linux-efi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
To: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Cc: Paolo Bonzini <pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
	"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
	<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
	"H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
	X86 ML <x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
	stable <stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
	Laszlo Ersek <lersek-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
	Matt Fleming
	<matt.fleming-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
	Borislav Petkov <bp-l3A5Bk7waGM@public.gmane.org>,
	"linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
	<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH] x86: setup: extend low identity map to cover whole kernel range
Date: Wed, 14 Oct 2015 09:22:03 -0700	[thread overview]
Message-ID: <CALCETrX=4NcbfnaQ7wf27v+xn8dY_=acJwX4EjWZVTTWZeJ_yg@mail.gmail.com> (raw)
In-Reply-To: <20151014135211.GB2782-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>

On Wed, Oct 14, 2015 at 6:52 AM, Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org> wrote:
> (Pulling in luto for low-level x86 fu)
>
> On Wed, 14 Oct, at 01:30:45PM, Paolo Bonzini wrote:
>> On 32-bit systems, the initial_page_table is reused by
>> efi_call_phys_prolog as an identity map to call
>> SetVirtualAddressMap.  efi_call_phys_prolog takes care of
>> converting the current CPU's GDT to a physical address too.
>>
>> For PAE kernels the identity mapping is achieved by aliasing the
>> first PDPE for the kernel memory mapping into the first PDPE
>> of initial_page_table.  This makes the EFI stub's trick "just work".
>>
>> However, for non-PAE kernels there is no guarantee that the identity
>> mapping in the initial_page_table extends as far as the GDT; in this
>> case, accesses to the GDT will cause a page fault (which quickly becomes
>> a triple fault).  Fix this by copying the kernel mappings from
>> swapper_pg_dir to initial_page_table twice, both at PAGE_OFFSET and at
>> identity mapping.
>
> Oops, good catch guys. This is clearly a bug, but...
>
>> For some reason, this is only reproducible with QEMU's dynamic translation
>> mode, and not for example with KVM.  However, even under KVM one can clearly
>> see that the page table is bogus:

I haven't looked at the code, but it wouldn't surprise me if this is
some kind of TLB issue.  With the hardware TLB (which is in use on
KVM), it seems quite likely that the GDT is pretty much always in the
TLB and, if nothing flushes global mappings, then it'll probably stick
around.

--Andy

  parent reply	other threads:[~2015-10-14 16:22 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-14 11:30 [PATCH] x86: setup: extend low identity map to cover whole kernel range Paolo Bonzini
2015-10-14 13:52 ` Matt Fleming
2015-10-14 14:29   ` Paolo Bonzini
2015-10-14 21:04     ` Matt Fleming
     [not found]   ` <20151014135211.GB2782-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-10-14 16:22     ` Andy Lutomirski [this message]
2015-10-14 21:00       ` Matt Fleming
     [not found]         ` <20151014210050.GE2782-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-10-14 21:39           ` Andy Lutomirski
2015-10-15  9:45             ` Matt Fleming
     [not found]             ` <CALCETrU=YL8yWpp29xO0N7TEVogX1j5Fyk5M_FpJTa9ZOS21Zw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-10-15 12:18               ` H. Peter Anvin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CALCETrX=4NcbfnaQ7wf27v+xn8dY_=acJwX4EjWZVTTWZeJ_yg@mail.gmail.com' \
    --to=luto-klttt9wpgjjwatoyat5jvq@public.gmane.org \
    --cc=bp-l3A5Bk7waGM@public.gmane.org \
    --cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
    --cc=lersek-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org \
    --cc=matt.fleming-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
    --cc=pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).