Re: [RFC] boot failed when enable KAISER/KPTI
From: Andrea Arcangeli
Date: Sat Jan 06 2018 - 12:37:36 EST
Hello Xishi,
On Sat, Jan 06, 2018 at 02:45:30PM +0800, Xishi Qiu wrote:
> How about this fix patch? I tested and it works.
>
> diff --git a/arch/x86/kernel/tboot.c b/arch/x86/kernel/tboot.c
> index 088681d..f6c32f5 100644
> --- a/arch/x86/kernel/tboot.c
> +++ b/arch/x86/kernel/tboot.c
> @@ -131,6 +131,8 @@ static int map_tboot_page(unsigned long vaddr, unsigned long pfn,
> pud = pud_alloc(&tboot_mm, pgd, vaddr);
> if (!pud)
> return -1;
> + if (__supported_pte_mask & _PAGE_NX)
> + pgd->pgd &= ~_PAGE_NX;
> pmd = pmd_alloc(&tboot_mm, pud, vaddr);
> if (!pmd)
> return -1;
Oh great that you already verified this.
The only difference from the above to what I applied is that I didn't
check "__supported_pte_mask & _PAGE_NX", but that's superflous
here. It won't hurt to add it, your patch is fine as well.
The location where to do the NX clearing is the correct one and same
optimal place as in efi_64.c too (right after pud_alloc success).
Only the setting of NX requires verification that it's in the
__supported_pte_mask first, the clearing is always fine (worst case it
will do nothing).
On a side note, I already verified if NX is disabled (-cpu nx=off) the
pgd isn't NX poisoned in the first place, but clearing NX won't hurt
even in such case.
Thanks,
Andrea