hvFS9zZn0EK7zQQitN0WrvyOzWXTaBMJhLNYwfDHU+9iHy8CGzLS/PsdCXsJKWZCRXd
3zyiJ5fvo+vhEHsUwkW+Ptqbvct4R2c3FngxjawAYfaj5W6uOoqvBjUFn2q463TYPh8y
JVN/yNv1Dl+b0PyeOA7aOQm/8omAKhyulFPSGZuKFrUykCWEaTnBTDhNZC4LTMkfBVGi
FxxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature:dkim-filter;
bh=EndKTKsJI/zHF8qKzRpQrYkCJTzowWyDZ0KXjbiBOMU=;
b=u+UNyy3fvEOPPU1ib7TaVe4xzcYUFXH5H6MgSlWjTUNgmdawNJQ7eqGXijf8A5OvF5
crxiC2+G+oqhNajRFOVDjdYZipRNqEURGOzAykpptOkfQMtKLQrtnFmu+8s6UiuinUWp
tkIta9PABQ5NX7pZ/yBM8e5g9RDW1++6geyqgya+zf1zGA5/zWgLIdlOVAYmnRUbiVZL
eXRdk5dsvuatMBOPGWlmg/ZJiKCEc85yqv8/7dBZuSCBw3HiMt+4U+t4l4AnQsZZCAR4
zlCk9Hs/pMOQeHI/fYu0rQXqyX7MnPFx7o7g7jTN8IbM7mTjPKFzpxSI3hrRo0kl29y6
uyww==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@ispras.ru header.s=default header.b=S3f9Oxdc;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
4-20020a17090a19c400b00233c5363cdcsi2031770pjj.142.2023.03.14.03.25.54;
Tue, 14 Mar 2023 03:26:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@ispras.ru header.s=default header.b=S3f9Oxdc;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S229735AbjCNKWt (ORCPT <rfc822;realc9580@gmail.com> + 99 others);
Tue, 14 Mar 2023 06:22:49 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51580 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230164AbjCNKW1 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 14 Mar 2023 06:22:27 -0400
Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 520199BA53;
Tue, 14 Mar 2023 03:22:02 -0700 (PDT)
Received: from localhost.localdomain (unknown [83.149.199.65])
by mail.ispras.ru (Postfix) with ESMTPSA id 0F03D4076277;
Tue, 14 Mar 2023 10:14:01 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru 0F03D4076277
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru;
s=default; t=1678788841;
bh=EndKTKsJI/zHF8qKzRpQrYkCJTzowWyDZ0KXjbiBOMU=;
h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
b=S3f9OxdcOZWWxzDL2nQnIrjF78YiYGdsM5K2Y8erPmAWJAcvOCOqv1h3PbK9oIZYe
p0pFfQrHtZ+adviTwYKgCthCl2PaXXtDux7UEGqk50kcO/TirDpn52a4ojJ4Yo1NHM
yNruEpmr8Dt+0/oaoJlusJmXKkvUkjY2UCuZ0qBA=
From: Evgeniy Baskov <baskov@ispras.ru>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: Evgeniy Baskov <baskov@ispras.ru>, Borislav Petkov <bp@alien8.de>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Alexey Khoroshilov <khoroshilov@ispras.ru>,
Peter Jones <pjones@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>,
"Limonciello, Mario" <mario.limonciello@amd.com>,
joeyli <jlee@suse.com>, lvc-project@linuxtesting.org,
x86@kernel.org, linux-efi@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: [PATCH v5 03/27] x86/boot: Set cr0 to known state in trampoline
Date: Tue, 14 Mar 2023 13:13:30 +0300
Message-Id:
<63368ff665956a64f07aee9bc863b70c86b8b0c8.1678785672.git.baskov@ispras.ru>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <cover.1678785672.git.baskov@ispras.ru>
References: <cover.1678785672.git.baskov@ispras.ru>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1760338451864588550?=
X-GMAIL-MSGID: =?utf-8?q?1760338451864588550?=
|
| Series |
x86_64: Improvements at compressed kernel stage
|
|
Commit Message
Evgeniy Baskov
March 14, 2023, 10:13 a.m. UTC
Ensure WP bit to be set to prevent boot code from writing to non-writable memory pages. Tested-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Evgeniy Baskov <baskov@ispras.ru> --- arch/x86/boot/compressed/head_64.S | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)
Comments
On Tue, Mar 14, 2023 at 01:13:30PM +0300, Evgeniy Baskov wrote: > Ensure WP bit to be set to prevent boot code from writing to > non-writable memory pages. > > Tested-by: Mario Limonciello <mario.limonciello@amd.com> > Signed-off-by: Evgeniy Baskov <baskov@ispras.ru> > --- > arch/x86/boot/compressed/head_64.S | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index 03c4328a88cb..01fa42d31648 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src) > pushl $__KERNEL_CS > pushl %eax > > - /* Enable paging again. */ > - movl %cr0, %eax > - btsl $X86_CR0_PG_BIT, %eax > + /* Enable paging and set CR0 to known state (this also sets WP flag) */ > + movl $CR0_STATE, %eax This sets a lot more than WP. Why?
On 2023-04-05 20:54, Borislav Petkov wrote: > On Tue, Mar 14, 2023 at 01:13:30PM +0300, Evgeniy Baskov wrote: >> Ensure WP bit to be set to prevent boot code from writing to >> non-writable memory pages. >> >> Tested-by: Mario Limonciello <mario.limonciello@amd.com> >> Signed-off-by: Evgeniy Baskov <baskov@ispras.ru> >> --- >> arch/x86/boot/compressed/head_64.S | 5 ++--- >> 1 file changed, 2 insertions(+), 3 deletions(-) >> >> diff --git a/arch/x86/boot/compressed/head_64.S >> b/arch/x86/boot/compressed/head_64.S >> index 03c4328a88cb..01fa42d31648 100644 >> --- a/arch/x86/boot/compressed/head_64.S >> +++ b/arch/x86/boot/compressed/head_64.S >> @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src) >> pushl $__KERNEL_CS >> pushl %eax >> >> - /* Enable paging again. */ >> - movl %cr0, %eax >> - btsl $X86_CR0_PG_BIT, %eax >> + /* Enable paging and set CR0 to known state (this also sets WP flag) >> */ >> + movl $CR0_STATE, %eax > > This sets a lot more than WP. Why? Because there are code paths where cr0 state is not initialized (e.g. the EFISTUB code path) and it's better to know it exactly. Although we don't actually care about MP, ET, NE and AM flags, but they should be all supported, so the choice was arbitrary. Also they are already initialized to this value on one code path -- when the kernel started its execution via startup_32. Thanks.
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 03c4328a88cb..01fa42d31648 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -660,9 +660,8 @@ SYM_CODE_START(trampoline_32bit_src) pushl $__KERNEL_CS pushl %eax - /* Enable paging again. */ - movl %cr0, %eax - btsl $X86_CR0_PG_BIT, %eax + /* Enable paging and set CR0 to known state (this also sets WP flag) */ + movl $CR0_STATE, %eax movl %eax, %cr0 lret