Re: [PATCH v11 4/9] x86/alternatives: Disable LASS when patching kernel code

Next message: Rogerio Pimentel: "Re: [PATCH v4 2/2] arm64: dts: add support for NXP i.MX8MP FRDM board"
Previous message: Michal Koutn&#xFD;: "Re: [PATCH mm-new v3] mm/memcontrol: Add memory.stat_refresh for on-demand stats flushing"
In reply to: Borislav Petkov: "Re: [PATCH v11 4/9] x86/alternatives: Disable LASS when patching kernel code"
Next in thread: Dave Hansen: "Re: [PATCH v11 4/9] x86/alternatives: Disable LASS when patching kernel code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Ard Biesheuvel

Date: Wed Nov 12 2025 - 09:02:47 EST

On Mon, 10 Nov 2025 at 19:15, Sohil Mehta <sohil.mehta@xxxxxxxxx> wrote:
>
> Hi Boris,
>
> On 10/29/2025 2:03 PM, Sohil Mehta wrote:
> > +/*
> > + * LASS enforcement is based on bit 63 of the virtual address. The
> > + * kernel is not allowed to touch memory in the lower half of the
> > + * virtual address space.
> > + *
> > + * Use lass_disable()/lass_enable() to toggle the AC bit for kernel data
> > + * accesses (!_PAGE_USER) that are blocked by LASS, but not by SMAP.
> > + *
> > + * Even with the AC bit set, LASS will continue to block instruction
> > + * fetches from the user half of the address space. To allow those,
> > + * clear CR4.LASS to disable the LASS mechanism entirely.
> > + *
>
> Based on the EFI discussion,

Which discussion is that?

> it looks like we would now need to toggle
> CR4.LASS every time we switch to efi_mm. The lass_enable()/_disable()
> naming would be more suitable for those wrappers.
>

Note that Linux/x86 uses SetVirtualAddressMap() to remap all EFI
runtime regions into the upper [kernel] half of the address space.

SetVirtualAddressMap() itself is a terrible idea, but given that we
are already stuck with it, we should be able to rely on ordinary EFI
runtime calls to only execute from the upper address range. The only
exception is the call to SetVirtualAddressMap() itself, which occurs
only once during early boot.