lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20240814210731.761010-2-alexey.makhalov@broadcom.com>
Date: Wed, 14 Aug 2024 14:07:31 -0700
From: Alexey Makhalov <alexey.makhalov@...adcom.com>
To: linux-kernel@...r.kernel.org,
	virtualization@...ts.linux.dev,
	bp@...en8.de,
	hpa@...or.com,
	dave.hansen@...ux.intel.com,
	mingo@...hat.com,
	tglx@...utronix.de
Cc: x86@...nel.org,
	ajay.kaher@...adcom.com,
	bo.gan@...adcom.com,
	bcm-kernel-feedback-list@...adcom.com,
	Alexey Makhalov <alexey.makhalov@...adcom.com>
Subject: [PATCH 2/2] x86/vmware: Fix steal time clock under SEV

Shared memory containing steal time counter should be set to
decrypted when SEV is active.

Co-developed-by: Bo Gan <bo.gan@...adcom.com>
Signed-off-by: Bo Gan <bo.gan@...adcom.com>
Signed-off-by: Alexey Makhalov <alexey.makhalov@...adcom.com>
---
 arch/x86/kernel/cpu/vmware.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/arch/x86/kernel/cpu/vmware.c b/arch/x86/kernel/cpu/vmware.c
index 9883766715fe..f20bdc3128f3 100644
--- a/arch/x86/kernel/cpu/vmware.c
+++ b/arch/x86/kernel/cpu/vmware.c
@@ -306,9 +306,30 @@ static struct notifier_block vmware_pv_reboot_nb = {
 	.notifier_call = vmware_pv_reboot_notify,
 };
 
+static void __init sev_map_percpu_data(void)
+{
+	int cpu;
+
+	if (cc_vendor != CC_VENDOR_AMD ||
+	    !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT))
+		return;
+
+	for_each_possible_cpu(cpu) {
+		early_set_memory_decrypted(
+			(unsigned long)&per_cpu(vmw_steal_time, cpu),
+			sizeof(vmw_steal_time));
+	}
+}
+
 #ifdef CONFIG_SMP
 static void __init vmware_smp_prepare_boot_cpu(void)
 {
+	/*
+	 * Map the per-cpu variables as decrypted before vmware_guest_cpu_init()
+	 * shares the guest physical address with the hypervisor.
+	 */
+	sev_map_percpu_data();
+
 	vmware_guest_cpu_init();
 	native_smp_prepare_boot_cpu();
 }
@@ -371,6 +392,7 @@ static void __init vmware_paravirt_ops_setup(void)
 					      vmware_cpu_down_prepare) < 0)
 			pr_err("vmware_guest: Failed to install cpu hotplug callbacks\n");
 #else
+		sev_map_percpu_data();
 		vmware_guest_cpu_init();
 #endif
 	}
-- 
2.39.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ