Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp8533053rwb; Thu, 24 Nov 2022 00:23:56 -0800 (PST) X-Google-Smtp-Source: AA0mqf45vJqj1b1hbsxhSc5s4vMfSP7J/NsBYpTlHKFCzZDk7LLCRIV0qwRgMceRtpp304aqmyYB X-Received: by 2002:a63:131a:0:b0:476:f92f:885a with SMTP id i26-20020a63131a000000b00476f92f885amr11524551pgl.478.1669278235905; Thu, 24 Nov 2022 00:23:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669278235; cv=none; d=google.com; s=arc-20160816; b=KKGAt1wlf6H0vRe0brjIrTuaD5XeX3kYIo7DTOXMpuGdEQsg7QnI+XGJkJjvAH17DG lALH8076lEtAqnxARf15FvApUn1v+34Q1kwI9FSlhltfw2h5vSzgA6giiVu26cVaFWag f80xX/J3IbDv+nC6uW/GJ/RK60ppbMuHsebtNQTXPpW544TKgdfDuKrwBWjsEBBpEpeg YtLlYxXplyOz4TzgbgafBpQikSuHn2pmtkjmhU0tFdkvUrvTfqkuv+RCGlA1gJ2bSIrk MlWNXyQLJ/5F/pIM6gVxrATNhuhkGnyl95l/C/vKE0uMQd87PIyPOoVzugQP55+NLmc1 e1Vw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:references:in-reply-to:cc:subject :to:reply-to:sender:from:dkim-signature:dkim-signature:date; bh=xexxDX5KT6kwgcfQmlhhDfhA0srurYDiiE+SuI0gAwY=; b=bcx7OLwH8xmQwZ2iF3B7x7ZEc+/va1yaETgF2SXaP/wNEwTv5Zfz3iaKojUP8VOtCQ nvKdFEcW1AQ4r7pFFIlH7IMyD1rR4AkKOe6OszrufwDBnkAoxuiHm+RxbtvqA3s4ISqd b38o0NkyjHoRWQsSRIrbD/bLkx6a+jPzY1WmEuAUP69HoorjsZhSLhBfnXgwXIdDvsso 50amX8cQpIyqPB+xze/fYAsxYGfGbHpaM+7LxnTRvNbgOi4kxPdlOopHi7yoj9SuS4PJ Vx2p7F+d0Z0x4EAXgD0S/h98LqY/zFA0w41N58uTGRkUGkQO8qavxVgJsIUDh22+0V+F 7iZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=j29pzDSy; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=kQcEYSZm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z3-20020a170902d54300b00188c26e5bcdsi409662plf.531.2022.11.24.00.23.44; Thu, 24 Nov 2022 00:23:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=j29pzDSy; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e header.b=kQcEYSZm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229795AbiKXINU (ORCPT + 88 others); Thu, 24 Nov 2022 03:13:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57992 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229597AbiKXIMe (ORCPT ); Thu, 24 Nov 2022 03:12:34 -0500 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 847ECE637D; Thu, 24 Nov 2022 00:12:07 -0800 (PST) Date: Thu, 24 Nov 2022 08:12:04 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1669277526; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xexxDX5KT6kwgcfQmlhhDfhA0srurYDiiE+SuI0gAwY=; b=j29pzDSylapwZ2JotiEgJIzoZt0i4dhKqoWfwF9PHxZ5qVawDSu0RBg90dKqIl818gZRXr HLdMihppJlW9cB0cAYuas5TkbnJ6I37jqMuDqA0AZyLnb5GyXdOLQRGS42lynC9aeAVvnp tRdBfDG+6JMgmia8Cio9xolxx1vAJFwvLaaOdg3XUNSiHsMbOlnYzf2WvjxuHTO7JehI5f fyNVIj+AyqVDAvBIg+tYT1w9KJy75ofVeVRUes40M9DEv1fN7UTMKayGEVNyvlzyCUjdPS u+DDOfniXnBkNUJTaHPjKWZ3iZsI3u7hNdsNqkin0F7l7kxkehvgI8b5xl5XFQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1669277526; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xexxDX5KT6kwgcfQmlhhDfhA0srurYDiiE+SuI0gAwY=; b=kQcEYSZmMylzPWe8pHRr7mvHQTtCKw6EvIWwxt/j6xa3S9zVyY0+cLMtE2KoIp6kOfSsG0 gyqUN+9mQ/e1X+AQ== From: "tip-bot2 for Ard Biesheuvel" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/boot] x86/boot/compressed: Move startup32_load_idt() into .text section Cc: Ard Biesheuvel , Borislav Petkov , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20221122161017.2426828-12-ardb@kernel.org> References: <20221122161017.2426828-12-ardb@kernel.org> MIME-Version: 1.0 Message-ID: <166927752495.4906.13742704492696736732.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/boot branch of tip: Commit-ID: c6355995ba471d7ad574174e593192ce805c7e1a Gitweb: https://git.kernel.org/tip/c6355995ba471d7ad574174e593192ce805c7e1a Author: Ard Biesheuvel AuthorDate: Tue, 22 Nov 2022 17:10:11 +01:00 Committer: Borislav Petkov CommitterDate: Thu, 24 Nov 2022 08:57:41 +01:00 x86/boot/compressed: Move startup32_load_idt() into .text section Convert startup32_load_idt() into an ordinary function and move it into the .text section. This involves turning the rva() immediates into ones derived from a local label, and preserving/restoring the %ebp and %ebx as per the calling convention. Also move the #ifdef to the only existing call site. This makes it clear that the function call does nothing if support for memory encryption is not compiled in. Signed-off-by: Ard Biesheuvel Signed-off-by: Borislav Petkov Link: https://lore.kernel.org/r/20221122161017.2426828-12-ardb@kernel.org --- arch/x86/boot/compressed/head_64.S | 31 ++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index f9926b3..7aa147f 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -118,7 +118,9 @@ SYM_FUNC_START(startup_32) 1: /* Setup Exception handling for SEV-ES */ +#ifdef CONFIG_AMD_MEM_ENCRYPT call startup32_load_idt +#endif /* Make sure cpu supports long mode. */ call verify_cpu @@ -716,10 +718,8 @@ SYM_DATA_START(boot32_idt) .quad 0 .endr SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) -#endif -#ifdef CONFIG_AMD_MEM_ENCRYPT - __HEAD + .text .code32 /* * Write an IDT entry into boot32_idt @@ -752,24 +752,32 @@ SYM_FUNC_START_LOCAL(startup32_set_idt_entry) RET SYM_FUNC_END(startup32_set_idt_entry) -#endif SYM_FUNC_START(startup32_load_idt) -#ifdef CONFIG_AMD_MEM_ENCRYPT - leal rva(boot32_idt)(%ebp), %ecx + push %ebp + push %ebx + + call 1f +1: pop %ebp + + leal (boot32_idt - 1b)(%ebp), %ebx /* #VC handler */ - leal rva(startup32_vc_handler)(%ebp), %eax + leal (startup32_vc_handler - 1b)(%ebp), %eax movl $X86_TRAP_VC, %edx + movl %ebx, %ecx call startup32_set_idt_entry /* Load IDT */ - leal rva(boot32_idt)(%ebp), %eax - movl %eax, rva(boot32_idt_desc+2)(%ebp) - lidt rva(boot32_idt_desc)(%ebp) -#endif + leal (boot32_idt_desc - 1b)(%ebp), %ecx + movl %ebx, 2(%ecx) + lidt (%ecx) + + pop %ebx + pop %ebp RET SYM_FUNC_END(startup32_load_idt) +#endif /* * Check for the correct C-bit position when the startup_32 boot-path is used. @@ -788,6 +796,7 @@ SYM_FUNC_END(startup32_load_idt) * succeed. An incorrect C-bit position will map all memory unencrypted, so that * the compare will use the encrypted random data and fail. */ + __HEAD SYM_FUNC_START(startup32_check_sev_cbit) #ifdef CONFIG_AMD_MEM_ENCRYPT pushl %eax