Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755238AbdLUQso (ORCPT <rfc822;w@1wt.eu>);
        Thu, 21 Dec 2017 11:48:44 -0500
Received: from mail-sn1nam02on0070.outbound.protection.outlook.com ([104.47.36.70]:60464
        "EHLO NAM02-SN1-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1754760AbdLUQsh (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 21 Dec 2017 11:48:37 -0500
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Thomas.Lendacky@amd.com; 
Subject: Re: [PATCH v1 3/3] x86/mm: Encrypt the initrd earlier for BSP
 microcode update
To: Borislav Petkov <bp@alien8.de>
Cc: x86@kernel.org, Brijesh Singh <brijesh.singh@amd.com>,
        linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Thomas Gleixner <tglx@linutronix.de>
References: <20171207233342.29646.12858.stgit@tlendack-t1.amdoffice.net>
 <20171207233410.29646.27816.stgit@tlendack-t1.amdoffice.net>
 <20171221144925.76ge77xraapgzm36@pd.tnic>
From: Tom Lendacky <thomas.lendacky@amd.com>
Message-ID: <cf742b88-49ac-7420-ebee-3523c267bde4@amd.com>
Date: Thu, 21 Dec 2017 10:48:29 -0600
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20171221144925.76ge77xraapgzm36@pd.tnic>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: BN6PR1201CA0001.namprd12.prod.outlook.com (10.174.238.11)
 To CY4PR12MB1141.namprd12.prod.outlook.com (10.168.163.149)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1ecec159-c511-424b-4589-08d54892adc7
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060);SRVR:CY4PR12MB1141;
X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1141;3:2Qa+HxxHpIUDYdv18SScAVFQB5sDDv8zL79vtCNgeu63fpOexqGN03zwfGjGH2SSBZsmANyj22MgLMXyBe/HIwL6daWt6SuV0Q2apZT+vULNXntSYZ+h++bxEA5W5H+5gkGd2SIhbDpWllViyuEEx3E/6A+8dKFcGRySv7djMtrfbMHDe3CQIhL5DiOeIwY3VDKlnSgbkk14l3iglKTHd427ZQxXhRAdOxa63lFsUg5PDdvUAW+aJV8uQ2lEuRPZ;25:/PysLxjtU6D0XeIUkzIhpQuETQiJeyQPu5vM/bT6p+rBqTDLCr59VxyrDbdk9bXTqj5B1J0me8579PeCctThkgbe/QF7zUqjfvksXh4DaVlOhCi2o4UdY2iVsN7255zWwFGXXqEDRzEWXDDB0F/pwM6H8bGQOTu9rsTmPIQV/shLPUfg1EMMk/42p7K4dXqiBWe3+jTbTvfeCTAXR2nF8KEf5f0HDikh3VA5bQQn0POS7PPgpb5zLYfnVTS9LybI8uujM0VzvWlTtuZcc55ukKHs07JQubk7oEltbjtALZhZ69lQ3ljyO55Eobu0c3emO7djyjM14c2Qs17R7YuPkQ==;31:tXF47K94feQcg6nZ61VX+CHJbJKUqJ0cKJD7Nz2sB9iPxx27VufURvlpS8K2l/csjFfbYKFdaavsVstR4u5ydRM/VgQGqoOu1UmLIpTaQjWWtNz6X1Jlo42Dir4tgY8D/7YJ+YhXQr7iIjq/Vw+B3xKUl6cbOtST4D+jngO9BSbV5IQCw1KgX8kluSSTxLyv+GQMRSox61qnrJnUtUBczpwEZOQ6hjk+Ja0zZSxK/e8=
X-MS-TrafficTypeDiagnostic: CY4PR12MB1141:
X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1141;20:7vb86xgvcV+Xvu9AwaArnxoA97G9PVuYzTYR4SlWqV9Th3nNNdRwFXtyouOr9mETXnv6R+ZmZIY8fFr+iOUci/ZxKHzNVEGKJUHbGdf0e7GBkULvfzmq8KiKstNrnbHDYoN1zzuw1VXYn8mGiIiHl9hzFvi3plJ+fpYHxdM6CIRJWgtb6ONZ7u5tJe519WOUU9/LLb7wVXIgSYB5h1MNumcKGxUCUcpDeFAm5F057Ima5xQLEqTM1bTTzTKeBgqeC/v8hrXwg1rXxRtJzAlGnLui+YaPpTGaVl6ZD+xQTvRlItb6OcnoIWqhSGtmKGgUeVX4xAe6SsTHS+0Ertd+mo94rkO1O9/uopkE4F28DbAb243IqXznGByIjlIRwLLcLeK9u8a3K/YjLm/UBDw10B7tea1jV0GZxpnwQpWa9+L6Vh6wykAG3yMrfpQfz7on9W/4gb1omJfEdRbwucNLR+ikoZESuL93kklcOwOrsKYKRFAPgdhZrh0nvPId4dZL;4:GVyigmqRzL4Sr4MzHSZWy4jJ7CrQvuB9dK0s9Qh16fLJnONgbxVsfSH3rK7oL3+NpVyMLxNSHLkji7a7rBrXUeO5vtgG+8A8d/efoiVgwVy4npnbXl/o/vGr1qjFzfurhgLv9sdnR7wiukwTU55IlZEPCe4E++P2W9+XdLWJOyOosPx4g8qUNJxyhJcb/Z6VMqJCWTqkISYZe5CiqXTMnUdgQStkJglpYeTJmmRDIPOPpuX+OyN+PRhQiXqyNjid1hsxf0crupoLkkjo7Zgdsg==
X-Microsoft-Antispam-PRVS: <CY4PR12MB114108C481F50F70AABA5412EC0D0@CY4PR12MB1141.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231023)(6055026)(6041268)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(20161123562045)(6072148)(201708071742011);SRVR:CY4PR12MB1141;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY4PR12MB1141;
X-Forefront-PRVS: 0528942FD8
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(346002)(39380400002)(366004)(376002)(396003)(39860400002)(199004)(24454002)(189003)(59450400001)(50466002)(36756003)(25786009)(2906002)(575784001)(4326008)(3260700006)(66066001)(97736004)(83506002)(65956001)(8936002)(31696002)(52116002)(6246003)(23676004)(2486003)(68736007)(47776003)(52146003)(65806001)(76176011)(53936002)(86362001)(81166006)(81156014)(8676002)(316002)(106356001)(5660300001)(65826007)(16576012)(305945005)(386003)(7736002)(64126003)(31686004)(6666003)(90366009)(77096006)(6486002)(53546011)(6116002)(2950100002)(3846002)(230700001)(6916009)(105586002)(54906003)(15650500001)(16526018)(72206003)(58126008)(229853002)(478600001);DIR:OUT;SFP:1101;SCL:1;SRVR:CY4PR12MB1141;H:[10.236.65.116];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTRQUjEyTUIxMTQxOzIzOkljcmI4akc1MFZCZFU1VXUxdVgvL0JpUGpu?=
 =?utf-8?B?QlR5Vkt0MEFMT2JETFE1cWJnY2JOeDluQ01UaHFFNGVoQS9IbTRPNHRxUEN4?=
 =?utf-8?B?MnBVQkdObHpwcmVOVS9DWmxjWmRHSy9yUXRqNndRbzJUVG5TZlNlaGVKZGxV?=
 =?utf-8?B?TXc2OFhCYXZRallia3JXMDlKZGNnSG1BbE5DY1h3STB2NmhGUWExdFZvSUFh?=
 =?utf-8?B?aCtKdmkybTFocTcyV0xNcmZnT2lqQUMrN2VNNmlxSkxVaERubEVwZXFKaTlt?=
 =?utf-8?B?QmZLRjgzc2ZHSHZmcWFJbWh5a21od3U5bmxaaXlIdk1ESXdmRjdWVXdqLzI0?=
 =?utf-8?B?WmIzbUZ0QWlLRExGVUVRSmRWa2Z6b21wTC9EenJROVdEbW1OUVdMWUo1aDJz?=
 =?utf-8?B?M1U4WW85R3Z4d0pObXNOVThrUjh2NDJ6ZHFhT3VzZXVBTSsvbDdXa1ZPR2hY?=
 =?utf-8?B?K3RJSkdpZWVMZ2J2aUFNYmJpZTZyYmtwQWt4U1ZHOFM0UzJJaFJycHloQXFa?=
 =?utf-8?B?bzh3dVlmOEgzRUxGU251RUwwVzlFVnBhWTBwY1pMOHlNTnllalJZcEdmM2RJ?=
 =?utf-8?B?QTgyaStvb2RYbzJFaTJjVlJOdnNTWDNicjE4T1FxMkhHTVNBL1EycHRCNlp3?=
 =?utf-8?B?bS9lbUl3TURqdzVONGJvQ0QvV29MeEpwZVE0ZEwyM2xKTzlrTjVpajFXN3Vk?=
 =?utf-8?B?bWxlZ2IvNmhpV0pFYUNFQUV6bHdDQjBQenBIWXFEL1Q0eUFVRklDTUV0M0E3?=
 =?utf-8?B?Wm5pMUppZHU3OUt3Q0grYXhPTkg4WEVZcHlQRWVuaE5HdldMNUVna0o1ekw5?=
 =?utf-8?B?OEsyRVo3ZkRkSHRiV3k1Nk1OanZlWVAyZGVaVWRHT1NBb3MrSnE4bTQyQ2F6?=
 =?utf-8?B?UmcvU0ZMb3pXaEJQS3YvQlBiL09pRUpxcDc2TUNnS3dnSnFIOEhoM3YzOWJL?=
 =?utf-8?B?N3RnUWxCVWZXOENDUy80aUxQcTd1alNuZ2RSMzVWdWJBZEE3NmVHWXFzRlB4?=
 =?utf-8?B?L1Q3MVgrVjFzZXpLTkQrU0x6a25zK0RETk1oUk0wcXdjcjZZWXkvcFlBYjN1?=
 =?utf-8?B?cUVKckZ6T0pyV3FJZUVaU1lvZm5ocjVJRjlDaUgzeXNRcHRHVVdxUHBGWDhq?=
 =?utf-8?B?akoreksyQU9XdXRGWWlmbnBFZEh4d0JPa2ZQK1VBaTZuVkVWemwrV29ua2l3?=
 =?utf-8?B?UXFUK2s0NTg5TEJkclVwQzNoQmhTT01GUlhYS1p4UzU5ZnhHZUdiQ25BWG96?=
 =?utf-8?B?TUdnQ3J3OGUrL0tJN2NQMGpINmY4Y0lVRlovbFhiTUdNOTgzcXMzNWNHa202?=
 =?utf-8?B?L1BQdmlRVlZYbWxSYldtaGxhVkRxZ3BxNlZoUVpLM0lnbXhQWkFzMFJjWDhk?=
 =?utf-8?B?emVneTlxUWFEbEFyVTZhS1BsNTdYNENuTHBPVS9GS0FId0tsZ3A0dE5ZSmJo?=
 =?utf-8?B?Y0RJaW5kSlRGU3FOakhoemFOZmhWTHQvMVExQ3Jxa2FSeGgrdlVaMm4vTDd2?=
 =?utf-8?B?ZFBIazFOSER5eExiVWhnT3FiZU1kZTN6dWxTNDErWVB3UkJzM2wzTzJna1hk?=
 =?utf-8?B?aE5jNGszd2VCelBQcXZJdW1Fd0Z0WU1Mall5OElHZlJHVE1ySUlQdU03VzJH?=
 =?utf-8?B?L1ZnN0JyaEpkcG82c3MzdmpkKzlRMkJvU2hJbTVIbjVBcWdNRFN5UDN3Q2Zo?=
 =?utf-8?B?TWE2RkVjQTdxaHdoMEh4WlRScEpXVDFZUG1za0ZYZDVwaUZYSHNYOURqV2FL?=
 =?utf-8?B?MWhsaGl5NGFyalgxREt3dDN0NmZxWXZ3aVJDdnJPYTFkb0hqT1hqdVZDTVBl?=
 =?utf-8?B?bHBaRTB0RmxmdmNhRnJ0MEJSVHpoTGU5SW9va3BQaXA5RjRJUzBlLzFUQkFk?=
 =?utf-8?B?SW9lYnBYekZpME1xeVpyYVpGRnc3R0p2V2FKdDlKdjl0enRYMVlUb2tjS1NP?=
 =?utf-8?B?eGNBUm51K2FvWS9kbGpXUDRLbllFSHpZRkxHNFpiTVJHeEoxTlFVUktlZGQr?=
 =?utf-8?B?U0txcWpQVUU1NTZIZ2FHd1ZxQk93VnlNMHNrQ1JlV05XWEhtU1RiZVBDeHZi?=
 =?utf-8?Q?l3Fg=3D?=
X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1141;6:GBqTDKidWJg0qGvqZU19Q2ual9/hp/TG6Q6VaycJbrlORg+VK0aR/GLt3IRVj2pcph4yOrCJ1q85tU2vIaQRoQx4yBN6Q3ehJ98LQdQUkC8URHxo/QJdL1/cigT5MRmhOqvx6IOpMD8tLVs5rspV8wqe60u/VCL7eAg3QqXERmZ+Iv1snlJzEV7wX9+ZNOwbLoSZH6j+N50cxqbxGfbkSZiiPdxu6rpfKmlr9mU7qZoXU0iasn4JhhPIe5OCVOjb1bXhbCtyGmfu/wUji3nzUbceLIXrAYywuAghbtHskbKBoSeW4hKbPoC9Q7fn6y+DUvRJn/cOKIXjNCVe5A1KzikWDvBKuF0fMNPVqOgQEGw=;5:zBeunaQxKEDMSGNQJYFLzEk4s1IfUYA4XyJugNqk6egh1QgvRs45iIQAvM/kBhm7MgvJw7A6VpfwYmCB3dZ22k6AsaCETRzy8bHlNnITsA7k0qi8fGK52i8rWKBp7fJSvtmsVqZHyn86vrDRRjfpyOpI6MzyEpR+Yie/RNRCpFg=;24:W84Tmh0PmJ2HVmEK2JhGox+IIoK0dNUOrFG70Pi1WR153LC3APSiMfsShY6CfXwkc01W4tSERLXZmAGSVIA7S2FXgBnfGhDq4VeyzOar3jo=;7:ZTteJXQ5Feq1TwkE32j6cZJJy4St+7TKzuqh1UZ72/yP4LzJM7Z85+ENNkWMekS9HQRFd82eWy7f9uwBLJFiFEcDBHWbsk9pBloIYB4hOwsaFD5wzH+CGXIOXnjk6eBeuFHk7bxZtU8Zs96zKpZOI7/SmUEVU0omUO6l3FJ+bsVUCQEsFW9IGzi6eyUMhnrbcMQljOCEgDfHM+GhKzhxH/KVKQacgyr80Pubnwnde6vfMNKpVFf5ctmVHkzzt37+
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1141;20:1eT/qu/Jnarn1tqRXXQOK5inArEes5d19geXmzxiUwoDi+NKWLr0smedDpLj0WKPc/5cD0SsuwbBJUS3h/pMnN6H7mghQ/dH8wYWXn1rfjcJ6TBuw0nYi0v9Z4oosunnmsWjSJ/Ux8RvDgil3w8yDUjGzl9YH94r9Sbq2/m8tZjwVjHdT+bcwafqryF7jzMTB7U3m6v8h8Ht98GHzAARbgbgfRuZfCpdzlejdRI/GVDIdo/+jDgfxqiEhvSiPGNz
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2017 16:48:35.1673 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1ecec159-c511-424b-4589-08d54892adc7
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1141
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3436
Lines: 86

On 12/21/2017 8:49 AM, Borislav Petkov wrote:
> On Thu, Dec 07, 2017 at 05:34:10PM -0600, Tom Lendacky wrote:
>> Currently the BSP microcode update code examines the initrd very early
>> in the boot process.  If SME is active, the initrd is treated as being
>> encrypted but it has not been encrypted (in place) yet.  Update the
>> early boot code that encrypts the kernel to also encrypt the initrd so
>> that early BSP microcode updates work.
> 
> ...
> 
>> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
>> index 1f0efb8..60df247 100644
>> --- a/arch/x86/mm/mem_encrypt.c
>> +++ b/arch/x86/mm/mem_encrypt.c
>> @@ -731,11 +731,12 @@ static unsigned long __init sme_pgtable_calc(unsigned long len)
>>  	return total;
>>  }
>>  
>> -void __init sme_encrypt_kernel(void)
>> +void __init sme_encrypt_kernel(struct boot_params *bp)
>>  {
>>  	unsigned long workarea_start, workarea_end, workarea_len;
>>  	unsigned long execute_start, execute_end, execute_len;
>>  	unsigned long kernel_start, kernel_end, kernel_len;
>> +	unsigned long initrd_start, initrd_end, initrd_len;
>>  	unsigned long pgtable_area_len;
>>  	unsigned long decrypted_base;
>>  	pgd_t *pgd;
>> @@ -744,14 +745,15 @@ void __init sme_encrypt_kernel(void)
>>  		return;
>>  
>>  	/*
>> -	 * Prepare for encrypting the kernel by building new pagetables with
>> -	 * the necessary attributes needed to encrypt the kernel in place.
>> +	 * Prepare for encrypting the kernel and initrd by building new
>> +	 * pagetables with the necessary attributes needed to encrypt the
>> +	 * kernel in place.
>>  	 *
>>  	 *   One range of virtual addresses will map the memory occupied
>> -	 *   by the kernel as encrypted.
>> +	 *   by the kernel and initrd as encrypted.
>>  	 *
>>  	 *   Another range of virtual addresses will map the memory occupied
>> -	 *   by the kernel as decrypted and write-protected.
>> +	 *   by the kernel and initrd as decrypted and write-protected.
>>  	 *
>>  	 *     The use of write-protect attribute will prevent any of the
>>  	 *     memory from being cached.
>> @@ -762,6 +764,20 @@ void __init sme_encrypt_kernel(void)
>>  	kernel_end = ALIGN(__pa_symbol(_end), PMD_PAGE_SIZE);
>>  	kernel_len = kernel_end - kernel_start;
>>  
>> +	initrd_start = 0;
>> +	initrd_end = 0;
>> +	initrd_len = 0;
>> +#ifdef CONFIG_BLK_DEV_INITRD
>> +	initrd_len = (unsigned long)bp->hdr.ramdisk_size |
>> +		     ((unsigned long)bp->ext_ramdisk_size << 32);
>> +	if (initrd_len) {
>> +		initrd_start = (unsigned long)bp->hdr.ramdisk_image |
>> +			       ((unsigned long)bp->ext_ramdisk_image << 32);
>> +		initrd_end = PAGE_ALIGN(initrd_start + initrd_len);
>> +		initrd_len = initrd_end - initrd_start;
>> +	}
>> +#endif
> 
> In a prepatch, pls make get_ramdisk_image() and get_ramdisk_size() from
> arch/x86/kernel/setup.c accessible to this code too. Also, add dummies
> for the !CONFIG_BLK_DEV_INITRD case so that you can simply call them
> here, regardless of the CONFIG_BLK_DEV_INITRD setting.
> 
> Then you won't need boot_params ptr either and that would simplify the
> diff a bit.

This is very early in the boot and the boot parameters have not been
copied to boot_params yet, so I need the pointer.  And since the routines
in arch/x86/kernel/setup.c also use boot_params, those would have to be
modified to accept a pointer rather than automatically using boot_params.
I'm not sure it's worth all that.

Thanks,
Tom

> 
> Thx.
>