tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

x86/mm: Encrypt the initrd earlier for BSP microcode update

Currently the BSP microcode update code examines the initrd very early
in the boot process. If SME is active, the initrd is treated as being
encrypted but it has not been encrypted (in place) yet. Update the
early boot code that encrypts the kernel to also encrypt the initrd so
that early BSP microcode updates work.

Tested-by: Gabriel Craciunescu <nix.or.die@gmail.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20180110192634.6026.10452.stgit@tlendack-t1.amdoffice.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>

authored by Tom Lendacky and committed by Ingo Molnar 107cd253 cc5f01e2

+85 -45
unified split
+2 -2
arch/x86/include/asm/mem_encrypt.h
··· 39 39 40 40 void __init sme_early_init(void); 41 41 42 - void __init sme_encrypt_kernel(void); 42 + void __init sme_encrypt_kernel(struct boot_params *bp); 43 43 void __init sme_enable(struct boot_params *bp); 44 44 45 45 int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size); ··· 67 67 68 68 static inline void __init sme_early_init(void) { } 69 69 70 - static inline void __init sme_encrypt_kernel(void) { } 70 + static inline void __init sme_encrypt_kernel(struct boot_params *bp) { } 71 71 static inline void __init sme_enable(struct boot_params *bp) { } 72 72 73 73 static inline bool sme_active(void) { return false; }
+2 -2
arch/x86/kernel/head64.c
··· 157 157 p = fixup_pointer(&phys_base, physaddr); 158 158 *p += load_delta - sme_get_me_mask(); 159 159 160 - /* Encrypt the kernel (if SME is active) */ 161 - sme_encrypt_kernel(); 160 + /* Encrypt the kernel and related (if SME is active) */ 161 + sme_encrypt_kernel(bp); 162 162 163 163 /* 164 164 * Return the SME encryption mask (if SME is active) to be used as a
-10
arch/x86/kernel/setup.c
··· 364 364 !ramdisk_image || !ramdisk_size) 365 365 return; /* No initrd provided by bootloader */ 366 366 367 - /* 368 - * If SME is active, this memory will be marked encrypted by the 369 - * kernel when it is accessed (including relocation). However, the 370 - * ramdisk image was loaded decrypted by the bootloader, so make 371 - * sure that it is encrypted before accessing it. For SEV the 372 - * ramdisk will already be encrypted, so only do this for SME. 373 - */ 374 - if (sme_active()) 375 - sme_early_encrypt(ramdisk_image, ramdisk_end - ramdisk_image); 376 - 377 367 initrd_start = 0; 378 368 379 369 mapped_size = memblock_mem_size(max_pfn_mapped);
+58 -8
arch/x86/mm/mem_encrypt.c
··· 738 738 return total; 739 739 } 740 740 741 - void __init sme_encrypt_kernel(void) 741 + void __init sme_encrypt_kernel(struct boot_params *bp) 742 742 { 743 743 unsigned long workarea_start, workarea_end, workarea_len; 744 744 unsigned long execute_start, execute_end, execute_len; 745 745 unsigned long kernel_start, kernel_end, kernel_len; 746 + unsigned long initrd_start, initrd_end, initrd_len; 746 747 struct sme_populate_pgd_data ppd; 747 748 unsigned long pgtable_area_len; 748 749 unsigned long decrypted_base; ··· 752 751 return; 753 752 754 753 /* 755 - * Prepare for encrypting the kernel by building new pagetables with 756 - * the necessary attributes needed to encrypt the kernel in place. 754 + * Prepare for encrypting the kernel and initrd by building new 755 + * pagetables with the necessary attributes needed to encrypt the 756 + * kernel in place. 757 757 * 758 758 * One range of virtual addresses will map the memory occupied 759 - * by the kernel as encrypted. 759 + * by the kernel and initrd as encrypted. 760 760 * 761 761 * Another range of virtual addresses will map the memory occupied 762 - * by the kernel as decrypted and write-protected. 762 + * by the kernel and initrd as decrypted and write-protected. 763 763 * 764 764 * The use of write-protect attribute will prevent any of the 765 765 * memory from being cached. ··· 770 768 kernel_start = __pa_symbol(_text); 771 769 kernel_end = ALIGN(__pa_symbol(_end), PMD_PAGE_SIZE); 772 770 kernel_len = kernel_end - kernel_start; 771 + 772 + initrd_start = 0; 773 + initrd_end = 0; 774 + initrd_len = 0; 775 + #ifdef CONFIG_BLK_DEV_INITRD 776 + initrd_len = (unsigned long)bp->hdr.ramdisk_size | 777 + ((unsigned long)bp->ext_ramdisk_size << 32); 778 + if (initrd_len) { 779 + initrd_start = (unsigned long)bp->hdr.ramdisk_image | 780 + ((unsigned long)bp->ext_ramdisk_image << 32); 781 + initrd_end = PAGE_ALIGN(initrd_start + initrd_len); 782 + initrd_len = initrd_end - initrd_start; 783 + } 784 + #endif 773 785 774 786 /* Set the encryption workarea to be immediately after the kernel */ 775 787 workarea_start = kernel_end; ··· 807 791 */ 808 792 pgtable_area_len = sizeof(pgd_t) * PTRS_PER_PGD; 809 793 pgtable_area_len += sme_pgtable_calc(execute_end - kernel_start) * 2; 794 + if (initrd_len) 795 + pgtable_area_len += sme_pgtable_calc(initrd_len) * 2; 810 796 811 797 /* PUDs and PMDs needed in the current pagetables for the workarea */ 812 798 pgtable_area_len += sme_pgtable_calc(execute_len + pgtable_area_len); ··· 847 829 848 830 /* 849 831 * A new pagetable structure is being built to allow for the kernel 850 - * to be encrypted. It starts with an empty PGD that will then be 851 - * populated with new PUDs and PMDs as the encrypted and decrypted 852 - * kernel mappings are created. 832 + * and initrd to be encrypted. It starts with an empty PGD that will 833 + * then be populated with new PUDs and PMDs as the encrypted and 834 + * decrypted kernel mappings are created. 853 835 */ 854 836 ppd.pgd = ppd.pgtable_area; 855 837 memset(ppd.pgd, 0, sizeof(pgd_t) * PTRS_PER_PGD); ··· 862 844 * the base of the mapping. 863 845 */ 864 846 decrypted_base = (pgd_index(workarea_end) + 1) & (PTRS_PER_PGD - 1); 847 + if (initrd_len) { 848 + unsigned long check_base; 849 + 850 + check_base = (pgd_index(initrd_end) + 1) & (PTRS_PER_PGD - 1); 851 + decrypted_base = max(decrypted_base, check_base); 852 + } 865 853 decrypted_base <<= PGDIR_SHIFT; 866 854 867 855 /* Add encrypted kernel (identity) mappings */ ··· 881 857 ppd.vaddr = kernel_start + decrypted_base; 882 858 ppd.vaddr_end = kernel_end + decrypted_base; 883 859 sme_map_range_decrypted_wp(&ppd); 860 + 861 + if (initrd_len) { 862 + /* Add encrypted initrd (identity) mappings */ 863 + ppd.paddr = initrd_start; 864 + ppd.vaddr = initrd_start; 865 + ppd.vaddr_end = initrd_end; 866 + sme_map_range_encrypted(&ppd); 867 + /* 868 + * Add decrypted, write-protected initrd (non-identity) mappings 869 + */ 870 + ppd.paddr = initrd_start; 871 + ppd.vaddr = initrd_start + decrypted_base; 872 + ppd.vaddr_end = initrd_end + decrypted_base; 873 + sme_map_range_decrypted_wp(&ppd); 874 + } 884 875 885 876 /* Add decrypted workarea mappings to both kernel mappings */ 886 877 ppd.paddr = workarea_start; ··· 912 873 sme_encrypt_execute(kernel_start, kernel_start + decrypted_base, 913 874 kernel_len, workarea_start, (unsigned long)ppd.pgd); 914 875 876 + if (initrd_len) 877 + sme_encrypt_execute(initrd_start, initrd_start + decrypted_base, 878 + initrd_len, workarea_start, 879 + (unsigned long)ppd.pgd); 880 + 915 881 /* 916 882 * At this point we are running encrypted. Remove the mappings for 917 883 * the decrypted areas - all that is needed for this is to remove ··· 925 881 ppd.vaddr = kernel_start + decrypted_base; 926 882 ppd.vaddr_end = kernel_end + decrypted_base; 927 883 sme_clear_pgd(&ppd); 884 + 885 + if (initrd_len) { 886 + ppd.vaddr = initrd_start + decrypted_base; 887 + ppd.vaddr_end = initrd_end + decrypted_base; 888 + sme_clear_pgd(&ppd); 889 + } 928 890 929 891 ppd.vaddr = workarea_start + decrypted_base; 930 892 ppd.vaddr_end = workarea_end + decrypted_base;
+23 -23
arch/x86/mm/mem_encrypt_boot.S
··· 22 22 23 23 /* 24 24 * Entry parameters: 25 - * RDI - virtual address for the encrypted kernel mapping 26 - * RSI - virtual address for the decrypted kernel mapping 27 - * RDX - length of kernel 25 + * RDI - virtual address for the encrypted mapping 26 + * RSI - virtual address for the decrypted mapping 27 + * RDX - length to encrypt 28 28 * RCX - virtual address of the encryption workarea, including: 29 29 * - stack page (PAGE_SIZE) 30 30 * - encryption routine page (PAGE_SIZE) ··· 41 41 addq $PAGE_SIZE, %rax /* Workarea encryption routine */ 42 42 43 43 push %r12 44 - movq %rdi, %r10 /* Encrypted kernel */ 45 - movq %rsi, %r11 /* Decrypted kernel */ 46 - movq %rdx, %r12 /* Kernel length */ 44 + movq %rdi, %r10 /* Encrypted area */ 45 + movq %rsi, %r11 /* Decrypted area */ 46 + movq %rdx, %r12 /* Area length */ 47 47 48 48 /* Copy encryption routine into the workarea */ 49 49 movq %rax, %rdi /* Workarea encryption routine */ ··· 52 52 rep movsb 53 53 54 54 /* Setup registers for call */ 55 - movq %r10, %rdi /* Encrypted kernel */ 56 - movq %r11, %rsi /* Decrypted kernel */ 55 + movq %r10, %rdi /* Encrypted area */ 56 + movq %r11, %rsi /* Decrypted area */ 57 57 movq %r8, %rdx /* Pagetables used for encryption */ 58 - movq %r12, %rcx /* Kernel length */ 58 + movq %r12, %rcx /* Area length */ 59 59 movq %rax, %r8 /* Workarea encryption routine */ 60 60 addq $PAGE_SIZE, %r8 /* Workarea intermediate copy buffer */ 61 61 ··· 71 71 72 72 ENTRY(__enc_copy) 73 73 /* 74 - * Routine used to encrypt kernel. 74 + * Routine used to encrypt memory in place. 75 75 * This routine must be run outside of the kernel proper since 76 76 * the kernel will be encrypted during the process. So this 77 77 * routine is defined here and then copied to an area outside ··· 79 79 * during execution. 80 80 * 81 81 * On entry the registers must be: 82 - * RDI - virtual address for the encrypted kernel mapping 83 - * RSI - virtual address for the decrypted kernel mapping 82 + * RDI - virtual address for the encrypted mapping 83 + * RSI - virtual address for the decrypted mapping 84 84 * RDX - address of the pagetables to use for encryption 85 - * RCX - length of kernel 85 + * RCX - length of area 86 86 * R8 - intermediate copy buffer 87 87 * 88 88 * RAX - points to this routine 89 89 * 90 - * The kernel will be encrypted by copying from the non-encrypted 91 - * kernel space to an intermediate buffer and then copying from the 92 - * intermediate buffer back to the encrypted kernel space. The physical 93 - * addresses of the two kernel space mappings are the same which 94 - * results in the kernel being encrypted "in place". 90 + * The area will be encrypted by copying from the non-encrypted 91 + * memory space to an intermediate buffer and then copying from the 92 + * intermediate buffer back to the encrypted memory space. The physical 93 + * addresses of the two mappings are the same which results in the area 94 + * being encrypted "in place". 95 95 */ 96 96 /* Enable the new page tables */ 97 97 mov %rdx, %cr3 ··· 106 106 push %r15 107 107 push %r12 108 108 109 - movq %rcx, %r9 /* Save kernel length */ 110 - movq %rdi, %r10 /* Save encrypted kernel address */ 111 - movq %rsi, %r11 /* Save decrypted kernel address */ 109 + movq %rcx, %r9 /* Save area length */ 110 + movq %rdi, %r10 /* Save encrypted area address */ 111 + movq %rsi, %r11 /* Save decrypted area address */ 112 112 113 113 /* Set the PAT register PA5 entry to write-protect */ 114 114 movl $MSR_IA32_CR_PAT, %ecx ··· 128 128 movq %r9, %r12 129 129 130 130 2: 131 - movq %r11, %rsi /* Source - decrypted kernel */ 131 + movq %r11, %rsi /* Source - decrypted area */ 132 132 movq %r8, %rdi /* Dest - intermediate copy buffer */ 133 133 movq %r12, %rcx 134 134 rep movsb 135 135 136 136 movq %r8, %rsi /* Source - intermediate copy buffer */ 137 - movq %r10, %rdi /* Dest - encrypted kernel */ 137 + movq %r10, %rdi /* Dest - encrypted area */ 138 138 movq %r12, %rcx 139 139 rep movsb 140 140