From patchwork Sat Jan 27 11:26:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 193000 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2395:b0:106:343:edcb with SMTP id gw21csp437862dyb; Sat, 27 Jan 2024 03:26:30 -0800 (PST) X-Google-Smtp-Source: AGHT+IHMEmRRSfSYCMU4gI/3w9Mvls1Oh/YMhJWkrWwL32rJ0EE+gpjtpEfZjeOo7Kwj0W8xgChb X-Received: by 2002:a81:e808:0:b0:602:d01a:ea9a with SMTP id a8-20020a81e808000000b00602d01aea9amr1406159ywm.15.1706354790703; Sat, 27 Jan 2024 03:26:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706354790; cv=pass; d=google.com; s=arc-20160816; b=rfeIR5TN1IAxtPTLO43RjBxtTjbyPtMvLH9NaOXj7n2pswPtjJW3ZIWHK9phb9ncJi FGI8KWlV5MQQ96N0X4Af1ckne/359MBzo+gMEethXkLInzCgG+nlSPEVk53qn9y1HS72 51MOTFQzA0TS50aOWQ37eq0p05DDHTc2HHvUNQ2j27eIDI2sVQs/FydUDPQthqfGUzva 8bWxCGrEe27kXYmUZuxerhPWN8LVDtiaIlSCP5H9wTcFC4Sg9l98b4ZQF/AT1mPuSB/5 Rc2QYsYdYZuFTeHxPHHoqO/DcTz1/YyXebNKwT8wOeogY5Cnk/g/MIQFkQPPdzB5wFRW dgtA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:precedence:robot-unsubscribe:robot-id :message-id:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:references:in-reply-to:cc:subject:to:reply-to:sender :from:dkim-signature:dkim-signature:date; bh=iRSKkfMgDtfSt+TVqiW5vKMlAWylA5g1gZq4YeCkcJA=; fh=rVTB9++5xMIecOv+XPWpkq5YZaJRcF05li6wpGIZteI=; b=n1rz1x2D0xDgWpRzIl6BX3A/0SmlhaP4RFzLxWHOHvxFDLCzuhxjNT04g6JR69tgFM VWkpB1J2Ar4+Pshxmgr5rQxqsxs0x8A08JCujuTAQC3uwI5rUDny46yaFgTS166if/r3 vA5VQtAVzj5evK0Wf9T8ZAJqZtwADYOLt7Us5jHuOMvRyd9z4wHWFpZYK5nsArac1ROv /wONPndYZT80VrSmzkVm30B00aMxVpTGj5gIz5mWUucRCqP2YiBCify8a7YKIpnIhUPj c3/OvExh+RLd0CPjVxB1/tDhXyzFxvw/Jx/qulRKxSvuHPob7+bAbZxyD8/svNnsnElt QoCg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=lUedujCn; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b="/Fif1aUK"; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-41174-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41174-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id s6-20020a170902ea0600b001ce5ba27888si2709401plg.211.2024.01.27.03.26.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 27 Jan 2024 03:26:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-41174-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=lUedujCn; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b="/Fif1aUK"; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-41174-ouuuleilei=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-41174-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 73CD828440A for ; Sat, 27 Jan 2024 11:26:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5008020B29; Sat, 27 Jan 2024 11:26:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="lUedujCn"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="/Fif1aUK" Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C60821E869; Sat, 27 Jan 2024 11:26:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706354776; cv=none; b=R/8+/oNglstSIYbWD1W47R61aNIFdUjQ1bPJG5EyJgHFlVPBE4HNnAvrLtUHMXOfL5UhgcyXIaas3oqH5JTTHbEC/544NcO4GC+Re373cNuJE0Gd+2BFxzhpDiKa82oyJOVcxGU3nIS5i82WA9ga+szlwJ1Qp8X0xZtF2v6So68= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706354776; c=relaxed/simple; bh=y77fw+oXQsa4/OSok+BNXAWMyCSdiussIoanHFVbKno=; h=Date:From:To:Subject:Cc:In-Reply-To:References:MIME-Version: Message-ID:Content-Type; b=f2hBTugKduUlsHjwsaJvspaYh6vggTgkrOVJB2ZyeXtY/+YdJpjK1sx5TUTYfwzMAzrYdGwnl1QK0eQIzMchphI6TndojND2PRc9KTWRSQ/4IDLQYsT4HayHmgkTW3YlWdp/A31SSUuoFWWfDmMx4XNmu9Jy/KMRnD3yQBZCFUk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=lUedujCn; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=/Fif1aUK; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Date: Sat, 27 Jan 2024 11:26:06 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1706354767; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iRSKkfMgDtfSt+TVqiW5vKMlAWylA5g1gZq4YeCkcJA=; b=lUedujCnDV3Ah9EvLhvpDKi9bWPZ6MVKsYQZ7ypSOuPVaKlz5SZkgtU9wh8NVc32vX2zSB jtlRa1qVt3KOCFn5f4PF9F8jDfCNr6Ol4MA64nTmA3kM0Syb/GTZuNqxAvc0ofD8xt3AMW XVxHBjh82lv6x0fyIeM/kCKKeVVsSLBE/0R3zva4xUwx3RMNt8EOpyZX4ZBRwZye0OmshW +mF3nRVvsYzWwRujTR3uDfUbnTZbWrgy7iwTFo1y5BFyWc8RQClbKE4wSjh20v+m2y1qdx zWR4885n8ZCzpkxjG/4hKdNOHvPYivnJs+V0jfxTcdPycMed3pQEXg2V0oMsOQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1706354767; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=iRSKkfMgDtfSt+TVqiW5vKMlAWylA5g1gZq4YeCkcJA=; b=/Fif1aUK0iiU39F31vBwyAfh36pEuJanCOh+wbXXBe1xDFR7HzBR3ANyUniWsJWaYjX6JQ ej6H6XuuLOuo8wCA== From: "tip-bot2 for Ard Biesheuvel" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/sev] x86/sme: Fix memory encryption setting if enabled by default and not overridden Cc: Ard Biesheuvel , "Borislav Petkov (AMD)" , Tom Lendacky , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20240126163918.2908990-2-ardb+git@google.com> References: <20240126163918.2908990-2-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <170635476620.398.13087052898452065480.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Precedence: bulk X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789242680739765963 X-GMAIL-MSGID: 1789242680739765963 The following commit has been merged into the x86/sev branch of tip: Commit-ID: aa8eff72842021f52600392b245fb82d113afa8a Gitweb: https://git.kernel.org/tip/aa8eff72842021f52600392b245fb82d113afa8a Author: Ard Biesheuvel AuthorDate: Fri, 26 Jan 2024 17:39:19 +01:00 Committer: Borislav Petkov (AMD) CommitterDate: Sat, 27 Jan 2024 12:17:26 +01:00 x86/sme: Fix memory encryption setting if enabled by default and not overridden Commit cbebd68f59f0 ("x86/mm: Fix use of uninitialized buffer in sme_enable()") 'fixed' an issue in sme_enable() detected by static analysis, and broke the common case in the process. cmdline_find_option() will return < 0 on an error, or when the command line argument does not appear at all. In this particular case, the latter is not an error condition, and so the early exit is wrong. Instead, without mem_encrypt= on the command line, the compile time default should be honoured, which could be to enable memory encryption, and this is currently broken. Fix it by setting sme_me_mask to a preliminary value based on the compile time default, and only omitting the command line argument test when cmdline_find_option() returns an error. [ bp: Drop active_by_default while at it. ] Fixes: cbebd68f59f0 ("x86/mm: Fix use of uninitialized buffer in sme_enable()") Signed-off-by: Ard Biesheuvel Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Link: https://lore.kernel.org/r/20240126163918.2908990-2-ardb+git@google.com --- arch/x86/mm/mem_encrypt_identity.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index d73aeb1..7f72472 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -507,7 +507,6 @@ void __init sme_enable(struct boot_params *bp) const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off; unsigned int eax, ebx, ecx, edx; unsigned long feature_mask; - bool active_by_default; unsigned long me_mask; char buffer[16]; bool snp; @@ -593,22 +592,19 @@ void __init sme_enable(struct boot_params *bp) : "p" (sme_cmdline_off)); if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT)) - active_by_default = true; - else - active_by_default = false; + sme_me_mask = me_mask; cmdline_ptr = (const char *)((u64)bp->hdr.cmd_line_ptr | ((u64)bp->ext_cmd_line_ptr << 32)); if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0) - return; + goto out; if (!strncmp(buffer, cmdline_on, sizeof(buffer))) sme_me_mask = me_mask; else if (!strncmp(buffer, cmdline_off, sizeof(buffer))) sme_me_mask = 0; - else - sme_me_mask = active_by_default ? me_mask : 0; + out: if (sme_me_mask) { physical_mask &= ~sme_me_mask;