Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2604532lqp; Mon, 25 Mar 2024 04:16:44 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUiSLpz7NyR5i2YoMG537tdgiJi/FeqBzO82zIYUEOz++AYKZ8+54tN09+qObCXNerX3cCrcvGWeI2tm8tyUUmsGfnqKYMhX8SEVhyQPw== X-Google-Smtp-Source: AGHT+IHF4n9y0wMrebJwn3kV4v6yFDtHRXXjq1ViPFAvFgaymY6D0VJlHIMU9pRm/zKBzt7W+6eB X-Received: by 2002:a05:6a20:a11d:b0:1a3:c8c4:9c83 with SMTP id q29-20020a056a20a11d00b001a3c8c49c83mr2733572pzk.37.1711365403841; Mon, 25 Mar 2024 04:16:43 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711365403; cv=pass; d=google.com; s=arc-20160816; b=kj8TPsSVTnGgq6UuenG2TDX2HmCYsPES+a79KZVv7fLng/XHTpPT4ojLOubPtJFtPd IB8YwQk/ttYRxW9SUz5pu19+oYUN6rpITrycXy5NmKTwng5O9IvY+59GF/xrFWspodgC ++UQY2NqnC7qKJ7U3Wn57Rq/iyVodjQXK7XItkoCxbF9J+uiNH/KbcizNaZmyuykNypA t+/ZnqDVEIcMXoutETGir75aAyyUq761tbn2JAnizNuOY0zu5Iah9MDKvDtlIIYsIPI9 +/oMN7RQhMwbbmm65hU+bjIxOKJGuCEZvHETiFkmNvRaUeBMqcC2gOLyPp/mdrlKIiTw a6GA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=IYcqajbM29XMqZpL0FzqB0bCMzAlPcMWbOVgjHEQ6bg=; fh=2cgy0DrLY9cO3enh2txMTpS9d1VeK4LhMMk2HoOVEps=; b=guakaoWTx8YYlW/s2+WUVq7hMrPWwQO94FBko1z+rB3Zr+32efAUQp0VdfA8KAWDXk p7ZEtP94zb6XSR/nPkYpcDxg8u8NrPkVvedC1HITwHAW6LWE3nD/5jK/U+chyEffbcA4 6p+76ibAjyF7YLZjOt7MrW2n4A5O0ARfePXbmEyIWSrA3qNVbKMHOZJ3Fvc/FGQ4yr7e D9L/T1gmoM4B1SuI8IGDaEXtr8yycjwySPw4cGSXPZshUuHoqHstvdpdjaxhVKqyknAv D86j5LFLugvpmfoE6hCW7Pt3of+STFBDq1T6+RlSYkYt+C+HsClppEiSDPenJ5iXEhkj wiFg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=cjLyp6aA; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-115829-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-115829-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id d13-20020a170902654d00b001e0be222e6dsi1691732pln.189.2024.03.25.04.16.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Mar 2024 04:16:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-115829-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=cjLyp6aA; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-115829-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-115829-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 1DFEDB3E639 for ; Mon, 25 Mar 2024 09:29:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 2072D378C48; Mon, 25 Mar 2024 03:01:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="cjLyp6aA" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 994E7145348; Sun, 24 Mar 2024 23:13:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711322005; cv=none; b=eZGAQiYtH1wsT7qbo1CxiCAz6k9gxlqCWAo9205tTtH73ho03Fez6Neqna54oAAj/5L8aHiQoO1ge/24RvJ4+FWddL6RwbkruMqgrKEXUDzv39FSbm0cHl9hVX5Gv7DtkC1Xllbp62G/J28NEg9sLthVleXVAM/8wsK0TZgAbVg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711322005; c=relaxed/simple; bh=2sp9ApPNB1kvNVmUlb6c0/k+nkdH4tr6ck10HNGkcfU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SJIj0gu6JV5Tfouone1oEXltlBWDZ2WuWXSo/uHXjkmEtl8REfSsg3BKiS3HS26tjEBb3qXEu77eR2MhjJ4lCWfgQFILst7VFtQiq/yZrREwezYLNpIksNSUV39XVPioif6n4HgCwPRW/T+AW6wHx+xGS1yDShrXLFF2Gdn345A= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=cjLyp6aA; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id BE74FC433F1; Sun, 24 Mar 2024 23:13:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1711322005; bh=2sp9ApPNB1kvNVmUlb6c0/k+nkdH4tr6ck10HNGkcfU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=cjLyp6aAd8e2LEV37haPSw/r9S0AhIMUBQ28sdV1eCa40ka2/vco/xeO3AQI7SPT7 O6JyiPHJix6apqfteTuxVuG5MDW4tax+EAOvoF9m85edEnIo7vmMsQkF+IkbkFzxBv g2PQ9W8Dx2wIme8HhYW/Z+Utg2sxA+bBeLkLmy7BaptB5oBhcA7knz+ZMJPk2TU31t BFqw1V4KKfcZQ73ljRGGZAOB2fSpip/Wi1U5PHDFXO0Y1b6od+hpB5ElScTV+9lJ3j nMB1PDIhPBMyT0+NWT8acixQYL2j3Vwje/YoPGtey/BvpLvOrSLNE6tHc9QwF2wkzw FRIQcEArp+CZQ== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Ard Biesheuvel , Borislav Petkov , Tom Lendacky , Sasha Levin Subject: [PATCH 6.1 077/451] x86/sme: Fix memory encryption setting if enabled by default and not overridden Date: Sun, 24 Mar 2024 19:05:53 -0400 Message-ID: <20240324231207.1351418-78-sashal@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240324231207.1351418-1-sashal@kernel.org> References: <20240324231207.1351418-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Ard Biesheuvel [ Upstream commit e814b59e6c2b11f5a3d007b2e61f7d550c354c3a ] Commit cbebd68f59f0 ("x86/mm: Fix use of uninitialized buffer in sme_enable()") 'fixed' an issue in sme_enable() detected by static analysis, and broke the common case in the process. cmdline_find_option() will return < 0 on an error, or when the command line argument does not appear at all. In this particular case, the latter is not an error condition, and so the early exit is wrong. Instead, without mem_encrypt= on the command line, the compile time default should be honoured, which could be to enable memory encryption, and this is currently broken. Fix it by setting sme_me_mask to a preliminary value based on the compile time default, and only omitting the command line argument test when cmdline_find_option() returns an error. [ bp: Drop active_by_default while at it. ] Fixes: cbebd68f59f0 ("x86/mm: Fix use of uninitialized buffer in sme_enable()") Signed-off-by: Ard Biesheuvel Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Link: https://lore.kernel.org/r/20240126163918.2908990-2-ardb+git@google.com Signed-off-by: Sasha Levin --- arch/x86/mm/mem_encrypt_identity.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index d94ebd8acdfde..a11a6ebbf5ecf 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -507,7 +507,6 @@ void __init sme_enable(struct boot_params *bp) const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off; unsigned int eax, ebx, ecx, edx; unsigned long feature_mask; - bool active_by_default; unsigned long me_mask; char buffer[16]; bool snp; @@ -593,22 +592,19 @@ void __init sme_enable(struct boot_params *bp) : "p" (sme_cmdline_off)); if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT)) - active_by_default = true; - else - active_by_default = false; + sme_me_mask = me_mask; cmdline_ptr = (const char *)((u64)bp->hdr.cmd_line_ptr | ((u64)bp->ext_cmd_line_ptr << 32)); if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0) - return; + goto out; if (!strncmp(buffer, cmdline_on, sizeof(buffer))) sme_me_mask = me_mask; else if (!strncmp(buffer, cmdline_off, sizeof(buffer))) sme_me_mask = 0; - else - sme_me_mask = active_by_default ? me_mask : 0; + out: if (sme_me_mask) { physical_mask &= ~sme_me_mask; -- 2.43.0