| Message ID | 20240124130317.495519-1-kirill.shutemov@linux.intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7300:2553:b0:103:945f:af90 with SMTP id
p19csp1021928dyi;
Wed, 24 Jan 2024 06:25:19 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IGJZC3xPlRQD27j4+l5axYzILLSsyGkUagpgcQ9L48mDhRVBM/BicsNDmqTM1c1Jh8uwagR
X-Received: by 2002:a05:622a:1116:b0:42a:820:b140 with SMTP id
e22-20020a05622a111600b0042a0820b140mr2736412qty.120.1706106318920;
Wed, 24 Jan 2024 06:25:18 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706106318; cv=pass;
d=google.com; s=arc-20160816;
b=fEEFJ3gyYUwyDrYcL6S9cX6JTkx9Of6c5z1wmyqdXdjtpPAQEHiaaSX7A5WJasUCtB
Sit1gshNy/XJ35cfbl4rF91kl15KRKlNiU72P4s6xH4v1pG1qjZ5dYNXZtjkF4951pJH
Bm0WOsaZ+TI50dnhWWpObYjlPkjEqyXXF0R9yDFgm2+tObOJ9/2CCvUazPt19s55rv7g
yI355MJEVSCuSkC2FZIFkFrbccvISqhyLGXJT25YA63wVRN3KBY+e+I9btqE+SXSMWbR
1NDmThd0Rjc/v6J9K55Qklm/dmW4082T5tk+wpGhgpxH1oVPM9l94sYi/NzJXxG2S7eF
WJnA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=content-transfer-encoding:mime-version:list-unsubscribe
:list-subscribe:list-id:precedence:message-id:date:subject:cc:to
:from:dkim-signature;
bh=Wgj+EaDmQiKinDMzS1eMty8x9mykQ3y4tW8PHoz80u8=;
fh=OIvGd1F+CZflq6PJKBpt4O1qnhYwSPnAihrSqFge+4c=;
b=NYjcqh71E4+BSc8awvCc+3H/IsDXjXlIoGONrVoWW637uR+HaWuizZJHkNzBF4NHFp
RhrDwbGl344b8hEV+HU3NHBmnCvWg6Sai+HQyMmSbwHLime9EHdptqKLheZCXd5vamIv
nktyVAXtr82VsPBJ6oXRJogE74N6kZg53ZNRC1ZezZl2RQVgneCBpkNXGv8ihKo4vma0
dUYw/Kb2hw7fxTFwVxIr3KC9N2uup/pTf3jEXFq4l7ZffO4aacRgplflb4jzR5h80rDH
9JtmLc9Tr/yNihegpUHS1qNeGJHRXMGqHwrNSb4dmxSJKsp/U3jKZkm7AbWWywPrDnU3
vsEQ==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=HT65R6BC;
arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass
fromdomain=linux.intel.com);
spf=pass (google.com: domain of
linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
by mx.google.com with ESMTPS id
2-20020ac84e82000000b0042a5ba06681si1733197qtp.517.2024.01.24.06.25.18
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 24 Jan 2024 06:25:18 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=HT65R6BC;
arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass
fromdomain=linux.intel.com);
spf=pass (google.com: domain of
linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.199.223 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-37051-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ny.mirrors.kernel.org (Postfix) with ESMTPS id 6EE351C26E4A
for <ouuuleilei@gmail.com>; Wed, 24 Jan 2024 13:09:32 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 0422377F23;
Wed, 24 Jan 2024 13:09:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
header.b="HT65R6BC"
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF38777622;
Wed, 24 Jan 2024 13:09:10 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=192.198.163.9
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1706101752; cv=none;
b=b6CwT6hPioh+lbgF8nmtSA6dPBYJ1OsJqIELc06KLOHvp36oTue3tltRBEwh1yYQ835mwBUgBqeSCDBl7jYO9tCbf9xQXeszivbDTEo/OplBUn+URu9ln01deGuNv8WQRBkcTYfU3MCKHXGpFAHLbkFEOpmqq7azWTUtngcYAnE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1706101752; c=relaxed/simple;
bh=NFxolRs646jfhfXCCby0HyE2+Jgy/482MfM1tdDgMV8=;
h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
b=NLRGW6PSt8mayIntNbrXMzkKJLNqK60amsFyNsJahjBobXIVPpunXutUxReVDySol6QWCeLYPj++4FzuprEfFPFtOSvXrHTxpM5fhuJ58pR3jY1bNYw8Gf+jV/EzdCbQ93c4CLbrh5TF6uNCBFE9BnzIcegTbh100E/5M74OmZ4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=pass (p=none dis=none) header.from=linux.intel.com;
spf=none smtp.helo=mgamail.intel.com;
dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
header.b=HT65R6BC; arc=none smtp.client-ip=192.198.163.9
Authentication-Results: smtp.subspace.kernel.org;
dmarc=pass (p=none dis=none) header.from=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org;
spf=none smtp.helo=mgamail.intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1706101750; x=1737637750;
h=from:to:cc:subject:date:message-id:mime-version:
content-transfer-encoding;
bh=NFxolRs646jfhfXCCby0HyE2+Jgy/482MfM1tdDgMV8=;
b=HT65R6BC7no+3XQinNRlOrpAmMtSb7AAZ1AQm6tz/JrSQJUiCEm6R+cx
siJ13n8WknxSDbcZ/6XLgXUnbRb+IT7/bor8APRHmjWqcKUrq45tCxx7Q
79HTqtUP0NVaoCUIAwcPJYsewej7TmqrzRuIOG16BqrU7fCcokJ4osRiH
3wpTK6clZfwpaJfMKrDFcgKwxDAlc+OgLyRtejwL5T/VYIA8tLDIxkqzo
Rkj83w/czGsCyNwZM+QECp53s5+xPFZo/5aFxBSB61mFK0L5ikt6aI3zi
OWDLQ6hQ6ta9ewxfBKS3DVDGyMkNbQAjhF5rtqggUjHjiIBeCPeb9GU3b
Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10962"; a="8597952"
X-IronPort-AV: E=Sophos;i="6.05,216,1701158400";
d="scan'208";a="8597952"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
24 Jan 2024 05:09:09 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10962"; a="735925597"
X-IronPort-AV: E=Sophos;i="6.05,216,1701158400";
d="scan'208";a="735925597"
Received: from black.fi.intel.com ([10.237.72.28])
by orsmga003.jf.intel.com with ESMTP; 24 Jan 2024 05:09:05 -0800
Received: by black.fi.intel.com (Postfix, from userid 1000)
id A140F9F; Wed, 24 Jan 2024 15:03:23 +0200 (EET)
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org,
kvm@vger.kernel.org,
linux-kernel@vger.kernel.org,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
David Rientjes <rientjes@google.com>
Subject: [PATCH, RESEND] x86/sev: Fix SEV check in sev_map_percpu_data()
Date: Wed, 24 Jan 2024 15:03:17 +0200
Message-ID: <20240124130317.495519-1-kirill.shutemov@linux.intel.com>
X-Mailer: git-send-email 2.43.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1788982139692480077
X-GMAIL-MSGID: 1788982139692480077
|
| Series |
[RESEND] x86/sev: Fix SEV check in sev_map_percpu_data()
|
|
Commit Message
Kirill A. Shutemov
Jan. 24, 2024, 1:03 p.m. UTC
The function sev_map_percpu_data() checks if it is running on an SEV platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, this attribute is also defined for TDX. To avoid false positives, add a cc_vendor check. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Fixes: 4d96f9109109 ("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") Suggested-by: Borislav Petkov (AMD) <bp@alien8.de> Acked-by: David Rientjes <rientjes@google.com> --- arch/x86/kernel/kvm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Comments
On Wed, Jan 24, 2024 at 2:09 PM Kirill A. Shutemov <kirill.shutemov@linux.intel.com> wrote: > > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> > Fixes: 4d96f9109109 ("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") > Suggested-by: Borislav Petkov (AMD) <bp@alien8.de> > Acked-by: David Rientjes <rientjes@google.com> Queued, with "x86/kvm in the subject". Paolo > --- > arch/x86/kernel/kvm.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c > index dfe9945b9bec..428ee74002e1 100644 > --- a/arch/x86/kernel/kvm.c > +++ b/arch/x86/kernel/kvm.c > @@ -434,7 +434,8 @@ static void __init sev_map_percpu_data(void) > { > int cpu; > > - if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) > + if (cc_vendor != CC_VENDOR_AMD || > + !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) > return; > > for_each_possible_cpu(cpu) { > -- > 2.43.0 >
On Wed, Jan 24, 2024 at 03:03:17PM +0200, Kirill A. Shutemov wrote: > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> > Fixes: 4d96f9109109 ("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") > Suggested-by: Borislav Petkov (AMD) <bp@alien8.de> > Acked-by: David Rientjes <rientjes@google.com> > --- > arch/x86/kernel/kvm.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c > index dfe9945b9bec..428ee74002e1 100644 > --- a/arch/x86/kernel/kvm.c > +++ b/arch/x86/kernel/kvm.c > @@ -434,7 +434,8 @@ static void __init sev_map_percpu_data(void) > { > int cpu; > > - if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) > + if (cc_vendor != CC_VENDOR_AMD || > + !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) > return; > > for_each_possible_cpu(cpu) { > -- > 2.43.0 > Our CI has started seeing a build failure as a result of this patch when using LLVM to build x86_64_defconfig + CONFIG_GCOV_KERNEL=y + CONFIG_GCOV_PROFILE_ALL=y: $ echo 'CONFIG_GCOV_KERNEL=y CONFIG_GCOV_PROFILE_ALL=y' >kernel/configs/gcov.config $ make -skj"$(nproc)" ARCH=x86_64 LLVM=1 mrproper defconfig gcov.config vmlinux ... ld.lld: error: undefined symbol: cc_vendor >>> referenced by kvm.c >>> arch/x86/kernel/kvm.o:(kvm_smp_prepare_boot_cpu) in archive vmlinux.a ... I was somewhat confused at first why this build error only shows up with GCOV until I looked at the optimized IR. This configuration has CONFIG_ARCH_HAS_CC_PLATFORM=n, which means that cc_vendor is declared but not defined anywhere, so I was expecting an unconditional error. Looking closer, I realized that cc_platform_has() evaluates to false in that configuration, so the compiler can always turn if (cond || !false) action(); into action(); but it seems like with the GCOV instrumentation, it keeps both branches (since GCOV is about code coverage, it makes sense that you would want to see if each branch is ever taken). I can eliminate the error with the following diff, I am not sure if that is too much though. diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index 428ee74002e1..4432ee09cbcb 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -434,7 +434,7 @@ static void __init sev_map_percpu_data(void) { int cpu; - if (cc_vendor != CC_VENDOR_AMD || + if ((IS_ENABLED(CONFIG_ARCH_HAS_CC_PLATFORM) && cc_vendor != CC_VENDOR_AMD) || !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; Perhaps another solution would be to just #define cc_vendor (CC_VENDOR_NONE) if CONFIG_ARCH_HAS_CC_PLATFORM is not set, since it can never be changed from the default in arch/x86/coco/core.c. diff --git a/arch/x86/include/asm/coco.h b/arch/x86/include/asm/coco.h index 6ae2d16a7613..f3909894f82f 100644 --- a/arch/x86/include/asm/coco.h +++ b/arch/x86/include/asm/coco.h @@ -10,13 +10,13 @@ enum cc_vendor { CC_VENDOR_INTEL, }; -extern enum cc_vendor cc_vendor; - #ifdef CONFIG_ARCH_HAS_CC_PLATFORM +extern enum cc_vendor cc_vendor; void cc_set_mask(u64 mask); u64 cc_mkenc(u64 val); u64 cc_mkdec(u64 val); #else +#define cc_vendor (CC_VENDOR_NONE) static inline u64 cc_mkenc(u64 val) { return val; Cheers, Nathan
On Thu, Feb 01, 2024 at 12:38:09PM -0700, Nathan Chancellor wrote: > Perhaps another solution would be to just > > #define cc_vendor (CC_VENDOR_NONE) > > if CONFIG_ARCH_HAS_CC_PLATFORM is not set, since it can never be changed > from the default in arch/x86/coco/core.c. I think this approach is cleaner. Could you post a proper patch? > > diff --git a/arch/x86/include/asm/coco.h b/arch/x86/include/asm/coco.h > index 6ae2d16a7613..f3909894f82f 100644 > --- a/arch/x86/include/asm/coco.h > +++ b/arch/x86/include/asm/coco.h > @@ -10,13 +10,13 @@ enum cc_vendor { > CC_VENDOR_INTEL, > }; > > -extern enum cc_vendor cc_vendor; > - > #ifdef CONFIG_ARCH_HAS_CC_PLATFORM > +extern enum cc_vendor cc_vendor; > void cc_set_mask(u64 mask); > u64 cc_mkenc(u64 val); > u64 cc_mkdec(u64 val); > #else > +#define cc_vendor (CC_VENDOR_NONE) > static inline u64 cc_mkenc(u64 val) > { > return val; > > Cheers, > Nathan >
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index dfe9945b9bec..428ee74002e1 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -434,7 +434,8 @@ static void __init sev_map_percpu_data(void) { int cpu; - if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) + if (cc_vendor != CC_VENDOR_AMD || + !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; for_each_possible_cpu(cpu) {