Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1701581ybh; Tue, 14 Jul 2020 05:13:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwGglulg2lqAPGRdJOMS3Kk94hB4Fx+6tW7VI7WUJhQ1c3yoTHNXvGPAczys4ISpY86X0Et X-Received: by 2002:a17:906:dbe9:: with SMTP id yd9mr4272698ejb.75.1594728801056; Tue, 14 Jul 2020 05:13:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594728801; cv=none; d=google.com; s=arc-20160816; b=Id0ZHqStxhcExNSTHrfeaJ3H8r42jTm2Gz/OT2u9u/p+XjL720yNXLzwjrhUDcFLZe pFIg2gpQ9G18XSHzYaMbhkHLEHv0Rvo1yaD3h+VIbWgRnZA+4X0XFHcpJDVHXEv4oyeL C0xQ5W9SLq+b3rs8xXi4S7gm53zHO+wUDRZqSKcwHO6bu/XqIYbIHrP7Qwyu07WMfQen 0XyDzdu6WqvWG5XRkvG39BnrUvAlAFw3DoS5PYWqEWEiyPiroGPGcXkIvs9B3pPGeh3y /iW9PckoZG/0IpDl6FnzO1QE9BbXGmf92p0FDIf0/UMmgV1+vSlwjnjD4Rc+1y0GK/Kd CGHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=VqASKmwr5kgvaKq0RAWssm6yUfawPvg/Ud5dOqDcwIo=; b=mAFYXE+QpM+vWbTk3w/UVoUKrjPAjijQpiCKfyniYMNLWeivHDiRkt6hjB2J7qviZR g/Asa0GugnZgzsdl6Ytlt6KgIDpqfNjUIknJsapvU3aDOmxmaM3TKPDk2SE0qeVvLSlV r1bxCXE22UYXQSzsbilAQxSXe4dHipNzRi4dRjNWi8XU33rR0QmPgLSJi/srAzUOjjM0 hSuXwZO/1oxbRNdIcEN/b2FmJWikuv54fQ4YlL3W3aLHpdHz+faYAe4wqOmwm7t7qQIE acw31RXygOfHIWhUSGaekAo8TQRgCqjn2op+PHPnK+pznxZ+dG9s+VFkA04l6uZ8BiDq Q9/Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id uz6si10090553ejb.50.2020.07.14.05.12.56; Tue, 14 Jul 2020 05:13:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728723AbgGNMMA (ORCPT + 99 others); Tue, 14 Jul 2020 08:12:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728603AbgGNMLV (ORCPT ); Tue, 14 Jul 2020 08:11:21 -0400 Received: from theia.8bytes.org (8bytes.org [IPv6:2a01:238:4383:600:38bc:a715:4b6d:a889]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AB2DC08C5DB; Tue, 14 Jul 2020 05:11:21 -0700 (PDT) Received: from cap.home.8bytes.org (p5b006776.dip0.t-ipconnect.de [91.0.103.118]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by theia.8bytes.org (Postfix) with ESMTPSA id B9D2CFED; Tue, 14 Jul 2020 14:11:11 +0200 (CEST) From: Joerg Roedel To: x86@kernel.org Cc: Joerg Roedel , Joerg Roedel , hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Sean Christopherson , Martin Radev , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: [PATCH v4 70/75] x86/head/64: Don't call verify_cpu() on starting APs Date: Tue, 14 Jul 2020 14:09:12 +0200 Message-Id: <20200714120917.11253-71-joro@8bytes.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200714120917.11253-1-joro@8bytes.org> References: <20200714120917.11253-1-joro@8bytes.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel The APs are not ready to handle exceptions when verify_cpu() is called in secondary_startup_64. Signed-off-by: Joerg Roedel --- arch/x86/include/asm/realmode.h | 1 + arch/x86/kernel/head_64.S | 1 + arch/x86/realmode/init.c | 6 ++++++ 3 files changed, 8 insertions(+) diff --git a/arch/x86/include/asm/realmode.h b/arch/x86/include/asm/realmode.h index 6590394af309..5c97807c38a4 100644 --- a/arch/x86/include/asm/realmode.h +++ b/arch/x86/include/asm/realmode.h @@ -69,6 +69,7 @@ extern unsigned char startup_32_smp[]; extern unsigned char boot_gdt[]; #else extern unsigned char secondary_startup_64[]; +extern unsigned char secondary_startup_64_no_verify[]; #endif static inline size_t real_mode_size_needed(void) diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index 5b577d6bce7a..8b43ed0592e8 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -165,6 +165,7 @@ SYM_CODE_START(secondary_startup_64) /* Sanitize CPU configuration */ call verify_cpu +SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) /* * Retrieve the modifier (SME encryption mask if SME is active) to be * added to the initial pgdir entry that will be programmed into CR3. diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index 61a52b925d15..df701f87ddef 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -46,6 +46,12 @@ static void sme_sev_setup_real_mode(struct trampoline_header *th) th->flags |= TH_FLAGS_SME_ACTIVE; if (sev_es_active()) { + /* + * Skip the call to verify_cpu() in secondary_startup_64 as it + * will cause #VC exceptions when the AP can't handle them yet. + */ + th->start = (u64) secondary_startup_64_no_verify; + if (sev_es_setup_ap_jump_table(real_mode_header)) panic("Failed to update SEV-ES AP Jump Table"); } -- 2.27.0