From patchwork Thu Jan 25 10:31:31 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 125784 Delivered-To: patch@linaro.org Received: by 10.46.66.141 with SMTP id h13csp1016581ljf; Thu, 25 Jan 2018 02:31:54 -0800 (PST) X-Google-Smtp-Source: AH8x226NQQXPH2+qqb1/T967sS77bgKjJ76rqnhHs6lIRKgKOr+6uFVuUIqdsI2kR1Nr9Xj97jgZ X-Received: by 2002:a17:902:7046:: with SMTP id h6-v6mr10030991plt.157.1516876314448; Thu, 25 Jan 2018 02:31:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516876314; cv=none; d=google.com; s=arc-20160816; b=mSG5+UNN+ohWfZxjrBNC9B6+xP1Pj1ZRGkNq78kZTLEh1EgZLWEFHNc3S4oawi06J2 oLqKccMSnYGXO/IrK64JEUnhV+hk/+uewuuD1PJv1R0Jjynopx0LpMjHfV5vE+zjciBn lvoBs0Go9N1afzVy6Sd7fUFjzVU3eXbSmxcjMchjgEQP+aIJlISuIVsmFf4RGBtbjCi4 HU/WoPJRTJysdA5QnAmTSLSjt1LuGzSwZrc5VIjHI0klKbOFlj7E0JO5sr1MReq9Tu30 CBF4F3i0rZo3beb5xV75hsNdV5NG/QUMx0dJ2TFvz6p12leXc58VFw3BslUQ0wSZofPz oyMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=pbZxYnVS85OWHmOYfnmZv5HDdFSAeZpZGS+iGrTIW9s=; b=wrZ1bW+Iz+yNEf7WNOaqpK/AMIdGCZQXFaBqFOZn2HXPyb24XBej5rex64CvalXpvr 1yLkFtWJ7h+oNjiYZzubfLiS7dVpEvGx9+R9mY5JoTfz5VCsqXDjmksXO0oNBXSp/Atr /0/hKFcKS0IkDYIjHuUw2jdKmPUOGAM29cD+4PuKC0JSEyb2eamli4bss1aupPKJCOOE dmUPUVWsyyfO2VuHBfGjSAtqlzW4gElsGtRuBL5c5Iuzgww0M3S6UH/t4bPnmiQ77pVr vjl4RDWQqDNSwWkiHDCIrTcR8oXF3VBVhU0blmgWnsJ6sBq5Ts3XdqEVSyEpuZMLh2lF oepg== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZmF4y1lb; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n188si1088646pga.175.2018.01.25.02.31.54; Thu, 25 Jan 2018 02:31:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=ZmF4y1lb; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751227AbeAYKbx (ORCPT + 2 others); Thu, 25 Jan 2018 05:31:53 -0500 Received: from mail-wm0-f67.google.com ([74.125.82.67]:41309 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751154AbeAYKbx (ORCPT ); Thu, 25 Jan 2018 05:31:53 -0500 Received: by mail-wm0-f67.google.com with SMTP id f71so13660457wmf.0 for ; Thu, 25 Jan 2018 02:31:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=FVMk4pC1yCOxmiUpafBID/uAYVwtcSQ+Auhgw0OZopc=; b=ZmF4y1lbljHoTqiVuGnB6LWi4yds3Gj/kuBhZBioWN/Utm+7sYb7coKHFdOD/poosS u6gv8A5Wemb8PafGj6JLkizTYzu/XupfgqsYcLYmtt4UyMzaeaGf2/tpVFvsiT2Ra0yN INLrZNT1/dqcetQsRmWdJLv35IXZMml3Fw+pw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=FVMk4pC1yCOxmiUpafBID/uAYVwtcSQ+Auhgw0OZopc=; b=ekLV8zg7tz/UT5/Pac1Uu1CUa1RPN3DcPX9x7Cqe+D0sg+SAiW8vz0Tc4/FJ0sfGEC t8tAHOAslTulkabLFfJUw/TZV3QHaUwfkDgoArDBwbna6eMU+qrH0IliJ8dPhoEOau1/ rMHzZy78aqRMohPYmnMmgdHTbQlrMScoKxX4mOmb1RGT1QqwCj8yr8zSBD8clZgA27Iu tPMiqIR1pveD8FwMvTJz9XyKk99OgUQrjF2plau140h4Vbhha+9J/ZmIp4pWLD1mZjCL DPwvsC/sZ+Zv1CansajJAvIXkPZa1WunYr8mSCGJOE3jhTsXYSLtAN9p+xJHw+TQKtou HnKw== X-Gm-Message-State: AKwxytevxfqBmq94nJ9P1qUy5tJPxZ0zI1LZ5HR3Nb92VTlM+5moMqer a5EW1QFH7AnKw203eV4t4S14CEcyBfUxnQ== X-Received: by 10.28.32.5 with SMTP id g5mr6469655wmg.62.1516876311858; Thu, 25 Jan 2018 02:31:51 -0800 (PST) Received: from localhost.localdomain ([160.167.127.168]) by smtp.gmail.com with ESMTPSA id j77sm1199964wmf.37.2018.01.25.02.31.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 Jan 2018 02:31:51 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, will.deacon@arm.com, catalin.marinas@arm.com, mark.rutland@arm.com, marc.zyngier@arm.com Cc: joakim.bech@linaro.org, leif.lindholm@linaro.org, graeme.gregory@linaro.org, Ard Biesheuvel Subject: [PATCH 4/4] efi/arm64: unmap the kernel while executing UEFI services Date: Thu, 25 Jan 2018 10:31:31 +0000 Message-Id: <20180125103131.19168-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20180125103131.19168-1-ard.biesheuvel@linaro.org> References: <20180125103131.19168-1-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Now that all UEFI runtime service wrappers ensure that byref arguments are moved into the UEFI marshalling buffer (which is not part of the kernel mapping), we can proceed and unmap the kernel while UEFI runtime service calls are in progress. This is done by setting the EPD1 bit and flushing the TLB of the local CPU. This makes it independent of KPTI or whether non-global mappings are being used. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-rt-wrapper.S | 22 ++++++++++++++++++++ 1 file changed, 22 insertions(+) -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm64/kernel/efi-rt-wrapper.S b/arch/arm64/kernel/efi-rt-wrapper.S index 09e77e5edd94..70af90ef914c 100644 --- a/arch/arm64/kernel/efi-rt-wrapper.S +++ b/arch/arm64/kernel/efi-rt-wrapper.S @@ -9,6 +9,24 @@ #include #include + .macro sepd1, reg + mrs \reg, tcr_el1 // read Translation Control Reg + orr \reg, \reg, #1 << 23 // set EPD1 bit + msr tcr_el1, \reg // write back TCR + isb + tlbi vmalle1 + dsb nsh + .endm + + .macro cepd1, reg + mrs \reg, tcr_el1 // read Translation Control Reg + bic \reg, \reg, #1 << 23 // clear EPD1 bit + msr tcr_el1, \reg // write back TCR + isb + tlbi vmalle1 + dsb nsh + .endm + .section ".rodata", "a" .align PAGE_SHIFT ENTRY(__efi_rt_asm_wrapper) @@ -27,6 +45,7 @@ ENTRY(__efi_rt_asm_wrapper) adr x1, __efi_rt_vectors msr vbar_el1, x1 isb + sepd1 x1 /* * We are lucky enough that no EFI runtime services take more than @@ -46,6 +65,7 @@ ENTRY(__efi_rt_asm_wrapper) ldr x1, 2f msr vbar_el1, x1 isb + cepd1 x1 ldp x1, x2, [sp, #16] cmp x2, x18 @@ -63,6 +83,7 @@ ENDPROC(__efi_rt_asm_wrapper) .align 7 .Lv\@ : stp x29, x30, [sp, #-16]! // preserve x29 and x30 mrs x29, elr_el1 // preserve ELR + cepd1 x30 adr x30, .Lret // take return address msr elr_el1, x30 // set ELR to return address ldr x30, 2b // take address of 'vectors' @@ -76,6 +97,7 @@ ENDPROC(__efi_rt_asm_wrapper) adr x30, __efi_rt_vectors msr vbar_el1, x30 isb + sepd1 x30 ldp x29, x30, [sp], #16 eret