From patchwork Mon May 8 07:03:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 90980 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1965846vqo; Mon, 8 May 2023 00:13:03 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7e1OuEf2Ib3TThruSTOeojQok8taCNbxXQUR7X65jvZTKTBhK6fSQcSDMqycmDyOYY4AqL X-Received: by 2002:a05:6a00:ccc:b0:641:4d30:7922 with SMTP id b12-20020a056a000ccc00b006414d307922mr12813736pfv.4.1683529982912; Mon, 08 May 2023 00:13:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683529982; cv=none; d=google.com; s=arc-20160816; b=SuGUhlbSl2z76gRRGVrM5E4mB4azRdliaX2MwENFU/yJxuhw6T/t4Iv8Shro+ghGQh Kq/lvFGc3IWNIA1z9fZCZtFo9oCZNCPyyBeeTTIcasbjhVa5kiMHUjFX6VR0fwFqMajc iDplyPlmeoF5eqarfUIJiiOXg1nwopygsS20eg8Fr8ejx+HNKk6Pqd0InG1EIAD27b9d SAfcB7N1zSPGb08fLKepwvyan4EuoPFaq8hqVYQ5+HIQHrDa7g3nRgHKurTwGiOSfmkq Lw6G3mgMwFXb4mdJ31Ha2XL2bszUQtVJyJnhq/DzqkZXv34EleHdQyoiXb8wYwvlcqvp S6Zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=/EjJ6R2izI2jbQWL8EoHPCkvdlhk1fCLxtYK/9cDyL4=; b=HUjVk+M72CdqIt8cbv+tFcfA5yQE7SX47R8VyFlDJTARjIrxlSl9I5BWaTOVRWC+t2 jS1wf4qgtYRDlNae/MJe0nwMBN/oL9hqPHb3CtYh52fp6Xqe5IiXv1Av59gwR1WaGhHC X9FPbK+5VjdaM7Mile4y7xcmy2VopKQhTG6q58Roeb72hOTWx7LVB9Dh0Hh67HTSTZ7O fYxC7eH6JxaUP9YCsWewGgIsWqRHSh42YoVgOF3/TtSdfpONQSR2FVZsofHZabnnhUqt Gyr8zLp5KyIKN9xwjPC0q1ABp2Khsnb8AWs8BOF6QVjxD/JVc9U15CnDp6Ss7yzykz0k CJiw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MV7+bAoM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 128-20020a621786000000b0063b5f25dd95si7648506pfx.391.2023.05.08.00.12.48; Mon, 08 May 2023 00:13:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=MV7+bAoM; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233131AbjEHHGD (ORCPT + 99 others); Mon, 8 May 2023 03:06:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46510 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233110AbjEHHF2 (ORCPT ); Mon, 8 May 2023 03:05:28 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 151221A624; Mon, 8 May 2023 00:04:46 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1C3A461F94; Mon, 8 May 2023 07:04:44 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BBA35C4339E; Mon, 8 May 2023 07:04:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1683529483; bh=pOa0uLaUQL7guzGpAfdDsFjGbf6C6UXPFUPb62ISdKo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MV7+bAoMq5TAPFw31XJPnDEkdUatdL34ctMBvUACIDpuRCOIQxcv+cN/fP7ZodXf0 gOEE+FpmtfxP4aUbUKQeWKvA4ei6eyh1fVC/D7JGOPc6yYKBKoqEZCaWgsl5YTQ9yW N/88DSSx10p7kdCFoonhniqFcxDqBFvVi29/SLa54MQp45eXYT1KqZEF/tK86jsno9 ToHNSl7xjju+mjwvvGVfSe08BXB/s5Rwp2sOFK3wDPbbMikayQZp7EjgP5soEjJMUo 56dTotecWxzGNGQYRBDrSEqJlRSs4HxPqfc5X/98Dr+kYI4wDUiTA31yguu5keD/nv jglyCJqT6Rqrg== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Evgeniy Baskov , Borislav Petkov , Andy Lutomirski , Dave Hansen , Ingo Molnar , Peter Zijlstra , Thomas Gleixner , Alexey Khoroshilov , Peter Jones , Gerd Hoffmann , Dave Young , Mario Limonciello , Kees Cook , Tom Lendacky , "Kirill A . Shutemov" , Linus Torvalds Subject: [PATCH v2 15/20] x86: head_64: Switch to kernel CS before enabling memory encryption Date: Mon, 8 May 2023 09:03:25 +0200 Message-Id: <20230508070330.582131-16-ardb@kernel.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230508070330.582131-1-ardb@kernel.org> References: <20230508070330.582131-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1479; i=ardb@kernel.org; h=from:subject; bh=pOa0uLaUQL7guzGpAfdDsFjGbf6C6UXPFUPb62ISdKo=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JISVi3p5L2//eS8mLWR1Vc7Go4HNebujRny93XNr8vmr6W nOJ9WcTO0pZGMQ4GGTFFFkEZv99t/P0RKla51myMHNYmUCGMHBxCsBEjt9mZPiyxNAv8PrbkOz5 Ey1z2rK7PW887NTq/fNOhIE1+6u5jC0jwzUfW7MwB4fv+6/4zvfYoHOyTognumiRo2m0bNPrFUs CuAE= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1765309135093781630?= X-GMAIL-MSGID: =?utf-8?q?1765309135093781630?= The SME initialization triggers #VC exceptions due to the use of CPUID instructions, and returning from an exception restores the code segment that was active when the exception was taken. This means we should ensure that we switch the code segment to one that is described in the GDT we just loaded before running the SME init code. Reported-by: Tom Lendacky Signed-off-by: Ard Biesheuvel --- arch/x86/kernel/head_64.S | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 95b12fdae10e1dc9..a128ac62956ff7c4 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -76,6 +76,15 @@ SYM_CODE_START_NOALIGN(startup_64) call startup_64_setup_env + /* Now switch to __KERNEL_CS so IRET works reliably */ + pushq $__KERNEL_CS + leaq .Lon_kernel_cs(%rip), %rax + pushq %rax + lretq + +.Lon_kernel_cs: + UNWIND_HINT_END_OF_STACK + #ifdef CONFIG_AMD_MEM_ENCRYPT /* * Activate SEV/SME memory encryption if supported/enabled. This needs to @@ -87,15 +96,6 @@ SYM_CODE_START_NOALIGN(startup_64) call sme_enable #endif - /* Now switch to __KERNEL_CS so IRET works reliably */ - pushq $__KERNEL_CS - leaq .Lon_kernel_cs(%rip), %rax - pushq %rax - lretq - -.Lon_kernel_cs: - UNWIND_HINT_END_OF_STACK - /* Sanitize CPU configuration */ call verify_cpu