From patchwork Tue Jun 11 14:39:46 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ard Biesheuvel <ardb+git@google.com>
X-Patchwork-Id: 13693868
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 7948FC27C75
	for <linux-arm-kernel@archiver.kernel.org>;
 Tue, 11 Jun 2024 14:40:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:
	Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:
	List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID:
	Mime-Version:Date:Reply-To:Content-ID:Content-Description:Resent-Date:
	Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:
	References:List-Owner; bh=ijzr7C3lbua6o9K2uEr++EGexmEbVpCRj7BalWpPKtc=; b=ANT
	Hw4i0kA/HlLyK/okxOTdBy2nZo8H8bA+hTSOwWM2+4lLbbk7ENDy7JJ54CMiq8YvJ0iZwgmBcPE8+
	i+ZS/GabEt14tacUq+6VC238w+SDsvjmDj8ZEfg2gTikbSn7EMpBMnmnEhFREqrQI90qe153ldVA8
	xs63OmiM9gwydIrxX7anT8IsnRAZjucd3PBVexIfox1W6w1IDCUFO3DUlW36RgTjbqW9h2qeMmhjq
	ZYvyLqlev1OiENe209RBufZGqaPYOY1QNortdat6fC0A8ha8214r1sJze49vYKViBKjpXI7R5Nj+R
	LY5fVO9eaqc9xbkhDiTrrFJwhws+RQw==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sH2fM-00000009AkU-3r2B;
	Tue, 11 Jun 2024 14:40:04 +0000
Received: from mail-wm1-x34a.google.com ([2a00:1450:4864:20::34a])
	by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sH2fI-00000009Ajg-11E0
	for linux-arm-kernel@lists.infradead.org;
	Tue, 11 Jun 2024 14:40:02 +0000
Received: by mail-wm1-x34a.google.com with SMTP id
 5b1f17b1804b1-42159c69a28so10726045e9.1
        for <linux-arm-kernel@lists.infradead.org>;
 Tue, 11 Jun 2024 07:39:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1718116793; x=1718721593;
 darn=lists.infradead.org;
        h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject
         :date:message-id:reply-to;
        bh=fc256L0bMylY8a0w+xKmgylsEKgdKE56YCfKGKpXuE4=;
        b=aWTI64TckY3KKwgnZex6vzqqXMmN0kzBIwrCiagRJ1oGfyqqQCf4YrxcBBugCYPEfR
         JpCcBVdYqVM8JW/+zbdFJr7DpznqZLc6U7QABpewPk+30pTD3nrAjAok0KD4pePLDrYt
         SVEWouvEpyM7Z2ZM5H4FIC3DGb7Om8KE6EG7ryWaVLTSgFNhZcotE/9A6EFpIs269CXk
         8TSNZ50qv09MifdqqLdbgKP6EB4FsT1EGD/B8KBMORDjOswiHkpdu6B3N3bcAZJZIJgY
         r5C74h6wkMCsn6ZuRS87nIJEhaMB/jubNUuy17MO+AV8S2GAUhRdu0cfJRVOXijISnwO
         qT3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1718116793; x=1718721593;
        h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=fc256L0bMylY8a0w+xKmgylsEKgdKE56YCfKGKpXuE4=;
        b=pB4p5mB01TaAZ+Q79gvRrFKJXko2a4ZCEAuuQ5sJWHYTJyRDpsx6ynUA3PIga5lja2
         YJi8VSBcD1B3YQOAEeNDnB1PTdhT/MdnPyPqpPyT4E1SB37Y3BHJspOmK9olb4RQrZoW
         NaNfEbYxNTydfxj1PVxFAbvlBNtpJMAQSjKz0KVhEPUlwsLBnpLgroioJIFhKPoSv73t
         1eDPcbkHm4cv72sqPWZpFwa2H0fhgzsvlAen0jUdep8H6G7PKHnHsKmv50zVHbX1D+Ch
         Or5izG/xRYZOCR6MLJ3qnsgBfNsh/+K413WE8Ki6bBY0mss1EMuSwJpsBurMJzGaAHoJ
         N4iw==
X-Gm-Message-State: AOJu0Yw7CP1uMBRlQBMIEVr7SJV3z7g0PqGrrBmx4Y+3UTp5bX3QaAbP
	coD6tN8/23xWgEn/CFm3/QbXbqI8MqoyKfM22ZLlV0SZWip6mZuj0CLHDnp5NIhpgIWZMw==
X-Google-Smtp-Source: 
 AGHT+IHFaEk7D2N6ufvwGBSbFGg2CmMFoFz7/tCVFPZ81qAdg6othaAt/SV1WPdmIanVciVFJcMYSctJ
X-Received: from palermo.c.googlers.com
 ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a])
 (user=ardb job=sendgmr) by 2002:a05:600c:3c9d:b0:421:29c8:4ecb with SMTP id
 5b1f17b1804b1-42164a29553mr533825e9.4.1718116793115; Tue, 11 Jun 2024
 07:39:53 -0700 (PDT)
Date: Tue, 11 Jun 2024 16:39:46 +0200
Mime-Version: 1.0
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=1879; i=ardb@kernel.org;
 h=from:subject; bh=MZFu/VXbkFBp/U/HQ7BeXGxfD05oODBP3aH5tLVjkrk=;
 b=owGbwMvMwCFmkMcZplerG8N4Wi2JIS0jcZP8LaYoFqUw96UPNfWvzypbdL+tte/+40exzw7Kp
 rVvXMDSUcrCIMbBICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACZSqMjwz+Z2F7OBS8TzCb8W
 zarxeOV4fsfDB107r2so/U/Vm1TKoMHwP2/hW4NT0/+b716w7fr6EK5fCfZ/eBa3CBtoz1hQINU
 Szw0A
X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog
Message-ID: <20240611143945.3676904-2-ardb+git@google.com>
Subject: [PATCH v2] efi/arm: Disable LPAE PAN when calling EFI runtime
 services
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel <ardb@kernel.org>,
	Linus Walleij <linus.walleij@linaro.org>
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240611_074000_390937_ED600129 
X-CRM114-Status: GOOD (  12.32  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

From: Ard Biesheuvel <ardb@kernel.org>

EFI runtime services are remapped into the lower 1 GiB of virtual
address space at boot, so they are guaranteed to be able to co-exist
with the kernel virtual mappings without the need to allocate space for
them in the kernel's vmalloc region, which is rather small.

This means those mappings are covered by TTBR0 when LPAE PAN is enabled,
and so 'user' access must be enabled while such calls are in progress.

Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
In the end, I found a cleaner way to incorporate this into the existing
plumbing, without the need to rely on a global variable to stash the
TTBCR value.

 arch/arm/include/asm/efi.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/arch/arm/include/asm/efi.h b/arch/arm/include/asm/efi.h
index 78282ced5038..e408399d5f0e 100644
--- a/arch/arm/include/asm/efi.h
+++ b/arch/arm/include/asm/efi.h
@@ -14,6 +14,7 @@
 #include <asm/mach/map.h>
 #include <asm/mmu_context.h>
 #include <asm/ptrace.h>
+#include <asm/uaccess.h>
 
 #ifdef CONFIG_EFI
 void efi_init(void);
@@ -25,6 +26,18 @@ int efi_set_mapping_permissions(struct mm_struct *mm, efi_memory_desc_t *md, boo
 #define arch_efi_call_virt_setup()	efi_virtmap_load()
 #define arch_efi_call_virt_teardown()	efi_virtmap_unload()
 
+#ifdef CONFIG_CPU_TTBR0_PAN
+#undef arch_efi_call_virt
+#define arch_efi_call_virt(p, f, args...) ({				\
+	unsigned int flags = uaccess_save_and_enable();			\
+	efi_status_t res = _Generic((p)->f(args),			\
+			efi_status_t:	(p)->f(args),			\
+			default:	((p)->f(args), EFI_ABORTED));	\
+	uaccess_restore(flags);						\
+	res;								\
+})
+#endif
+
 #define ARCH_EFI_IRQ_FLAGS_MASK \
 	(PSR_J_BIT | PSR_E_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT | \
 	 PSR_T_BIT | MODE_MASK)