Received: by 2002:a4a:301c:0:0:0:0:0 with SMTP id q28-v6csp748908oof;
        Tue, 25 Sep 2018 04:14:56 -0700 (PDT)
X-Google-Smtp-Source: ACcGV61DLDuyogYLjGTQVrkqmplr5jaJBCljKDmE94ls+oNTsm3cBDvkeuSV85RUKh2V/nH+ejLH
X-Received: by 2002:a63:88c8:: with SMTP id l191-v6mr596701pgd.340.1537874096617;
        Tue, 25 Sep 2018 04:14:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1537874096; cv=none;
        d=google.com; s=arc-20160816;
        b=JPcAM9Ud7FvcRsH6su49ZZUejA82ANaAuMNHWH6wW3IP87IUGSsRRHab5h1aoGQy0N
         hOluWhoYe5XbvatTwDCw1LlNAEODMuQAPbTj9Z2Ne8bTY73zkssNijZ+KwxZ5/VIddDO
         MSid2+nylNaEyOapoG9vmESsQXflbKTbq0BQfht/wV+YEQUjQdoOfd/j533i13ccQCOq
         BucMUYVWdDk54dvvip85ZBfGAiSID/EEe63j5FJ2Gv8fUoz2e7TLURFWRpsQJ96HUycs
         afbEilG8Jiap6GjNwYOcsxy/1kYVRN9zXJKHVOky3I45cWEwIUXdJjUz+EPjqa56JmRs
         4x5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from;
        bh=5yBK+Yg0L48pdHkdAAIgxboZ7wXykkqvLlYCD1V3k8s=;
        b=GXio70NkmiqSSdlywxTx1CwjrDN4En8Qh4pIn55RZzQSKKthdaoYkKvMNkjmJTvpdY
         z19cchRJei+b1FAXF5EdvYA0eFA3dA8CVUcRibczSUMaMOimpOG9kK9++4Owlyos+2/m
         lffcYdJ9p4qcB5rBSMtrM+UV1C2mmUGclrWyMUuXkgRg73dFCtxCVlpZXFHCwiKVg368
         GQOBAC3bLrCstYcV5vPOAFH472lCEoyWgrGJZUR4Me06dD6jblIeoQrnVmt1XDadmxEc
         /FMZXfyyZRICmQXn0DIcXLhgIAl+7kfX416+WbVmH2OtUXFSQjz71LF3ES/agGmzumWP
         my0Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id s81-v6si2019826pfk.213.2018.09.25.04.14.40;
        Tue, 25 Sep 2018 04:14:56 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728897AbeIYRTm (ORCPT <rfc822;lans.zhang2008@gmail.com>
        + 99 others); Tue, 25 Sep 2018 13:19:42 -0400
Received: from mx1.redhat.com ([209.132.183.28]:39816 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727570AbeIYRTm (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 25 Sep 2018 13:19:42 -0400
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id D474462EAB;
        Tue, 25 Sep 2018 11:12:39 +0000 (UTC)
Received: from kasong-desktop-nay-redhat-com.nay.redhat.com (unknown [10.66.128.41])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 2E2811081316;
        Tue, 25 Sep 2018 11:12:33 +0000 (UTC)
From:   Kairui Song <kasong@redhat.com>
To:     linux-kernel@vger.kernel.org
Cc:     tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com,
        x86@kernel.org, thomas.lendacky@amd.com, brijesh.singh@amd.com,
        bp@suse.de, kasong@redhat.com, kexec@lists.infradead.org,
        dyoung@redhat.com
Subject: [PATCH] x86/boot: Fix kexec booting failure after SEV early boot support
Date:   Tue, 25 Sep 2018 19:10:20 +0800
Message-Id: <20180925111020.23834-1-kasong@redhat.com>
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 25 Sep 2018 11:12:40 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Commit 1958b5fc4010 ("x86/boot: Add early boot support when running
with SEV active") is causing kexec becomes sometimes unstable, kexec
reboot won't start a second kernel bypassing BIOS boot process, instead,
the system got reset.

That's because, in get_sev_encryption_bit function, we are using
32-bit RIP-relative addressing to read the value of enc_bit, but
kexec may alloc the early boot up code to a higher location, which
is beyond 32-bit addressing limit. Some garbage will be read and
get_sev_encryption_bit will return the wrong value, which lead to
wrong memory page flag.

This patch adds a get_sev_encryption_bit_64 function to avoid this
problem. 64-bit early boot code will use this function instead, it
uses native RIP addressing to read the enc_bit which have no problem
with any location.

Fixes: 1958b5fc4010 ("x86/boot: Add early boot support when running with SEV active")
Signed-off-by: Kairui Song <kasong@redhat.com>
---
 arch/x86/boot/compressed/mem_encrypt.S | 64 ++++++++++++++++++--------
 1 file changed, 45 insertions(+), 19 deletions(-)

diff --git a/arch/x86/boot/compressed/mem_encrypt.S b/arch/x86/boot/compressed/mem_encrypt.S
index eaa843a52907..41933550449a 100644
--- a/arch/x86/boot/compressed/mem_encrypt.S
+++ b/arch/x86/boot/compressed/mem_encrypt.S
@@ -18,27 +18,13 @@
 
 	.text
 	.code32
-ENTRY(get_sev_encryption_bit)
+do_get_sev_encryption_bit:
 	xor	%eax, %eax
 
 #ifdef CONFIG_AMD_MEM_ENCRYPT
 	push	%ebx
 	push	%ecx
 	push	%edx
-	push	%edi
-
-	/*
-	 * RIP-relative addressing is needed to access the encryption bit
-	 * variable. Since we are running in 32-bit mode we need this call/pop
-	 * sequence to get the proper relative addressing.
-	 */
-	call	1f
-1:	popl	%edi
-	subl	$1b, %edi
-
-	movl	enc_bit(%edi), %eax
-	cmpl	$0, %eax
-	jge	.Lsev_exit
 
 	/* Check if running under a hypervisor */
 	movl	$1, %eax
@@ -69,25 +55,65 @@ ENTRY(get_sev_encryption_bit)
 
 	movl	%ebx, %eax
 	andl	$0x3f, %eax		/* Return the encryption bit location */
-	movl	%eax, enc_bit(%edi)
 	jmp	.Lsev_exit
 
 .Lno_sev:
 	xor	%eax, %eax
-	movl	%eax, enc_bit(%edi)
 
 .Lsev_exit:
-	pop	%edi
 	pop	%edx
 	pop	%ecx
 	pop	%ebx
 
+#endif	/* CONFIG_AMD_MEM_ENCRYPT */
+
+	ret
+
+ENTRY(get_sev_encryption_bit)
+	xor	%eax, %eax
+
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+	push	%edi
+
+	/*
+	 * RIP-relative addressing is needed to access the encryption bit
+	 * variable. Since we are running in 32-bit mode we need this call/pop
+	 * sequence to get the proper relative addressing.
+	 */
+	call	1f
+1:	popl	%edi
+	subl	$1b, %edi
+
+	movl	enc_bit(%edi), %eax
+	cmpl	$0, %eax
+	jge 2f
+
+	call    do_get_sev_encryption_bit
+	movl	%eax, enc_bit(%edi)
+2:
+	pop	%edi
 #endif	/* CONFIG_AMD_MEM_ENCRYPT */
 
 	ret
 ENDPROC(get_sev_encryption_bit)
 
 	.code64
+ENTRY(get_sev_encryption_bit_64)
+	xor	%rax, %rax
+
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+	movl	enc_bit(%rip), %eax
+	cmpl	$0, %eax
+	jge 1f
+
+	call    do_get_sev_encryption_bit
+	movl	%eax, enc_bit(%rip)
+1:
+#endif	/* CONFIG_AMD_MEM_ENCRYPT */
+
+	ret
+ENDPROC(get_sev_encryption_bit_64)
+
 ENTRY(set_sev_encryption_mask)
 #ifdef CONFIG_AMD_MEM_ENCRYPT
 	push	%rbp
@@ -95,7 +121,7 @@ ENTRY(set_sev_encryption_mask)
 
 	movq	%rsp, %rbp		/* Save current stack pointer */
 
-	call	get_sev_encryption_bit	/* Get the encryption bit position */
+	call	get_sev_encryption_bit_64	/* Get the encryption bit position */
 	testl	%eax, %eax
 	jz	.Lno_sev_mask
 
-- 
2.17.1