Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp3398579rwb; Mon, 16 Jan 2023 07:31:47 -0800 (PST) X-Google-Smtp-Source: AMrXdXujKovZFQfGyLLY30SQyQsjg4bRuRX8hhOICT8t5d6jP3ifd9Mh7eFTpnfWo7WB0zhfBdOU X-Received: by 2002:a05:6402:550d:b0:461:9578:f904 with SMTP id fi13-20020a056402550d00b004619578f904mr77148694edb.23.1673883107142; Mon, 16 Jan 2023 07:31:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673883107; cv=none; d=google.com; s=arc-20160816; b=yQeG6Mm3wHyZYjzQOtHHBMojm8OuXUSQa5rBHp822+Hn/PiC9R3t3vThOfMUG89TQT 8i9ChBln42jPymQ941OJFOCMdnRuOJ0KcgZsrK5MjxzBCZm2H7JoUtKRsvze/hVNweve nE8rnB9mG2Ao2t26ixm8tlRvR7pUtXh2dORtCM1KKOiLcLcQLk5K4zfw7Dzia6VA8snR 48zGQ/O2y5oJlqMQTxUMMh+1/GsiMBnsuDrhOlPP9miHd/PweNvWOvBppgeZircOJCTI WqEM39OxAqY+OBqt9UP6jVaSyRLdiPdRISLILmUzE6KsANl4FcU40GIRwCNscLQQEVcK /+lg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:subject:cc:to:from:date :user-agent:message-id:dkim-signature; bh=rHjspetb6Sj1qMw4IETTuTuaCFumb5EYx3riiNCTYv8=; b=msVNQkGTdiBZjW59J6VS6c+Fxjh9FW/tCZtTLPCC/QU+hG9QCyN/zv4V+XpPHdr/BA y7+2pc1Umf04NxbnpqLsKnlYE/qg0w+g7rjV4rLeLaPCgGsM8W1BHKb2rh1suaz1OvKW toT806Ht6OxZi1b0mor8aLufSrm1gJ4alaB3Qo4YyEopdM28GURjcg39FovvlwzHjmgA 9lLTcMtQZd75QA6DKKKaC81F5Ten9ANblo39qsFvyQe2CVrITYHRC2tn6eAYBgTq2Ftz UwSLcz+Ec685fRXYut+VE6+uLpPWzvaZ0Zpfc4L89SV9YjHghgzbXRN2S0jz73KOp6WG y6hw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=cxz2ZJ+y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h2-20020a056402280200b00493969bd008si8790855ede.121.2023.01.16.07.31.34; Mon, 16 Jan 2023 07:31:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=casper.20170209 header.b=cxz2ZJ+y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231516AbjAPOxB (ORCPT + 50 others); Mon, 16 Jan 2023 09:53:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44404 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231209AbjAPOwN (ORCPT ); Mon, 16 Jan 2023 09:52:13 -0500 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 52AF123DAD for ; Mon, 16 Jan 2023 06:38:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Content-Type:MIME-Version:References: Subject:Cc:To:From:Date:Message-ID:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:In-Reply-To; bh=rHjspetb6Sj1qMw4IETTuTuaCFumb5EYx3riiNCTYv8=; b=cxz2ZJ+y57FVH0axH7GJ3/SDvk SfIli5aMNXUCBqSZ5s0hpQ541ETtZeXdeKeGN56Ebrzzk0C4N9eLXGVlRGHVrQ5JzV49oWAUTb+Qe Kn4rI0WMLi8kkdccgmv96vW1qIQzU99aMQ1+XNeo6itRotmYQ0j8+xlhlEUBQ0ztiZvuG2cxAChr6 22QxIhtpXZ6ZvAkrMLo5HT7ZYfsHVWzIJ2yKMB5H3w81SPg3IvAOF/XqgpTenKxT3AR/Anre1jbBa 5T4FbzmfMt67wCGdvro8HFHivVFFtpRbdX2x3wnviudr35z2uOGNZgbxfcNisa/ZFz7Fzu5vDAznP UN6EINCw==; Received: from j130084.upc-j.chello.nl ([24.132.130.84] helo=noisy.programming.kicks-ass.net) by casper.infradead.org with esmtpsa (Exim 4.94.2 #2 (Red Hat Linux)) id 1pHQcT-008oZ5-S7; Mon, 16 Jan 2023 14:37:54 +0000 Received: from hirez.programming.kicks-ass.net (hirez.programming.kicks-ass.net [192.168.1.225]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by noisy.programming.kicks-ass.net (Postfix) with ESMTPS id E59A8300C0C; Mon, 16 Jan 2023 15:37:38 +0100 (CET) Received: by hirez.programming.kicks-ass.net (Postfix, from userid 0) id ADBD820B75F3D; Mon, 16 Jan 2023 15:37:38 +0100 (CET) Message-ID: <20230116143645.589522290@infradead.org> User-Agent: quilt/0.66 Date: Mon, 16 Jan 2023 15:25:34 +0100 From: Peter Zijlstra To: x86@kernel.org, Joan Bruguera Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, Juergen Gross , "Rafael J. Wysocki" , xen-devel , Jan Beulich , Roger Pau Monne , Kees Cook , mark.rutland@arm.com, Andrew Cooper , =?UTF-8?q?J=C3=B6rg=20R=C3=B6del?= , "H. Peter Anvin" , jroedel@suse.de Subject: [PATCH v2 1/7] x86/boot: Remove verify_cpu() from secondary_startup_64() References: <20230116142533.905102512@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The boot trampolines from trampoline_64.S have code flow like: 16bit BIOS SEV-ES 64bit EFI trampoline_start() sev_es_trampoline_start() trampoline_start_64() verify_cpu() | | switch_to_protected: <---------------' v | pa_trampoline_compat() v | startup_32() <-----------------------------------------------' | v startup_64() | v tr_start() := head_64.S:secondary_startup_64() Since AP bringup always goes through the 16bit BIOS path (EFI doesn't touch the APs), there is already a verify_cpu() invocation. Removing the verify_cpu() invocation from secondary_startup_64() renders the whole secondary_startup_64_no_verify() thing moot, so remove that too. Cc: jroedel@suse.de Cc: hpa@zytor.com Fixes: e81dc127ef69 ("x86/callthunks: Add call patching for call depth tracking") Reported-by: Joan Bruguera Signed-off-by: Peter Zijlstra (Intel) --- arch/x86/include/asm/realmode.h | 1 - arch/x86/kernel/head_64.S | 16 ---------------- arch/x86/realmode/init.c | 6 ------ 3 files changed, 23 deletions(-) --- a/arch/x86/include/asm/realmode.h +++ b/arch/x86/include/asm/realmode.h @@ -73,7 +73,6 @@ extern unsigned char startup_32_smp[]; extern unsigned char boot_gdt[]; #else extern unsigned char secondary_startup_64[]; -extern unsigned char secondary_startup_64_no_verify[]; #endif static inline size_t real_mode_size_needed(void) --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -143,22 +143,6 @@ SYM_CODE_START(secondary_startup_64) * after the boot processor executes this code. */ - /* Sanitize CPU configuration */ - call verify_cpu - - /* - * The secondary_startup_64_no_verify entry point is only used by - * SEV-ES guests. In those guests the call to verify_cpu() would cause - * #VC exceptions which can not be handled at this stage of secondary - * CPU bringup. - * - * All non SEV-ES systems, especially Intel systems, need to execute - * verify_cpu() above to make sure NX is enabled. - */ -SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) - UNWIND_HINT_EMPTY - ANNOTATE_NOENDBR - /* * Retrieve the modifier (SME encryption mask if SME is active) to be * added to the initial pgdir entry that will be programmed into CR3. --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -74,12 +74,6 @@ static void __init sme_sev_setup_real_mo th->flags |= TH_FLAGS_SME_ACTIVE; if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) { - /* - * Skip the call to verify_cpu() in secondary_startup_64 as it - * will cause #VC exceptions when the AP can't handle them yet. - */ - th->start = (u64) secondary_startup_64_no_verify; - if (sev_es_setup_ap_jump_table(real_mode_header)) panic("Failed to get/update SEV-ES AP Jump Table"); }