mbox series

[v6,0/6] arm64: Permit EFI boot with MMU and caches on

Message ID 20221129161418.1968319-1-ardb@kernel.org (mailing list archive)
Headers show
Series arm64: Permit EFI boot with MMU and caches on | expand

Message

Ard Biesheuvel Nov. 29, 2022, 4:14 p.m. UTC 
The purpose of this series is to remove any explicit cache maintenance
for coherency during early boot. Software managed coherency is error
prone and tedious, and running with the MMU off is generally bad for
performance, and it becomes unnecessary if we simply retain the
cacheable 1:1 mapping of all of system RAM provided by EFI, and use it
to populate the ID map page tables. After setting up this preliminary ID
map, we disable the MMU, drop to EL1, reprogram the MAIR, TCR and SCTLR
registers as before, and proceed as usual, avoiding the need for any
manipulations of memory while the MMU and caches are off.

The only properties of the firmware provided 1:1 map we rely on is that
it does not require any explicit cache maintenance for coherency, and
that it covers the entire memory footprint of the image, including the
BSS and padding at the end - all else is under control of the kernel
itself, as before.

Patch #6 is optional, and moved to the end. It reduces the likelihood
that an image needs to be moved around in memory only to align the
swapper vmap'ed stack, but it only affects 64k granule configurations,
and with KASLR, the image is usually copied around anyway.

Changes since v5:
- add a special entry point into the boot sequence that is to be used by
  EFI only, and only permit booting with the MMU enabled when using that
  boot path;
- omit the final patch that would need to go via the EFI tree in any
  case - adding the new entrypoint specific for EFI makes it conflict
  even more badly, and I'll try to revisit this during the merge window
  or simply defer the final piece for the next release;

Changes since v4:
- add patch to align the callers of finalise_el2()
- also clean HYP text to the PoC when booting at EL2 with the MMU on
- add a warning and a taint when doing non-EFI boot with the MMU and
  caches enabled
- rebase onto zboot changes in efi/next - this means that patches #6 and
  #7 will not apply onto arm64/for-next so a shared stable branch will
  be needed if we want to queue this up for v6.2

Changes since v3:
- drop EFI_LOADER_CODE memory type patch that has been queued in the
  mean time
- rebased onto [partial] series that moves efi-entry.S into the libstub/
  source directory
- fixed a correctness issue in patch #2

Cc: Will Deacon <will@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>

Ard Biesheuvel (6):
  arm64: head: Move all finalise_el2 calls to after __enable_mmu
  arm64: kernel: move identity map out of .text mapping
  arm64: head: record the MMU state at primary entry
  arm64: head: avoid cache invalidation when entering with the MMU on
  arm64: head: Clean the ID map and the HYP text to the PoC if needed
  arm64: lds: reduce effective minimum image alignment to 64k

 arch/arm64/include/asm/efi.h              |  7 --
 arch/arm64/kernel/head.S                  | 99 +++++++++++++++-----
 arch/arm64/kernel/image-vars.h            |  2 +-
 arch/arm64/kernel/setup.c                 |  9 +-
 arch/arm64/kernel/sleep.S                 |  6 +-
 arch/arm64/kernel/vmlinux.lds.S           | 13 ++-
 arch/arm64/mm/proc.S                      |  2 -
 drivers/firmware/efi/libstub/arm64-stub.c |  2 +-
 include/linux/efi.h                       |  6 +-
 9 files changed, 104 insertions(+), 42 deletions(-)