Received: by 2002:ab2:7903:0:b0:1fb:b500:807b with SMTP id a3csp821349lqj; Mon, 3 Jun 2024 01:30:50 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW4TbXfUiYMtzL9ShnW8yxu7LmLzcsevF4M0BYifnKXIyfQJ6K6x0ChzkXBx17AQuOBUQqS217ekvbiOCdBB5xx/qFIDYMmPH5oW00mdA== X-Google-Smtp-Source: AGHT+IFfKiz6cnytiTP0nwickePDNazQrnApN86K9HNbb7tIRLkQpeyu2zzPk+sQe+RGpbame21H X-Received: by 2002:a05:620a:36c6:b0:792:907d:cffc with SMTP id af79cd13be357-794f5ed18d8mr828961385a.69.1717403450138; Mon, 03 Jun 2024 01:30:50 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717403450; cv=pass; d=google.com; s=arc-20160816; b=V9Ih3TIpJ7pEDBtKjJngE3JwNSGU6itfKn3t7oYL2Gc6JoZ96irHm/W2iuDHKU5G97 8CAdORsolEZAmnkRM356yHhDMTotf+2CNejumYtBAO8d56JMKMDsm1ix9VNb/DWCZ06r evpwu7VyWr7SAReokoPR5zga7ywi5ZlRsPrEcnJGzsUI/eWdV/gFFl1QuIAUAfotiTRZ iZUd8+juimPK3SSMRqB02DMELs1TVeL4d/lq51O22SLWN5UFmyRrDGSOAWowWI+1hzRJ /3Af3aVLdvmE7viAvFRtp4ushjvhvfhL29MLMCaWIyGAlYbniN7eXZ00NNALhkWufLtl KoTw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=C00ryY48pkeP4V2g++VEFBCFPCq9uJrfSuRhQYMnYp8=; fh=fqukHvZlx8RPDbvsEwCwK6QUE68W7OtJFSxSx+3hpxw=; b=XaxsX4OFHMCp3ViuzhzsmMGBBhjc6ERfvQaHw+bxXZNxZ2R0cE47PtsU/cH6EfOX95 aScNmgXfbRt1FVj0cNs5/0eF9hgQUcc3Sfiv0iDjmkKuSNIAZ360P/koAX2n+idrktUl yl4G/5747ZFmvnpztkrNxzaDPKFNXnis09bX/bOWoJkO+gLZO39ePexeH38aGducltRb WjREbjkIHSLWq8CvfCrH2i0h5wPuX6adJ0jE3oGSB5Jc+6g6lPRemsrnXzY3eDqZ7v6i sgw0h3Yl/idiMGpk/WyBiCFUiibyQF8TZvoNdlHgrrXFalctVMAeYTCxbJXhjNgdiaIN wxOw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lHC57QyX; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-198785-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-198785-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id af79cd13be357-794f2f05523si799186585a.51.2024.06.03.01.30.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Jun 2024 01:30:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-198785-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=lHC57QyX; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-198785-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-198785-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D51B41C21BEB for ; Mon, 3 Jun 2024 08:30:49 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 644F15B5B8; Mon, 3 Jun 2024 08:30:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lHC57QyX" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9362F111AD for ; Mon, 3 Jun 2024 08:30:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717403443; cv=none; b=GI+qWnsP23gk+Gzkt1TGQG+h5hASaJPf/t8llYw6H4J3ex+deciMWV+ABFKVGBF2GVrhbOTMUS5CFV/x1dEhEmX28hmXSRgxDZ2EbQaCRmxxDLWYwvkm/TsuiYnD3qX1lfcEOPIA0JDLOHSf4Hdl4lQlC4SdL+uddd63xUYnvNw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717403443; c=relaxed/simple; bh=qHk9ZMgx+Y3r7cbyMy8jKoU1ZUxSVBLcogFQF5N90CY=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=seB70MRZBlGFdHCXrbUqugb1+KzLRppn6BRNTQLbpc1TNAPbbOxPQJAJzdkSNFU2Y3tleqXo2kMOwNx3T6bSrD1hcG/KzpuoqwkZF3sBV7sN5K61/UoPaWudCgUM3MX7KElcQ8yQmgEvFPgxk3nLtKui+KtHE/AhDqSVWAwNngo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lHC57QyX; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id D3FA4C2BD10; Mon, 3 Jun 2024 08:30:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1717403443; bh=qHk9ZMgx+Y3r7cbyMy8jKoU1ZUxSVBLcogFQF5N90CY=; h=From:To:Cc:Subject:Date:From; b=lHC57QyX3D4WTOmuJnlpeDoHNuFbdt1UA2S3MUOJ+hfsyx1k2dS5SVF/ex+YlAClq yhKvW9rwwkEpwPcn2ppfeg82cr7Rq8hKvhmgFjLc9prmL6h/ZtM3iPjaQBvdQ8Zc0W dO3o9rRXXXbaizB3NCz9qUGXBcIXM0ElA2ITeBp3G+y+IqtyCGn01wRoLFWlV7B2Lb z+GIvuH8h5dCWOMsTrDqwx+T3LxOH0d6pLPtzdevAy93TOKmZp89h4/+9YT3MobsQq CvgvoIsV2RFnRuRyqKzC3p2vej9y5qm4az9pG/uvSLJ6D9iqg6xbkcstfuxZR12An3 Cqtv2W1Ug9WmA== From: Borislav Petkov To: X86 ML Cc: Tom Lendacky , LKML , David Kaplan , Borislav Petkov Subject: [PATCH] x86/kexec: Fix bug with call depth tracking Date: Mon, 3 Jun 2024 10:30:36 +0200 Message-ID: <20240603083036.637-1-bp@kernel.org> X-Mailer: git-send-email 2.43.0 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: David Kaplan The call to cc_platform_has() triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by load_segments() and GS_BASE is now 0 but call depth tracking uses per-CPU variables to operate. Call cc_platform_has() earlier in the function when GS is still valid. [ bp: Massage. ] Signed-off-by: David Kaplan Signed-off-by: Borislav Petkov (AMD) --- arch/x86/kernel/machine_kexec_64.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c index b180d8e497c3..90b1946c06e5 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -295,8 +295,15 @@ void machine_kexec_cleanup(struct kimage *image) void machine_kexec(struct kimage *image) { unsigned long page_list[PAGES_NR]; - void *control_page; + unsigned int host_mem_enc_active; int save_ftrace_enabled; + void *control_page; + + /* + * This must be done before load_segments() since if call depth tracking + * is used then GS must be valid to make any function calls. + */ + host_mem_enc_active = cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT); #ifdef CONFIG_KEXEC_JUMP if (image->preserve_context) @@ -358,7 +365,7 @@ void machine_kexec(struct kimage *image) (unsigned long)page_list, image->start, image->preserve_context, - cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)); + host_mem_enc_active); #ifdef CONFIG_KEXEC_JUMP if (image->preserve_context) -- 2.43.0