| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Apr 2024 16:08:35 -0500
From: "Kalra, Ashish" <ashish.kalra@....com>
To: Michael Roth <michael.roth@....com>
Cc: Tom Lendacky <thomas.lendacky@....com>,
linux-tip-commits@...r.kernel.org, bp@...en8.de, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/sev: Apply RMP table fixups for kexec.
On 4/2/2024 5:42 PM, Michael Roth wrote:
> On Tue, Apr 02, 2024 at 05:31:09PM -0500, Kalra, Ashish wrote:
>> On 4/2/2024 5:09 PM, Tom Lendacky wrote:
>>> On 3/12/24 13:47, Ashish Kalra wrote:
>>>> From: Ashish Kalra <ashish.kalra@....com>
>>>>
>>>> RMP table start and end physical range may not be aligned to 2MB in
>>>> the e820 tables causing fatal RMP page faults during kexec boot when
>>>> new page allocations are done in the same 2MB page as the RMP table.
>>>> Check if RMP table start and end physical range in e820_table is not
>>>> aligned to 2MB and in that case use e820__range_update() to map this
>>>> range to reserved.
>>>>
>>>> Override e820__memory_setup_default() to check and apply these RMP table
>>>> fixups in e820_table before e820_table is used to setup
>>>> e280_table_firmware and e820_table_kexec.
>>>>
>>>> Fixes: c3b86e61b756 ("x86/cpufeatures: Enable/unmask SEV-SNP CPU
>>>> feature")
>>>> Signed-off-by: Ashish Kalra <ashish.kalra@....com>
>>>> ---
>>>> arch/x86/virt/svm/sev.c | 52 +++++++++++++++++++++++++++++++++++++++++
>>>> 1 file changed, 52 insertions(+)
>>>>
>>>> diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
>>>> index cffe1157a90a..e0d7584df28f 100644
>>>> --- a/arch/x86/virt/svm/sev.c
>>>> +++ b/arch/x86/virt/svm/sev.c
>>>> @@ -65,6 +65,8 @@ static u64 probed_rmp_base, probed_rmp_size;
>>>> static struct rmpentry *rmptable __ro_after_init;
>>>> static u64 rmptable_max_pfn __ro_after_init;
>>>> +static char *__init snp_rmptable_e820_fixup(void);
>>>> +
>>>> static LIST_HEAD(snp_leaked_pages_list);
>>>> static DEFINE_SPINLOCK(snp_leaked_pages_list_lock);
>>>> @@ -160,9 +162,59 @@ bool snp_probe_rmptable_info(void)
>>>> pr_info("RMP table physical range [0x%016llx - 0x%016llx]\n",
>>>> probed_rmp_base, probed_rmp_base + probed_rmp_size - 1);
>>>> + /*
>>>> + * Override e820__memory_setup_default() to do any RMP table fixups
>>>> + * for kexec if required.
>>>> + */
>>>> + x86_init.resources.memory_setup = snp_rmptable_e820_fixup;
>>> This produces a build warning:
>>>
>>> WARNING: modpost: vmlinux: section mismatch in reference:
>>> snp_probe_rmptable_info+0x95 (section: .text) -> x86_init (section:
>>> .init.data)
>>> WARNING: modpost: vmlinux: section mismatch in reference:
>>> snp_probe_rmptable_info+0x99 (section: .text) -> snp_rmptable_e820_fixup
>>> (section: .init.text)
>>>
>> Oh, so this requires snp_probe_rmptable_info() to be fixed to use the __init
>> macro.
>>
>> I believe that snp_probe_rmptable_info() should be anyway using the __init
>> macro and this fix for snp_probe_rmptable_info() needs to be sent as a
>> separate patch and regardless of this patch getting merged or not.
> I think you'll hit issues with:
>
> bsp_determine_snp() -> //non-__init
> snp_probe_rmptable_info() //__init
>
> and bsp_determine_snp() sticks around as a function pointer assigned to
> cpuinfo_x86 so I don't think you can use __init there.
>
> So might need to just drop __init from snp_rmptable_e820_fixup().
Actually, that will not help as snp_probe_rmptable_info() is *also*
accessing x86_init.resources.memory_setup
Thanks, Ashish
>
>> Thanks, Ashish
>>
>>> Thanks,
>>> Tom
>>>
>>>> +
>>>> return true;
>>>> }
Powered by blists - more mailing lists