[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230116143645.589522290@infradead.org>
Date: Mon, 16 Jan 2023 15:25:34 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: x86@...nel.org, Joan Bruguera <joanbrugueram@...il.com>
Cc: linux-kernel@...r.kernel.org, peterz@...radead.org,
Juergen Gross <jgross@...e.com>,
"Rafael J. Wysocki" <rafael@...nel.org>,
xen-devel <xen-devel@...ts.xenproject.org>,
Jan Beulich <jbeulich@...e.com>,
Roger Pau Monne <roger.pau@...rix.com>,
Kees Cook <keescook@...omium.org>, mark.rutland@....com,
Andrew Cooper <Andrew.Cooper3@...rix.com>,
Jörg Rödel <joro@...tes.org>,
"H. Peter Anvin" <hpa@...or.com>, jroedel@...e.de
Subject: [PATCH v2 1/7] x86/boot: Remove verify_cpu() from secondary_startup_64()
The boot trampolines from trampoline_64.S have code flow like:
16bit BIOS SEV-ES 64bit EFI
trampoline_start() sev_es_trampoline_start() trampoline_start_64()
verify_cpu() | |
switch_to_protected: <---------------' v
| pa_trampoline_compat()
v |
startup_32() <-----------------------------------------------'
|
v
startup_64()
|
v
tr_start() := head_64.S:secondary_startup_64()
Since AP bringup always goes through the 16bit BIOS path (EFI doesn't
touch the APs), there is already a verify_cpu() invocation.
Removing the verify_cpu() invocation from secondary_startup_64()
renders the whole secondary_startup_64_no_verify() thing moot, so
remove that too.
Cc: jroedel@...e.de
Cc: hpa@...or.com
Fixes: e81dc127ef69 ("x86/callthunks: Add call patching for call depth tracking")
Reported-by: Joan Bruguera <joanbrugueram@...il.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
---
arch/x86/include/asm/realmode.h | 1 -
arch/x86/kernel/head_64.S | 16 ----------------
arch/x86/realmode/init.c | 6 ------
3 files changed, 23 deletions(-)
--- a/arch/x86/include/asm/realmode.h
+++ b/arch/x86/include/asm/realmode.h
@@ -73,7 +73,6 @@ extern unsigned char startup_32_smp[];
extern unsigned char boot_gdt[];
#else
extern unsigned char secondary_startup_64[];
-extern unsigned char secondary_startup_64_no_verify[];
#endif
static inline size_t real_mode_size_needed(void)
--- a/arch/x86/kernel/head_64.S
+++ b/arch/x86/kernel/head_64.S
@@ -143,22 +143,6 @@ SYM_CODE_START(secondary_startup_64)
* after the boot processor executes this code.
*/
- /* Sanitize CPU configuration */
- call verify_cpu
-
- /*
- * The secondary_startup_64_no_verify entry point is only used by
- * SEV-ES guests. In those guests the call to verify_cpu() would cause
- * #VC exceptions which can not be handled at this stage of secondary
- * CPU bringup.
- *
- * All non SEV-ES systems, especially Intel systems, need to execute
- * verify_cpu() above to make sure NX is enabled.
- */
-SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL)
- UNWIND_HINT_EMPTY
- ANNOTATE_NOENDBR
-
/*
* Retrieve the modifier (SME encryption mask if SME is active) to be
* added to the initial pgdir entry that will be programmed into CR3.
--- a/arch/x86/realmode/init.c
+++ b/arch/x86/realmode/init.c
@@ -74,12 +74,6 @@ static void __init sme_sev_setup_real_mo
th->flags |= TH_FLAGS_SME_ACTIVE;
if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) {
- /*
- * Skip the call to verify_cpu() in secondary_startup_64 as it
- * will cause #VC exceptions when the AP can't handle them yet.
- */
- th->start = (u64) secondary_startup_64_no_verify;
-
if (sev_es_setup_ap_jump_table(real_mode_header))
panic("Failed to get/update SEV-ES AP Jump Table");
}
Powered by blists - more mailing lists