x86/kexec: Add the EFI system tables and ACPI tables to the ident map

mainline inclusion from mainline-6bbeb276b71f undefined commit 6bbeb276b71f category: bugfix bugzilla: 17339 CVE: NA ------------------------------------------------- Currently, only the whole physical memory is identity-mapped for the kexec kernel and the regions reserved by firmware are ignored. However, the recent addition of RSDP parsing in the decompression stage and especially: 33f0df8d843d ("x86/boot: Search for RSDP in the EFI tables") which tries to access EFI system tables and to dig out the RDSP address from there, becomes a problem because in certain configurations, they might not be mapped in the kexec'ed kernel's address space. What is more, this problem doesn't appear on all systems because the kexec kernel uses gigabyte pages to build the identity mapping. And the EFI system tables and ACPI tables can, depending on the system configuration, end up being mapped as part of all physical memory, if they share the same 1 GB area with the physical memory. Therefore, make sure they're always mapped. [ bp: productize half-baked patch: - rewrite commit message. - correct the map_acpi_tables() function name in the !ACPI case. ] Signed-off-by: N Kairui Song <kasong@redhat.com> Signed-off-by: N Baoquan He <bhe@redhat.com> Signed-off-by: N Borislav Petkov <bp@suse.de> Tested-by: N Dirk van der Merwe <dirk.vandermerwe@netronome.com> Cc: dyoung@redhat.com Cc: fanc.fnst@cn.fujitsu.com Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: j-nomura@ce.jp.nec.com Cc: kexec@lists.infradead.org Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Lianbo Jiang <lijiang@redhat.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/20190429002318.GA25400@MiWiFi-R3L-srvSigned-off-by: N Chen Zhou <chenzhou10@huawei.com> Reviewed-by: N Xiongfeng Wang <wangxiongfeng2@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

x86/kexec: Add the EFI system tables and ACPI tables to the ident map
mainline inclusion from mainline-6bbeb276b71f undefined commit 6bbeb276b71f category: bugfix bugzilla: 17339 CVE: NA ------------------------------------------------- Currently, only the whole physical memory is identity-mapped for the kexec kernel and the regions reserved by firmware are ignored. However, the recent addition of RSDP parsing in the decompression stage and especially: 33f0df8d843d ("x86/boot: Search for RSDP in the EFI tables") which tries to access EFI system tables and to dig out the RDSP address from there, becomes a problem because in certain configurations, they might not be mapped in the kexec'ed kernel's address space. What is more, this problem doesn't appear on all systems because the kexec kernel uses gigabyte pages to build the identity mapping. And the EFI system tables and ACPI tables can, depending on the system configuration, end up being mapped as part of all physical memory, if they share the same 1 GB area with the physical memory. Therefore, make sure they're always mapped. [ bp: productize half-baked patch: - rewrite commit message. - correct the map_acpi_tables() function name in the !ACPI case. ] Signed-off-by: N Kairui Song <kasong@redhat.com> Signed-off-by: N Baoquan He <bhe@redhat.com> Signed-off-by: N Borislav Petkov <bp@suse.de> Tested-by: N Dirk van der Merwe <dirk.vandermerwe@netronome.com> Cc: dyoung@redhat.com Cc: fanc.fnst@cn.fujitsu.com Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: j-nomura@ce.jp.nec.com Cc: kexec@lists.infradead.org Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Lianbo Jiang <lijiang@redhat.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: x86-ml <x86@kernel.org> Link: https://lkml.kernel.org/r/20190429002318.GA25400@MiWiFi-R3L-srvSigned-off-by: N Chen Zhou <chenzhou10@huawei.com> Reviewed-by: N Xiongfeng Wang <wangxiongfeng2@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
12391a94 · Kairui Song · Xie XiuQi · ce03eeb1 · 12391a94
隐藏空白更改
内联并排

Showing with 75 addition and 0 deletion

arch/x86/kernel/machine_kexec_64.c arch/x86/kernel/machine_kexec_64.c +75 -0

未找到文件。
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -18,6 +18,7 @@
 #include <linux/io.h>
 #include <linux/suspend.h>
 #include <linux/vmalloc.h>
+#include <linux/efi.h>
 #include <asm/init.h>
 #include <asm/pgtable.h>
@@ -29,6 +30,43 @@
 #include <asm/setup.h>
 #include <asm/set_memory.h>
+#ifdef CONFIG_ACPI
+/*
+ * Used while adding mapping for ACPI tables.
+ * Can be reused when other iomem regions need be mapped
+ */
+struct init_pgtable_data {
+	struct x86_mapping_info *info;
+	pgd_t *level4p;
+};
+static int mem_region_callback(struct resource *res, void *arg)
+{
+	struct init_pgtable_data *data = arg;
+	unsigned long mstart, mend;
+	mstart = res->start;
+	mend = mstart + resource_size(res) - 1;
+	return kernel_ident_mapping_init(data->info, data->level4p, mstart, mend);
+}
+static int
+map_acpi_tables(struct x86_mapping_info *info, pgd_t *level4p)
+{
+	unsigned long flags = IORESOURCE_MEM | IORESOURCE_BUSY;
+	struct init_pgtable_data data;
+	data.info = info;
+	data.level4p = level4p;
+	flags = IORESOURCE_MEM | IORESOURCE_BUSY;
+	return walk_iomem_res_desc(IORES_DESC_ACPI_TABLES, flags, 0, -1,
+				   &data, mem_region_callback);
+}
+#else
+static int map_acpi_tables(struct x86_mapping_info *info, pgd_t *level4p) { return 0; }
+#endif
 #ifdef CONFIG_KEXEC_FILE
 const struct kexec_file_ops * const kexec_file_loaders[] = {
 		&kexec_bzImage64_ops,
@@ -36,6 +74,31 @@ const struct kexec_file_ops * const kexec_file_loaders[] = {
 };
 #endif
+static int
+map_efi_systab(struct x86_mapping_info *info, pgd_t *level4p)
+{
+#ifdef CONFIG_EFI
+	unsigned long mstart, mend;
+	if (!efi_enabled(EFI_BOOT))
+		return 0;
+	mstart = (boot_params.efi_info.efi_systab |
+			((u64)boot_params.efi_info.efi_systab_hi<<32));
+	if (efi_enabled(EFI_64BIT))
+		mend = mstart + sizeof(efi_system_table_64_t);
+	else
+		mend = mstart + sizeof(efi_system_table_32_t);
+	if (!mstart)
+		return 0;
+	return kernel_ident_mapping_init(info, level4p, mstart, mend);
+#endif
+	return 0;
+}
 static void free_transition_pgtable(struct kimage *image)
 {
 	free_page((unsigned long)image->arch.p4d);
@@ -159,6 +222,18 @@ static int init_pgtable(struct kimage *image, unsigned long start_pgtable)
 			return result;
 	}
+	/*
+	 * Prepare EFI systab and ACPI tables for kexec kernel since they are
+	 * not covered by pfn_mapped.
+	 */
+	result = map_efi_systab(&info, level4p);
+	if (result)
+		return result;
+	result = map_acpi_tables(&info, level4p);
+	if (result)
+		return result;
 	return init_transition_pgtable(image, level4p);
 }