[RFC PATCH 0/8] arm64: efi: leave MMU and caches on at boot

[Ard Biesheuvel]

Currently, booting via the EFI stub involves a fair amount of cache
maintenance, as well as two attempts at setting up the page tables when
KASLR is enabled, which runs with the MMU and caches off. This may be
problematic for virtualization payloads, which sometimes have very tight
boot time budgets, and run in a context where uncached accesses to
memory are problematic, as they are incoherent with the accesses of the
host VMM or the hypervisor.

While it makes sense for the boot protocol to be pedantic in this
respect, EFI boot is tightly coupled with the core kernel, given that
the EFI stub is the de facto bootloader, which is part of the same
kernel image. It is therefore justified to cut some corners and simplify
things substantially.

As UEFI guarantees that all memory is 1:1 mapped with inner/outer
writeback cacheable attributes, there is really no need to clean the
entire kernel image to the PoC, or do all the cache invalidation that is
required to ensure that page tables and other state held in memory is
not corrupted by inadvertent writeback of stale dirty cache lines.

Since we setup and teardown page tables redundantly for KASLR, fix this
first, by permitting the KASLR seed to be passed via register X1 as well
as the /chosen/kaslr-seed property. This permits us the run the page
table setup code with the firmware's cached 1:1 mapping active, removing
the need for any cache invalidation.

Then, ensure that the only piece of code we do execute with the MMU off
in this case is cleaned to the PoC, which is all held in a single page.
(the ID map)

Finally, drop all the cache maintenance from the EFI entry code when
booting at EL1, and just branch to the kernel with the firmware's 1:1
cached mapping live.

Cc: Marc Zyngier <maz at kernel.org>
Cc: Will Deacon <will at kernel.org>

Ard Biesheuvel (8):
  arm64: kaslr: deal with init called with VA randomization enabled
  arm64: head: record the MMU state at primary entry
  arm64: head: take KASLR seed passed via x1 into account
  arm64: head: avoid cache invalidation when entering with the MMU on
  arm64: head: populate page tables before disabling the MMU
  arm64: head: clean the ID map page to the PoC
  arm64: lds: move idmap_pg_dir out of .rodata
  arm64: efi: leave MMU and caches on when handing over to the core
    kernel

 arch/arm64/kernel/efi-entry.S      | 20 ++---
 arch/arm64/kernel/head.S           | 82 +++++++++++++++++---
 arch/arm64/kernel/kaslr.c          |  8 +-
 arch/arm64/kernel/vmlinux.lds.S    |  8 +-
 drivers/firmware/efi/libstub/fdt.c |  6 +-
 5 files changed, 95 insertions(+), 29 deletions(-)

-- 
2.30.2