lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 30 Sep 2021 23:40:50 -0500
From:   Tom Lendacky <thomas.lendacky@....com>
To:     <linux-kernel@...r.kernel.org>, <x86@...nel.org>
CC:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, "Joerg Roedel" <jroedel@...e.de>,
        Brijesh Singh <brijesh.singh@....com>
Subject: [PATCH] x86/sev: Fully map the #VC exception stacks

The size of the exception stacks was recently increased, resulting in
stack sizes greater than a page in size. The #VC exception handling was
only mapping the first (bottom) page, resulting in an SEV-ES guest failing
to boot.

Update setup_vc_stacks() to map all the pages of both the IST stack area
and the fallback stack area.

Fixes: 7fae4c24a2b8 ("x86: Increase exception stack sizes")
Signed-off-by: Tom Lendacky <thomas.lendacky@....com>
---
 arch/x86/kernel/sev.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c
index a6895e440bc3..33e4704164cc 100644
--- a/arch/x86/kernel/sev.c
+++ b/arch/x86/kernel/sev.c
@@ -99,25 +99,33 @@ DEFINE_STATIC_KEY_FALSE(sev_es_enable_key);
 /* Needed in vc_early_forward_exception */
 void do_early_exception(struct pt_regs *regs, int trapnr);
 
+static void __init map_vc_stack(unsigned long bot, unsigned long top,
+				phys_addr_t pa)
+{
+	while (bot < top) {
+		cea_set_pte((void *)bot, pa, PAGE_KERNEL);
+		bot += PAGE_SIZE;
+		pa += PAGE_SIZE;
+	}
+}
+
 static void __init setup_vc_stacks(int cpu)
 {
 	struct sev_es_runtime_data *data;
 	struct cpu_entry_area *cea;
-	unsigned long vaddr;
-	phys_addr_t pa;
 
 	data = per_cpu(runtime_data, cpu);
 	cea  = get_cpu_entry_area(cpu);
 
 	/* Map #VC IST stack */
-	vaddr = CEA_ESTACK_BOT(&cea->estacks, VC);
-	pa    = __pa(data->ist_stack);
-	cea_set_pte((void *)vaddr, pa, PAGE_KERNEL);
+	map_vc_stack(CEA_ESTACK_BOT(&cea->estacks, VC),
+		     CEA_ESTACK_TOP(&cea->estacks, VC),
+		     __pa(data->ist_stack));
 
 	/* Map VC fall-back stack */
-	vaddr = CEA_ESTACK_BOT(&cea->estacks, VC2);
-	pa    = __pa(data->fallback_stack);
-	cea_set_pte((void *)vaddr, pa, PAGE_KERNEL);
+	map_vc_stack(CEA_ESTACK_BOT(&cea->estacks, VC2),
+		     CEA_ESTACK_TOP(&cea->estacks, VC2),
+		     __pa(data->fallback_stack));
 }
 
 static __always_inline bool on_vc_stack(struct pt_regs *regs)
-- 
2.33.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ