Message ID | 20240102133747.27053-1-kirill.shutemov@linux.intel.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp4449854dyb; Tue, 2 Jan 2024 05:41:42 -0800 (PST) X-Google-Smtp-Source: AGHT+IHF67rZyOo9RDLB4+0c8ta/78VQ69BBNfnishumVRVR2xjkMbSDAV5bRT6tkT2kvzXWbuEK X-Received: by 2002:a05:620a:4252:b0:781:aec6:b0d8 with SMTP id w18-20020a05620a425200b00781aec6b0d8mr6470507qko.65.1704202902065; Tue, 02 Jan 2024 05:41:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704202902; cv=none; d=google.com; s=arc-20160816; b=chGA8W2zIaCP2exRzsXAHvIgZfaKm3cJkU6x1v9AyGLQsy/zN665ZCG5AhVUAcmWZ9 GKJjPCG+H7rD9ZMbm3Lg0SFfOdH4WQN3EyRhz/IH4aLiWRGl3JBRgjA7LKgoM2y97FEI lRG3Mb5Yz77u8m71FGIJdId9JIxPiPN97jH1n286sDaFj1a34B17Ho+n4G2zbtKaD+sy v6hAt5I/kJSxtjUMBxzi5SMYYYXPs3piFuvY6azPCG6fUrgU1JVzoEeHTsLeRqq+20yQ Afx7UaOuDfRMIuM2EpXS2Xaly99Ej3ZLD4y5n2VBhf7rVaot3XuBzUSj+JtIgLLIV57H OQXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=F37GxT1v5hebas2Dq89b+q0xh76urqRla3Ydug+tiAI=; fh=GkbyPUlI9qtLLNm7AE0ji2HooIAIoU/tELbqZ27NmNc=; b=LIX0Bh8JJkRRjwO9/ISPVF3TzzzQXZDA3H1wfH7/zBwsz6/pbW6MHkw72RFAazxbtG uoDS4w6UDwU6rmL0QClBvt9imYFvpwLi2WB0MdbEtVsx9rC+rC2ta4UgX4tO2JPymKnD inHVyQ5fWY9M/Hla9QGEmdo3fsEShYBZNARIZgZUE896NF0inkT7zfhzR7dFdtu3EdNp Y5Fl3sop6Yy/7Z3Bk5Or/5SsBsPpOih+ANzAlwHhyIYZ8005H6KyF+6AzuTH8hVvcIQ7 89mc4LnisaR7yfyZw6SYRBXYBn/z42FzB3HCZXZ/vQ95ko5+aXDpNO9ht3RfT/PsMAjb EQeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=KGRsTZul; spf=pass (google.com: domain of linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id s10-20020a05620a080a00b00781d61d7fdesi2116598qks.237.2024.01.02.05.41.41 for <ouuuleilei@gmail.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jan 2024 05:41:42 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=KGRsTZul; spf=pass (google.com: domain of linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-14429-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D5D9D1C22188 for <ouuuleilei@gmail.com>; Tue, 2 Jan 2024 13:41:41 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CBBE915AC3; Tue, 2 Jan 2024 13:38:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="KGRsTZul" X-Original-To: linux-kernel@vger.kernel.org Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8C840156DB; Tue, 2 Jan 2024 13:38:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1704202688; x=1735738688; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=idFpEvgzmeEYhH1RrghpYHvogfuzDBzKNdkrsQpu4BY=; b=KGRsTZultAITMkjduy8Cy2DFtqlR4NgevSz/JUPOiiy814ZJy+tQBCZQ oMI/NZwn6oGsur4nt9ucbKUPiwdXgqrNq86p4Iq2WgjbHpOPF8Bdfk+n3 DIt8ys1v9Ok6Gi93pDvOPSqe+Vqny1HmWSBdN8huTUMir4fy7ybaE+t2a YTVvtQpAsaTPgJnK90pBeBizME4zMK5hjQtAgJubG97wZHe1ZwLohBECd i953M3YUvhNXJSr9hnwcFIBjtQSb/kIKHLkz1b4UZeWkpbvn0L84dAQhv KFcUMYaRQLxh6e0tnCZKt0YHCWG6EsvZw9mFDPbq+Kz5MD5bCXrsGVyQo A==; X-IronPort-AV: E=McAfee;i="6600,9927,10941"; a="377035320" X-IronPort-AV: E=Sophos;i="6.04,325,1695711600"; d="scan'208";a="377035320" Received: from orviesa001.jf.intel.com ([10.64.159.141]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jan 2024 05:38:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,325,1695711600"; d="scan'208";a="28066458" Received: from rmuntslx-mobl1.ger.corp.intel.com (HELO box.shutemov.name) ([10.249.36.81]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jan 2024 05:38:05 -0800 Received: by box.shutemov.name (Postfix, from userid 1000) id 9C36E10A568; Tue, 2 Jan 2024 16:38:01 +0300 (+03) From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> To: Paolo Bonzini <pbonzini@redhat.com>, Wanpeng Li <wanpengli@tencent.com>, Vitaly Kuznetsov <vkuznets@redhat.com>, Sean Christopherson <seanjc@google.com>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, Dave Hansen <dave.hansen@linux.intel.com>, Tom Lendacky <thomas.lendacky@amd.com> Cc: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Subject: [PATCH] x86/sev: Fix SEV check in sev_map_percpu_data() Date: Tue, 2 Jan 2024 16:37:47 +0300 Message-ID: <20240102133747.27053-1-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.41.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: <linux-kernel.vger.kernel.org> List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1786986262458649203 X-GMAIL-MSGID: 1786986262458649203 |
Series |
x86/sev: Fix SEV check in sev_map_percpu_data()
|
|
Commit Message
Kirill A. Shutemov
Jan. 2, 2024, 1:37 p.m. UTC
The function sev_map_percpu_data() checks if it is running on an SEV
platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However,
this attribute is also defined for TDX.
To avoid false positives, add a cc_vendor check.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
arch/x86/kernel/kvm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Comments
On Tue, Jan 02, 2024 at 04:37:47PM +0300, Kirill A. Shutemov wrote: > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Fixes: 4d96f9109109 ("x86/sev: Replace occurrences of sev_active() with cc_platform_has()") Suggested-by: Borislav Petkov (AMD) <bp@alien8.de> Thx.
On Tue, 2 Jan 2024, Kirill A. Shutemov wrote: > The function sev_map_percpu_data() checks if it is running on an SEV > platform by checking the CC_ATTR_GUEST_MEM_ENCRYPT attribute. However, > this attribute is also defined for TDX. > > To avoid false positives, add a cc_vendor check. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Acked-by: David Rientjes <rientjes@google.com>
diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index 0ddb3bd0f1aa..5b495cfc79bc 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -434,7 +434,8 @@ static void __init sev_map_percpu_data(void) { int cpu; - if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) + if (cc_vendor != CC_VENDOR_AMD || + !cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; for_each_possible_cpu(cpu) {