lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <167994779275.5837.4752888881557420711.tip-bot2@tip-bot2> Date: Mon, 27 Mar 2023 20:09:52 -0000 From: "tip-bot2 for Michael Kelley" <tip-bot2@...utronix.de> To: linux-tip-commits@...r.kernel.org Cc: Michael Kelley <mikelley@...rosoft.com>, "Borislav Petkov (AMD)" <bp@...en8.de>, Tom Lendacky <thomas.lendacky@....com>, x86@...nel.org, linux-kernel@...r.kernel.org Subject: [tip: x86/sev] init: Call mem_encrypt_init() after Hyper-V hypercall init is done The following commit has been merged into the x86/sev branch of tip: Commit-ID: e45e761b77bc0739e7e23258c4394013bbb919c7 Gitweb: https://git.kernel.org/tip/e45e761b77bc0739e7e23258c4394013bbb919c7 Author: Michael Kelley <mikelley@...rosoft.com> AuthorDate: Wed, 08 Mar 2023 18:40:06 -08:00 Committer: Borislav Petkov (AMD) <bp@...en8.de> CommitterDate: Mon, 27 Mar 2023 09:24:01 +02:00 init: Call mem_encrypt_init() after Hyper-V hypercall init is done Full Hyper-V initialization, including support for hypercalls, is done as an apic_post_init callback via late_time_init(). mem_encrypt_init() needs to make hypercalls when it marks swiotlb memory as decrypted. But mem_encrypt_init() is currently called a few lines before late_time_init(), so the hypercalls don't work. Fix this by moving mem_encrypt_init() after late_time_init() and related clock initializations. The intervening initializations don't do any I/O that requires the swiotlb, so moving mem_encrypt_init() slightly later has no impact. Signed-off-by: Michael Kelley <mikelley@...rosoft.com> Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de> Reviewed-by: Tom Lendacky <thomas.lendacky@....com> Link: https://lore.kernel.org/r/1678329614-3482-6-git-send-email-mikelley@microsoft.com --- init/main.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/init/main.c b/init/main.c index 4425d17..7e9c0ca 100644 --- a/init/main.c +++ b/init/main.c @@ -1088,14 +1088,6 @@ asmlinkage __visible void __init __no_sanitize_address start_kernel(void) */ locking_selftest(); - /* - * This needs to be called before any devices perform DMA - * operations that might use the SWIOTLB bounce buffers. It will - * mark the bounce buffers as decrypted so that their usage will - * not cause "plain-text" data to be decrypted when accessed. - */ - mem_encrypt_init(); - #ifdef CONFIG_BLK_DEV_INITRD if (initrd_start && !initrd_below_start_ok && page_to_pfn(virt_to_page((void *)initrd_start)) < min_low_pfn) { @@ -1112,6 +1104,17 @@ asmlinkage __visible void __init __no_sanitize_address start_kernel(void) late_time_init(); sched_clock_init(); calibrate_delay(); + + /* + * This needs to be called before any devices perform DMA + * operations that might use the SWIOTLB bounce buffers. It will + * mark the bounce buffers as decrypted so that their usage will + * not cause "plain-text" data to be decrypted when accessed. It + * must be called after late_time_init() so that Hyper-V x86/x64 + * hypercalls work when the SWIOTLB bounce buffers are decrypted. + */ + mem_encrypt_init(); + pid_idr_init(); anon_vma_init(); #ifdef CONFIG_X86
Powered by blists - more mailing lists