linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Matt Fleming <matt@codeblueprint.co.uk>
To: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@amacapital.net>,
	Ingo Molnar <mingo@kernel.org>,
	Stephen Smalley <sds@tycho.nsa.gov>, X86 ML <x86@kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Peter Zijlstra <a.p.zijlstra@chello.nl>,
	Andy Lutomirski <luto@kernel.org>,
	Denys Vlasenko <dvlasenk@redhat.com>,
	Brian Gerst <brgerst@gmail.com>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Ricardo Neri <ricardo.neri-calderon@linux.intel.com>,
	luv@ml01.01.org
Subject: Re: [PATCH v2] x86/mm: warn on W+x mappings
Date: Thu, 15 Oct 2015 11:10:16 +0100	[thread overview]
Message-ID: <20151015101016.GB2975@codeblueprint.co.uk> (raw)
In-Reply-To: <20151014153522.GC8218@pd.tnic>

On Wed, 14 Oct, at 05:35:22PM, Borislav Petkov wrote:
> On Wed, Oct 14, 2015 at 08:30:48AM -0700, Andy Lutomirski wrote:
> > Can we just unmap these things until someone tries to do an EFI call,
> > and then unmap them again after the call returns?  We already switch
> > pgds for EFI IIRC.
> 
> hpa did mention an EFI-aware page fault handler at the time. I guess we
> could do that too...

We do this for the Linux UEFI Validation project kernel [1]. There, we
do not map EFI Boot Services regions by default, only if the firmware
tries to access them.

This gives us the opporunity to print an error message if Boot
Services regions are accessed after ExitBootServices() (which is the
bug mjg59 describes in commit 916f676f8dc0 ("x86, efi: Retain boot
service code until after switching to virtual mode")).

But for the issue being discussed in this thread, the thing unmapping
the EFI regions buys you is that they're no longer accessible from the
x86 sleep/wakeup code paths, since those also use trampoline_pgd which
is where the EFI page tables are mapped.

And that's probably a good idea.

[1] - https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit/?h=stable&id=9b78793058bf93958aa9529400cb2617ec1bc958

-- 
Matt Fleming, Intel Open Source Technology Center

  reply	other threads:[~2015-10-15 10:10 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-02 19:29 [PATCH v2] x86/mm: warn on W+x mappings Stephen Smalley
2015-10-02 20:44 ` Kees Cook
2015-10-03 11:27 ` Ingo Molnar
2015-10-05 19:13   ` Stephen Smalley
2015-10-06  7:32     ` Ingo Molnar
2015-10-06 15:37       ` Stephen Smalley
2015-10-12 11:36         ` Borislav Petkov
2015-10-12 12:41           ` Matt Fleming
2015-10-12 12:49             ` Ingo Molnar
2015-10-12 12:55               ` Matt Fleming
2015-10-12 14:17                 ` Ingo Molnar
2015-10-12 14:49                   ` Matt Fleming
2015-10-12 15:34                     ` Ard Biesheuvel
2015-10-12 15:50                       ` Matt Fleming
2015-10-12 16:43                         ` Ard Biesheuvel
2015-10-14 15:18                     ` Ingo Molnar
2015-10-14 15:30                       ` Andy Lutomirski
2015-10-14 15:35                         ` Borislav Petkov
2015-10-15 10:10                           ` Matt Fleming [this message]
2015-10-15 10:33                             ` Borislav Petkov
2015-10-16  1:45                               ` Ricardo Neri
2015-10-14 21:02                       ` Matt Fleming
2015-10-21  9:42                         ` Ingo Molnar
2015-10-21 12:49                           ` Ingo Molnar
2015-10-21 12:57                             ` Ard Biesheuvel
2015-10-21 13:24                               ` Borislav Petkov
2015-10-21 13:28                                 ` Ard Biesheuvel
2015-10-21 14:36                                   ` Borislav Petkov
2015-10-21 18:46                                     ` Andy Lutomirski
2015-10-21 20:45                                       ` Matt Fleming
2015-10-21 20:49                                         ` Andy Lutomirski
2015-10-21 20:38                           ` Matt Fleming
2015-10-12 14:56                   ` Josh Triplett
2015-10-14 15:19                     ` Ingo Molnar
2015-10-14 16:47                       ` Josh Triplett
2015-10-21  9:43                         ` Ingo Molnar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151015101016.GB2975@codeblueprint.co.uk \
    --to=matt@codeblueprint.co.uk \
    --cc=a.p.zijlstra@chello.nl \
    --cc=ard.biesheuvel@linaro.org \
    --cc=bp@alien8.de \
    --cc=brgerst@gmail.com \
    --cc=dvlasenk@redhat.com \
    --cc=hpa@zytor.com \
    --cc=keescook@chromium.org \
    --cc=linux-efi@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=luto@kernel.org \
    --cc=luv@ml01.01.org \
    --cc=mingo@kernel.org \
    --cc=ricardo.neri-calderon@linux.intel.com \
    --cc=sds@tycho.nsa.gov \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).