x86/boot/compressed/64: Always switch to own page table

When booted through startup_64(), the kernel keeps running on the EFI page table until the KASLR code sets up its own page table. Without KASLR, the pre-decompression boot code never switches off the EFI page table. Change that by unconditionally switching to a kernel-controlled page table after relocation. This makes sure the kernel can make changes to the mapping when necessary, for example map pages unencrypted in SEV and SEV-ES guests. Also, remove the debug_putstr() calls in initialize_identity_maps() because the function now runs before console_init() is called. [ bp: Massage commit message. ] Signed-off-by: Joerg Roedel <jroedel@suse.de> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Kees Cook <keescook@chromium.org> Link: https://lkml.kernel.org/r/20200907131613.12703-17-joro@8bytes.org
author: Joerg Roedel <jroedel@suse.de> 2020-09-07 15:15:17 +0200
committer: Borislav Petkov <bp@suse.de> 2020-09-07 19:45:25 +0200
commit: ca0e22d4f011a56e974fa3a712d76e86a791559d (patch)
tree: 6a4f203a78723d5e52d3d140fd2fac516cbe0ead /arch/x86/boot/compressed/head_64.S
parent: 8b0d3b3b41ab6f14f1ce6d4a6b1c5f60b825123f (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index c634ed8636da..fb6c0392306b 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -543,10 +543,11 @@ SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
 	rep	stosq
 
 /*
- * Load stage2 IDT
+ * Load stage2 IDT and switch to our own page-table
  */
 	pushq	%rsi
 	call	load_stage2_idt
+	call	initialize_identity_maps
 	popq	%rsi
 
 /*
author	Joerg Roedel <jroedel@suse.de>	2020-09-07 15:15:17 +0200
committer	Borislav Petkov <bp@suse.de>	2020-09-07 19:45:25 +0200
commit	ca0e22d4f011a56e974fa3a712d76e86a791559d (patch)
tree	6a4f203a78723d5e52d3d140fd2fac516cbe0ead /arch/x86/boot/compressed/head_64.S
parent	8b0d3b3b41ab6f14f1ce6d4a6b1c5f60b825123f (diff)