Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec

From: Dave Young
Date: Wed Jun 05 2024 - 21:52:34 EST

Next message: Huang, Ying: "Re: [PATCH 0/2] mm: swap: mTHP swap allocator base on swap cluster order"
Previous message: Steven Rostedt: "Re: [PATCH net-next v10 06/14] page_pool: convert to use netmem"
In reply to: Borislav Petkov: "Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec"
Next in thread: Kalra, Ashish: "Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 5 Jun 2024 at 19:09, Borislav Petkov <bp@xxxxxxxxx> wrote:
>
> Moving Ard and Dan to To:
>
> On Wed, Jun 05, 2024 at 10:28:18AM +0800, Dave Young wrote:
> > Ok, thanks! I think the right way is creating two patches, one to
> > remove the __efi_memmap_free,
>
> Yap, that
>
> f0ef6523475f ("efi: Fix efi_memmap_alloc() leaks")
>
> needs revisiting.
>
> So AFAIU, the flow is this:
>
> In a kexec-ed kernel:
>
> 1. efi_arch_mem_reserve() gets called by bgrt, erst, mokvar... whatever
> to hold on to boot services regions for longer otherwise EFI
> "implementations" explode.
>
> 2. On same kexec-ed kernel, we call into kexec_enter_virtual_mode()
> because it needs to get the runtime services regions from the first
> kernel
>
> 3. As part of that call, it'll do
> efi_memmap_init_late->__efi_memmap_init():
>
> if (efi.memmap.flags & (EFI_MEMMAP_MEMBLOCK | EFI_MEMMAP_SLAB))
> __efi_memmap_free(efi.memmap.phys_map,
>
> and the memory which got allocated in step 1 is gone, thus reverting
> what efi_arch_mem_reserve() is trying to fix.
>
> IOW, we need a
>
> EFI_MEMMAP_DO_NOT_TOUCH_MY_MEMORY
>
> flag which'll stop this from happening. But I'd prefer it if Ard decides
> what the right thing to do here is.
>
> > another is skip efi_arch_mem_reserve when the EFI_MEMORY_RUNTIME bit
> > was set already.
>
> Can that even happen?

Yes, let's say we have two different cases both go through
drivers/firmware/efi/efi-bgrt.c -> efi_mem_reserve ->
efi_arch_mem_reserve
1. normal boot (non kexec-ed)
The bgrt region is reserved and mark as EFI_MEMORY_RUNTIME with a
new efi mem range which is inserted in the memmap, later kexec will
carry over to 2nd kernel (drop those boot service areas without
EFI_MEMORY_RUNTIME)
2. kexec-ed boot
In the same call path, the previous kernel saved bgrt region has
already set EFI_MEMORY_RUNTIME, but it is re-reserved with a new mem
entry in memmap, this is not necessary and duplicate. I did not
check the efi boot code if it will de-duplicate the memmap later, but
anyway this is useless and it should be skipped.

Thanks
Dave

Next message: Huang, Ying: "Re: [PATCH 0/2] mm: swap: mTHP swap allocator base on swap cluster order"
Previous message: Steven Rostedt: "Re: [PATCH net-next v10 06/14] page_pool: convert to use netmem"
In reply to: Borislav Petkov: "Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec"
Next in thread: Kalra, Ashish: "Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]