| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Mar 2023 20:09:52 -0000
From: "tip-bot2 for Michael Kelley" <tip-bot2@...utronix.de>
To: linux-tip-commits@...r.kernel.org
Cc: Michael Kelley <mikelley@...rosoft.com>,
"Borislav Petkov (AMD)" <bp@...en8.de>,
Tom Lendacky <thomas.lendacky@....com>, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: [tip: x86/sev] init: Call mem_encrypt_init() after Hyper-V hypercall
init is done
The following commit has been merged into the x86/sev branch of tip:
Commit-ID: e45e761b77bc0739e7e23258c4394013bbb919c7
Gitweb: https://git.kernel.org/tip/e45e761b77bc0739e7e23258c4394013bbb919c7
Author: Michael Kelley <mikelley@...rosoft.com>
AuthorDate: Wed, 08 Mar 2023 18:40:06 -08:00
Committer: Borislav Petkov (AMD) <bp@...en8.de>
CommitterDate: Mon, 27 Mar 2023 09:24:01 +02:00
init: Call mem_encrypt_init() after Hyper-V hypercall init is done
Full Hyper-V initialization, including support for hypercalls, is done
as an apic_post_init callback via late_time_init(). mem_encrypt_init()
needs to make hypercalls when it marks swiotlb memory as decrypted.
But mem_encrypt_init() is currently called a few lines before
late_time_init(), so the hypercalls don't work.
Fix this by moving mem_encrypt_init() after late_time_init() and
related clock initializations. The intervening initializations don't
do any I/O that requires the swiotlb, so moving mem_encrypt_init()
slightly later has no impact.
Signed-off-by: Michael Kelley <mikelley@...rosoft.com>
Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@....com>
Link: https://lore.kernel.org/r/1678329614-3482-6-git-send-email-mikelley@microsoft.com
---
init/main.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/init/main.c b/init/main.c
index 4425d17..7e9c0ca 100644
--- a/init/main.c
+++ b/init/main.c
@@ -1088,14 +1088,6 @@ asmlinkage __visible void __init __no_sanitize_address start_kernel(void)
*/
locking_selftest();
- /*
- * This needs to be called before any devices perform DMA
- * operations that might use the SWIOTLB bounce buffers. It will
- * mark the bounce buffers as decrypted so that their usage will
- * not cause "plain-text" data to be decrypted when accessed.
- */
- mem_encrypt_init();
-
#ifdef CONFIG_BLK_DEV_INITRD
if (initrd_start && !initrd_below_start_ok &&
page_to_pfn(virt_to_page((void *)initrd_start)) < min_low_pfn) {
@@ -1112,6 +1104,17 @@ asmlinkage __visible void __init __no_sanitize_address start_kernel(void)
late_time_init();
sched_clock_init();
calibrate_delay();
+
+ /*
+ * This needs to be called before any devices perform DMA
+ * operations that might use the SWIOTLB bounce buffers. It will
+ * mark the bounce buffers as decrypted so that their usage will
+ * not cause "plain-text" data to be decrypted when accessed. It
+ * must be called after late_time_init() so that Hyper-V x86/x64
+ * hypercalls work when the SWIOTLB bounce buffers are decrypted.
+ */
+ mem_encrypt_init();
+
pid_idr_init();
anon_vma_init();
#ifdef CONFIG_X86
Powered by blists - more mailing lists