1. 14 Feb, 2018 1 commit
  2. 13 Feb, 2018 1 commit
  3. 06 Jan, 2018 1 commit
  4. 23 Dec, 2017 1 commit
    • Dave Hansen's avatar
      x86/mm/pti: Allocate a separate user PGD · d9e9a641
      Dave Hansen authored
      
      
      Kernel page table isolation requires to have two PGDs. One for the kernel,
      which contains the full kernel mapping plus the user space mapping and one
      for user space which contains the user space mappings and the minimal set
      of kernel mappings which are required by the architecture to be able to
      transition from and to user space.
      
      Add the necessary preliminaries.
      
      [ tglx: Split out from the big kaiser dump. EFI fixup from Kirill ]
      
      Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: David Laight <David.Laight@aculab.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Eduardo Valentin <eduval@amazon.com>
      Cc: Greg KH <gregkh@linuxfoundation.org>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Will Deacon <will.deacon@arm.com>
      Cc: aliguori@amazon.com
      Cc: daniel.gruss@iaik.tugraz.at
      Cc: hughd@google.com
      Cc: keescook@google.com
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      d9e9a641
  5. 12 Dec, 2017 1 commit
  6. 16 Nov, 2017 1 commit
  7. 07 Nov, 2017 1 commit
  8. 02 Nov, 2017 1 commit
    • Greg Kroah-Hartman's avatar
      License cleanup: add SPDX GPL-2.0 license identifier to files with no license · b2441318
      Greg Kroah-Hartman authored
      
      
      Many source files in the tree are missing licensing information, which
      makes it harder for compliance tools to determine the correct license.
      
      By default all files without license information are under the default
      license of the kernel, which is GPL version 2.
      
      Update the files which contain no license information with the 'GPL-2.0'
      SPDX license identifier.  The SPDX identifier is a legally binding
      shorthand, which can be used instead of the full boiler plate text.
      
      This patch is based on work done by Thomas Gleixner and Kate Stewart and
      Philippe Ombredanne.
      
      How this work was done:
      
      Patches were generated and checked against linux-4.14-rc6 for a subset of
      the use cases:
       - file had no licensing information it it.
       - file was a */uapi/* one with no licensing information in it,
       - file was a */uapi/* one with existing licensing information,
      
      Further patches will be generated in subsequent months to fix up cases
      where non-standard license headers were used, and references to license
      had to be inferred by heuristics based on keywords.
      
      The analysis to determine which SPDX License Identifier to be applied to
      a file was done in a spreadsheet of side by side results from of the
      output of two independent scanners (ScanCode & Windriver) producing SPDX
      tag:value files created by Philippe Ombredanne.  Philippe prepared the
      base worksheet, and did an initial spot review of a few 1000 files.
      
      The 4.13 kernel was the starting point of the analysis with 60,537 files
      assessed.  Kate Stewart did a file by file comparison of the scanner
      results in the spreadsheet to determine which SPDX license identifier(s)
      to be applied to the file. She confirmed any determination that was not
      immediately clear with lawyers working with the Linux Foundation.
      
      Criteria used to select files for SPDX license identifier tagging was:
       - Files considered eligible had to be source code files.
       - Make and config files were included as candidates if they contained >5
         lines of source
       - File already had some variant of a license header in it (even if <5
         lines).
      
      All documentation files were explicitly excluded.
      
      The following heuristics were used to determine which SPDX license
      identifiers to apply.
      
       - when both scanners couldn't find any license traces, file was
         considered to have no license information in it, and the top level
         COPYING file license applied.
      
         For non */uapi/* files that summary was:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|-------
         GPL-2.0                                              11139
      
         and resulted in the first patch in this series.
      
         If that file was a */uapi/* path one, it was "GPL-2.0 WITH
         Linux-syscall-note" otherwise it was "GPL-2.0".  Results of that was:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|-------
         GPL-2.0 WITH Linux-syscall-note                        930
      
         and resulted in the second patch in this series.
      
       - if a file had some form of licensing information in it, and was one
         of the */uapi/* ones, it was denoted with the Linux-syscall-note if
         any GPL family license was found in the file or had no licensing in
         it (per prior point).  Results summary:
      
         SPDX license identifier                            # files
         ---------------------------------------------------|------
         GPL-2.0 WITH Linux-syscall-note                       270
         GPL-2.0+ WITH Linux-syscall-note                      169
         ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause)    21
         ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)    17
         LGPL-2.1+ WITH Linux-syscall-note                      15
         GPL-1.0+ WITH Linux-syscall-note                       14
         ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause)    5
         LGPL-2.0+ WITH Linux-syscall-note                       4
         LGPL-2.1 WITH Linux-syscall-note                        3
         ((GPL-2.0 WITH Linux-syscall-note) OR MIT)              3
         ((GPL-2.0 WITH Linux-syscall-note) AND MIT)             1
      
         and that resulted in the third patch in this series.
      
       - when the two scanners agreed on the detected license(s), that became
         the concluded license(s).
      
       - when there was disagreement between the two scanners (one detected a
         license but the other didn't, or they both detected different
         licenses) a manual inspection of the file occurred.
      
       - In most cases a manual inspection of the information in the file
         resulted in a clear resolution of the license that should apply (and
         which scanner probably needed to revisit its heuristics).
      
       - When it was not immediately clear, the license identifier was
         confirmed with lawyers working with the Linux Foundation.
      
       - If there was any question as to the appropriate license identifier,
         the file was flagged for further research and to be revisited later
         in time.
      
      In total, over 70 hours of logged manual review was done on the
      spreadsheet to determine the SPDX license identifiers to apply to the
      source files by Kate, Philippe, Thomas and, in some cases, confirmation
      by lawyers working with the Linux Foundation.
      
      Kate also obtained a third independent scan of the 4.13 code base from
      FOSSology, and compared selected files where the other two scanners
      disagreed against that SPDX file, to see if there was new insights.  The
      Windriver scanner is based on an older version of FOSSology in part, so
      they are related.
      
      Thomas did random spot checks in about 500 files from the spreadsheets
      for the uapi headers and agreed with SPDX license identifier in the
      files he inspected. For the non-uapi files Thomas did random spot checks
      in about 15000 files.
      
      In initial set of patches against 4.14-rc6, 3 files were found to have
      copy/paste license identifier errors, and have been fixed to reflect the
      correct identifier.
      
      Additionally Philippe spent 10 hours this week doing a detailed manual
      inspection and review of the 12,461 patched files from the initial patch
      version early this week with:
       - a full scancode scan run, collecting the matched texts, detected
         license ids and scores
       - reviewing anything where there was a license detected (about 500+
         files) to ensure that the applied SPDX license was correct
       - reviewing anything where there was no detection but the patch license
         was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
         SPDX license was correct
      
      This produced a worksheet with 20 files needing minor correction.  This
      worksheet was then exported into 3 different .csv files for the
      different types of files to be modified.
      
      These .csv files were then reviewed by Greg.  Thomas wrote a script to
      parse the csv files and add the proper SPDX tag to the file, in the
      format that the file expected.  This script was further refined by Greg
      based on the output to detect more types of files automatically and to
      distinguish between header and source .c files (which need different
      comment types.)  Finally Greg ran the script using the .csv files to
      generate the patches.
      
      Reviewed-by: default avatarKate Stewart <kstewart@linuxfoundation.org>
      Reviewed-by: default avatarPhilippe Ombredanne <pombredanne@nexb.com>
      Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      b2441318
  9. 18 Jul, 2017 1 commit
    • Tom Lendacky's avatar
      x86/efi: Update EFI pagetable creation to work with SME · 38eecccd
      Tom Lendacky authored
      
      
      When SME is active, pagetable entries created for EFI need to have the
      encryption mask set as necessary.
      
      When the new pagetable pages are allocated they are mapped encrypted. So,
      update the efi_pgt value that will be used in CR3 to include the encryption
      mask so that the PGD table can be read successfully. The pagetable mapping
      as well as the kernel are also added to the pagetable mapping as encrypted.
      All other EFI mappings are mapped decrypted (tables, etc.).
      
      Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
      Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Reviewed-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brijesh Singh <brijesh.singh@amd.com>
      Cc: Dave Young <dyoung@redhat.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Larry Woodman <lwoodman@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michael S. Tsirkin <mst@redhat.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Radim Krčmář <rkrcmar@redhat.com>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Toshimitsu Kani <toshi.kani@hpe.com>
      Cc: kasan-dev@googlegroups.com
      Cc: kvm@vger.kernel.org
      Cc: linux-arch@vger.kernel.org
      Cc: linux-doc@vger.kernel.org
      Cc: linux-efi@vger.kernel.org
      Cc: linux-mm@kvack.org
      Link: http://lkml.kernel.org/r/9a8f4c502db4a84b09e2f0a1555bb75aa8b69785.1500319216.git.thomas.lendacky@amd.com
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      38eecccd
  10. 13 Jun, 2017 1 commit
  11. 05 Jun, 2017 1 commit
  12. 28 May, 2017 1 commit
    • Baoquan He's avatar
      x86/efi: Correct EFI identity mapping under 'efi=old_map' when KASLR is enabled · 94133e46
      Baoquan He authored
      
      
      For EFI with the 'efi=old_map' kernel option specified, the kernel will panic
      when KASLR is enabled:
      
        BUG: unable to handle kernel paging request at 000000007febd57e
        IP: 0x7febd57e
        PGD 1025a067
        PUD 0
      
        Oops: 0010 [#1] SMP
        Call Trace:
         efi_enter_virtual_mode()
         start_kernel()
         x86_64_start_reservations()
         x86_64_start_kernel()
         start_cpu()
      
      The root cause is that the identity mapping is not built correctly
      in the 'efi=old_map' case.
      
      On 'nokaslr' kernels, PAGE_OFFSET is 0xffff880000000000 which is PGDIR_SIZE
      aligned. We can borrow the PUD table from the direct mappings safely. Given a
      physical address X, we have pud_index(X) == pud_index(__va(X)).
      
      However, on KASLR kernels, PAGE_OFFSET is PUD_SIZE aligned. For a given physical
      address X, pud_index(X) != pud_index(__va(X)). We can't just copy the PGD entry
      from direct mapping to build identity mapping, instead we need to copy the
      PUD entries one by one from the direct mapping.
      
      Fix it.
      
      Signed-off-by: default avatarBaoquan He <bhe@redhat.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Bhupesh Sharma <bhsharma@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Dave Young <dyoung@redhat.com>
      Cc: Frank Ramsay <frank.ramsay@hpe.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Russ Anderson <rja@sgi.com>
      Cc: Thomas Garnier <thgarnie@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20170526113652.21339-5-matt@codeblueprint.co.uk
      
      
      [ Fixed and reworded the changelog and code comments to be more readable. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      94133e46
  13. 05 Apr, 2017 1 commit
  14. 27 Mar, 2017 1 commit
  15. 14 Mar, 2017 1 commit
  16. 01 Feb, 2017 1 commit
    • Sai Praneeth's avatar
      x86/efi: Add support for EFI_MEMORY_ATTRIBUTES_TABLE · 18141e89
      Sai Praneeth authored
      
      
      UEFI v2.6 introduces EFI_MEMORY_ATTRIBUTES_TABLE which describes memory
      protections that may be applied to the EFI Runtime code and data regions by
      the kernel. This enables the kernel to map these regions more strictly thereby
      increasing security.
      
      Presently, the only valid bits for the attribute field of a memory descriptor
      are EFI_MEMORY_RO and EFI_MEMORY_XP, hence use these bits to update the
      mappings in efi_pgd.
      
      The UEFI specification recommends to use this feature instead of
      EFI_PROPERTIES_TABLE and hence while updating EFI mappings we first
      check for EFI_MEMORY_ATTRIBUTES_TABLE and if it's present we update
      the mappings according to this table and hence disregarding
      EFI_PROPERTIES_TABLE even if it's published by the firmware. We consider
      EFI_PROPERTIES_TABLE only when EFI_MEMORY_ATTRIBUTES_TABLE is absent.
      
      Signed-off-by: default avatarSai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Lee, Chun-Yi <jlee@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ravi Shankar <ravi.v.shankar@intel.com>
      Cc: Ricardo Neri <ricardo.neri@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1485868902-20401-6-git-send-email-ard.biesheuvel@linaro.org
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      18141e89
  17. 28 Jan, 2017 2 commits
    • Ingo Molnar's avatar
      x86/boot/e820: Move asm/e820.h to asm/e820/api.h · 66441bd3
      Ingo Molnar authored
      
      
      In line with asm/e820/types.h, move the e820 API declarations to
      asm/e820/api.h and update all usage sites.
      
      This is just a mechanical, obviously correct move & replace patch,
      there will be subsequent changes to clean up the code and to make
      better use of the new header organization.
      
      Cc: Alex Thorlton <athorlton@sgi.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dan Williams <dan.j.williams@intel.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Huang, Ying <ying.huang@intel.com>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Paul Jackson <pj@sgi.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Rafael J. Wysocki <rjw@sisk.pl>
      Cc: Tejun Heo <tj@kernel.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Wei Yang <richard.weiyang@gmail.com>
      Cc: Yinghai Lu <yinghai@kernel.org>
      Cc: linux-kernel@vger.kernel.org
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      66441bd3
    • Jiri Kosina's avatar
      x86/efi: Always map the first physical page into the EFI pagetables · bf29bddf
      Jiri Kosina authored
      Commit:
      
        12976670 ("x86/efi: Only map RAM into EFI page tables if in mixed-mode")
      
      stopped creating 1:1 mappings for all RAM, when running in native 64-bit mode.
      
      It turns out though that there are 64-bit EFI implementations in the wild
      (this particular problem has been reported on a Lenovo Yoga 710-11IKB),
      which still make use of the first physical page for their own private use,
      even though they explicitly mark it EFI_CONVENTIONAL_MEMORY in the memory
      map.
      
      In case there is no mapping for this particular frame in the EFI pagetables,
      as soon as firmware tries to make use of it, a triple fault occurs and the
      system reboots (in case of the Yoga 710-11IKB this is very early during bootup).
      
      Fix that by always mapping the first page of physical memory into the EFI
      pagetables. We're free to hand this page to the BIOS, as trim_bios_range()
      will reserve the first page and isolate it away from memory allocators anyway.
      
      Note that just reverting 12976670 alone is not enough on v4.9-rc1+ to fix the
      regression on affected hardware, as this commit:
      
         ab72a27d
      
       ("x86/efi: Consolidate region mapping logic")
      
      later made the first physical frame not to be mapped anyway.
      
      Reported-by: default avatarHanka Pavlikova <hanka@ucw.cz>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Laura Abbott <labbott@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vojtech Pavlik <vojtech@ucw.cz>
      Cc: Waiman Long <waiman.long@hpe.com>
      Cc: linux-efi@vger.kernel.org
      Cc: stable@kernel.org # v4.8+
      Fixes: 12976670 ("x86/efi: Only map RAM into EFI page tables if in mixed-mode")
      Link: http://lkml.kernel.org/r/20170127222552.22336-1-matt@codeblueprint.co.uk
      
      
      [ Tidied up the changelog and the comment. ]
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      bf29bddf
  18. 13 Nov, 2016 1 commit
    • Matt Fleming's avatar
      x86/efi: Prevent mixed mode boot corruption with CONFIG_VMAP_STACK=y · f6697df3
      Matt Fleming authored
      Booting an EFI mixed mode kernel has been crashing since commit:
      
        e37e43a4
      
       ("x86/mm/64: Enable vmapped stacks (CONFIG_HAVE_ARCH_VMAP_STACK=y)")
      
      The user-visible effect in my test setup was the kernel being unable
      to find the root file system ramdisk. This was likely caused by silent
      memory or page table corruption.
      
      Enabling CONFIG_DEBUG_VIRTUAL=y immediately flagged the thunking code as
      abusing virt_to_phys() because it was passing addresses that were not
      part of the kernel direct mapping.
      
      Use the slow version instead, which correctly handles all memory
      regions by performing a page table walk.
      
      Suggested-by: default avatarAndy Lutomirski <luto@amacapital.net>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/20161112210424.5157-3-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      f6697df3
  19. 20 Sep, 2016 1 commit
    • Matt Fleming's avatar
      x86/efi: Only map RAM into EFI page tables if in mixed-mode · 12976670
      Matt Fleming authored
      
      
      Waiman reported that booting with CONFIG_EFI_MIXED enabled on his
      multi-terabyte HP machine results in boot crashes, because the EFI
      region mapping functions loop forever while trying to map those
      regions describing RAM.
      
      While this patch doesn't fix the underlying hang, there's really no
      reason to map EFI_CONVENTIONAL_MEMORY regions into the EFI page tables
      when mixed-mode is not in use at runtime.
      
      Reported-by: default avatarWaiman Long <waiman.long@hpe.com>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      CC: Theodore Ts'o <tytso@mit.edu>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Scott J Norton <scott.norton@hpe.com>
      Cc: Douglas Hatch <doug.hatch@hpe.com>
      Cc: <stable@vger.kernel.org> # v4.6+
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      12976670
  20. 09 Sep, 2016 3 commits
    • Markus Elfring's avatar
      x86/efi: Use kmalloc_array() in efi_call_phys_prolog() · 20ebc15e
      Markus Elfring authored
      
      
      * A multiplication for the size determination of a memory allocation
        indicated that an array data structure should be processed.
        Thus reuse the corresponding function "kmalloc_array".
      
        This issue was detected by using the Coccinelle software.
      
      * Replace the specification of a data type by a pointer dereference
        to make the corresponding size determination a bit safer according to
        the Linux coding style convention.
      
      Signed-off-by: default avatarMarkus Elfring <elfring@users.sourceforge.net>
      Reviewed-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Julia Lawall <julia.lawall@lip6.fr>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      20ebc15e
    • Alex Thorlton's avatar
      x86/efi: Map in physical addresses in efi_map_region_fixed · 0513fe1d
      Alex Thorlton authored
      This is a simple change to add in the physical mappings as well as the
      virtual mappings in efi_map_region_fixed.  The motivation here is to
      get access to EFI runtime code that is only available via the 1:1
      mappings on a kexec'd kernel.
      
      The added call is essentially the kexec analog of the first __map_region
      that Boris put in efi_map_region in commit d2f7cbe7
      
       ("x86/efi:
      Runtime services virtual mapping").
      
      Signed-off-by: default avatarAlex Thorlton <athorlton@sgi.com>
      Cc: Russ Anderson <rja@sgi.com>
      Cc: Dimitri Sivanich <sivanich@sgi.com>
      Cc: Mike Travis <travis@sgi.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Dave Young <dyoung@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      0513fe1d
    • Matt Fleming's avatar
      x86/efi: Consolidate region mapping logic · ab72a27d
      Matt Fleming authored
      
      
      EFI regions are currently mapped in two separate places. The bulk of
      the work is done in efi_map_regions() but when CONFIG_EFI_MIXED is
      enabled the additional regions that are required when operating in
      mixed mode are mapping in efi_setup_page_tables().
      
      Pull everything into efi_map_regions() and refactor the test for
      which regions should be mapped into a should_map_region() function.
      Generously sprinkle comments to clarify the different cases.
      
      Acked-by: default avatarBorislav Petkov <bp@suse.de>
      Tested-by: Dave Young <dyoung@redhat.com> [kexec/kdump]
      Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> [arm]
      Acked-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      ab72a27d
  21. 15 Jul, 2016 1 commit
  22. 14 Jul, 2016 1 commit
    • Paul Gortmaker's avatar
      x86/platform: Audit and remove any unnecessary uses of module.h · cc3ae7b0
      Paul Gortmaker authored
      
      
      Historically a lot of these existed because we did not have
      a distinction between what was modular code and what was providing
      support to modules via EXPORT_SYMBOL and friends.  That changed
      when we forked out support for the latter into the export.h file.
      
      This means we should be able to reduce the usage of module.h
      in code that is obj-y Makefile or bool Kconfig.  The advantage
      in doing so is that module.h itself sources about 15 other headers;
      adding significantly to what we feed cpp, and it can obscure what
      headers we are effectively using.
      
      Since module.h was the source for init.h (for __init) and for
      export.h (for EXPORT_SYMBOL) we consider each obj-y/bool instance
      for the presence of either and replace as needed.
      
      One module.h was converted to moduleparam.h since the file had
      multiple module_param() in it, and another file had an instance of
      MODULE_DEVICE_TABLE deleted, since that is a no-op when builtin.
      
      Finally, the 32 bit build coverage of olpc_ofw revealed a couple
      implicit includes, which were pretty self evident to fix based on
      what gcc was complaining about.
      
      Signed-off-by: default avatarPaul Gortmaker <paul.gortmaker@windriver.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/20160714001901.31603-6-paul.gortmaker@windriver.com
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      cc3ae7b0
  23. 27 Jun, 2016 1 commit
  24. 25 Jun, 2016 1 commit
  25. 03 Jun, 2016 1 commit
    • Arnd Bergmann's avatar
      rtc: cmos: move mc146818rtc code out of asm-generic/rtc.h · 5ab788d7
      Arnd Bergmann authored
      
      
      Drivers should not really include stuff from asm-generic directly,
      and the PC-style cmos rtc driver does this in order to reuse the
      mc146818 implementation of get_rtc_time/set_rtc_time rather than
      the architecture specific one for the architecture it gets built for.
      
      To make it more obvious what is going on, this moves and renames the
      two functions into include/linux/mc146818rtc.h, which holds the
      other mc146818 specific code. Ideally it would be in a .c file,
      but that would require extra infrastructure as the functions are
      called by multiple drivers with conflicting dependencies.
      
      With this change, the asm-generic/rtc.h header also becomes much
      more generic, so it can be reused more easily across any architecture
      that still relies on the genrtc driver.
      
      The only caller of the internal __get_rtc_time/__set_rtc_time
      functions is in arch/alpha/kernel/rtc.c, and we just change those
      over to the new naming.
      
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Acked-by: default avatarGeert Uytterhoeven <geert@linux-m68k.org>
      Signed-off-by: default avatarAlexandre Belloni <alexandre.belloni@free-electrons.com>
      5ab788d7
  26. 28 Apr, 2016 1 commit
  27. 22 Feb, 2016 3 commits
    • Sai Praneeth's avatar
      x86/efi: Only map kernel text for EFI mixed mode · 2ad510dc
      Sai Praneeth authored
      
      
      The correct symbol to use when figuring out the size of the kernel
      text is '_etext', not '_end' which is the symbol for the entire kernel
      image includes data and debug sections.
      
      Signed-off-by: default avatarSai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ravi Shankar <ravi.v.shankar@intel.com>
      Cc: Ricardo Neri <ricardo.neri@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1455712566-16727-14-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      2ad510dc
    • Sai Praneeth's avatar
      x86/efi: Map EFI_MEMORY_{XP,RO} memory region bits to EFI page tables · 6d0cc887
      Sai Praneeth authored
      
      
      Now that we have EFI memory region bits that indicate which regions do
      not need execute permission or read/write permission in the page tables,
      let's use them.
      
      We also check for EFI_NX_PE_DATA and only enforce the restrictive
      mappings if it's present (to allow us to ignore buggy firmware that sets
      bits it didn't mean to and to preserve backwards compatibility).
      
      Instead of assuming that firmware would set appropriate attributes in
      memory descriptor like EFI_MEMORY_RO for code and EFI_MEMORY_XP for
      data, we can expect some firmware out there which might only set *type*
      in memory descriptor to be EFI_RUNTIME_SERVICES_CODE or
      EFI_RUNTIME_SERVICES_DATA leaving away attribute. This will lead to
      improper mappings of EFI runtime regions. In order to avoid it, we check
      attribute and type of memory descriptor to update mappings and moreover
      Windows works this way.
      
      Signed-off-by: default avatarSai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Lee, Chun-Yi <jlee@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Luis R. Rodriguez <mcgrof@suse.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ravi Shankar <ravi.v.shankar@intel.com>
      Cc: Ricardo Neri <ricardo.neri@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1455712566-16727-13-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      6d0cc887
    • Sai Praneeth's avatar
      x86/mm/pat: Don't implicitly allow _PAGE_RW in kernel_map_pages_in_pgd() · 15f003d2
      Sai Praneeth authored
      
      
      As part of the preparation for the EFI_MEMORY_RO flag added in the UEFI
      2.5 specification, we need the ability to map pages in kernel page
      tables without _PAGE_RW being set.
      
      Modify kernel_map_pages_in_pgd() to require its callers to pass _PAGE_RW
      if the pages need to be mapped read/write. Otherwise, we'll map the
      pages as read-only.
      
      Signed-off-by: default avatarSai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Hugh Dickins <hughd@google.com>
      Cc: Lee, Chun-Yi <jlee@suse.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Luis R. Rodriguez <mcgrof@suse.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Ravi Shankar <ravi.v.shankar@intel.com>
      Cc: Ricardo Neri <ricardo.neri@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1455712566-16727-12-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      15f003d2
  28. 14 Dec, 2015 1 commit
    • Matt Fleming's avatar
      x86/efi: Preface all print statements with efi* tag · 26d7f65f
      Matt Fleming authored
      
      
      The pr_*() calls in the x86 EFI code may or may not include a
      subsystem tag, which makes it difficult to grep the kernel log for all
      relevant EFI messages and leads users to miss important information.
      
      Recently, a bug reporter provided all the EFI print messages from the
      kernel log when trying to diagnose an issue but missed the following
      statement because it wasn't prefixed with anything indicating it was
      related to EFI,
      
        pr_err("Error ident-mapping new memmap (0x%lx)!\n", pa_memmap);
      
      Cc: Borislav Petkov <bp@suse.de>
      Reviewed-by: default avatarJosh Triplett <josh@joshtriplett.org>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      26d7f65f
  29. 29 Nov, 2015 4 commits
    • Matt Fleming's avatar
      x86/efi: Build our own page table structures · 67a9108e
      Matt Fleming authored
      With commit e1a58320 ("x86/mm: Warn on W^X mappings") all
      users booting on 64-bit UEFI machines see the following warning,
      
        ------------[ cut here ]------------
        WARNING: CPU: 7 PID: 1 at arch/x86/mm/dump_pagetables.c:225 note_page+0x5dc/0x780()
        x86/mm: Found insecure W+X mapping at address ffff88000005f000/0xffff88000005f000
        ...
        x86/mm: Checked W+X mappings: FAILED, 165660 W+X pages found.
        ...
      
      This is caused by mapping EFI regions with RWX permissions.
      There isn't much we can do to restrict the permissions for these
      regions due to the way the firmware toolchains mix code and
      data, but we can at least isolate these mappings so that they do
      not appear in the regular kernel page tables.
      
      In commit d2f7cbe7
      
       ("x86/efi: Runtime services virtual
      mapping") we started using 'trampoline_pgd' to map the EFI
      regions because there was an existing identity mapping there
      which we use during the SetVirtualAddressMap() call and for
      broken firmware that accesses those addresses.
      
      But 'trampoline_pgd' shares some PGD entries with
      'swapper_pg_dir' and does not provide the isolation we require.
      Notably the virtual address for __START_KERNEL_map and
      MODULES_START are mapped by the same PGD entry so we need to be
      more careful when copying changes over in
      efi_sync_low_kernel_mappings().
      
      This patch doesn't go the full mile, we still want to share some
      PGD entries with 'swapper_pg_dir'. Having completely separate
      page tables brings its own issues such as synchronising new
      mappings after memory hotplug and module loading. Sharing also
      keeps memory usage down.
      
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Acked-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dave Jones <davej@codemonkey.org.uk>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Stephen Smalley <sds@tycho.nsa.gov>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1448658575-17029-6-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      67a9108e
    • Matt Fleming's avatar
      x86/efi: Hoist page table switching code into efi_call_virt() · c9f2a9a6
      Matt Fleming authored
      
      
      This change is a prerequisite for pending patches that switch to
      a dedicated EFI page table, instead of using 'trampoline_pgd'
      which shares PGD entries with 'swapper_pg_dir'. The pending
      patches make it impossible to dereference the runtime service
      function pointer without first switching %cr3.
      
      It's true that we now have duplicated switching code in
      efi_call_virt() and efi_call_phys_{prolog,epilog}() but we are
      sacrificing code duplication for a little more clarity and the
      ease of writing the page table switching code in C instead of
      asm.
      
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Acked-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dave Jones <davej@codemonkey.org.uk>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Stephen Smalley <sds@tycho.nsa.gov>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1448658575-17029-5-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      c9f2a9a6
    • Matt Fleming's avatar
      x86/efi: Map RAM into the identity page table for mixed mode · b61a76f8
      Matt Fleming authored
      
      
      We are relying on the pre-existing mappings in 'trampoline_pgd'
      when accessing function arguments in the EFI mixed mode thunking
      code.
      
      Instead let's map memory explicitly so that things will continue
      to work when we move to a separate page table in the future.
      
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Acked-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1448658575-17029-4-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      b61a76f8
    • Matt Fleming's avatar
      x86/mm/pat: Ensure cpa->pfn only contains page frame numbers · edc3b912
      Matt Fleming authored
      
      
      The x86 pageattr code is confused about the data that is stored
      in cpa->pfn, sometimes it's treated as a page frame number,
      sometimes it's treated as an unshifted physical address, and in
      one place it's treated as a pte.
      
      The result of this is that the mapping functions do not map the
      intended physical address.
      
      This isn't a problem in practice because most of the addresses
      we're mapping in the EFI code paths are already mapped in
      'trampoline_pgd' and so the pageattr mapping functions don't
      actually do anything in this case. But when we move to using a
      separate page table for the EFI runtime this will be an issue.
      
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
      Acked-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Toshi Kani <toshi.kani@hp.com>
      Cc: linux-efi@vger.kernel.org
      Link: http://lkml.kernel.org/r/1448658575-17029-3-git-send-email-matt@codeblueprint.co.uk
      
      
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      edc3b912
  30. 01 Apr, 2015 2 commits
  31. 11 Nov, 2014 1 commit