From patchwork Fri Jan 15 08:32:54 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mike Rapoport <rppt@kernel.org>
X-Patchwork-Id: 12021865
Return-Path: <SRS0=uEqb=GS=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 58BA5C433E0
	for <linux-mm@archiver.kernel.org>; Fri, 15 Jan 2021 08:33:28 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id DAFD323118
	for <linux-mm@archiver.kernel.org>; Fri, 15 Jan 2021 08:33:27 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DAFD323118
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org;
 spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 37B1A8D013B; Fri, 15 Jan 2021 03:33:27 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 32C178D0023; Fri, 15 Jan 2021 03:33:27 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 241AF8D013B; Fri, 15 Jan 2021 03:33:27 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0204.hostedemail.com
 [216.40.44.204])
	by kanga.kvack.org (Postfix) with ESMTP id 0F81A8D0023
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 03:33:27 -0500 (EST)
Received: from smtpin01.hostedemail.com (10.5.19.251.rfc1918.com
 [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with ESMTP id CEFDA181AEF15
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:26 +0000 (UTC)
X-FDA: 77707345212.01.soup31_4c05b1d2752d
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin01.hostedemail.com (Postfix) with ESMTP id AD8C310047F75
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:26 +0000 (UTC)
X-HE-Tag: soup31_4c05b1d2752d
X-Filterd-Recvd-Size: 6871
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by imf27.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:26 +0000 (UTC)
Received: by mail.kernel.org (Postfix) with ESMTPSA id 9444C2336E;
	Fri, 15 Jan 2021 08:33:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1610699605;
	bh=sUrMAjyDaXmZBJdT1WCLbiniGlUYaOHpD5Ab0fpR7kI=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=LBZgs8Zz8n72wqENYRvpHms4FxANVCtqYXYx4EBN1CZ50IC28Wk/Zax1lRmxTA2lq
	 Gda3KFRB027X/ZUqOmvjbnPNCcUeD+ic9Kz8JKOUcR/MO2xllRCNxB+z7olVktooOQ
	 vdTuw+gXGYd+iQohDqkzkTyPWfd7pCH3s2mjRKk63e2hz1RgBidr2cBJx7UUldqmPU
	 5ribbai0UIZd7NZX1OU5yU/zaeCvWAaM1dMkWEhrUG3USFv4PxsCgJAXI409zdp4sz
	 LPe5QAwqScBMElRJV0L85sVKdGRMZIXZ0GBMK6U9SM2o4Sk7B0V2094MWPWR9HwCDF
	 HDOxqCY6hpOlA==
From: Mike Rapoport <rppt@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>,
	Baoquan He <bhe@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	David Hildenbrand <david@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Ingo Molnar <mingo@redhat.com>,
	Mel Gorman <mgorman@suse.de>,
	Michal Hocko <mhocko@kernel.org>,
	Mike Rapoport <rppt@kernel.org>,
	Mike Rapoport <rppt@linux.ibm.com>,
	Qian Cai <cai@lca.pw>,
	Thomas Gleixner <tglx@linutronix.de>,
	Vlastimil Babka <vbabka@suse.cz>,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	x86@kernel.org
Subject: [PATCH 1/2] x86/setup: consolidate early memory reservations
Date: Fri, 15 Jan 2021 10:32:54 +0200
Message-Id: <20210115083255.12744-2-rppt@kernel.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20210115083255.12744-1-rppt@kernel.org>
References: <20210115083255.12744-1-rppt@kernel.org>
MIME-Version: 1.0
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

From: Mike Rapoport <rppt@linux.ibm.com>

The early reservations of memory areas used by the firmware, bootloader,
kernel text and data are spread over setup_arch(). Moreover, some of them
happen *after* memblock allocations, e.g trim_platform_memory_ranges() and
trim_low_memory_range() are called after reserve_real_mode() that allocates
memory.

We did not observe corruption of these memory regions because memblock
always allocates memory either from the end of memory (in top-down mode) or
above the kernel image (in bottom-up mode). However, the bottom up mode is
going to be updated to span the entire memory [1] to avoid limitations
caused by KASLR.

Consolidate early memory reservations in a dedicated function to improve
robustness against future changes. Having the early reservations in one
place also makes it clearer what memory must be reserved before we allow
memblock allocations.

[1] https://lore.kernel.org/lkml/20201217201214.3414100-2-guro@fb.com

Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Acked-by: Borislav Petkov <bp@suse.de>
---
 arch/x86/kernel/setup.c | 80 ++++++++++++++++++++++-------------------
 1 file changed, 44 insertions(+), 36 deletions(-)

diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 3412c4595efd..32cd2e790a0a 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -728,7 +728,38 @@ static void __init trim_low_memory_range(void)
 	 */
 	memblock_reserve(0, ALIGN(reserve_low, PAGE_SIZE));
 }
-	
+
+static void __init early_reserve_memory(void)
+{
+	/*
+	 * Reserve the memory occupied by the kernel between _text and
+	 * __end_of_kernel_reserve symbols. Any kernel sections after the
+	 * __end_of_kernel_reserve symbol must be explicitly reserved with a
+	 * separate memblock_reserve() or they will be discarded.
+	 */
+	memblock_reserve(__pa_symbol(_text),
+			 (unsigned long)__end_of_kernel_reserve - (unsigned long)_text);
+
+	/*
+	 * Make sure page 0 is always reserved because on systems with
+	 * L1TF its contents can be leaked to user processes.
+	 */
+	memblock_reserve(0, PAGE_SIZE);
+
+	early_reserve_initrd();
+
+	if (efi_enabled(EFI_BOOT))
+		efi_memblock_x86_reserve_range();
+
+	memblock_x86_reserve_range_setup_data();
+
+	reserve_ibft_region();
+	reserve_bios_regions();
+
+	trim_platform_memory_ranges();
+	trim_low_memory_range();
+}
+
 /*
  * Dump out kernel offset information on panic.
  */
@@ -763,29 +794,6 @@ dump_kernel_offset(struct notifier_block *self, unsigned long v, void *p)
 
 void __init setup_arch(char **cmdline_p)
 {
-	/*
-	 * Reserve the memory occupied by the kernel between _text and
-	 * __end_of_kernel_reserve symbols. Any kernel sections after the
-	 * __end_of_kernel_reserve symbol must be explicitly reserved with a
-	 * separate memblock_reserve() or they will be discarded.
-	 */
-	memblock_reserve(__pa_symbol(_text),
-			 (unsigned long)__end_of_kernel_reserve - (unsigned long)_text);
-
-	/*
-	 * Make sure page 0 is always reserved because on systems with
-	 * L1TF its contents can be leaked to user processes.
-	 */
-	memblock_reserve(0, PAGE_SIZE);
-
-	early_reserve_initrd();
-
-	/*
-	 * At this point everything still needed from the boot loader
-	 * or BIOS or kernel text should be early reserved or marked not
-	 * RAM in e820. All other memory is free game.
-	 */
-
 #ifdef CONFIG_X86_32
 	memcpy(&boot_cpu_data, &new_cpu_data, sizeof(new_cpu_data));
 
@@ -909,8 +917,18 @@ void __init setup_arch(char **cmdline_p)
 
 	parse_early_param();
 
-	if (efi_enabled(EFI_BOOT))
-		efi_memblock_x86_reserve_range();
+	/*
+	 * Do some memory reservations *before* memory is added to
+	 * memblock, so memblock allocations won't overwrite it.
+	 * Do it after early param, so we could get (unlikely) panic from
+	 * serial.
+	 *
+	 * After this point everything still needed from the boot loader or
+	 * firmware or kernel text should be early reserved or marked not
+	 * RAM in e820. All other memory is free game.
+	 */
+	early_reserve_memory();
+
 #ifdef CONFIG_MEMORY_HOTPLUG
 	/*
 	 * Memory used by the kernel cannot be hot-removed because Linux
@@ -937,9 +955,6 @@ void __init setup_arch(char **cmdline_p)
 
 	x86_report_nx();
 
-	/* after early param, so could get panic from serial */
-	memblock_x86_reserve_range_setup_data();
-
 	if (acpi_mps_check()) {
 #ifdef CONFIG_X86_LOCAL_APIC
 		disable_apic = 1;
@@ -1031,8 +1046,6 @@ void __init setup_arch(char **cmdline_p)
 	 */
 	find_smp_config();
 
-	reserve_ibft_region();
-
 	early_alloc_pgt_buf();
 
 	/*
@@ -1053,8 +1066,6 @@ void __init setup_arch(char **cmdline_p)
 	 */
 	sev_setup_arch();
 
-	reserve_bios_regions();
-
 	efi_fake_memmap();
 	efi_find_mirror();
 	efi_esrt_init();
@@ -1080,9 +1091,6 @@ void __init setup_arch(char **cmdline_p)
 
 	reserve_real_mode();
 
-	trim_platform_memory_ranges();
-	trim_low_memory_range();
-
 	init_mem_mapping();
 
 	idt_setup_early_pf();

From patchwork Fri Jan 15 08:32:55 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mike Rapoport <rppt@kernel.org>
X-Patchwork-Id: 12021867
Return-Path: <SRS0=uEqb=GS=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 43705C433E0
	for <linux-mm@archiver.kernel.org>; Fri, 15 Jan 2021 08:33:33 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id B4E5722C7D
	for <linux-mm@archiver.kernel.org>; Fri, 15 Jan 2021 08:33:32 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B4E5722C7D
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org;
 spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 304708D013C; Fri, 15 Jan 2021 03:33:32 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2DA7E8D0023; Fri, 15 Jan 2021 03:33:32 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1F11A8D013C; Fri, 15 Jan 2021 03:33:32 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0205.hostedemail.com
 [216.40.44.205])
	by kanga.kvack.org (Postfix) with ESMTP id 0AC418D0023
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 03:33:32 -0500 (EST)
Received: from smtpin20.hostedemail.com (10.5.19.251.rfc1918.com
 [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id BF69E180AD807
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:31 +0000 (UTC)
X-FDA: 77707345422.20.move18_5807bf62752d
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin20.hostedemail.com (Postfix) with ESMTP id A1E37180C07A3
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:31 +0000 (UTC)
X-HE-Tag: move18_5807bf62752d
X-Filterd-Recvd-Size: 4131
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by imf27.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Fri, 15 Jan 2021 08:33:31 +0000 (UTC)
Received: by mail.kernel.org (Postfix) with ESMTPSA id B4B6E23436;
	Fri, 15 Jan 2021 08:33:25 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1610699610;
	bh=StoT2zp79sznIPfcRkkmD1yMT7cGVvKLETHGz0Lwr3g=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=AZMzuYEacN0wqIbOJ5wTWm5r6t/pKWqQzWZKUM6+sW2j61F1dxN1ZSm2o0RtLNwty
	 ZhBXIqRNtG4Cy346zt8KEHMhL3WhQ7m21aoEcmpmNLv2IET4NRUsqjZx0GnTih8CoT
	 5mWAzUGd9KbCX/Xs/uTpu+/EfpZEuz0lYaeZBhBti6lGoRlmCkbNUqukoaYZBviMGT
	 +P4ENiB2ZHA86/GJVUzzcIMePKKm7rME+Lv5T8sUsqW3NcLs+r8I5MBNxA6jzDb1kQ
	 G4C9+GRZxRqDMw60BeBUQXjnn+eT17lK8qB5cR91eTBnqQOa5BDaK3whZ7zu4rGa+C
	 1w75MLZUsFE1g==
From: Mike Rapoport <rppt@kernel.org>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>,
	Baoquan He <bhe@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	David Hildenbrand <david@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Ingo Molnar <mingo@redhat.com>,
	Mel Gorman <mgorman@suse.de>,
	Michal Hocko <mhocko@kernel.org>,
	Mike Rapoport <rppt@kernel.org>,
	Mike Rapoport <rppt@linux.ibm.com>,
	Qian Cai <cai@lca.pw>,
	Thomas Gleixner <tglx@linutronix.de>,
	Vlastimil Babka <vbabka@suse.cz>,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	x86@kernel.org
Subject: [PATCH 2/2] x86/setup: merge several reservations of start of the
 memory
Date: Fri, 15 Jan 2021 10:32:55 +0200
Message-Id: <20210115083255.12744-3-rppt@kernel.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20210115083255.12744-1-rppt@kernel.org>
References: <20210115083255.12744-1-rppt@kernel.org>
MIME-Version: 1.0
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

From: Mike Rapoport <rppt@linux.ibm.com>

Currently the first several pages are reserved both to avoid leaking their
contents on systems with L1TF and to avoid corrupting BIOS memory.

Merge the two memory reservations.

Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
---
 arch/x86/kernel/setup.c | 29 +++++++++++------------------
 1 file changed, 11 insertions(+), 18 deletions(-)

diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 32cd2e790a0a..3f2fd67240f8 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -715,20 +715,6 @@ static int __init parse_reservelow(char *p)
 
 early_param("reservelow", parse_reservelow);
 
-static void __init trim_low_memory_range(void)
-{
-	/*
-	 * A special case is the first 4Kb of memory;
-	 * This is a BIOS owned area, not kernel ram, but generally
-	 * not listed as such in the E820 table.
-	 *
-	 * This typically reserves additional memory (64KiB by default)
-	 * since some BIOSes are known to corrupt low memory.  See the
-	 * Kconfig help text for X86_RESERVE_LOW.
-	 */
-	memblock_reserve(0, ALIGN(reserve_low, PAGE_SIZE));
-}
-
 static void __init early_reserve_memory(void)
 {
 	/*
@@ -741,10 +727,18 @@ static void __init early_reserve_memory(void)
 			 (unsigned long)__end_of_kernel_reserve - (unsigned long)_text);
 
 	/*
-	 * Make sure page 0 is always reserved because on systems with
-	 * L1TF its contents can be leaked to user processes.
+	 * The first 4Kb of memory is a BIOS owned area, but generally it is
+	 * not listed as such in the E820 table.
+	 *
+	 * Reserve the first memory page and typically some additional
+	 * memory (64KiB by default) since some BIOSes are known to corrupt
+	 * low memory. See the Kconfig help text for X86_RESERVE_LOW.
+	 *
+	 * In addition, we must make sure page 0 is always reserved because
+	 * on systems with L1TF its contents can be leaked to user
+	 * processes.
 	 */
-	memblock_reserve(0, PAGE_SIZE);
+	memblock_reserve(0, ALIGN(reserve_low, PAGE_SIZE));
 
 	early_reserve_initrd();
 
@@ -757,7 +751,6 @@ static void __init early_reserve_memory(void)
 	reserve_bios_regions();
 
 	trim_platform_memory_ranges();
-	trim_low_memory_range();
 }
 
 /*