lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Apr 2024 17:09:44 -0500
From: Tom Lendacky <thomas.lendacky@....com>
To: Ashish Kalra <Ashish.Kalra@....com>, linux-tip-commits@...r.kernel.org
Cc: bp@...en8.de, michael.roth@....com, x86@...nel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/sev: Apply RMP table fixups for kexec.

On 3/12/24 13:47, Ashish Kalra wrote:
> From: Ashish Kalra <ashish.kalra@....com>
> 
> RMP table start and end physical range may not be aligned to 2MB in
> the e820 tables causing fatal RMP page faults during kexec boot when
> new page allocations are done in the same 2MB page as the RMP table.
> Check if RMP table start and end physical range in e820_table is not
> aligned to 2MB and in that case use e820__range_update() to map this
> range to reserved.
> 
> Override e820__memory_setup_default() to check and apply these RMP table
> fixups in e820_table before e820_table is used to setup
> e280_table_firmware and e820_table_kexec.
> 
> Fixes: c3b86e61b756 ("x86/cpufeatures: Enable/unmask SEV-SNP CPU feature")
> Signed-off-by: Ashish Kalra <ashish.kalra@....com>
> ---
>   arch/x86/virt/svm/sev.c | 52 +++++++++++++++++++++++++++++++++++++++++
>   1 file changed, 52 insertions(+)
> 
> diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
> index cffe1157a90a..e0d7584df28f 100644
> --- a/arch/x86/virt/svm/sev.c
> +++ b/arch/x86/virt/svm/sev.c
> @@ -65,6 +65,8 @@ static u64 probed_rmp_base, probed_rmp_size;
>   static struct rmpentry *rmptable __ro_after_init;
>   static u64 rmptable_max_pfn __ro_after_init;
>   
> +static char *__init snp_rmptable_e820_fixup(void);
> +
>   static LIST_HEAD(snp_leaked_pages_list);
>   static DEFINE_SPINLOCK(snp_leaked_pages_list_lock);
>   
> @@ -160,9 +162,59 @@ bool snp_probe_rmptable_info(void)
>   	pr_info("RMP table physical range [0x%016llx - 0x%016llx]\n",
>   		probed_rmp_base, probed_rmp_base + probed_rmp_size - 1);
>   
> +	/*
> +	 * Override e820__memory_setup_default() to do any RMP table fixups
> +	 * for kexec if required.
> +	 */
> +	x86_init.resources.memory_setup = snp_rmptable_e820_fixup;

This produces a build warning:

WARNING: modpost: vmlinux: section mismatch in reference: snp_probe_rmptable_info+0x95 (section: .text) -> x86_init (section: .init.data)
WARNING: modpost: vmlinux: section mismatch in reference: snp_probe_rmptable_info+0x99 (section: .text) -> snp_rmptable_e820_fixup (section: .init.text)

Thanks,
Tom

> +
>   	return true;
>   }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ