diff mbox series

[v3,27/30] arm64: head: clean the ID map page to the PoC

Message ID	20220411094824.4176877-28-ardb@kernel.org
State	New
Headers	show Return-Path: <linux-efi-owner@kernel.org> From: Ard Biesheuvel <ardb@kernel.org> To: linux-arm-kernel@lists.infradead.org Cc: linux-efi@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>, Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>, Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>, Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org> Subject: [PATCH v3 27/30] arm64: head: clean the ID map page to the PoC Date: Mon, 11 Apr 2022 11:48:21 +0200 Message-Id: <20220411094824.4176877-28-ardb@kernel.org> In-Reply-To: <20220411094824.4176877-1-ardb@kernel.org> References: <20220411094824.4176877-1-ardb@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	arm64: support WXN and entry with MMU enabled \| expand [v3,00/30] arm64: support WXN and entry with MMU enabled [v3,01/30] arm64: head: move kimage_vaddr variable into C file [v3,02/30] arm64: mm: make vabits_actual a build time constant if possible [v3,03/30] arm64: head: move assignment of idmap_t0sz to C code [v3,04/30] arm64: head: drop idmap_ptrs_per_pgd [v3,05/30] arm64: head: simplify page table mapping macros (slightly) [v3,06/30] arm64: head: switch to map_memory macro for the extended ID map [v3,07/30] arm64: head: split off idmap creation code [v3,08/30] arm64: kernel: drop unnecessary PoC cache clean+invalidate [v3,09/30] arm64: head: pass ID map root table address to __enable_mmu() [v3,10/30] arm64: mm: provide idmap pointer to cpu_replace_ttbr1() [v3,11/30] arm64: head: add helper function to remap regions in early page tables [v3,12/30] arm64: head: cover entire kernel image in initial ID map [v3,13/30] arm64: head: use relative references to the RELA and RELR tables [v3,14/30] arm64: head: create a temporary FDT mapping in the initial ID map [v3,15/30] arm64: idreg-override: use early FDT mapping in ID map [v3,16/30] arm64: head: factor out TTBR1 assignment into a macro [v3,17/30] arm64: head: populate kernel page tables with MMU and caches on [v3,18/30] arm64: head: record CPU boot mode after enabling the MMU [v3,19/30] arm64: kaslr: deal with init called with VA randomization enabled [v3,20/30] arm64: head: relocate kernel only a single time if KASLR is enabled [v3,21/30] arm64: head: remap the kernel text/inittext region read-only [v3,22/30] arm64: setup: drop early FDT pointer helpers [v3,23/30] arm64: mm: move ro_after_init section into the data segment [v3,24/30] arm64: mm: add support for WXN memory translation attribute [v3,25/30] arm64: head: record the MMU state at primary entry [v3,26/30] arm64: head: avoid cache invalidation when entering with the MMU on [v3,27/30] arm64: head: clean the ID map page to the PoC [v3,28/30] efi: libstub: pass image handle to handle_kernel_image() [v3,29/30] efi/arm64: libstub: run image in place if randomized by the loader [v3,30/30] arm64: efi/libstub: enter with the MMU on if executing in place

Commit Message

Ard Biesheuvel April 11, 2022, 9:48 a.m. UTC

If we enter with the MMU and caches enabled, the caller may not have
performed any cache maintenance. So clean the ID mapped page to the PoC,
and invalidate the I-cache so we can safely execute from it after
disabling the MMU and caches.

Note that this means primary_entry() itself needs to be moved into the
ID map as well, as we will return from init_kernel_el() with the MMU and
caches off.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/head.S | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff mbox series

Patch

diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index 4a05f4480207..0987d59ae333 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -75,7 +75,7 @@ 
 
 	__EFI_PE_HEADER
 
-	__INIT
+	.section ".idmap.text","awx"
 
 	/*
 	 * The following callee saved general purpose registers are used on the
@@ -93,6 +93,18 @@  SYM_CODE_START(primary_entry)
 	bl	record_mmu_state
 	bl	preserve_boot_args
 	bl	create_idmap
+
+	/*
+	 * If we entered with the MMU and caches on, clean the ID mapped part
+	 * of the primary boot code to the PoC and invalidate it from the
+	 * I-cache so we can safely turn them off.
+	 */
+	cbz	x22, 0f
+	adrp	x0, __idmap_text_start
+	adr_l	x1, __idmap_text_end
+	bl	dcache_clean_poc
+	ic	ialluis
+0:
 	bl	init_kernel_el			// w0=cpu_boot_mode
 	mov	x20, x0
 
@@ -106,6 +118,7 @@  SYM_CODE_START(primary_entry)
 	b	__primary_switch
 SYM_CODE_END(primary_entry)
 
+	__INIT
 SYM_CODE_START_LOCAL(record_mmu_state)
 	mrs	x22, CurrentEL
 	cmp	x22, #CurrentEL_EL2