| Message ID | 20211008180453.462291-26-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show
Return-Path: <SRS0=/tU7=O4=kvack.org=owner-linux-mm@kernel.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9B579C4321E for <linux-mm@archiver.kernel.org>; Fri, 8 Oct 2021 18:06:21 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 49E2661350 for <linux-mm@archiver.kernel.org>; Fri, 8 Oct 2021 18:06:21 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 49E2661350 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amd.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id 3429594001D; Fri, 8 Oct 2021 14:06:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2F26A940008; Fri, 8 Oct 2021 14:06:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 16AA594001D; Fri, 8 Oct 2021 14:06:03 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0225.hostedemail.com [216.40.44.225]) by kanga.kvack.org (Postfix) with ESMTP id 057EA940008 for <linux-mm@kvack.org>; Fri, 8 Oct 2021 14:06:03 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id B908E3016C for <linux-mm@kvack.org>; Fri, 8 Oct 2021 18:06:02 +0000 (UTC) X-FDA: 78674048964.28.EEFC79F Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam08on2049.outbound.protection.outlook.com [40.107.100.49]) by imf20.hostedemail.com (Postfix) with ESMTP id 511C4D00024D for <linux-mm@kvack.org>; Fri, 8 Oct 2021 18:06:02 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=be+/vwOsK8n6U/+vpBHVadhikf2C14576AHAQ3XNkKrN7PkTHAjLquWEqwNdqlTd34rv72vioijDwOSZgwzJjq44l4zzhRhLO8CNgJkXBFB/6PtJjkQBjmPTOKX51XTMZon7GWUcuhwi8x8JFXvfJBLAqxFsuRx5bFN9fqs5AK1c10TTp15euEw/DSxJEvSWv7RF8SglnR4czzpFZgSxS4gOemrZUdNWQleetbQ/J/P9Fq8ovxnJkQyzy963cfaJ0FAXJeXAoKdb33sQwCUxE7pOGgo/QclZKY79fnEUMTiNLDvCkLGnLi8qMgTS/ffuBLKT/kV6Snm8YxYbftMO0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wPXzH3Bsug6WGB8FMnXlcHfENVqw+RdwULEDA/GB1ps=; b=iadus4afvxzQaUFo+mCCMuWJRfkhiXyyU016yVNUncm+cJyR4Ru9/waH/sJgg662CrAXIQB6i+twFyX+mteqAx3dVb4xbd+Xj2hpW80YjqNC1Vv6A5kCrij0G/cFhoEpn7gPNf++T+BA4P9uoy4QpdUQAjM1cjjYXOrNLXh6XqzO7rTAGbj+mhHXeBJFogEIkIPSgN2qVZ5eawbRSLctDKLUi+WrEFc7os8qoeFG8D9eRsBfRWtHwcAqivZ21TpZZPKqdCMj0m9P27YttNW/0EnScstYsK9I/k2nqvhiNKqOS13DARqZ86TyY94McCPXco9DP18x7Yd1MUTTbOViWQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wPXzH3Bsug6WGB8FMnXlcHfENVqw+RdwULEDA/GB1ps=; b=wbkkstahliTIsguueeZcku7kEM8kie7eoMTQPp0d7ppA7xME7NTNQEgsv/F3I4xXTqov4znscMBblmWYMnC+XlKj016CX6EzIJw5fQtvncLrmpqoXKaVKFWhI51cq5NfVsXd8tYQO6CtXDiBYQCzqeXf6YXOhsufX/4d451T1co= Received: from MWHPR21CA0066.namprd21.prod.outlook.com (2603:10b6:300:db::28) by MWHPR1201MB0029.namprd12.prod.outlook.com (2603:10b6:301:4d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.19; Fri, 8 Oct 2021 18:05:55 +0000 Received: from CO1NAM11FT012.eop-nam11.prod.protection.outlook.com (2603:10b6:300:db:cafe::cb) by MWHPR21CA0066.outlook.office365.com (2603:10b6:300:db::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.1 via Frontend Transport; Fri, 8 Oct 2021 18:05:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT012.mail.protection.outlook.com (10.13.175.192) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4587.18 via Frontend Transport; Fri, 8 Oct 2021 18:05:55 +0000 Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Fri, 8 Oct 2021 13:05:53 -0500 From: Brijesh Singh <brijesh.singh@amd.com> To: <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <kvm@vger.kernel.org>, <linux-efi@vger.kernel.org>, <platform-driver-x86@vger.kernel.org>, <linux-coco@lists.linux.dev>, <linux-mm@kvack.org> CC: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>, Tom Lendacky <thomas.lendacky@amd.com>, "H. Peter Anvin" <hpa@zytor.com>, Ard Biesheuvel <ardb@kernel.org>, Paolo Bonzini <pbonzini@redhat.com>, Sean Christopherson <seanjc@google.com>, "Vitaly Kuznetsov" <vkuznets@redhat.com>, Jim Mattson <jmattson@google.com>, "Andy Lutomirski" <luto@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Sergio Lopez <slp@redhat.com>, Peter Gonda <pgonda@google.com>, "Peter Zijlstra" <peterz@infradead.org>, Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>, David Rientjes <rientjes@google.com>, Dov Murik <dovmurik@linux.ibm.com>, Tobin Feldman-Fitzthum <tobin@ibm.com>, Borislav Petkov <bp@alien8.de>, Michael Roth <michael.roth@amd.com>, Vlastimil Babka <vbabka@suse.cz>, "Kirill A . Shutemov" <kirill@shutemov.name>, Andi Kleen <ak@linux.intel.com>, "Dr . David Alan Gilbert" <dgilbert@redhat.com>, <tony.luck@intel.com>, <marcorr@google.com>, <sathyanarayanan.kuppuswamy@linux.intel.com>, Brijesh Singh <brijesh.singh@amd.com> Subject: [PATCH v6 25/42] x86/head: re-enable stack protection for 32/64-bit builds Date: Fri, 8 Oct 2021 13:04:36 -0500 Message-ID: <20211008180453.462291-26-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211008180453.462291-1-brijesh.singh@amd.com> References: <20211008180453.462291-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 97eac712-136a-4258-f03a-08d98a864638 X-MS-TrafficTypeDiagnostic: MWHPR1201MB0029: X-Microsoft-Antispam-PRVS: <MWHPR1201MB0029334DD302A4462CD3B6CDE5B29@MWHPR1201MB0029.namprd12.prod.outlook.com> X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2yYNTAUPxEnf4Yfy58jvNAxFpltNZdb7yqdrLANEfd2FSbWSp+sf1YMT3adLm56ass/qjOKvojwcbRY3dSJ5dEHBT2YBZXuwMr/MHp1dCwtVDjmzS9EhLw/+awIU7KdF3ci1rvtL7rXDKYajksqrADDyIUE48c7/aO3idDJj9H89CNx6Kqq4grzaNBA6TymA2X8yrQoY8gbx62Id8Km0ji1tunZNft6e6wvNG255NEBq5Z2l0z9/XEYtQsgiACiqYqnC5zYlPjanBOj6lxGyHcHRczvX+wkNz65ZEzAfKzlewJ1ydiriOvlbNgbVQ934iRoLmTVXSeMXg0hD0Q834e8YOPWJMxSvbVVj/UR9FOZXfleRDRHGdSR9CFI8LE7wFSk4K3NG+ZdcLyjTJJHBIUxUP+/QeT9QEcNCZngrOreEwn3hlFGnvww1o/S2h/Ox1Zx6ol8fqUVKJW1/MFQO59ywOFNPe66trpzcr/4t+p8wxsvlPwpN+mbF842ojl4Z9AcEefLLqp+R+De0kIlW1PpJPRPUhikPC9DmupEcmeUhhiGgyyihR1LsRpkTJAM+t/dtRs3Zav9s4SrTwoOMKTimYELGeCEzm3DgH6jnRuX0WQ7XV9G5PEEzjNE3rgHdjwMP1OJKWSuR/uoiHYpGTNQrgcr8gGypxNtNhApWCmzqMrNBb0oaMg8L1HuQWBTphJVVRBFpdxO/+Zu4wRM39AbOVFBfNbCpKWuN/Tscj7whX77HtokGWsy68UApedxC X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(46966006)(36840700001)(8936002)(70206006)(70586007)(16526019)(186003)(47076005)(6666004)(316002)(2906002)(4326008)(8676002)(26005)(82310400003)(54906003)(508600001)(7416002)(7406005)(36860700001)(5660300002)(83380400001)(44832011)(1076003)(426003)(7696005)(356005)(81166007)(110136005)(86362001)(36756003)(336012)(2616005)(2101003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Oct 2021 18:05:55.6484 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 97eac712-136a-4258-f03a-08d98a864638 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT012.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR1201MB0029 X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 511C4D00024D X-Stat-Signature: 4yki3ixbfq3o3w3tpjqbbdngq8e43tdx Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=wbkkstah; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf20.hostedemail.com: domain of brijesh.singh@amd.com designates 40.107.100.49 as permitted sender) smtp.mailfrom=brijesh.singh@amd.com X-HE-Tag: 1633716362-228367 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: <linux-mm.kvack.org> |
| Series |
Add AMD Secure Nested Paging (SEV-SNP) Guest Support
|
expand
|
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 2ff3e600f426..4df8c8f7d2ac 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -48,7 +48,6 @@ endif # non-deterministic coverage. KCOV_INSTRUMENT := n -CFLAGS_head$(BITS).o += -fno-stack-protector CFLAGS_cc_platform.o += -fno-stack-protector CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index d8b3ebd2bb85..7074ebf2b47b 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -65,6 +65,22 @@ SYM_CODE_START_NOALIGN(startup_64) leaq (__end_init_task - FRAME_SIZE)(%rip), %rsp leaq _text(%rip), %rdi + + /* + * initial_gs points to initial fixed_per_cpu struct with storage for + * the stack protector canary. Global pointer fixups are needed at this + * stage, so apply them as is done in fixup_pointer(), and initialize %gs + * such that the canary can be accessed at %gs:40 for subsequent C calls. + */ + movl $MSR_GS_BASE, %ecx + movq initial_gs(%rip), %rax + movq $_text, %rdx + subq %rdx, %rax + addq %rdi, %rax + movq %rax, %rdx + shrq $32, %rdx + wrmsr + pushq %rsi call startup_64_setup_env popq %rsi @@ -133,6 +149,14 @@ SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL) * added to the initial pgdir entry that will be programmed into CR3. */ pushq %rsi + /* + * NOTE: %gs at this point is a stale data segment left over from the + * real-mode trampoline, so the default stack protector canary location + * at %gs:40 does not yet coincide with the expected fixed_per_cpu struct + * that contains storage for the stack canary. So take care not to add + * anything to the C functions in this path that would result in stack + * protected C code being generated. + */ call __startup_secondary_64 popq %rsi