lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250902120648.GFaLbd2LyZYkQ4l8WV@fat_crate.local>
Date: Tue, 2 Sep 2025 14:06:48 +0200
From: Borislav Petkov <bp@...en8.de>
To: Ard Biesheuvel <ardb+git@...gle.com>
Cc: linux-kernel@...r.kernel.org, linux-efi@...r.kernel.org, x86@...nel.org,
	Ard Biesheuvel <ardb@...nel.org>, Ingo Molnar <mingo@...nel.org>,
	Kevin Loughlin <kevinloughlin@...gle.com>,
	Tom Lendacky <thomas.lendacky@....com>,
	Josh Poimboeuf <jpoimboe@...nel.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Nikunj A Dadhania <nikunj@....com>
Subject: Re: [PATCH v7 12/22] x86/sev: Provide PIC aliases for SEV related
 data objects

On Thu, Aug 28, 2025 at 12:22:15PM +0200, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@...nel.org>
> 
> Provide PIC aliases for data objects that are shared between the SEV
> startup code and the SEV code that executes later. This is needed so
> that the confined startup code is permitted to access them.
> 
> This requires some of these variables to be moved into a source file
> that is not part of the startup code, as the PIC alias is already
> implied, and exporting variables in the opposite direction is not
> supported.
> 
> Move ghcb_version as well, but don't provide a PIC alias as it is not
> actually needed.

I see

SYM_PIC_ALIAS(ghcb_version);

below.

Stale commit message?

> 
> Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
> ---
>  arch/x86/boot/compressed/sev.c      |  3 ++
>  arch/x86/boot/startup/sev-shared.c  | 19 -----------
>  arch/x86/boot/startup/sev-startup.c |  9 ------
>  arch/x86/coco/sev/core.c            | 34 ++++++++++++++++++++
>  4 files changed, 37 insertions(+), 28 deletions(-)
> 
> diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
> index d650a314143b..6822eb4b9152 100644
> --- a/arch/x86/boot/compressed/sev.c
> +++ b/arch/x86/boot/compressed/sev.c
> @@ -38,6 +38,9 @@ struct ghcb *boot_ghcb;
>  #define __BOOT_COMPRESSED
>  
>  u8 snp_vmpl;
> +u16 ghcb_version;
> +
> +u64 boot_svsm_caa_pa;
>  
>  /* Include code for early handlers */
>  #include "../../boot/startup/sev-shared.c"
> diff --git a/arch/x86/boot/startup/sev-shared.c b/arch/x86/boot/startup/sev-shared.c
> index b86027d9a968..180f54570022 100644
> --- a/arch/x86/boot/startup/sev-shared.c
> +++ b/arch/x86/boot/startup/sev-shared.c
> @@ -19,25 +19,6 @@
>  #define WARN(condition, format...) (!!(condition))
>  #endif
>  
> -/*
> - * SVSM related information:
> - *   During boot, the page tables are set up as identity mapped and later
> - *   changed to use kernel virtual addresses. Maintain separate virtual and
> - *   physical addresses for the CAA to allow SVSM functions to be used during
> - *   early boot, both with identity mapped virtual addresses and proper kernel
> - *   virtual addresses.
> - */
> -u64 boot_svsm_caa_pa __ro_after_init;
> -
> -/*
> - * Since feature negotiation related variables are set early in the boot
> - * process they must reside in the .data section so as not to be zeroed
> - * out when the .bss section is later cleared.
> - *
> - * GHCB protocol version negotiated with the hypervisor.
> - */
> -u16 ghcb_version __ro_after_init;
> -
>  /* Copy of the SNP firmware's CPUID page. */
>  static struct snp_cpuid_table cpuid_table_copy __ro_after_init;
>  
> diff --git a/arch/x86/boot/startup/sev-startup.c b/arch/x86/boot/startup/sev-startup.c
> index b0fc63f8dee1..138b26f14ff1 100644
> --- a/arch/x86/boot/startup/sev-startup.c
> +++ b/arch/x86/boot/startup/sev-startup.c
> @@ -41,15 +41,6 @@
>  #include <asm/cpuid/api.h>
>  #include <asm/cmdline.h>
>  
> -/* Bitmap of SEV features supported by the hypervisor */
> -u64 sev_hv_features __ro_after_init;
> -
> -/* Secrets page physical address from the CC blob */
> -u64 sev_secrets_pa __ro_after_init;
> -
> -/* For early boot SVSM communication */
> -struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE);
> -
>  /*
>   * Nothing shall interrupt this code path while holding the per-CPU
>   * GHCB. The backup GHCB is only for NMIs interrupting this path.
> diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
> index 9782ebe30675..b9133c825f90 100644
> --- a/arch/x86/coco/sev/core.c
> +++ b/arch/x86/coco/sev/core.c
> @@ -46,6 +46,29 @@
>  #include <asm/cmdline.h>
>  #include <asm/msr.h>
>  
> +/* Bitmap of SEV features supported by the hypervisor */
> +u64 sev_hv_features __ro_after_init;
> +SYM_PIC_ALIAS(sev_hv_features);
> +
> +/* Secrets page physical address from the CC blob */
> +u64 sev_secrets_pa __ro_after_init;
> +SYM_PIC_ALIAS(sev_secrets_pa);
> +
> +/* For early boot SVSM communication */
> +struct svsm_ca boot_svsm_ca_page __aligned(PAGE_SIZE);
> +SYM_PIC_ALIAS(boot_svsm_ca_page);
> +
> +/*
> + * SVSM related information:
> + *   During boot, the page tables are set up as identity mapped and later
> + *   changed to use kernel virtual addresses. Maintain separate virtual and
> + *   physical addresses for the CAA to allow SVSM functions to be used during
> + *   early boot, both with identity mapped virtual addresses and proper kernel
> + *   virtual addresses.
> + */
> +u64 boot_svsm_caa_pa __ro_after_init;
> +SYM_PIC_ALIAS(boot_svsm_caa_pa);
> +
>  DEFINE_PER_CPU(struct svsm_ca *, svsm_caa);
>  DEFINE_PER_CPU(u64, svsm_caa_pa);
>  
> @@ -119,6 +142,17 @@ DEFINE_PER_CPU(struct sev_es_save_area *, sev_vmsa);
>   */
>  u8 snp_vmpl __ro_after_init;
>  EXPORT_SYMBOL_GPL(snp_vmpl);
> +SYM_PIC_ALIAS(snp_vmpl);
> +
> +/*
> + * Since feature negotiation related variables are set early in the boot
> + * process they must reside in the .data section so as not to be zeroed
> + * out when the .bss section is later cleared.
> + *
> + * GHCB protocol version negotiated with the hypervisor.
> + */
> +u16 ghcb_version __ro_after_init;
> +SYM_PIC_ALIAS(ghcb_version);
>  
>  /* For early boot hypervisor communication in SEV-ES enabled guests */
>  static struct ghcb boot_ghcb_page __bss_decrypted __aligned(PAGE_SIZE);
> -- 
> 2.51.0.268.g9569e192d0-goog
> 

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ