- Prepare for and clear .brk early in order to address XenPV guests

failures where the hypervisor verifies page tables and uninitialized
 data in that range leads to bogus failures in those checks
 
 - Add any potential setup_data entries supplied at boot to the identity
 pagetable mappings to prevent kexec kernel boot failures. Usually, this
 is not a problem for the normal kernel as those mappings are part of
 the initially mapped 2M pages but if kexec gets to allocate the second
 kernel somewhere else, those setup_data entries need to be mapped there
 too.
 
 - Fix objtool not to discard text references from the __tracepoints
 section so that ENDBR validation still works
 
 - Correct the setup_data types limit as it is user-visible, before 5.19
 releases
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmLKpf8ACgkQEsHwGGHe
 VUrc5w/8DIVLQ8w+Balf2TGfp5Sl3mPkg+eoARH29qtXhvVBs5KJB9sbT1IGnxao
 nE4yNeiIKhH5SEd17l11E7eWuUtNgZENLsUb3aiAdsItNS+MzOWQuEOPbnAwgJmk
 oKdxiI1SHiVoPy5KVXOcyAS90PSJIkhhxwgR5MInGdmpSUzEFsx5SY82ZfOjOkZU
 L7zCsJzeDfhJdWiR4N0MXWRaFbIvRxI1uXyqgv+Lo6JK5l8dyUUSEdWyLUqZ7E4M
 GFo6LwR3lskQM2bE9vBWS0h1X00d5oDMzfono8kZzRGA/11plZHRI007PCez8yZh
 4sUnnxsfCy2YF8/8hs4IhrHZdcWW9XoN4gTUsjD0wekGTHhOEqu5qpAnVSrXbvvM
 ZfPF8vM+DLPTWQqAT0a4aj1vd1RflDIQPSXKDzJDjeF49zouAj1ae/3KSOYJDzN9
 V6NGiKBnzj1rbtm0+8jOsTQusmh/oDage7uLlmel3hTfNOc2Ay0LXrJWcvqhj66V
 4CtCd12sLeavin+mGptni6lXbsue61EolRtH44RvZJsXLVY8iclM4onl728xOrxj
 CBtJo6bd3oQYy0SQsysXGDVR7BSXtwAYfArYR8BrMTtgHxuyULt/BDoew4r7XADB
 Xxz7ADJZ3DI3Gqza5H6r89Tj6Oi3yXiBWUVUNXFCMYc6ZrqvZc0=
 =tOvF
 -----END PGP SIGNATURE-----

Merge tag 'x86_urgent_for_v5.19_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Borislav Petkov:

 - Prepare for and clear .brk early in order to address XenPV guests
   failures where the hypervisor verifies page tables and uninitialized
   data in that range leads to bogus failures in those checks

 - Add any potential setup_data entries supplied at boot to the identity
   pagetable mappings to prevent kexec kernel boot failures. Usually,
   this is not a problem for the normal kernel as those mappings are
   part of the initially mapped 2M pages but if kexec gets to allocate
   the second kernel somewhere else, those setup_data entries need to be
   mapped there too.

 - Fix objtool not to discard text references from the __tracepoints
   section so that ENDBR validation still works

 - Correct the setup_data types limit as it is user-visible, before 5.19
   releases

* tag 'x86_urgent_for_v5.19_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/boot: Fix the setup data types max limit
  x86/ibt, objtool: Don't discard text references from tracepoint section
  x86/compressed/64: Add identity mappings for setup_data entries
  x86: Fix .brk attribute in linker script
  x86: Clear .brk area at early boot
  x86/xen: Use clear_bss() for Xen PV guests
This commit is contained in:
Linus Torvalds 2022-07-10 08:43:52 -07:00
commit 74a0032b85
8 changed files with 29 additions and 16 deletions

View File

@ -110,6 +110,7 @@ void kernel_add_identity_map(unsigned long start, unsigned long end)
void initialize_identity_maps(void *rmode) void initialize_identity_maps(void *rmode)
{ {
unsigned long cmdline; unsigned long cmdline;
struct setup_data *sd;
/* Exclude the encryption mask from __PHYSICAL_MASK */ /* Exclude the encryption mask from __PHYSICAL_MASK */
physical_mask &= ~sme_me_mask; physical_mask &= ~sme_me_mask;
@ -163,6 +164,18 @@ void initialize_identity_maps(void *rmode)
cmdline = get_cmd_line_ptr(); cmdline = get_cmd_line_ptr();
kernel_add_identity_map(cmdline, cmdline + COMMAND_LINE_SIZE); kernel_add_identity_map(cmdline, cmdline + COMMAND_LINE_SIZE);
/*
* Also map the setup_data entries passed via boot_params in case they
* need to be accessed by uncompressed kernel via the identity mapping.
*/
sd = (struct setup_data *)boot_params->hdr.setup_data;
while (sd) {
unsigned long sd_addr = (unsigned long)sd;
kernel_add_identity_map(sd_addr, sd_addr + sizeof(*sd) + sd->len);
sd = (struct setup_data *)sd->next;
}
sev_prep_identity_maps(top_level_pgt); sev_prep_identity_maps(top_level_pgt);
/* Load the new page-table. */ /* Load the new page-table. */

View File

@ -120,6 +120,9 @@ void *extend_brk(size_t size, size_t align);
static char __brk_##name[size] static char __brk_##name[size]
extern void probe_roms(void); extern void probe_roms(void);
void clear_bss(void);
#ifdef __i386__ #ifdef __i386__
asmlinkage void __init i386_start_kernel(void); asmlinkage void __init i386_start_kernel(void);

View File

@ -15,7 +15,7 @@
#define SETUP_INDIRECT (1<<31) #define SETUP_INDIRECT (1<<31)
/* SETUP_INDIRECT | max(SETUP_*) */ /* SETUP_INDIRECT | max(SETUP_*) */
#define SETUP_TYPE_MAX (SETUP_INDIRECT | SETUP_JAILHOUSE) #define SETUP_TYPE_MAX (SETUP_INDIRECT | SETUP_CC_BLOB)
/* ram_size flags */ /* ram_size flags */
#define RAMDISK_IMAGE_START_MASK 0x07FF #define RAMDISK_IMAGE_START_MASK 0x07FF

View File

@ -426,10 +426,12 @@ void __init do_early_exception(struct pt_regs *regs, int trapnr)
/* Don't add a printk in there. printk relies on the PDA which is not initialized /* Don't add a printk in there. printk relies on the PDA which is not initialized
yet. */ yet. */
static void __init clear_bss(void) void __init clear_bss(void)
{ {
memset(__bss_start, 0, memset(__bss_start, 0,
(unsigned long) __bss_stop - (unsigned long) __bss_start); (unsigned long) __bss_stop - (unsigned long) __bss_start);
memset(__brk_base, 0,
(unsigned long) __brk_limit - (unsigned long) __brk_base);
} }
static unsigned long get_cmd_line_ptr(void) static unsigned long get_cmd_line_ptr(void)

View File

@ -385,7 +385,7 @@ SECTIONS
__end_of_kernel_reserve = .; __end_of_kernel_reserve = .;
. = ALIGN(PAGE_SIZE); . = ALIGN(PAGE_SIZE);
.brk (NOLOAD) : AT(ADDR(.brk) - LOAD_OFFSET) { .brk : AT(ADDR(.brk) - LOAD_OFFSET) {
__brk_base = .; __brk_base = .;
. += 64 * 1024; /* 64k alignment slop space */ . += 64 * 1024; /* 64k alignment slop space */
*(.bss..brk) /* areas brk users have reserved */ *(.bss..brk) /* areas brk users have reserved */

View File

@ -1183,15 +1183,19 @@ static void __init xen_domu_set_legacy_features(void)
extern void early_xen_iret_patch(void); extern void early_xen_iret_patch(void);
/* First C function to be called on Xen boot */ /* First C function to be called on Xen boot */
asmlinkage __visible void __init xen_start_kernel(void) asmlinkage __visible void __init xen_start_kernel(struct start_info *si)
{ {
struct physdev_set_iopl set_iopl; struct physdev_set_iopl set_iopl;
unsigned long initrd_start = 0; unsigned long initrd_start = 0;
int rc; int rc;
if (!xen_start_info) if (!si)
return; return;
clear_bss();
xen_start_info = si;
__text_gen_insn(&early_xen_iret_patch, __text_gen_insn(&early_xen_iret_patch,
JMP32_INSN_OPCODE, &early_xen_iret_patch, &xen_iret, JMP32_INSN_OPCODE, &early_xen_iret_patch, &xen_iret,
JMP32_INSN_SIZE); JMP32_INSN_SIZE);

View File

@ -48,15 +48,6 @@ SYM_CODE_START(startup_xen)
ANNOTATE_NOENDBR ANNOTATE_NOENDBR
cld cld
/* Clear .bss */
xor %eax,%eax
mov $__bss_start, %rdi
mov $__bss_stop, %rcx
sub %rdi, %rcx
shr $3, %rcx
rep stosq
mov %rsi, xen_start_info
mov initial_stack(%rip), %rsp mov initial_stack(%rip), %rsp
/* Set up %gs. /* Set up %gs.
@ -71,6 +62,7 @@ SYM_CODE_START(startup_xen)
cdq cdq
wrmsr wrmsr
mov %rsi, %rdi
call xen_start_kernel call xen_start_kernel
SYM_CODE_END(startup_xen) SYM_CODE_END(startup_xen)
__FINIT __FINIT

View File

@ -3826,8 +3826,7 @@ static int validate_ibt(struct objtool_file *file)
!strcmp(sec->name, "__bug_table") || !strcmp(sec->name, "__bug_table") ||
!strcmp(sec->name, "__ex_table") || !strcmp(sec->name, "__ex_table") ||
!strcmp(sec->name, "__jump_table") || !strcmp(sec->name, "__jump_table") ||
!strcmp(sec->name, "__mcount_loc") || !strcmp(sec->name, "__mcount_loc"))
!strcmp(sec->name, "__tracepoints"))
continue; continue;
list_for_each_entry(reloc, &sec->reloc->reloc_list, list) list_for_each_entry(reloc, &sec->reloc->reloc_list, list)