1. Patchew
  2. linux
  3. [PATCHv6 00/16] x86: Enable Linear Address Space Separation support
  4. View patch

[PATCHv6 06/16] efi: Disable LASS around set_virtual_address_map() EFI call

Kirill A. Shutemov posted 16 patches 3 months, 2 weeks ago
There is a newer version of this series
[PATCHv6 06/16] efi: Disable LASS around set_virtual_address_map() EFI call
Posted by Kirill A. Shutemov 3 months, 2 weeks ago 
From: Alexander Shishkin <alexander.shishkin@linux.intel.com>

Of all the EFI runtime services, set_virtual_address_map() is the only
one that is called at its lower mapping, which LASS prohibits regardless
of EFLAGS.AC setting. The only way to allow this to happen is to disable
LASS in the CR4 register.

Disable LASS around this low address EFI call.

Signed-off-by: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
 arch/x86/platform/efi/efi.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 463b784499a8..94c335229697 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -825,11 +825,24 @@ static void __init __efi_enter_virtual_mode(void)
 
 	efi_sync_low_kernel_mappings();
 
+	/*
+	 * set_virtual_address_map is the only service located at lower
+	 * addresses, so we have to temporarily disable LASS around it.
+	 * Note that clearing EFLAGS.AC is not enough for this, the whole
+	 * LASS needs to be disabled.
+	 */
+	if (cpu_feature_enabled(X86_FEATURE_LASS))
+		cr4_clear_bits(X86_CR4_LASS);
+
 	status = efi_set_virtual_address_map(efi.memmap.desc_size * count,
 					     efi.memmap.desc_size,
 					     efi.memmap.desc_version,
 					     (efi_memory_desc_t *)pa,
 					     efi_systab_phys);
+
+	if (cpu_feature_enabled(X86_FEATURE_LASS))
+		cr4_set_bits(X86_CR4_LASS);
+
 	if (status != EFI_SUCCESS) {
 		pr_err("Unable to switch EFI into virtual mode (status=%lx)!\n",
 		       status);
-- 
2.47.2
Re: [PATCHv6 06/16] efi: Disable LASS around set_virtual_address_map() EFI call
Posted by Dave Hansen 3 months, 2 weeks ago 
On 6/20/25 06:53, Kirill A. Shutemov wrote:
> diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
> index 463b784499a8..94c335229697 100644
> --- a/arch/x86/platform/efi/efi.c
> +++ b/arch/x86/platform/efi/efi.c
> @@ -825,11 +825,24 @@ static void __init __efi_enter_virtual_mode(void)
>  
>  	efi_sync_low_kernel_mappings();
>  
> +	/*
> +	 * set_virtual_address_map is the only service located at lower
> +	 * addresses, so we have to temporarily disable LASS around it.
> +	 * Note that clearing EFLAGS.AC is not enough for this, the whole
> +	 * LASS needs to be disabled.
> +	 */
> +	if (cpu_feature_enabled(X86_FEATURE_LASS))
> +		cr4_clear_bits(X86_CR4_LASS);

Could we do it like this instead?

	unsigned long lass = cr4_read_shadow() & X86_FEATURE_LASS;
	...
	cr4_clear_bits(lass);

>  	status = efi_set_virtual_address_map(efi.memmap.desc_size * count,
>  					     efi.memmap.desc_size,
>  					     efi.memmap.desc_version,
>  					     (efi_memory_desc_t *)pa,
>  					     efi_systab_phys);
> +
> +	if (cpu_feature_enabled(X86_FEATURE_LASS))
> +		cr4_set_bits(X86_CR4_LASS);

and:

	cr4_set_bits(lass);

>  	if (status != EFI_SUCCESS) {
>  		pr_err("Unable to switch EFI into virtual mode (status=%lx)!\n",
>  		       status);

That way, neither the presence of X86_FEATURE_LASS nor the ordering of
setting up X86_CR4_LASS matters.

Let's say the CPU supports X86_FEATURE_LASS and this code gets called
before the kernel is ready for LASS. It would break as written above.
Re: [PATCHv6 06/16] efi: Disable LASS around set_virtual_address_map() EFI call
Posted by Kirill A. Shutemov 3 months, 2 weeks ago 
On Fri, Jun 20, 2025 at 08:55:29AM -0700, Dave Hansen wrote:
> On 6/20/25 06:53, Kirill A. Shutemov wrote:
> > diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
> > index 463b784499a8..94c335229697 100644
> > --- a/arch/x86/platform/efi/efi.c
> > +++ b/arch/x86/platform/efi/efi.c
> > @@ -825,11 +825,24 @@ static void __init __efi_enter_virtual_mode(void)
> >  
> >  	efi_sync_low_kernel_mappings();
> >  
> > +	/*
> > +	 * set_virtual_address_map is the only service located at lower
> > +	 * addresses, so we have to temporarily disable LASS around it.
> > +	 * Note that clearing EFLAGS.AC is not enough for this, the whole
> > +	 * LASS needs to be disabled.
> > +	 */
> > +	if (cpu_feature_enabled(X86_FEATURE_LASS))
> > +		cr4_clear_bits(X86_CR4_LASS);
> 
> Could we do it like this instead?
> 
> 	unsigned long lass = cr4_read_shadow() & X86_FEATURE_LASS;
> 	...
> 	cr4_clear_bits(lass);
> 
> >  	status = efi_set_virtual_address_map(efi.memmap.desc_size * count,
> >  					     efi.memmap.desc_size,
> >  					     efi.memmap.desc_version,
> >  					     (efi_memory_desc_t *)pa,
> >  					     efi_systab_phys);
> > +
> > +	if (cpu_feature_enabled(X86_FEATURE_LASS))
> > +		cr4_set_bits(X86_CR4_LASS);
> 
> and:
> 
> 	cr4_set_bits(lass);
> 
> >  	if (status != EFI_SUCCESS) {
> >  		pr_err("Unable to switch EFI into virtual mode (status=%lx)!\n",
> >  		       status);
> 
> That way, neither the presence of X86_FEATURE_LASS nor the ordering of
> setting up X86_CR4_LASS matters.
> 
> Let's say the CPU supports X86_FEATURE_LASS and this code gets called
> before the kernel is ready for LASS. It would break as written above.

Okay, will rework this.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.