Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp86605pxf; Wed, 10 Mar 2021 00:49:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJy1lMsHaiZaDKPvzuYHs+RGpK/g5f034MHGe1wCYYd2muZLBXDTCEONBQXVaRNnkOU1JpIR X-Received: by 2002:a05:6402:180b:: with SMTP id g11mr1991287edy.195.1615366149674; Wed, 10 Mar 2021 00:49:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615366149; cv=none; d=google.com; s=arc-20160816; b=enKDV3hU9V9z01bFIxWIRT0h4psIpi/GM03pHDUT3j4FXkWB/xDxdtHxBQE+KJ8+Wo 8SWGg4/jo6H9weT7AhDjdZZty2zIqXKWyN9i5n1+BK+Cb5KjOuzZ3AF1hwG2DsBKDxgI MxNAkJxnwc6YBXpRzp4zc+cc6NEaEm/dNtYRqBcYi0oX/vw3bQxi0CJIJ3nmrHOG28a6 6+0t3TJ+Oomf7l3f8U9oPPK5Jcgf5JL6RMf1UHpcUlnFj6coz1lv/moWOLN/xNhK/Rqx l2cilVV99xYLFBnuJ4bq0TRQ/CBhuitQZSpROwSwAf3bqSqWjsqyfLkyZ+b4oHpZYpir KfgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=tcvTvrcG0ST9juwSVgPh6dzd+ZXaiKKs9CSk6dgejuI=; b=KnnbmBPqx9gYLq31SqS1j1vrDqR2BR6rUaJN50a1Or8b2DG1Ye1DbmsgaqrSVX5gwn vWLYAbeuliHvNRsMFwrWD+thn1ENAbObnKzt5Um3huCTZH9f/RjOVirZzrI/tz5iAUHj mtrlyaDQOJ4BBoXlUAmHUUPTj9zxqWVinEbfE9h/czzsmAt8StlD82agUhy9jvlbp3QC kOXH4e7olROLB/2rlXTI+/RfSJUiXClVpB0gm2NIyX28+6pO28cznQqxaYmsCxRzXFcz YgCPvxRc0VBfN6YyS2xIRDpAS1GUJ5mnYlu85cNrIbfjNPs/3N4FvYA5bDdzg7tYBzkF ABIg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id de53si11040030ejc.358.2021.03.10.00.48.47; Wed, 10 Mar 2021 00:49:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232529AbhCJIom (ORCPT + 99 others); Wed, 10 Mar 2021 03:44:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40968 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232327AbhCJIn7 (ORCPT ); Wed, 10 Mar 2021 03:43:59 -0500 Received: from theia.8bytes.org (8bytes.org [IPv6:2a01:238:4383:600:38bc:a715:4b6d:a889]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 307B0C061765; Wed, 10 Mar 2021 00:43:58 -0800 (PST) Received: from cap.home.8bytes.org (p549adcf6.dip0.t-ipconnect.de [84.154.220.246]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by theia.8bytes.org (Postfix) with ESMTPSA id 540CD59F; Wed, 10 Mar 2021 09:43:54 +0100 (CET) From: Joerg Roedel To: x86@kernel.org Cc: Joerg Roedel , Joerg Roedel , hpa@zytor.com, Andy Lutomirski , Dave Hansen , Peter Zijlstra , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Sean Christopherson , Martin Radev , Arvind Sankar , linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: [PATCH v2 5/7] x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path Date: Wed, 10 Mar 2021 09:43:23 +0100 Message-Id: <20210310084325.12966-6-joro@8bytes.org> X-Mailer: git-send-email 2.30.1 In-Reply-To: <20210310084325.12966-1-joro@8bytes.org> References: <20210310084325.12966-1-joro@8bytes.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel The 32-bit #VC handler has no GHCB and can only handle CPUID exit codes. It is needed by the early boot code to handle #VC exceptions raised in verify_cpu() and to get the position of the C bit. But the CPUID information comes from the hypervisor, which is untrusted and might return results which trick the guest into the no-SEV boot path with no C bit set in the page-tables. All data written to memory would then be unencrypted and could leak sensitive data to the hypervisor. Add sanity checks to the 32-bit boot #VC handler to make sure the hypervisor does not pretend that SEV is not enabled. Signed-off-by: Joerg Roedel --- arch/x86/boot/compressed/mem_encrypt.S | 36 ++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/arch/x86/boot/compressed/mem_encrypt.S b/arch/x86/boot/compressed/mem_encrypt.S index 2ca056a3707c..8941c3a8ff8a 100644 --- a/arch/x86/boot/compressed/mem_encrypt.S +++ b/arch/x86/boot/compressed/mem_encrypt.S @@ -145,6 +145,34 @@ SYM_CODE_START(startup32_vc_handler) jnz .Lfail movl %edx, 0(%esp) # Store result + /* + * Sanity check CPUID results from the Hypervisor. See comment in + * do_vc_no_ghcb() for more details on why this is necessary. + */ + + /* Fail if Hypervisor bit not set in CPUID[1].ECX[31] */ + cmpl $1, %ebx + jne .Lcheck_leaf + btl $31, 4(%esp) + jnc .Lfail + jmp .Ldone + +.Lcheck_leaf: + /* Fail if SEV leaf not available in CPUID[0x80000000].EAX */ + cmpl $0x80000000, %ebx + jne .Lcheck_sev + cmpl $0x8000001f, 12(%esp) + jb .Lfail + jmp .Ldone + +.Lcheck_sev: + /* Fail if SEV bit not set in CPUID[0x8000001f].EAX[1] */ + cmpl $0x8000001f, %ebx + jne .Ldone + btl $1, 12(%esp) + jnc .Lfail + +.Ldone: popl %edx popl %ecx popl %ebx @@ -158,6 +186,14 @@ SYM_CODE_START(startup32_vc_handler) iret .Lfail: + /* Send terminate request to Hypervisor */ + movl $0x100, %eax + xorl %edx, %edx + movl $MSR_AMD64_SEV_ES_GHCB, %ecx + wrmsr + rep; vmmcall + + /* If request fails, go to hlt loop */ hlt jmp .Lfail SYM_CODE_END(startup32_vc_handler) -- 2.30.1