The IDT/TSS setup for the boot CPU on 64-bit is split into two parts:
1) Setup IDT without IST before cpu_init()
2) Setup IDT with IST after cpu_init()
Lai noticed [1] that the NMI setup in #1 is wrong because it uses the IST aware
entry point but if an NMI happens there it would run on the kernel stack
which can cause the IST aware code to malfunction.
That's not a real problem because a NMI hitting during early boot before
the IDT is fully set up is fatal anyway. The intermediate issue with the
split setup is just making that window marginally wider. Though the setup
logic is more convoluted than necessary.
There is another oddity regarding secondary CPUs. The recently added SEV
support requires #VC to be functional when invoking cpu_init() and
therefore added a separate function which initializes TSS before that.
Now cpu_init() itself does the same initialization again, which is
pointless and confusing at best.
Borislav posted a patch [2] which moves the TSS initialization to the start of
cpu_init(), but when looking at the boot CPU setup, this is not helpful.
So I kept the separate function and made use of it in trap_init() so that
the ordering is now TSS setup, IDT setup, cpu_init(). That allows to get
rid of the separate IST setup step and makes the overall code simpler.
Thanks,
tglx
[1] https://lore.kernel.org/r/[email protected]
[2] https://lore.kernel.org/r/[email protected]
---
include/asm/desc.h | 2 --
include/asm/processor.h | 1 +
kernel/cpu/common.c | 24 +++++++++++-------------
kernel/idt.c | 40 ++++++++++++----------------------------
kernel/traps.c | 9 +++------
5 files changed, 27 insertions(+), 49 deletions(-)