On Fri, 5 Feb 2021 at 12:39, Borislav Petkov <bp@xxxxxxxxx> wrote: > > From: Borislav Petkov <bp@xxxxxxx> > > With CONFIG_X86_5LEVEL, CONFIG_UBSAN and CONFIG_UBSAN_UNSIGNED_OVERFLOW > enabled, clang fails the build with > > x86_64-linux-ld: arch/x86/platform/efi/efi_64.o: in function `efi_sync_low_kernel_mappings': > efi_64.c:(.text+0x22c): undefined reference to `__compiletime_assert_354' > > which happens due to -fsanitize=unsigned-integer-overflow being enabled: > > -fsanitize=unsigned-integer-overflow: Unsigned integer overflow, where > the result of an unsigned integer computation cannot be represented > in its type. Unlike signed integer overflow, this is not undefined > behavior, but it is often unintentional. This sanitizer does not check > for lossy implicit conversions performed before such a computation > (see -fsanitize=implicit-conversion). > > and that fires when the (intentional) EFI_VA_START/END defines overflow > an unsigned long, leading to the assertion expressions not getting > optimized away (on GCC they do)... > > However, those checks are superfluous: the runtime services mapping > code already makes sure the ranges don't overshoot EFI_VA_END as the > EFI mapping range is hardcoded. On each runtime services call, it is > switched to the EFI-specific PGD and even if mappings manage to escape > that last PGD, this won't remain unnoticed for long. > > So rip them out. > > See https://github.com/ClangBuiltLinux/linux/issues/256 for more info. > > Reported-by: Arnd Bergmann <arnd@xxxxxxxx> > Link: http://lkml.kernel.org/r/20210107223424.4135538-1-arnd@xxxxxxxxxx > Signed-off-by: Borislav Petkov <bp@xxxxxxx> Acked-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > --- > arch/x86/platform/efi/efi_64.c | 19 ------------------- > 1 file changed, 19 deletions(-) > > diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c > index e1e8d4e3a213..8efd003540ca 100644 > --- a/arch/x86/platform/efi/efi_64.c > +++ b/arch/x86/platform/efi/efi_64.c > @@ -115,31 +115,12 @@ void efi_sync_low_kernel_mappings(void) > pud_t *pud_k, *pud_efi; > pgd_t *efi_pgd = efi_mm.pgd; > > - /* > - * We can share all PGD entries apart from the one entry that > - * covers the EFI runtime mapping space. > - * > - * Make sure the EFI runtime region mappings are guaranteed to > - * only span a single PGD entry and that the entry also maps > - * other important kernel regions. > - */ > - MAYBE_BUILD_BUG_ON(pgd_index(EFI_VA_END) != pgd_index(MODULES_END)); > - MAYBE_BUILD_BUG_ON((EFI_VA_START & PGDIR_MASK) != > - (EFI_VA_END & PGDIR_MASK)); > - > pgd_efi = efi_pgd + pgd_index(PAGE_OFFSET); > pgd_k = pgd_offset_k(PAGE_OFFSET); > > num_entries = pgd_index(EFI_VA_END) - pgd_index(PAGE_OFFSET); > memcpy(pgd_efi, pgd_k, sizeof(pgd_t) * num_entries); > > - /* > - * As with PGDs, we share all P4D entries apart from the one entry > - * that covers the EFI runtime mapping space. > - */ > - BUILD_BUG_ON(p4d_index(EFI_VA_END) != p4d_index(MODULES_END)); > - BUILD_BUG_ON((EFI_VA_START & P4D_MASK) != (EFI_VA_END & P4D_MASK)); > - > pgd_efi = efi_pgd + pgd_index(EFI_VA_END); > pgd_k = pgd_offset_k(EFI_VA_END); > p4d_efi = p4d_offset(pgd_efi, 0); > -- > 2.29.2 > > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette