commit b51ce3744f115850166f3d6c292b9c8cb849ad4f · tjh.dev/kernel · tangled

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

x86/mm/mem_encrypt: Disable all instrumentation for early SME setup

Enablement of AMD's Secure Memory Encryption feature is determined very
early after start_kernel() is entered. Part of this procedure involves
scanning the command line for the parameter 'mem_encrypt'.

To determine intended state, the function sme_enable() uses library
functions cmdline_find_option() and strncmp(). Their use occurs early
enough such that it cannot be assumed that any instrumentation subsystem
is initialized.

For example, making calls to a KASAN-instrumented function before KASAN
is set up will result in the use of uninitialized memory and a boot
failure.

When AMD's SME support is enabled, conditionally disable instrumentation
of these dependent functions in lib/string.c and arch/x86/lib/cmdline.c.

[ bp: Get rid of intermediary nostackp var and cleanup whitespace. ]

Fixes: aca20d546214 ("x86/mm: Add support to make use of Secure Memory Encryption")
Reported-by: Li RongQing <lirongqing@baidu.com>
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Boris Brezillon <bbrezillon@kernel.org>
Cc: Coly Li <colyli@suse.de>
Cc: "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Kent Overstreet <kent.overstreet@gmail.com>
Cc: "luto@kernel.org" <luto@kernel.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: "mingo@redhat.com" <mingo@redhat.com>
Cc: "peterz@infradead.org" <peterz@infradead.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/155657657552.7116.18363762932464011367.stgit@sosrh3.amd.com

authored by Gary Hook and committed by Borislav Petkov 6 years ago b51ce374 0d02113b

options

Changed files

+23

arch

x86

lib

Makefile

lib

Makefile

+12

arch/x86/lib/Makefile

··· 6 6 # Produces uninteresting flaky coverage. 7 7 KCOV_INSTRUMENT_delay.o := n 8 8 9 + # Early boot use of cmdline; don't instrument it 10 + ifdef CONFIG_AMD_MEM_ENCRYPT 11 + KCOV_INSTRUMENT_cmdline.o := n 12 + KASAN_SANITIZE_cmdline.o := n 13 + 14 + ifdef CONFIG_FUNCTION_TRACER 15 + CFLAGS_REMOVE_cmdline.o = -pg 16 + endif 17 + 18 + CFLAGS_cmdline.o := $(call cc-option, -fno-stack-protector) 19 + endif 20 + 9 21 inat_tables_script = $(srctree)/arch/x86/tools/gen-insn-attr-x86.awk 10 22 inat_tables_maps = $(srctree)/arch/x86/lib/x86-opcode-map.txt 11 23 quiet_cmd_inat_tables = GEN $@

+11

lib/Makefile

··· 17 17 KCOV_INSTRUMENT_debugobjects.o := n 18 18 KCOV_INSTRUMENT_dynamic_debug.o := n 19 19 20 + # Early boot use of cmdline, don't instrument it 21 + ifdef CONFIG_AMD_MEM_ENCRYPT 22 + KASAN_SANITIZE_string.o := n 23 + 24 + ifdef CONFIG_FUNCTION_TRACER 25 + CFLAGS_REMOVE_string.o = -pg 26 + endif 27 + 28 + CFLAGS_string.o := $(call cc-option, -fno-stack-protector) 29 + endif 30 + 20 31 lib-y := ctype.o string.o vsprintf.o cmdline.o \ 21 32 rbtree.o radix-tree.o timerqueue.o xarray.o \ 22 33 idr.o int_sqrt.o extable.o \