Received: by 2002:a05:6358:700f:b0:131:369:b2a3 with SMTP id 15csp733964rwo; Wed, 2 Aug 2023 03:25:01 -0700 (PDT) X-Google-Smtp-Source: APBJJlGvQDAW71yJjHPoKKxyY9wQI+KVKbOonYVYkshu01NVkoYFXcvg58M6BI5431HrA8MiE1Vy X-Received: by 2002:aa7:d6c8:0:b0:522:56e7:bafb with SMTP id x8-20020aa7d6c8000000b0052256e7bafbmr4854911edr.19.1690971901317; Wed, 02 Aug 2023 03:25:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690971901; cv=none; d=google.com; s=arc-20160816; b=uxxXJewVqoRi3KzZ3e3WAO6z3U3b87oGuj0cv0ll8mPvv5AvVwzxr3dcA3kHiemdhm YxHlaz5DB9eNs2SvOrbOTAzRPoA16gXON9vt+nxqpunfG3lIyqzk4HLuIcizXPPg17Sh Km6cY8hXTjtlLUBruZQRG3uzhigTyD3yzgjtsy88JFtIwVL0+pLuL1oF2PplgpCsaEie jTlypUUKRhWzOWPTQy66Fal6bOmKnzsYjdy4BVVBmybWLwuYRO32aXCNGbi4psbd7N4Y yHtVeESiPBg0/aOnSJt4GiwJvA7Sa+J3M05OwM3UQwAGT0N4c3D26JLLENTIwdXhwYMT XlHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature :dkim-signature; bh=qbAb28o3tTJyuj6zBqT3c/7EC27OCaTirnTJ24B68rw=; fh=c8p4ryFiS567Qa3MUr4jpB0s5GdRi+sJy3xK6Xbf35U=; b=mDMz8/4ZR+k9So88zcMM4GXcJQfvtUe7vLuD5xbNw4HNqSa03FXwZBYrGMgl84nSdU GiExKOp69dv+x/D8zTKqgZLmvPMmzcDOjFyoFONKj1BjVq/1HQfX4JN6+IG6kAMMQxKp iCTUy93tYjGngXXlk6yaAUvbgdlntkUfSZdmnH9LLG4pzpHfG3rCkMWvGGJVtsaxPA0k tcrq5BEq0uN4rMBy23z6qS5quT7wQFBk9PKbOSqulgnc0RcjRGeCXyMX7yOVn4dkWvax ilIxGQdvfKUrLxWleFHeh9VBgKGJga5A+0rL3v+H7NsbS3OYW4/g48OGD9fbs8igz/y2 j9EQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=pK8OgvPZ; dkim=pass header.i=@alien8.de header.s=alien8 header.b=iZnA2RbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y12-20020aa7c24c000000b005227efadc35si6102148edo.336.2023.08.02.03.24.36; Wed, 02 Aug 2023 03:25:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=pK8OgvPZ; dkim=pass header.i=@alien8.de header.s=alien8 header.b=iZnA2RbI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232978AbjHBJj4 (ORCPT + 99 others); Wed, 2 Aug 2023 05:39:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46008 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229629AbjHBJjz (ORCPT ); Wed, 2 Aug 2023 05:39:55 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 66E9DE4D; Wed, 2 Aug 2023 02:39:53 -0700 (PDT) Received: from mail.alien8.de (mail.alien8.de [IPv6:2a01:4f9:3051:3f93::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 76EDC1EC053F; Wed, 2 Aug 2023 11:39:51 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1690969191; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=qbAb28o3tTJyuj6zBqT3c/7EC27OCaTirnTJ24B68rw=; b=pK8OgvPZqyU9mXrjGzYXOw9QEn3Aj1nEqDDoqeblSnSLCEvWCTlwVEiRsbK8Pdp0RZ2ruK r+AbPuI6yw35R/PFgVV5WUo2u67IW4TgwqsSVedZP+ky9z4uqSCj1ukjS5kN77skeKdK2A VmEEKPwL8YucrcdNaT//X7zjqdthLKo= X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id DaNgISScVH2s; Wed, 2 Aug 2023 09:39:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1690969187; bh=qbAb28o3tTJyuj6zBqT3c/7EC27OCaTirnTJ24B68rw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=iZnA2RbIkt7bvkrXIOReyMu35jT96kZDma2DdSGBU+hlhgYu/pibRZRUyM9cEM1TW L/+lZx1iq64wBrHRYczsmgQnsRWfu1b/a6H2MwkwEOrlBFuDFe8hbE3x+aCc1aY4gy k7Ono3a6ah6RhD8JkqtbyjOnGQWLi7/f1FHf94B/4y96VLhLcDZ0uAQLd7dfsB6Tkv 1LTM7ua/0gw3mTuKQSyTkA2wT9IRt1uAdtmmW39rAb82paPyRiq99F/P9x9p6pvNDS HirU49kbd1D0EoRFTcgxMm5BZfdRiCoeBKCCqr9WI2BEB3dtNEXdIVpoq+AtzCuJFC hoKgZO9hohbmFn6AXL3xLCYja+yDNQLf9I5yfvuweD171STA6jLsVVZGlfaLDdkyeg UnQyCT0YdyT3SHaJyHKLVtkxZq73jvFeNFQFeTz+4DOKgl1hr/1kYNg4zh73Y2Zncj dltGgtqQhSvJTtYuxCVAdBKPr9QZ96AQKV1dFolZ04igWYV+L3sTVwOCLAeh8bt941 7ZGLdf7BwjwVxvDflBQumvo8/CVE3fkILzS1tNKik4G+OZElDEn5B2clpdycsb/5QW 8rnnnL8Y1NZAMipx+gPMtSkgoE1wzYkg2Z6RqikTn+oLX1lToWSyzg7/GsHMEkV6HW P5PQ4ku3T69a0hkRub4ITCj0= Received: from zn.tnic (pd9530d32.dip0.t-ipconnect.de [217.83.13.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 6AFF040E0190; Wed, 2 Aug 2023 09:39:33 +0000 (UTC) Date: Wed, 2 Aug 2023 11:39:27 +0200 From: Borislav Petkov To: Tao Liu , Michael Roth , Tom Lendacky Cc: tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, ardb@kernel.org, linux-kernel@vger.kernel.org, bhe@redhat.com, dyoung@redhat.com, kexec@lists.infradead.org, linux-efi@vger.kernel.org Subject: Re: [PATCH v2] x86/kexec: Add EFI config table identity mapping for kexec kernel Message-ID: <20230802093927.GAZMokT57anC5jBISK@fat_crate.local> References: <20230601072043.24439-1-ltao@redhat.com> <20230713100459.GEZK/MS69XbphJa+tN@fat_crate.local> <20230717141409.GGZLVMsU6d/9mpJvMO@fat_crate.local> <20230728165535.GDZMPzB/ek5QM+xJqA@fat_crate.local> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Aug 02, 2023 at 04:22:54PM +0800, Tao Liu wrote: > Thanks for the patch! I have tested it on the lenovo machine in the > past few days, no issue found, so the patch tests OK. Thanks for testing! Mike, Tom, the below ok this way? --- From: "Borislav Petkov (AMD)" Date: Sun, 16 Jul 2023 20:22:20 +0200 Subject: [PATCH] x86/sev: Do not try to parse for the CC blob on non-AMD hardware Tao Liu reported a boot hang on an Intel Atom machine due to an unmapped EFI config table. The reason being that the CC blob which contains the CPUID page for AMD SNP guests is parsed for before even checking whether the machine runs on AMD hardware. Usually that's not a problem on !AMD hw - it simply won't find the CC blob's GUID and return. However, if any parts of the config table pointers array is not mapped, the kernel will #PF very early in the decompressor stage without any opportunity to recover. Therefore, do a superficial CPUID check before poking for the CC blob. This will fix the current issue on real hardware. It would also work as a guest on a non-lying hypervisor. For the lying hypervisor, the check is done again, *after* parsing the CC blob as the real CPUID page will be present then. Clear the #VC handler in case SEV-{ES,SNP} hasn't been detected, as a precaution. Fixes: c01fce9cef84 ("x86/compressed: Add SEV-SNP feature detection/setup") Reported-by: Tao Liu Signed-off-by: Borislav Petkov (AMD) Tested-by: Tao Liu Cc: Link: https://lore.kernel.org/r/20230601072043.24439-1-ltao@redhat.com --- arch/x86/boot/compressed/idt_64.c | 9 +++++++- arch/x86/boot/compressed/sev.c | 37 +++++++++++++++++++++++++++++-- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/arch/x86/boot/compressed/idt_64.c b/arch/x86/boot/compressed/idt_64.c index 6debb816e83d..3cdf94b41456 100644 --- a/arch/x86/boot/compressed/idt_64.c +++ b/arch/x86/boot/compressed/idt_64.c @@ -63,7 +63,14 @@ void load_stage2_idt(void) set_idt_entry(X86_TRAP_PF, boot_page_fault); #ifdef CONFIG_AMD_MEM_ENCRYPT - set_idt_entry(X86_TRAP_VC, boot_stage2_vc); + /* + * Clear the second stage #VC handler in case guest types + * needing #VC have not been detected. + */ + if (sev_status & BIT(1)) + set_idt_entry(X86_TRAP_VC, boot_stage2_vc); + else + set_idt_entry(X86_TRAP_VC, NULL); #endif load_boot_idt(&boot_idt_desc); diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index 09dc8c187b3c..c3e343bd4760 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -404,13 +404,46 @@ void sev_enable(struct boot_params *bp) if (bp) bp->cc_blob_address = 0; + /* + * Do an initial SEV capability check before snp_init() which + * loads the CPUID page and the same checks afterwards are done + * without the hypervisor and are trustworthy. + * + * If the HV fakes SEV support, the guest will crash'n'burn + * which is good enough. + */ + + /* Check for the SME/SEV support leaf */ + eax = 0x80000000; + ecx = 0; + native_cpuid(&eax, &ebx, &ecx, &edx); + if (eax < 0x8000001f) + return; + + /* + * Check for the SME/SEV feature: + * CPUID Fn8000_001F[EAX] + * - Bit 0 - Secure Memory Encryption support + * - Bit 1 - Secure Encrypted Virtualization support + * CPUID Fn8000_001F[EBX] + * - Bits 5:0 - Pagetable bit position used to indicate encryption + */ + eax = 0x8000001f; + ecx = 0; + native_cpuid(&eax, &ebx, &ecx, &edx); + /* Check whether SEV is supported */ + if (!(eax & BIT(1))) + return; + /* * Setup/preliminary detection of SNP. This will be sanity-checked * against CPUID/MSR values later. */ snp = snp_init(bp); - /* Check for the SME/SEV support leaf */ + /* Now repeat the checks with the SNP CPUID table. */ + + /* Recheck the SME/SEV support leaf */ eax = 0x80000000; ecx = 0; native_cpuid(&eax, &ebx, &ecx, &edx); @@ -418,7 +451,7 @@ void sev_enable(struct boot_params *bp) return; /* - * Check for the SME/SEV feature: + * Recheck for the SME/SEV feature: * CPUID Fn8000_001F[EAX] * - Bit 0 - Secure Memory Encryption support * - Bit 1 - Secure Encrypted Virtualization support -- 2.41.0 -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette