Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp754219imm; Wed, 26 Sep 2018 06:22:09 -0700 (PDT) X-Google-Smtp-Source: ACcGV60EixatCO5M1wa22UOvClPayxI4hd+TkdbulxfWfXwNhTj/dVmvO4XflFNuzM39Hid5Axgt X-Received: by 2002:a63:ff1f:: with SMTP id k31-v6mr5653595pgi.20.1537968129611; Wed, 26 Sep 2018 06:22:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537968129; cv=none; d=google.com; s=arc-20160816; b=tfATk4bKrcC73S1+KjMp5oVlesQfXAP4xCjTbWEU5RRLp94cQvs3sUIr0UmyfZEQMO 0PYpcqeBPdcBwlSCBFt4VcNi5N6AWwAApOTyxoh8xgSqf+FO1tPLD1VQYs0Ogt6U4SAm ut11PqcOlCxOS2aq9GroOZ490Lo9xKMf4gWMhBwBdxGXbdi1lhs3/X4vuX4QSXmFdEPs Wn3hOElVMoVNIRO4Brw4YDsWd1Qgq1Vg61oIC6lumA6jRNYkxJIP46JKcUXnAhVbWIGY 99EsP7gjU5Ch6W4wW4LReLrfLFTHSKyWH82+/QA+/6fFu/IYH298WwfFEYnzFI/U4FRq FXqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=LQUvQRVZOAiZOJQQrDLXuhvu4dt8Bs1DpI7NLa6NPec=; b=ps7Q67vgPS1nNMTTI7G0tOMyFMeAuf7E0GE6RrlMSR5tRZQY3ywtaA5RIxLvFTCaHj W/TVvmHdTuV7B4EsQasvnhogmMIAK9EjvfRhdSaohjXax1Nq3NpV8/U4iAKRyXKzrZwg zipB+mPiJFwlJe2YEkdl9ulqnGqsiJbpjQCalvF5ym+KvPd3k2504fRiX8xqAw31SDrd 0UbVI4o+EeUKfvyyee3XrdffVc1B7jyrZd+wtf1BbHoyh2eTQylaw83oPNVhweH5OkvT 74ltGsRzrXDBC/bX5jWPi8/wKuVEFMF+CWrya0u/RxtxOIPJ6knCUslqD9yX1++8qPCb CSlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h3-v6si4969376pgc.122.2018.09.26.06.21.54; Wed, 26 Sep 2018 06:22:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728588AbeIZTeV (ORCPT + 99 others); Wed, 26 Sep 2018 15:34:21 -0400 Received: from mx1.redhat.com ([209.132.183.28]:16237 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726802AbeIZTeV (ORCPT ); Wed, 26 Sep 2018 15:34:21 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 929ABC057866; Wed, 26 Sep 2018 13:21:24 +0000 (UTC) Received: from localhost (ovpn-8-17.pek2.redhat.com [10.72.8.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6733E600C3; Wed, 26 Sep 2018 13:21:20 +0000 (UTC) Date: Wed, 26 Sep 2018 21:21:18 +0800 From: Baoquan He To: "Lendacky, Thomas" , Kairui Song Cc: Borislav Petkov , "Singh, Brijesh" , "x86@kernel.org" , "kexec@lists.infradead.org" , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" , "hpa@zytor.com" , "tglx@linutronix.de" , "dyoung@redhat.com" Subject: Re: [PATCH] x86/boot: Fix kexec booting failure after SEV early boot support Message-ID: <20180926132118.GF2555@MiWiFi-R3L-srv> References: <20180925111020.23834-1-kasong@redhat.com> <6e15796e-31e9-2dc6-4a31-5c1b01554b45@amd.com> <20180925172608.GB15464@zn.tnic> <20180926073252.GC2555@MiWiFi-R3L-srv> <20180926112208.GE2555@MiWiFi-R3L-srv> <3b41fee3-e2f6-2e36-d2ca-1074c5f62bb8@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3b41fee3-e2f6-2e36-d2ca-1074c5f62bb8@amd.com> User-Agent: Mutt/1.9.1 (2017-09-22) X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 26 Sep 2018 13:21:25 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/26/18 at 01:01pm, Lendacky, Thomas wrote: > On 09/26/2018 06:22 AM, Baoquan He wrote: > > On 09/26/18 at 03:32pm, Baoquan He wrote: > >> On 09/25/18 at 07:26pm, Borislav Petkov wrote: > >>> IINM, the problem can be addressed in a simpler way by getting rid of > >>> enc_bit and thus getting rid of the need to do relative addressing of > >>> anything and simply doing the whole dance of figuring out the C-bit each > >>> time. It probably wouldn't be even measurable... > >> > >> Couldn't agree more. > >> > >> Obviously enc_bit is redundent here. We only check eax each time, > >> removing it can fix the RIP-relative addressing issue in kexec. > > > > OK, in distros CONFIG_AMD_MEM_ENCRYPT=y is set by default usually. > > enc_bit can save once in normal boot, then fetch and skip the cpuid > > detection in initialize_identity_maps(). However this only speeds up in > > amd system with SME, on intel cpu and amd cpu w/o sme, it still needs to > > do cpuid twice. Removing it should be not measurable as Boris said. > > Not sure if Tom has other concern. > > No concern from me. The original version of the patch did not cache the > value, that was added based on the patch series feedback. So, if there > is no concern about executing some extra CPUID/RDMSR instructions, then > it would certainly simplify the code quite a bit. OK, thanks for confirming this, Tom. Then, maybe Kairui can repost below code with formal patch log after testing. I have tested on a intel machine with 48G memory, and CONFIG_AMD_MEM_ENCRYPT=y, it works well. Maybe add Boris's Suggested-By, and CC me. Thanks Baoquan > >> > >> diff --git a/arch/x86/boot/compressed/mem_encrypt.S b/arch/x86/boot/compressed/mem_encrypt.S > >> index eaa843a52907..0b60eb867d25 100644 > >> --- a/arch/x86/boot/compressed/mem_encrypt.S > >> +++ b/arch/x86/boot/compressed/mem_encrypt.S > >> @@ -27,19 +27,6 @@ ENTRY(get_sev_encryption_bit) > >> push %edx > >> push %edi > >> > >> - /* > >> - * RIP-relative addressing is needed to access the encryption bit > >> - * variable. Since we are running in 32-bit mode we need this call/pop > >> - * sequence to get the proper relative addressing. > >> - */ > >> - call 1f > >> -1: popl %edi > >> - subl $1b, %edi > >> - > >> - movl enc_bit(%edi), %eax > >> - cmpl $0, %eax > >> - jge .Lsev_exit > >> - > >> /* Check if running under a hypervisor */ > >> movl $1, %eax > >> cpuid > >> @@ -69,12 +56,10 @@ ENTRY(get_sev_encryption_bit) > >> > >> movl %ebx, %eax > >> andl $0x3f, %eax /* Return the encryption bit location */ > >> - movl %eax, enc_bit(%edi) > >> jmp .Lsev_exit > >> > >> .Lno_sev: > >> xor %eax, %eax > >> - movl %eax, enc_bit(%edi) > >> > >> .Lsev_exit: > >> pop %edi > >> @@ -113,9 +98,6 @@ ENTRY(set_sev_encryption_mask) > >> ENDPROC(set_sev_encryption_mask) > >> > >> .data > >> -enc_bit: > >> - .int 0xffffffff > >> - > >> #ifdef CONFIG_AMD_MEM_ENCRYPT > >> .balign 8 > >> GLOBAL(sme_me_mask)