[PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Pavel Tatashin]

The page table order must be increased for EFI table in order to avoid a
bug where NMI tries to change the page table to kernel page table, while
efi page table is active.

For more disccussion about this bug, see this thread:
http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html

Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
---
 arch/x86/include/asm/pgalloc.h | 11 +++++++++++
 arch/x86/platform/efi/efi_64.c |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h
index b6d425999f99..1178a51b77f3 100644
--- a/arch/x86/include/asm/pgalloc.h
+++ b/arch/x86/include/asm/pgalloc.h
@@ -27,6 +27,17 @@ static inline void paravirt_release_pud(unsigned long pfn) {}
  */
 extern gfp_t __userpte_alloc_gfp;
 
+#ifdef CONFIG_PAGE_TABLE_ISOLATION
+/*
+ * Instead of one PGD, we acquire two PGDs.  Being order-1, it is
+ * both 8k in size and 8k-aligned.  That lets us just flip bit 12
+ * in a pointer to swap between the two 4k halves.
+ */
+#define PGD_ALLOCATION_ORDER 1
+#else
+#define PGD_ALLOCATION_ORDER 0
+#endif
+
 /*
  * Allocate and free page tables.
  */
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index 2f25a363068c..dcb2d9d185a2 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -142,7 +142,7 @@ int __init efi_alloc_page_tables(void)
 		return 0;
 
 	gfp_mask = GFP_KERNEL | __GFP_NOTRACK | __GFP_ZERO;
-	efi_pgd = (pgd_t *)__get_free_page(gfp_mask);
+	efi_pgd = (pgd_t *)__get_free_pages(gfp_mask, PGD_ALLOCATION_ORDER);
 	if (!efi_pgd)
 		return -ENOMEM;
 
-- 
1.8.3.1

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Ingo Molnar]

* Pavel Tatashin <pasha.tatashin@oracle.com> wrote:

> The page table order must be increased for EFI table in order to avoid a
> bug where NMI tries to change the page table to kernel page table, while
> efi page table is active.
> 
> For more disccussion about this bug, see this thread:
> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
> 
> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
> ---
>  arch/x86/include/asm/pgalloc.h | 11 +++++++++++
>  arch/x86/platform/efi/efi_64.c |  2 +-
>  2 files changed, 12 insertions(+), 1 deletion(-)

Is there a Git tree/branch I could follow to see the very latest v4.9 PTI backport 
commits?

Thanks,

	Ingo

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Pavel Tatashin]

Hi Ingo,

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git/log/?h=linux-4.9.y&ofs=50
4.9 PTI backport is in 4.9.75.

Thank you,
Pavel

On Fri, Jan 12, 2018 at 8:58 AM, Ingo Molnar <mingo@kernel.org> wrote:
>
> * Pavel Tatashin <pasha.tatashin@oracle.com> wrote:
>
>> The page table order must be increased for EFI table in order to avoid a
>> bug where NMI tries to change the page table to kernel page table, while
>> efi page table is active.
>>
>> For more disccussion about this bug, see this thread:
>> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
>>
>> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
>> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
>> ---
>>  arch/x86/include/asm/pgalloc.h | 11 +++++++++++
>>  arch/x86/platform/efi/efi_64.c |  2 +-
>>  2 files changed, 12 insertions(+), 1 deletion(-)
>
> Is there a Git tree/branch I could follow to see the very latest v4.9 PTI backport
> commits?
>
> Thanks,
>
>         Ingo

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Jiri Kosina]

On Thu, 11 Jan 2018, Pavel Tatashin wrote:

> The page table order must be increased for EFI table in order to avoid a
> bug where NMI tries to change the page table to kernel page table, while
> efi page table is active.
> 
> For more disccussion about this bug, see this thread:
> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
> 
> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>

Acked-by: Jiri Kosina <jkosina@suse.cz>

We are carrying similar patch in our 4.4 codestream as well.

Please note that this is needed only for those trees that have 67a9108ed43 
("x86/efi: Build our own page table structures") backported to it. That 
used to be in some -stable releases, and some had it reverted, so please 
check that.

-- 
Jiri Kosina
SUSE Labs

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Greg KH]

On Fri, Jan 12, 2018 at 03:27:32PM +0100, Jiri Kosina wrote:
> On Thu, 11 Jan 2018, Pavel Tatashin wrote:
> 
> > The page table order must be increased for EFI table in order to avoid a
> > bug where NMI tries to change the page table to kernel page table, while
> > efi page table is active.
> > 
> > For more disccussion about this bug, see this thread:
> > http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
> > 
> > Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
> > Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
> 
> Acked-by: Jiri Kosina <jkosina@suse.cz>
> 
> We are carrying similar patch in our 4.4 codestream as well.
> 
> Please note that this is needed only for those trees that have 67a9108ed43 
> ("x86/efi: Build our own page table structures") backported to it. That 
> used to be in some -stable releases, and some had it reverted, so please 
> check that.

The 4.4-stable tree reverted this patch, so I'll take the 4.4-specific
patch for this that was just sent.

thanks,

greg k-h

Patch "x86/pti/efi: broken conversion from efi to kernel page table" has been added to the 4.9-stable tree

[gregkh]

This is a note to let you know that I've just added the patch titled

    x86/pti/efi: broken conversion from efi to kernel page table

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     x86-pti-efi-broken-conversion-from-efi-to-kernel-page-table.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From pasha.tatashin@oracle.com  Sat Jan 13 14:16:28 2018
From: Pavel Tatashin <pasha.tatashin@oracle.com>
Date: Thu, 11 Jan 2018 16:58:20 -0500
Subject: x86/pti/efi: broken conversion from efi to kernel page table
To: steven.sistare@oracle.com, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, gregkh@linuxfoundation.org, jkosina@suse.cz, hughd@google.com, dave.hansen@linux.intel.com, luto@kernel.org, torvalds@linux-foundation.org
Message-ID: <20180111215820.29736-1-pasha.tatashin@oracle.com>

From: Pavel Tatashin <pasha.tatashin@oracle.com>

The page table order must be increased for EFI table in order to avoid a
bug where NMI tries to change the page table to kernel page table, while
efi page table is active.

For more disccussion about this bug, see this thread:
http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html

Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
---
 arch/x86/include/asm/pgalloc.h |   11 +++++++++++
 arch/x86/platform/efi/efi_64.c |    2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

--- a/arch/x86/include/asm/pgalloc.h
+++ b/arch/x86/include/asm/pgalloc.h
@@ -27,6 +27,17 @@ static inline void paravirt_release_pud(
  */
 extern gfp_t __userpte_alloc_gfp;
 
+#ifdef CONFIG_PAGE_TABLE_ISOLATION
+/*
+ * Instead of one PGD, we acquire two PGDs.  Being order-1, it is
+ * both 8k in size and 8k-aligned.  That lets us just flip bit 12
+ * in a pointer to swap between the two 4k halves.
+ */
+#define PGD_ALLOCATION_ORDER 1
+#else
+#define PGD_ALLOCATION_ORDER 0
+#endif
+
 /*
  * Allocate and free page tables.
  */
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -142,7 +142,7 @@ int __init efi_alloc_page_tables(void)
 		return 0;
 
 	gfp_mask = GFP_KERNEL | __GFP_NOTRACK | __GFP_ZERO;
-	efi_pgd = (pgd_t *)__get_free_page(gfp_mask);
+	efi_pgd = (pgd_t *)__get_free_pages(gfp_mask, PGD_ALLOCATION_ORDER);
 	if (!efi_pgd)
 		return -ENOMEM;
 


Patches currently in stable-queue which might be from pasha.tatashin@oracle.com are

queue-4.9/x86-pti-efi-broken-conversion-from-efi-to-kernel-page-table.patch

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Greg KH]

On Thu, Jan 11, 2018 at 04:58:20PM -0500, Pavel Tatashin wrote:
> The page table order must be increased for EFI table in order to avoid a
> bug where NMI tries to change the page table to kernel page table, while
> efi page table is active.
> 
> For more disccussion about this bug, see this thread:
> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
> 
> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
> Acked-by: Jiri Kosina <jkosina@suse.cz>
> ---
>  arch/x86/include/asm/pgalloc.h | 11 +++++++++++
>  arch/x86/platform/efi/efi_64.c |  2 +-
>  2 files changed, 12 insertions(+), 1 deletion(-)

Now queued up, thanks.

greg k-h

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Greg KH]

On Thu, Jan 11, 2018 at 04:58:20PM -0500, Pavel Tatashin wrote:
> The page table order must be increased for EFI table in order to avoid a
> bug where NMI tries to change the page table to kernel page table, while
> efi page table is active.
> 
> For more disccussion about this bug, see this thread:
> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
> 
> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
> Acked-by: Jiri Kosina <jkosina@suse.cz>
> ---
>  arch/x86/include/asm/pgalloc.h | 11 +++++++++++
>  arch/x86/platform/efi/efi_64.c |  2 +-
>  2 files changed, 12 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h
> index b6d425999f99..1178a51b77f3 100644
> --- a/arch/x86/include/asm/pgalloc.h
> +++ b/arch/x86/include/asm/pgalloc.h
> @@ -27,6 +27,17 @@ static inline void paravirt_release_pud(unsigned long pfn) {}
>   */
>  extern gfp_t __userpte_alloc_gfp;
>  
> +#ifdef CONFIG_PAGE_TABLE_ISOLATION
> +/*
> + * Instead of one PGD, we acquire two PGDs.  Being order-1, it is
> + * both 8k in size and 8k-aligned.  That lets us just flip bit 12
> + * in a pointer to swap between the two 4k halves.
> + */
> +#define PGD_ALLOCATION_ORDER 1
> +#else
> +#define PGD_ALLOCATION_ORDER 0
> +#endif

This conflicts with the definition of PGD_ALLOCATION_ORDER in
arch/x86/mm/pgtable.c that says:

/*
 * Instead of one pgd, Kaiser acquires two pgds.  Being order-1, it is
 * both 8k in size and 8k-aligned.  That lets us just flip bit 12
 * in a pointer to swap between the two 4k halves.
 */
#define PGD_ALLOCATION_ORDER    kaiser_enabled

So, which is it?

I'm going to go drop this from the 4.9 stable queue because of this.

thanks,

greg k-h

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Pavel Tatashin]

Hi Greg,

Yeah, the one in pgtable.c needs to be removed, I wonder how it
compiled... I will submit a new patch for 4.9 sometime later.

Thank you,
Pavel

On Sat, Jan 13, 2018 at 12:12 PM, Greg KH <gregkh@linuxfoundation.org> wrote:
> On Thu, Jan 11, 2018 at 04:58:20PM -0500, Pavel Tatashin wrote:
>> The page table order must be increased for EFI table in order to avoid a
>> bug where NMI tries to change the page table to kernel page table, while
>> efi page table is active.
>>
>> For more disccussion about this bug, see this thread:
>> http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html
>>
>> Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
>> Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
>> Acked-by: Jiri Kosina <jkosina@suse.cz>
>> ---
>>  arch/x86/include/asm/pgalloc.h | 11 +++++++++++
>>  arch/x86/platform/efi/efi_64.c |  2 +-
>>  2 files changed, 12 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h
>> index b6d425999f99..1178a51b77f3 100644
>> --- a/arch/x86/include/asm/pgalloc.h
>> +++ b/arch/x86/include/asm/pgalloc.h
>> @@ -27,6 +27,17 @@ static inline void paravirt_release_pud(unsigned long pfn) {}
>>   */
>>  extern gfp_t __userpte_alloc_gfp;
>>
>> +#ifdef CONFIG_PAGE_TABLE_ISOLATION
>> +/*
>> + * Instead of one PGD, we acquire two PGDs.  Being order-1, it is
>> + * both 8k in size and 8k-aligned.  That lets us just flip bit 12
>> + * in a pointer to swap between the two 4k halves.
>> + */
>> +#define PGD_ALLOCATION_ORDER 1
>> +#else
>> +#define PGD_ALLOCATION_ORDER 0
>> +#endif
>
> This conflicts with the definition of PGD_ALLOCATION_ORDER in
> arch/x86/mm/pgtable.c that says:
>
> /*
>  * Instead of one pgd, Kaiser acquires two pgds.  Being order-1, it is
>  * both 8k in size and 8k-aligned.  That lets us just flip bit 12
>  * in a pointer to swap between the two 4k halves.
>  */
> #define PGD_ALLOCATION_ORDER    kaiser_enabled
>
> So, which is it?
>
> I'm going to go drop this from the 4.9 stable queue because of this.
>
> thanks,
>
> greg k-h

Re: [PATCH 4.9] x86/pti/efi: broken conversion from efi to kernel page table

[Greg KH]

On Sat, Jan 13, 2018 at 12:40:10PM -0500, Pavel Tatashin wrote:
> Hi Greg,
> 
> Yeah, the one in pgtable.c needs to be removed, I wonder how it
> compiled... I will submit a new patch for 4.9 sometime later.

It builds, just gives a warning, easy to miss if you aren't looking for
it :)