From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-f198.google.com (mail-io0-f198.google.com [209.85.223.198]) by kanga.kvack.org (Postfix) with ESMTP id 52D0E6B02C3 for ; Wed, 7 Jun 2017 15:17:21 -0400 (EDT) Received: by mail-io0-f198.google.com with SMTP id f100so6115159iod.14 for ; Wed, 07 Jun 2017 12:17:21 -0700 (PDT) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0084.outbound.protection.outlook.com. [104.47.32.84]) by mx.google.com with ESMTPS id i192si3261398ita.7.2017.06.07.12.17.20 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 07 Jun 2017 12:17:20 -0700 (PDT) From: Tom Lendacky Subject: [PATCH v6 23/34] x86, realmode: Decrypt trampoline area if memory encryption is active Date: Wed, 07 Jun 2017 14:17:09 -0500 Message-ID: <20170607191709.28645.69034.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170607191309.28645.15241.stgit@tlendack-t1.amdoffice.net> References: <20170607191309.28645.15241.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Larry Woodman , Brijesh Singh , Ingo Molnar , Borislav Petkov , Andy Lutomirski , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Dave Young , Thomas Gleixner , Dmitry Vyukov When Secure Memory Encryption is enabled, the trampoline area must not be encrypted. A CPU running in real mode will not be able to decrypt memory that has been encrypted because it will not be able to use addresses with the memory encryption mask. A recent change that added a new system_state value exposed a warning issued by early_ioreamp() when the system_state was not SYSTEM_BOOTING. At the stage where the trampoline area is decrypted, the system_state is now SYSTEM_SCHEDULING. The check was changed to issue a warning if the system_state is greater than or equal to SYSTEM_RUNNING. Signed-off-by: Tom Lendacky --- arch/x86/realmode/init.c | 11 +++++++++++ mm/early_ioremap.c | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index a163a90..195ba29 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -6,6 +6,7 @@ #include #include #include +#include struct real_mode_header *real_mode_header; u32 *trampoline_cr4_features; @@ -130,6 +131,16 @@ static void __init set_real_mode_permissions(void) unsigned long text_start = (unsigned long) __va(real_mode_header->text_start); + /* + * If SME is active, the trampoline area will need to be in + * decrypted memory in order to bring up other processors + * successfully. + */ + if (sme_active()) { + sme_early_decrypt(__pa(base), size); + set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT); + } + set_memory_nx((unsigned long) base, size >> PAGE_SHIFT); set_memory_ro((unsigned long) base, ro_size >> PAGE_SHIFT); set_memory_x((unsigned long) text_start, text_size >> PAGE_SHIFT); diff --git a/mm/early_ioremap.c b/mm/early_ioremap.c index b1dd4a9..01d13ae 100644 --- a/mm/early_ioremap.c +++ b/mm/early_ioremap.c @@ -110,7 +110,7 @@ static int __init check_early_ioremap_leak(void) enum fixed_addresses idx; int i, slot; - WARN_ON(system_state != SYSTEM_BOOTING); + WARN_ON(system_state >= SYSTEM_RUNNING); slot = -1; for (i = 0; i < FIX_BTMAPS_SLOTS; i++) { -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org