On Mon, 2025-10-06 at 23:51 -0700, Sohil Mehta wrote:
> Relocate kernel uses identity mapping to copy the new kernel which
> leads to an LASS violation. To avoid issues, disable LASS after the
> original CR4 value has been saved but before jumping to the identity
> mapped page.
It could help to expand on this a bit. Something like... We need to disable LASS
before we jump to the identity map because otherwise it will immediately die
trying to execute a low address. But if the kexec flavor gets to virtual_mapped,
we want LASS restored, so we need to disable LASS after CR4 is saved. We also
can't disable it where CET get's disabled because that is too late. So disable
it along with PGE.
>
> Signed-off-by: Sohil Mehta <sohil.mehta@intel.com>
> ---
> v10:
> - New patch to fix an issue detected during internal testing.
> ---
> arch/x86/kernel/relocate_kernel_64.S | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S
> index 11e20bb13aca..4ffba68dc57b 100644
> --- a/arch/x86/kernel/relocate_kernel_64.S
> +++ b/arch/x86/kernel/relocate_kernel_64.S
> @@ -95,9 +95,12 @@ SYM_CODE_START_NOALIGN(relocate_kernel)
> /* Leave CR4 in %r13 to enable the right paging mode later. */
> movq %cr4, %r13
>
> - /* Disable global pages immediately to ensure this mapping is RWX */
> + /*
> + * Disable global pages immediately to ensure this mapping is RWX.
> + * Disable LASS before jumping to the identity mapped page.
> + */
> movq %r13, %r12
> - andq $~(X86_CR4_PGE), %r12
> + andq $~(X86_CR4_PGE | X86_CR4_LASS), %r12
> movq %r12, %cr4
>
> /* Save %rsp and CRs. */