From nobody Thu Oct  2 00:49:13 2025
Received: from mail-wr1-f74.google.com (mail-wr1-f74.google.com
 [209.85.221.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id CCDC130DECF
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.221.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727649; cv=none;
 b=lwKdoF+3nkTXAAuWloFhsoqJvgjH2+wYeNulJUVc9oEBGAJdjSSCTVrsjfk2SpJBLIBUKwV2uzZV4U7S8IxnF8OghIRDcI3SjoBSPVlH561ZEJfDa/srOCVnM9JIal3lCmxwyTRbtAAP3B9W9kEGoK9dQf4Eoab4ktCecxrAgbk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727649; c=relaxed/simple;
	bh=a7tVQStslwAHx6kkGqhgIP6cKTCoEwcRZomLtv4AIzU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=o65Rk1cOiYIqkU9Sa0yk46YHwlr8bgUkgyl71xSvecK8pvfNnQnYiY0CnfxWA9Pk5oIvtnRqMEbuqXWDYhKqflzfIHgr8v9DmrMZ9rLrAOf94eRwqif7cTdnKFFndhB6+JVgnS8tunJUpXiu9/n2KG/lOYOJNjOKV6fKU4WcL1E=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=ZLITzbtE; arc=none smtp.client-ip=209.85.221.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="ZLITzbtE"
Received: by mail-wr1-f74.google.com with SMTP id
 ffacd0b85a97d-3ecdc9dbc5fso7956f8f.1
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727646; x=1759332446;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=1Dq6c0ZGM/PcmsQNtaG9zqEgKMUiGLsTw4kpN5BfNGA=;
        b=ZLITzbtE0Gp/hC/Ni7iW7Hf8tOLefyVYuZWfVot3G3BpRYC0D+KtHKR3lkKe9Byblo
         Z1HLCi40o1tHJo/JAHRD0D/usbhR/9+18KEBL6i0/s/4zK+TClrbpbPg8rG/p+g8+Ajn
         lEeepL5Ay3ZiKCpNqcCxlXH/fusml/CpXS/mFYxOhVrx/IUZD6P6zPuBc5VamOiWODA+
         zs7zZ0FSc2RgryMEQ7ocXQJJmAK0soFv1blt3Pze/YWoCmZEi2NIwQZ0vHHPtRXT7qI+
         aT46fXynOtOvkDq76oFhARtA3g8IzQx12PSEM+lMw8+fI8iXBu6ijBO+6YD5njl2LVn8
         /kFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727646; x=1759332446;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=1Dq6c0ZGM/PcmsQNtaG9zqEgKMUiGLsTw4kpN5BfNGA=;
        b=DhUeTP/CiphXZSriiK1A4Po1+22bIRijf/LTYuTrRPXnx1BonieAN/Ag0iL3JHc7x3
         6WW+oIvZpmvi0eRhK6IEjgg6TgUeuhBFxvfsm5aEaU5Djb5cW2OrTRBCwBn7NSQzw1Z1
         JqsXxQdBIvvfL3voZOchbaw5OVFFQ27HuaOfFiHjG3A0QMMzS8Euma3/G+P0R4B6auHf
         fVaTfr6L9lzXN1lxPOULr79DWQLjEEZk3jJU5oqiePNfbV6SkcMhyKse+GMq411sCAb5
         95ayNVcoj4LGsoxJ+ZUl96zjYo47e+hD4JCtqwZZ6VuCGFkGO+/DmQeFlk2EesU9Yfqc
         zJvA==
X-Gm-Message-State: AOJu0YyK+KvVq9YEMO/CmOjSiHGSRSnEPz6jG4hcFyDJvbP87QzxYDr5
	3m/h29kkze2Uu1jSRm38X8fsY2Pfx7KRTp8uQ6L6BSGiW7j0b58w6qXNMm4v1ZXNp4ihmaKt6w=
	=
X-Google-Smtp-Source: 
 AGHT+IFEdA9MBtNZtoCuFX5LdOx2I1XqFRDSTgfNjpmBTAhcuyQh7YpEfjehwPy3DZrnvKS1vcvIWvse
X-Received: from wmbjh7.prod.google.com
 ([2002:a05:600c:a087:b0:46e:297b:900c])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6000:3105:b0:3fb:9950:b9fe
 with SMTP id ffacd0b85a97d-40e48a56cb5mr294011f8f.47.1758727646359; Wed, 24
 Sep 2025 08:27:26 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:53 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=804; i=ardb@kernel.org;
 h=from:subject; bh=430ZoAUsLaGRjbsT1dmBVnqyeLcQQst70F5MXr1Sm+A=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK7z6nI8LhS+KvvXC853dwu7jtO5brkVs70ndXeG6Yv
 rXK/Ix1RykLgxgXg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZjIa26G/yWXNv/sbD8Uoucg
 ty7/un116hFW7Wlba/s7MmdmlUyx52Zk+Of3+/+aar6yKRzC6q1PleeeyW3mjxAXDDNldw7Z1bW
 UFwA=
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-10-ardb+git@google.com>
Subject: [PATCH v4 1/7] efi: Add missing static initializer for
 efi_mm::cpus_allowed_lock
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>,
 stable@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

Initialize the cpus_allowed_lock struct member of efi_mm.

Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 drivers/firmware/efi/efi.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index 1ce428e2ac8a..fc407d891348 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -74,6 +74,9 @@ struct mm_struct efi_mm =3D {
 	.page_table_lock	=3D __SPIN_LOCK_UNLOCKED(efi_mm.page_table_lock),
 	.mmlist			=3D LIST_HEAD_INIT(efi_mm.mmlist),
 	.cpu_bitmap		=3D { [BITS_TO_LONGS(NR_CPUS)] =3D 0},
+#ifdef CONFIG_SCHED_MM_CID
+	.cpus_allowed_lock	=3D __RAW_SPIN_LOCK_UNLOCKED(efi_mm.cpus_allowed_lock),
+#endif
 };
=20
 struct workqueue_struct *efi_rts_wq;
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-wr1-f73.google.com (mail-wr1-f73.google.com
 [209.85.221.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F35F730F942
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:28 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.221.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727650; cv=none;
 b=qpdhNmJlUTmyx0Xakog+e8wyAkl1VF1GU8CsdVUEk4LrWNBlcBUA4l97Qg0MNaLaFfLqvsF/416fy6lEoMlrN57R7qOgN3XXHwGB0/EioVYb4EP1imY7hWCvjqeM6uH9xtHyzfnZT1soBOIfrHIJHLgU2x7b8SMbdQ8elx1Lzlc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727650; c=relaxed/simple;
	bh=OTmZKIoJyIGsumN5ugsnvmysw0VVRiK+YedircHdIAA=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=jTBp/CBtbYvzNvvf1Jp1eNGH9iuO0a8B2266+oMDaH/o3uKVByKBHLqO+xAwGYERT/BOi+U6lIy4vzeWXHkxIKSWAFUiihspUsBY3pwtXw1+0zTo7TM/KWPVp3klf2zKgYN12LvtulcvtS9B/m8CiWm/MH0Gry867hisKwD2D4w=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=vedGRp+/; arc=none smtp.client-ip=209.85.221.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="vedGRp+/"
Received: by mail-wr1-f73.google.com with SMTP id
 ffacd0b85a97d-3f4fbdf144dso2157509f8f.2
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727647; x=1759332447;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=qwWjpBWZcTXGym3noF7gHRJl5W2piBLt0KG+y6l3/bo=;
        b=vedGRp+/t4T+JOn6EhXSMg8ZzNOmO21xuIAC3TNhfaXUbAyxOYlS7gfMyo0Gh9SKd3
         YodzEZD5zDJVnyGnrpDqslAnr5+8bFYPXq2n9n5pUnd+xTijONM5JJgAW5PN3wuaYnVP
         /i9KHoINQa3JIht7UA6m6T3tIVednhmMbiPwogW6uwmUON4BF0MGsdcQJLYGrHOwAiTM
         Ddr+XfDgDrwajXUQpCnupmvlm5l6pmFgdElPux9Tea8427Q1kFc46YVHfvacgv8Ixeq/
         dqVzqznq6JNtoNSODq3ocv3qIQZaasGz2rZlj1EA1iF3/nOZ0bA7vKrgipq8/QKg6Nnj
         V1mA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727647; x=1759332447;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=qwWjpBWZcTXGym3noF7gHRJl5W2piBLt0KG+y6l3/bo=;
        b=kQTlTKdXwEIj22JjxZT+HGws6KhjAaWR1bDy9TdmBbMWkZQItHVfCf6PlzHGbQe3Ef
         po/kqKmJycRryaM3dbLVXmrW2X93tJy/vgRYqfDlxAMEuXNLUFJEyQgI+lRqIPq9plh4
         0uZHFJIZKptdE7E8ziEbc/eQEvCzu1k26rE1/cMbZXaiZ3ol2ckVauxmKBNc7MdYQGp+
         fLkpxcQu/UPx6H1tT/IMPal1i385y04hqTa7hRqMtmRxsh6kxX9arFHl3Muj6YEj62Db
         pP23LOtGvO4dCpjo/PQFHaehWv4HR/Z3krEYlrasZYqN5ksR8x03eY0QwX4SjAuhWNUv
         fR7Q==
X-Gm-Message-State: AOJu0YwUuHGLu1ZAqlsf1tfdpCYUdpGrl424L2TnU0XbCy8dLX6/N23y
	1kt4Gwa56ciRz/AH8L+ecSMZwzCGUjro8ygYjlG3MuTIQ9rRm7OK4xfWgjc0nqPF0bPQWHBXew=
	=
X-Google-Smtp-Source: 
 AGHT+IHGECinJiUKwmBsi2i5BTL/1XrbB4XlOrXgcycBFFmPNfL7f9tj5b7kh5fqUrWtiXSAzRu4Fzs/
X-Received: from wmqe18.prod.google.com
 ([2002:a05:600c:4e52:b0:46d:e5bd:371f])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6000:290c:b0:406:87ba:99a3
 with SMTP id ffacd0b85a97d-40e4ece583amr246427f8f.30.1758727647232; Wed, 24
 Sep 2025 08:27:27 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:54 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=3615; i=ardb@kernel.org;
 h=from:subject; bh=/a2nMupg28rYcZeL2r8+05MdHmb6xlpT3ZB1lHKuOFY=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK7wGW9nWOU/SWMWa5sy8KmnlCS0r+vlOl0ZF2Qeb6z
 b5uq293lLIwiHExyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIkcZGBkmGdv6Z/kzxv/8rjk
 7oifV7r3lF7pMahmvnru29nw3lun/BgZFpQv6Nu6YoZp9KOJ7Mos3D0adiHflhsI/Dm+f9PKZF4
 ffgA=
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-11-ardb+git@google.com>
Subject: [PATCH v4 2/7] efi/runtime-wrappers: Keep track of the
 efi_runtime_lock owner
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

The EFI runtime wrappers use a file local semaphore to serialize access
to the EFI runtime services. This means that any calls to the arch
wrappers around the runtime services will also be serialized, removing
the need for redundant locking.

For robustness, add a facility that allows those arch wrappers to assert
that the semaphore was taken by the current task.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 drivers/firmware/efi/runtime-wrappers.c | 17 ++++++++++++++++-
 include/linux/efi.h                     |  2 ++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/drivers/firmware/efi/runtime-wrappers.c b/drivers/firmware/efi=
/runtime-wrappers.c
index 708b777857d3..da8d29621644 100644
--- a/drivers/firmware/efi/runtime-wrappers.c
+++ b/drivers/firmware/efi/runtime-wrappers.c
@@ -202,6 +202,8 @@ void efi_call_virt_check_flags(unsigned long flags, con=
st void *caller)
  */
 static DEFINE_SEMAPHORE(efi_runtime_lock, 1);
=20
+static struct task_struct *efi_runtime_lock_owner;
+
 /*
  * Expose the EFI runtime lock to the UV platform
  */
@@ -219,6 +221,8 @@ static void __nocfi efi_call_rts(struct work_struct *wo=
rk)
 	efi_status_t status =3D EFI_NOT_FOUND;
 	unsigned long flags;
=20
+	efi_runtime_lock_owner =3D current;
+
 	arch_efi_call_virt_setup();
 	flags =3D efi_call_virt_save_flags();
=20
@@ -310,6 +314,7 @@ static void __nocfi efi_call_rts(struct work_struct *wo=
rk)
=20
 	efi_rts_work.status =3D status;
 	complete(&efi_rts_work.efi_rts_comp);
+	efi_runtime_lock_owner =3D NULL;
 }
=20
 static efi_status_t __efi_queue_work(enum efi_rts_ids id,
@@ -444,8 +449,10 @@ virt_efi_set_variable_nb(efi_char16_t *name, efi_guid_=
t *vendor, u32 attr,
 	if (down_trylock(&efi_runtime_lock))
 		return EFI_NOT_READY;
=20
+	efi_runtime_lock_owner =3D current;
 	status =3D efi_call_virt_pointer(efi.runtime, set_variable, name, vendor,
 				       attr, data_size, data);
+	efi_runtime_lock_owner =3D NULL;
 	up(&efi_runtime_lock);
 	return status;
 }
@@ -481,9 +488,11 @@ virt_efi_query_variable_info_nb(u32 attr, u64 *storage=
_space,
 	if (down_trylock(&efi_runtime_lock))
 		return EFI_NOT_READY;
=20
+	efi_runtime_lock_owner =3D current;
 	status =3D efi_call_virt_pointer(efi.runtime, query_variable_info, attr,
 				       storage_space, remaining_space,
 				       max_variable_size);
+	efi_runtime_lock_owner =3D NULL;
 	up(&efi_runtime_lock);
 	return status;
 }
@@ -509,12 +518,13 @@ virt_efi_reset_system(int reset_type, efi_status_t st=
atus,
 		return;
 	}
=20
+	efi_runtime_lock_owner =3D current;
 	arch_efi_call_virt_setup();
 	efi_rts_work.efi_rts_id =3D EFI_RESET_SYSTEM;
 	arch_efi_call_virt(efi.runtime, reset_system, reset_type, status,
 			   data_size, data);
 	arch_efi_call_virt_teardown();
-
+	efi_runtime_lock_owner =3D NULL;
 	up(&efi_runtime_lock);
 }
=20
@@ -587,3 +597,8 @@ efi_call_acpi_prm_handler(efi_status_t (__efiapi *handl=
er_addr)(u64, void *),
 }
=20
 #endif
+
+void efi_runtime_assert_lock_held(void)
+{
+	WARN_ON(efi_runtime_lock_owner !=3D current);
+}
diff --git a/include/linux/efi.h b/include/linux/efi.h
index a98cc39e7aaa..b23ff8b83219 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -1126,6 +1126,8 @@ static inline bool efi_runtime_disabled(void) { retur=
n true; }
 extern void efi_call_virt_check_flags(unsigned long flags, const void *cal=
ler);
 extern unsigned long efi_call_virt_save_flags(void);
=20
+void efi_runtime_assert_lock_held(void);
+
 enum efi_secureboot_mode {
 	efi_secureboot_mode_unset,
 	efi_secureboot_mode_unknown,
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com
 [209.85.128.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0383D30EF99
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727652; cv=none;
 b=UGhC+B9oAuu12gcYx4ZxuXs+TVbBl2Bo0n/8nCt4RVa9bT7E3nnu/A+7l6KSA9KnNdShjhP25hQltXlOCGj1gLwPWuR4QPAI1XOsCr1i9kBEwvbUIZCCfvyGT4IibzBT/jbvqfrCYbu7357YBCkAyP94Ykhzv5V+GuROn8t0yCA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727652; c=relaxed/simple;
	bh=MtOnPClbfdUyhB/9B1oW+PN3ZA3eRIpJ8ffVei1OWpk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=KZesc1SCFqp2LAC+76XoySfZlHgZT4Jhqo1G+w+gpuuqjvwwJECvwC9HSRJkdUvEOPhRvn6Sn5oAXtWBCtF+dRLcVKdC3pVTA9ryhb+udxdjo6/PaLPIzaISorKJKp/G8EY22yzxSPTn+xgOZo5LYrXnry7g3se6lzn9Xj5fVW8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=BMbpjyN6; arc=none smtp.client-ip=209.85.128.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="BMbpjyN6"
Received: by mail-wm1-f73.google.com with SMTP id
 5b1f17b1804b1-46e1a2a28f4so18351345e9.2
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727648; x=1759332448;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=5XviAeY7lSeSaJCaNoApmoT1KMIq12BnZAiqMT/S5OY=;
        b=BMbpjyN6INakeM2v/LIqwgfUwVrI6LEtDJt6NQaMvANWEJJZMt+qDvCL5P4ThS/hkN
         0CY00NDB7CJ5cTUULKksK6kSbjB23TnE210yrbEVVKMqtbLbLe/2stM+LHl28m+bB1cm
         tVkbHUX/LIyFumBenQFpk0NgE7uDXWnLt+QgA3okeq2+mHeOYXQdr6nOcRtxXUySICKF
         PL4YeajTaAo0Iwdb8KGJLrV93RJQ7WQQyH0qTB35mho/16rYX8DwoDGgNW1nzAxdBZt7
         u5BubTx4cGPNXBiZ5zZcHQPhfh+6a88zRyGg8SjXrcYh/bmGJt7dfjKqXUSOl7Ahz7cJ
         qYzA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727648; x=1759332448;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=5XviAeY7lSeSaJCaNoApmoT1KMIq12BnZAiqMT/S5OY=;
        b=NaLzXrPRTmww6X5mCNrEXJSQnftCHaNIVAKgnTuMGPw3peEC584gYbLxb7Qnea8uiA
         /tSJLTUp9w5xPOCgFer/QzVMxS3zqSMw2GL5dDCFAA3stX2yl8BNwyC/xmPGN2XFuy6z
         zntuVtw+17AUBSgC8qnpa9QKw+OmIm0XXfHJyXA83//gyF7eMj5OOLotdmq0dZDwV/PI
         +d0mAE1Z2dWgAnl6Z1eZGOn+s8LqfZVCwnDHy/RWdLNZgQt2PZMVzvAEvq1tkluYtV2U
         S5PHUZ3by7Pnqr2l2X8JX/qpilHsVjGeQh4uo8V3+ZoMA0DjbYGD0sTnsd3kk3VZlnQx
         Z+UQ==
X-Gm-Message-State: AOJu0Yzir8tNa5bv1Ygq9dhbIcosOunAxN3XccooqAl3xWI6ISyCbiaL
	KSX86jOkSh2xLaNku2DosbFKAMlpXPDJgy2+EAkRkn5VEHFWguouIK0yRJNBqSaB2s3cBCn+ZQ=
	=
X-Google-Smtp-Source: 
 AGHT+IGGX7f3s3fIS7F6JjZ/EdBwQsTrzEkrdjWSZ27jkWwDpVAWC72cO2yCYMURkKd1dYsCB5YYDcSL
X-Received: from wmnp7.prod.google.com ([2002:a05:600c:2e87:b0:45d:e45e:96aa])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:600c:5297:b0:465:a51d:ab
 with SMTP id 5b1f17b1804b1-46e329bbf5amr2850725e9.15.1758727648403; Wed, 24
 Sep 2025 08:27:28 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:55 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=901; i=ardb@kernel.org;
 h=from:subject; bh=nKwv+wRF8AczbIGiloggDafTMLbsFJ1dEVBDncfmiHo=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK7yEN/52J0oxlKw4rvHFWbdru73/z3MPftwrbj0RHO
 959ZjKxo5SFQYyLQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAEzkz2tGhu18n7TLZn0/d9F9
 2enNSjr+8u+U1bwK/1jHv9rbdeyOnTbDP901L/M0p7qkTt3/xy4m0jykxOHNvlcxM6K+lAZurev
 R4gcA
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-12-ardb+git@google.com>
Subject: [PATCH v4 3/7] arm64/fpsimd: Don't warn when EFI execution context is
 preemptible
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

Kernel mode FP/SIMD no longer requires preemption to be disabled, so
only warn on uses of FP/SIMD from preemptible context if the fallback
path is taken for cases where kernel mode NEON would not be allowed
otherwise.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/fpsimd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c
index c37f02d7194e..d26a02ea2bb9 100644
--- a/arch/arm64/kernel/fpsimd.c
+++ b/arch/arm64/kernel/fpsimd.c
@@ -1933,11 +1933,11 @@ void __efi_fpsimd_begin(void)
 	if (!system_supports_fpsimd())
 		return;
=20
-	WARN_ON(preemptible());
-
 	if (may_use_simd()) {
 		kernel_neon_begin();
 	} else {
+		WARN_ON(preemptible());
+
 		/*
 		 * If !efi_sve_state, SVE can't be in use yet and doesn't need
 		 * preserving:
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com
 [209.85.208.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C235311580
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.208.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727652; cv=none;
 b=BZWPSC3Vq8Zbh84FBUodPQ3jnFbHYKWUDSXVtTaYeGibr9nMPlkzJakFbqClBfFzWNegIFRtoLqcva8syrFSnXPgCmUgwJ20dR9dloPaM3d4xBbUK1+aMtjvytlIQSR9iGc5OhmHDrubdku93zGsD8mpAfmgg1OYy3yF7SYMK5U=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727652; c=relaxed/simple;
	bh=Y9G9ZcpuP4jyflsfcA7Yauxl9RDI9adiNi9OlP5g1sk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=eHbzLB/zHpZJ4/qnxFJrcgjD4yYSsVkIJTL825RsijSAre5owlR1CAXSBzuS+X0nJRJjCSdPNL4sKsi/xGzELomcILGAK+pd1+uZ2tJzxqEJvieGN0ZmZTJHZu+GTlwZPZvq+1eN1wwAJF0A7jnRSQtl49NOlVtfO2+tXmkxv8w=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=uPHuLho9; arc=none smtp.client-ip=209.85.208.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="uPHuLho9"
Received: by mail-ed1-f73.google.com with SMTP id
 4fb4d7f45d1cf-62fd7f9857cso2136614a12.0
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727649; x=1759332449;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=j8cxVw/7cCYHvLHRmPD20gr9/jU6KZGxeKnW/6kPkh4=;
        b=uPHuLho98P3cGyVzhcwV++CZNO36MEF3vzwxsa6I73Bh5uqjez4gjjc0HdcLfKHFgs
         xzkDAgzLxE+E6zulSQOnCBklFK+15Aq+UeTJYJ6Hx2bz7dmHlOGM//F9t1eLFsMNZeYW
         OKfM68JUYevJgElvCdirMIZDaQGri9y9JAcWI0KMTCNaCzz1+z2hPpFzrIGFsfuclo/t
         90ZrwTnJHB2C6bcwKDGftP6Z36jfB1Yi1ElCf8cn98M2wM8CUTDKxsXZdtC38lTon4zD
         PfEuKNksr74tKOx6xlHZHZLJUqLZ9KVZH3dlNgOHh4TUFBBSIHNm1Q9ENTcM7qMdFV3g
         z78w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727649; x=1759332449;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=j8cxVw/7cCYHvLHRmPD20gr9/jU6KZGxeKnW/6kPkh4=;
        b=rufdsZn0lwwRaXKlnmKVek9YvdyQF5sRhDTuoY2Wt9pqt9Xcfr6F5k/M5+zd6BaaTf
         ka9N3abPrc0CBEUyeDGGbBPH/xJIb38Y+wqdwbCBZbT/1Axif88qNtLHs11kPFg7ykDI
         +OKLgahMd+/GSHsHjmJgqPo9g82toZA0b8OTU/BeReYiYmdf49ZaPg7ZuBLKGRI4e0OC
         RlqL/dJu8uvnPUQsn7KrzR9W8Ql7wgVzl8Idgs4gleGVEYMakZR8gvrmx+aSHMMwvsgL
         OMtTPcrj7Jasv2dqyI+HTdbXop//Ks1MynICPFfm2udOhCxyh52LqhN90y86T4ZTC7Ke
         Q+8w==
X-Gm-Message-State: AOJu0YzBtU5v2vVLAECj7ULupL07bLDRqVaWPQKF/6SvbdP+V8F9qUIh
	CrSDE6qxtH26KVnfbE/Kn2DsDfB8VaUN4c5SqjBv2q8xqr2VPDVopfSF2vVSOMEDtAuV0GM70g=
	=
X-Google-Smtp-Source: 
 AGHT+IH4bVunQjsBO/jFeFQ/40wQ6/8E/Cc61XBJcsk8PC0On7+XU7q5CsbrMyF4FwtbVkJiBxDn5Gl8
X-Received: from edc10.prod.google.com ([2002:a05:6402:460a:b0:631:d068:2197])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6402:3553:b0:62f:5992:a64a
 with SMTP id 4fb4d7f45d1cf-634677b5aa0mr6138973a12.13.1758727649406; Wed, 24
 Sep 2025 08:27:29 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:56 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=3253; i=ardb@kernel.org;
 h=from:subject; bh=VXQIH5e7qk0odJJeP5mqROl0N0Kotb4txaIG+Rdz7OQ=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK75EVtWHbDBr3pDX8rbf32+8eueq4P9vfBO7u4CDBT
 UtS9/R1lLIwiHExyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIns5mD4H32F995U74DtPb4R
 +buOif/bad73KDLz9V6OTTfShC5dbGdkuL8nPmmZs/qkfYGxy5N+RH/LWyGenmPwTlHv6edf6tE
 LmAA=
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-13-ardb+git@google.com>
Subject: [PATCH v4 4/7] arm64/fpsimd: Permit kernel mode NEON with IRQs off
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

Currently, may_use_simd() will return false when called from a context
where IRQs are disabled. One notable case where this happens is when
calling the ResetSystem() EFI runtime service from the reboot/poweroff
code path. For this case alone, there is a substantial amount of FP/SIMD
support code to handle the corner case where a EFI runtime service is
invoked with IRQs disabled.

The only reason kernel mode SIMD is not allowed when IRQs are disabled
is that re-enabling softirqs in this case produces a noisy diagnostic
when lockdep is enabled. The warning is valid, in the sense that
delivering pending softirqs over the back of the call to
local_bh_enable() is problematic when IRQs are disabled.

While the API lacks a facility to simply mask and unmask softirqs
without triggering their delivery, disabling softirqs is not needed to
begin with when IRQs are disabled, given that softirqs are only every
taken asynchronously over the back of a hard IRQ.

So dis/enable softirq processing conditionally, based on whether IRQs
are enabled, and relax the check in may_use_simd().

Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/include/asm/simd.h |  2 +-
 arch/arm64/kernel/fpsimd.c    | 25 +++++++++++++++-----
 2 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/arch/arm64/include/asm/simd.h b/arch/arm64/include/asm/simd.h
index 8e86c9e70e48..abd642c92f86 100644
--- a/arch/arm64/include/asm/simd.h
+++ b/arch/arm64/include/asm/simd.h
@@ -29,7 +29,7 @@ static __must_check inline bool may_use_simd(void)
 	 */
 	return !WARN_ON(!system_capabilities_finalized()) &&
 	       system_supports_fpsimd() &&
-	       !in_hardirq() && !irqs_disabled() && !in_nmi();
+	       !in_hardirq() && !in_nmi();
 }
=20
 #else /* ! CONFIG_KERNEL_MODE_NEON */
diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c
index d26a02ea2bb9..5af3043fb0ca 100644
--- a/arch/arm64/kernel/fpsimd.c
+++ b/arch/arm64/kernel/fpsimd.c
@@ -225,10 +225,21 @@ static void fpsimd_bind_task_to_cpu(void);
  */
 static void get_cpu_fpsimd_context(void)
 {
-	if (!IS_ENABLED(CONFIG_PREEMPT_RT))
-		local_bh_disable();
-	else
+	if (!IS_ENABLED(CONFIG_PREEMPT_RT)) {
+		/*
+		 * The softirq subsystem lacks a true unmask/mask API, and
+		 * re-enabling softirq processing using local_bh_enable() will
+		 * not only unmask softirqs, it will also result in immediate
+		 * delivery of any pending softirqs.
+		 * This is undesirable when running with IRQs disabled, but in
+		 * that case, there is no need to mask softirqs in the first
+		 * place, so only bother doing so when IRQs are enabled.
+		 */
+		if (!irqs_disabled())
+			local_bh_disable();
+	} else {
 		preempt_disable();
+	}
 }
=20
 /*
@@ -240,10 +251,12 @@ static void get_cpu_fpsimd_context(void)
  */
 static void put_cpu_fpsimd_context(void)
 {
-	if (!IS_ENABLED(CONFIG_PREEMPT_RT))
-		local_bh_enable();
-	else
+	if (!IS_ENABLED(CONFIG_PREEMPT_RT)) {
+		if (!irqs_disabled())
+			local_bh_enable();
+	} else {
 		preempt_enable();
+	}
 }
=20
 unsigned int task_get_vl(const struct task_struct *task, enum vec_type typ=
e)
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com
 [209.85.128.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id F2D5B311C21
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:31 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.128.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727653; cv=none;
 b=IpiXYQihDcdYRcTBIqcuheWAZm5bCDNSqanapmLkOtO0WhXEH3Gx1a+/gdFpKohhorx4f+1/vfT4H6EiSHKrTrf9dBCzJXHWhB596ErDZzITUPKp+UG0SeYiM4Xffv4C5QomilFC4iE7YE/8E/7UVeTIz/It70BWQInuYrOvIww=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727653; c=relaxed/simple;
	bh=syY4SH9VeSO9lmfTJssqeO04+Z2PZYj5pDZKhxS0law=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Xp32Mo8s3EYRC7/jsW4q7eZFOD2tfQhL3iNmI3ibn3ANDtjNUyL6Fnsj2Za6OGIj6nt/ZqNHOjcZWcGP6RWgOburz3VLAsWwB9k0xRoJmh54xYQGBNGyyRZ3KiYiP/MFhGQ5JgOsErQDZDLlVYzxUWf7Mb1s/vKvsbwOl6vDBeM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=y6fMygO+; arc=none smtp.client-ip=209.85.128.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="y6fMygO+"
Received: by mail-wm1-f74.google.com with SMTP id
 5b1f17b1804b1-45de27bf706so38638555e9.0
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727650; x=1759332450;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=Ln86/emlRW++8jlfCD8OhBzg2NppL+NIQ42e5m1YOIw=;
        b=y6fMygO+VDgmmchm8ixtjXtX2FBlqK9fgW8NREVTumcaliwHM8aYU4VkBkoMwGlEh6
         5jPjeSFV9ss+nVojUcwjaC1mCzJm8+aRuTaWQhDcvtzl9vDolGgZ4367C/xBAwY0tznQ
         J3RkB7nQhWfVkgc8wXLwSICnks1UW7ZYaJYjfTdB8XOKFM1IBI6wz1iAgWXbuJw/JAoT
         b/AA0LLKOHie5rvgUnuWwgW5f1vAXFZQBVqcN9JCxqsfLzzNBq6PByTpXreNChpYEZTE
         52/oyEEJ3sc4YgPWaA/fO2zFiRyItjg6oQsYkmhawjOaSocuoKvuHHDHH7b7zqmawpQR
         z+PA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727650; x=1759332450;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=Ln86/emlRW++8jlfCD8OhBzg2NppL+NIQ42e5m1YOIw=;
        b=f19r7b0mUYyAzgrvnSvLd9/DHvpMdqz/siEGonlrxSFAx55fkBCoIyqhHXR5phm/f5
         lml952+Kwta7TGZMLGxFp4jaIBwp8AncM9i7RRtH6jbdeXtJiySkp1gk9yeYwbRa4jMZ
         3WjPfPgHexMAGk/ODu5x6SXTBwwmVglrToFWL53idMPJnqMMbWzHmMpX3HSQ6dAN7MBo
         4WdcKsMsXrcyYoZAbx21FL1ib1gX+yUh3pGoFqvOtw3JoiNeYqteYPO8IMl9L2M0+1He
         PHpYVavOaeCIp8rUHqdpvu+DyjtA+9vwl3aq5+lB58vqYxIkguhAFYP51HfkMrSBKzN3
         zMhw==
X-Gm-Message-State: AOJu0YxW5grn7gwVUl03zQTGpPuzX6ygWQeWTWbFIUILb/5qZ9YBF16B
	9DSqP75BsQLK8ptkDHknfLy2N/CkCt19JFImMxpSK5cEEcj0GLRq6V6IP7Ki1nBCBuof0w4RTA=
	=
X-Google-Smtp-Source: 
 AGHT+IGr/1cFTXgZdf6e+4nFNkNXF1/DJFBlumid+5SATHB0yGSyBfu3Vnrf7sHmr+Jznes2hE6aM/Tb
X-Received: from wmbdp9.prod.google.com
 ([2002:a05:600c:6489:b0:46c:aed0:23f3])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:600c:181c:b0:46d:996b:826f
 with SMTP id 5b1f17b1804b1-46e32a02d46mr1753225e9.25.1758727650446; Wed, 24
 Sep 2025 08:27:30 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:57 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=1252; i=ardb@kernel.org;
 h=from:subject; bh=7GLyY2hmHXPr1fnp3jZiXNoyuiFGpy/XlEGtkndi7cg=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK77F5kmrJ6gpp09KjLf7kCq57KHzvnUQ6ly6DaarJ4
 dkMqvIdpSwMYlwMsmKKLAKz/77beXqiVK3zLFmYOaxMIEMYuDgFYCJX0xj+cLs+DtS2evBhqtKS
 ToszsruDvl5fGmZ+fYaHWNzEvrSWK4wMPZHRT7eHcv+1bu1WnOzmLvZxjqFf/JqNdr9/twpE7az
 nAgA=
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-14-ardb+git@google.com>
Subject: [PATCH v4 5/7] arm64/efi: Drop efi_rt_lock spinlock from EFI arch
 wrapper
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

Since commit

  5894cf571e14 ("acpi/prmt: Use EFI runtime sandbox to invoke PRM handlers")

all EFI runtime calls on arm64 are routed via the EFI runtime wrappers,
which are serialized using the efi_runtime_lock semaphore.

This means the efi_rt_lock spinlock in the arm64 arch wrapper code has
become redundant, and can be dropped. For robustness, replace it with an
assert that the EFI runtime lock is in fact held by 'current'.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/efi.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 6c371b158b99..0094f5938ba6 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -165,19 +165,16 @@ asmlinkage efi_status_t efi_handle_corrupted_x18(efi_=
status_t s, const char *f)
 	return s;
 }
=20
-static DEFINE_RAW_SPINLOCK(efi_rt_lock);
-
 void arch_efi_call_virt_setup(void)
 {
+	efi_runtime_assert_lock_held();
 	efi_virtmap_load();
-	raw_spin_lock(&efi_rt_lock);
 	__efi_fpsimd_begin();
 }
=20
 void arch_efi_call_virt_teardown(void)
 {
 	__efi_fpsimd_end();
-	raw_spin_unlock(&efi_rt_lock);
 	efi_virtmap_unload();
 }
=20
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-ej1-f74.google.com (mail-ej1-f74.google.com
 [209.85.218.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 406E9313D71
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:33 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.218.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727655; cv=none;
 b=VHvhqsGdzYX+5XxR+ze/aReHeTWvuN3JGTpm2TfLwdv0YaJjvTLzrayERxgTTWddRfxS32sF7EJZ0ABbwN69V9p0C/85qhZhUhH4wf0u9bfE+E4jDJHGeN6L7KQvtVuXf0lxdnuh+D5mkh/EJxkiRBUy6ritfqNCVgfm1nPkyRk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727655; c=relaxed/simple;
	bh=zbwGMZy4p1mf7vELCgM3/lRqm/LcVE69qufBNCRSm3Q=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=fRQO3cbtDwDpwvM3kWRZRm3uXcUUVz07FSqu+UbK9HMyf1TTdo4PgiYnqd1kngLdGke4wowqwF4kKHN4ZEuHYxDS78RQQcVEB72zJNKf7jBvSiDrokG/ZiBlHbt45T5T4dGEWvl2pqn/N8jSTk+MbgvlOlfTZAs5ZWJAWGlNjQ8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=yOxNC/8s; arc=none smtp.client-ip=209.85.218.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="yOxNC/8s"
Received: by mail-ej1-f74.google.com with SMTP id
 a640c23a62f3a-b2e52494b84so282280766b.0
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727651; x=1759332451;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=1hU3NU+EE/1FuOChBH3loy566bJ/0QuhejdT7NEwC48=;
        b=yOxNC/8syehU+1vVwVbW9CK5zcbN+afLUhHOYWjuaXLtI8K8P5vgwb7heNQBblLuja
         y4cmfJNZYd/kcOdnsQdebmUVjO8IhifqxMi2lEJsilWgV0EtLqrwSlX9d5W5HslV5vze
         mjWQoIQ9/hHPiUZyRpjKYeWkUFnKL79Xs2HqoHN0pBwWPkp/s87cpI4vm/4db3nU3i+X
         6iJD7Ni8HVdQhbIa+Ts2u61pHz3yitva9r0bmC8hgEitjJQFqE9hULF3cWqF/h9ZgX39
         7sYPG0PH4AaXqK93U3He49kdFPwomRM0pLrRA9+y8eRUT/rn0STOmOdit6goSHtykQJ3
         64ZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727651; x=1759332451;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=1hU3NU+EE/1FuOChBH3loy566bJ/0QuhejdT7NEwC48=;
        b=xHbuQLGT9rl7jI53ylQBAHznUQtV4wp6kHORh7B/mSELLz+joCI2g89lU0YwnXS7NK
         WAaIUemSphg5TIDJ46N92f5tWWoY7xX/W/dwTGo8Jg2h13YJCaYn28vgkb8sJ4SSdGD+
         gDvbNS80dOmBdD3cyhI+RDIpBEmaCw+0TuZkCgV+JJ5I6XXXELUUdTQkcdTwgCF974rj
         vwZRvLj5CyspIta7axI69fz4yr5p1ub2joDLLCtfR7BYznFCZMo5Mawq/1yrpuRTz0qw
         fLWDGQW6qiUSPvl5pIrV7t6n+hadX8hxffbGPFmEiU32Bc+YpSNtbTE4JoDWOGzvNcQK
         YZFA==
X-Gm-Message-State: AOJu0YyvAWPVSkM+7OG0PKV/d4XKS+JrXNAR161JzMXMEMsTVoKJbial
	Dq7pzL18I/B63Mc2z52zy98Ny3bopgYQ8qawNDTPbCSy00JIN3+avxrdfT9eXfGwW8/we/5wtA=
	=
X-Google-Smtp-Source: 
 AGHT+IFZ2iwstoaHBb3YCwWIateYZTWtxaliteUts4ieGmp+JuUAeae4kOh4NCMKe4l2erWoMG1yxlHU
X-Received: from edqs17.prod.google.com ([2002:aa7:d791:0:b0:634:6ced:4ca9])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:906:c14c:b0:b33:d2f0:d1b6
 with SMTP id a640c23a62f3a-b34bad21acdmr24393666b.30.1758727651707; Wed, 24
 Sep 2025 08:27:31 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:58 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=2657; i=ardb@kernel.org;
 h=from:subject; bh=v8PXoWY9U3MlvdKFdHLzUBgWgUos6+58xgUiDJkn3es=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK7/HmaafKmd+mXNZxST4s7RjcunHJj3apO1PvLZ526
 M2RXwpCHaUsDGJcDLJiiiwCs/++23l6olSt8yxZmDmsTCBDGLg4BeAiaQx/eJ3bJMQY1x39Zb7w
 yPJ+pWeGwd6STwtF9yyVPbNWm6ldk+F/iONEzTbRl6sZE1zPWk/XmzFTrIDluco3W+WH3/bPrNn
 NCgA=
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-15-ardb+git@google.com>
Subject: [PATCH v4 6/7] arm64/efi: Move uaccess en/disable out of
 efi_set_pgd()
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

efi_set_pgd() will no longer be called when invoking EFI runtime
services via the efi_rts_wq work queue, but the uaccess en/disable are
still needed when using PAN emulation using TTBR0 switching. So move
these into the callers.

Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/include/asm/efi.h | 13 +++----------
 arch/arm64/kernel/efi.c      | 18 ++++++++++++++++++
 2 files changed, 21 insertions(+), 10 deletions(-)

diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h
index bcd5622aa096..aa91165ca140 100644
--- a/arch/arm64/include/asm/efi.h
+++ b/arch/arm64/include/asm/efi.h
@@ -126,21 +126,14 @@ static inline void efi_set_pgd(struct mm_struct *mm)
 		if (mm !=3D current->active_mm) {
 			/*
 			 * Update the current thread's saved ttbr0 since it is
-			 * restored as part of a return from exception. Enable
-			 * access to the valid TTBR0_EL1 and invoke the errata
-			 * workaround directly since there is no return from
-			 * exception when invoking the EFI run-time services.
+			 * restored as part of a return from exception.
 			 */
 			update_saved_ttbr0(current, mm);
-			uaccess_ttbr0_enable();
-			post_ttbr_update_workaround();
 		} else {
 			/*
-			 * Defer the switch to the current thread's TTBR0_EL1
-			 * until uaccess_enable(). Restore the current
-			 * thread's saved ttbr0 corresponding to its active_mm
+			 * Restore the current thread's saved ttbr0
+			 * corresponding to its active_mm
 			 */
-			uaccess_ttbr0_disable();
 			update_saved_ttbr0(current, current->active_mm);
 		}
 	}
diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 0094f5938ba6..85f65d5c863c 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -169,12 +169,30 @@ void arch_efi_call_virt_setup(void)
 {
 	efi_runtime_assert_lock_held();
 	efi_virtmap_load();
+
+	/*
+	 * Enable access to the valid TTBR0_EL1 and invoke the errata
+	 * workaround directly since there is no return from exception when
+	 * invoking the EFI run-time services.
+	 */
+	uaccess_ttbr0_enable();
+	post_ttbr_update_workaround();
+
 	__efi_fpsimd_begin();
 }
=20
 void arch_efi_call_virt_teardown(void)
 {
 	__efi_fpsimd_end();
+
+	/*
+	 * Defer the switch to the current thread's TTBR0_EL1 until
+	 * uaccess_enable(). Do so before efi_virtmap_unload() updates the
+	 * saved TTBR0 value, so the userland page tables are not activated
+	 * inadvertently over the back of an exception.
+	 */
+	uaccess_ttbr0_disable();
+
 	efi_virtmap_unload();
 }
=20
--=20
2.51.0.534.gc79095c0ca-goog
From nobody Thu Oct  2 00:49:13 2025
Received: from mail-ej1-f73.google.com (mail-ej1-f73.google.com
 [209.85.218.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id B2AE43148B8
	for <linux-kernel@vger.kernel.org>; Wed, 24 Sep 2025 15:27:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.218.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758727656; cv=none;
 b=o0bnsd7cCn9+RQhCk2CFkuKON3nLSvgIjvTp8h2WwFdRnQzPQKdbxA6zj7UPnWpceW2OoOnCEZxjoGrHLKoR19JYKlH/4Stc8PDxEUvksr92JkxCSCeoRJEVyjwAL6vqoX/kiNYgobAHiDDV4HoiLFAc1cxwy515Ia7Zh6OGsLk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758727656; c=relaxed/simple;
	bh=yPsv4tmUGpx19aaWjDO9Ojm0C3uT1FNckcRU2Atthqo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=JOUj01tWThTwalcMB3TDHzYSOzeBpEdG871EAAo47oD4aUQH/MTLpS4QC8Tlv0imlxmox43Fz2WZaepfpbAGTdc2+4s14nLLdGVqi0fUwzUnOZ1GJmrpr1rU5tOnFHf7IDcjIKYZ89n+n4sH0L+mAEpsrMqhJFyiPqQx4Mik4pI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=0CX7I7lo; arc=none smtp.client-ip=209.85.218.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--ardb.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="0CX7I7lo"
Received: by mail-ej1-f73.google.com with SMTP id
 a640c23a62f3a-b2f989de76eso113969866b.1
        for <linux-kernel@vger.kernel.org>;
 Wed, 24 Sep 2025 08:27:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758727653; x=1759332453;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=sPyujSEjHofHg9YDm/Jyl8IxXmB1G+6YXd/CQAOVg0g=;
        b=0CX7I7loixeIXvyjRribwVAXyCXNuurxqeoHL6SfonIyrkGJl8iVsaPStkijx4sERE
         NTi1mETxlsSB2BtqrKjcrd+ugQjkVX3rKZt81J91y5EqhAoOlUqjwDxr6HAmKKUqJkhB
         ltvpO/gqIVG05zcQlvi4BBvGudqzfn2P9J5RLXmerahrBGiUS4kpMlED2OWsqZ65lM2q
         pACui5rGBWJWGtwzrly41g5B5n2hLvePj5ZyyNYvipTHCEDO2UIzZZ448WM3UKhgBIf5
         gFtnjjcO8mZX3JMRyapB57Rx/HZ2Zpkl1S8e/oc2OaAD2yKdGnkA/pVUieN1XPtAmgPd
         iS2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758727653; x=1759332453;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=sPyujSEjHofHg9YDm/Jyl8IxXmB1G+6YXd/CQAOVg0g=;
        b=XVyCZ7HixkdgR4CgIPGtRH42/iN7JBcRJVjTv1OUEQfeSUU0x5LMqj/bUBhDikIJep
         f48AzWdSGCZV8w7HY6Ufb+H8R8m62U4ax6JJilaNJsdrGFzTsm7oLS/ZM/G00wqll/5Y
         DwYqSGzK/9ouqyGFqJriDoDasSaGmrMwC+tiQ3MsK4AxYMevLU2b501VncjZlp2qwf+S
         1Y8D6O5AUEOcaBwjKxR4kXo2e69rkpueELKKl6ZYeHNv4y+vm5tr2wS45ayOrTGlX9I5
         nj2/gCgM/CYGQLbT4G8Ryjte2lpmgZaTdrtLHa/IRMUhnqV//ofeE5FFei8JCa1GTqsC
         r9ng==
X-Gm-Message-State: AOJu0YwQwU2DrxDzwEHP49ldfnanh06/uHvs958kitsWEZE0oocyhTbZ
	TxCiRruOBT2ROdR3MDyGGTAiqMYzzNKjb2xVFpJM8OVx4BMXy2uUCqsQbtlhS+uHLxRTRj42Dg=
	=
X-Google-Smtp-Source: 
 AGHT+IGhYJri2jw2StcIcnozNtBl5X8wH5wzUecPXuiOreaVtyiBeuhRrBBP2IZw5zrKucj7w3PXpApx
X-Received: from ejcvk3.prod.google.com ([2002:a17:907:cbc3:b0:b29:9df3:352a])
 (user=ardb job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:907:868e:b0:b0d:400:9182
 with SMTP id a640c23a62f3a-b34d97c9779mr811566b.22.1758727652921; Wed, 24 Sep
 2025 08:27:32 -0700 (PDT)
Date: Wed, 24 Sep 2025 17:26:59 +0200
In-Reply-To: <20250924152651.3328941-9-ardb+git@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250924152651.3328941-9-ardb+git@google.com>
X-Developer-Key: i=ardb@kernel.org; a=openpgp;
 fpr=F43D03328115A198C90016883D200E9CA6329909
X-Developer-Signature: v=1; a=openpgp-sha256; l=3342; i=ardb@kernel.org;
 h=from:subject; bh=CE858YGwYUY/DV8BNXHqb59oe3QHOpqPxAjPh5x7H10=;
 b=owGbwMvMwCVmkMcZplerG8N4Wi2JIeMK78lkzuc7891fhPp9vvPkx4xPP3bezZiqJb6oYdLRh
 TEarxokO0pZGMS4GGTFFFkEZv99t/P0RKla51myMHNYmUCGMHBxCsBEGi8z/Hd1spzUWVpgZF90
 X8z6fe7v11eNVF17d278MLOa9d8kgWuMDPt8rfx/a1xa9mXKu5QAjQm8v38xlUyfPN/i54RAQVF
 zYS4A
X-Mailer: git-send-email 2.51.0.534.gc79095c0ca-goog
Message-ID: <20250924152651.3328941-16-ardb+git@google.com>
Subject: [PATCH v4 7/7] arm64/efi: Call EFI runtime services without disabling
 preemption
From: Ard Biesheuvel <ardb+git@google.com>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
	Ard Biesheuvel <ardb@kernel.org>, Will Deacon <will@kernel.org>,
 Mark Rutland <mark.rutland@arm.com>,
	Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
 Peter Zijlstra <peterz@infradead.org>,
	Catalin Marinas <catalin.marinas@arm.com>, Mark Brown <broonie@kernel.org>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ard Biesheuvel <ardb@kernel.org>

The only remaining reason why EFI runtime services are invoked with
preemption disabled is the fact that the mm is swapped out behind the
back of the context switching code.

The kernel no longer disables preemption in kernel_neon_begin().
Furthermore, the EFI spec is being clarified to explicitly state that
only baseline FP/SIMD is permitted in EFI runtime service
implementations, and so the existing kernel mode NEON context switching
code is sufficient to preserve and restore the execution context of an
in-progress EFI runtime service call.

Most EFI calls are made from the efi_rts_wq, which is serviced by a
kthread. As kthreads never return to user space, they usually don't have
an mm, and so we can use the existing infrastructure to swap in the
efi_mm while the EFI call is in progress. This is visible to the
scheduler, which will therefore reactivate the selected mm when
switching out the kthread and back in again.

Given that the EFI spec explicitly permits runtime services to be called
with interrupts enabled, firmware code is already required to tolerate
interruptions. So rather than disable preemption, disable only migration
so that EFI runtime services are less likely to cause scheduling delays.
To avoid potential issues where runtime services are interrupted while
polling the secure firmware for async completions, keep migration
disabled so that a runtime service invocation does not resume on a
different CPU from the one it was started on.

Note, though, that the firmware executes at the same privilege level as
the kernel, and is therefore able to disable interrupts altogether.

Acked-by: Will Deacon <will@kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 arch/arm64/kernel/efi.c | 23 ++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 85f65d5c863c..a81cb4aa4738 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -10,6 +10,7 @@
 #include <linux/efi.h>
 #include <linux/init.h>
 #include <linux/kmemleak.h>
+#include <linux/kthread.h>
 #include <linux/screen_info.h>
 #include <linux/vmalloc.h>
=20
@@ -168,7 +169,20 @@ asmlinkage efi_status_t efi_handle_corrupted_x18(efi_s=
tatus_t s, const char *f)
 void arch_efi_call_virt_setup(void)
 {
 	efi_runtime_assert_lock_held();
-	efi_virtmap_load();
+
+	if (preemptible() && (current->flags & PF_KTHREAD)) {
+		/*
+		 * Disable migration to ensure that a preempted EFI runtime
+		 * service call will be resumed on the same CPU. This avoids
+		 * potential issues with EFI runtime calls that are preempted
+		 * while polling for an asynchronous completion of a secure
+		 * firmware call, which may not permit the CPU to change.
+		 */
+		migrate_disable();
+		kthread_use_mm(&efi_mm);
+	} else {
+		efi_virtmap_load();
+	}
=20
 	/*
 	 * Enable access to the valid TTBR0_EL1 and invoke the errata
@@ -193,7 +207,12 @@ void arch_efi_call_virt_teardown(void)
 	 */
 	uaccess_ttbr0_disable();
=20
-	efi_virtmap_unload();
+	if (preemptible() && (current->flags & PF_KTHREAD)) {
+		kthread_unuse_mm(&efi_mm);
+		migrate_enable();
+	} else {
+		efi_virtmap_unload();
+	}
 }
=20
 asmlinkage u64 *efi_rt_stack_top __ro_after_init;
--=20
2.51.0.534.gc79095c0ca-goog