Merge tag 'x86_sev_for_v6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull x86 SEV updates from Borislav Petkov:

- Convert the sev-guest plaform ->remove callback to return void

- Move the SEV C-bit verification to the BSP as it needs to happen only
once and not on every AP

* tag 'x86_sev_for_v6.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
virt: sev-guest: Convert to platform remove callback returning void
x86/sev: Do the C-bit verification only on the BSP

Linus Torvalds 2 years ago e900042f fc5e5c59

+24 -13

2 changed files

expand all

arch

x86

kernel

head_64.S

drivers

virt

coco

sev-guest

sev-guest.c

+22 -9

arch/x86/kernel/head_64.S

··· 114 114 115 115 /* Form the CR3 value being sure to include the CR3 modifier */ 116 116 addq $(early_top_pgt - __START_KERNEL_map), %rax 117 + 118 + #ifdef CONFIG_AMD_MEM_ENCRYPT 119 + mov %rax, %rdi 120 + mov %rax, %r14 121 + 122 + addq phys_base(%rip), %rdi 123 + 124 + /* 125 + * For SEV guests: Verify that the C-bit is correct. A malicious 126 + * hypervisor could lie about the C-bit position to perform a ROP 127 + * attack on the guest by writing to the unencrypted stack and wait for 128 + * the next RET instruction. 129 + */ 130 + call sev_verify_cbit 131 + 132 + /* 133 + * Restore CR3 value without the phys_base which will be added 134 + * below, before writing %cr3. 135 + */ 136 + mov %r14, %rax 137 + #endif 138 + 117 139 jmp 1f 118 140 SYM_CODE_END(startup_64) 119 141 ··· 213 191 214 192 /* Setup early boot stage 4-/5-level pagetables. */ 215 193 addq phys_base(%rip), %rax 216 - 217 - /* 218 - * For SEV guests: Verify that the C-bit is correct. A malicious 219 - * hypervisor could lie about the C-bit position to perform a ROP 220 - * attack on the guest by writing to the unencrypted stack and wait for 221 - * the next RET instruction. 222 - */ 223 - movq %rax, %rdi 224 - call sev_verify_cbit 225 194 226 195 /* 227 196 * Switch to new page-table

+2 -4

drivers/virt/coco/sev-guest/sev-guest.c

··· 994 994 return ret; 995 995 } 996 996 997 - static int __exit sev_guest_remove(struct platform_device *pdev) 997 + static void __exit sev_guest_remove(struct platform_device *pdev) 998 998 { 999 999 struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); 1000 1000 ··· 1003 1003 free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); 1004 1004 deinit_crypto(snp_dev->crypto); 1005 1005 misc_deregister(&snp_dev->misc); 1006 - 1007 - return 0; 1008 1006 } 1009 1007 1010 1008 /* ··· 1011 1013 * with the SEV-SNP support, it is named "sev-guest". 1012 1014 */ 1013 1015 static struct platform_driver sev_guest_driver = { 1014 - .remove = __exit_p(sev_guest_remove), 1016 + .remove_new = __exit_p(sev_guest_remove), 1015 1017 .driver = { 1016 1018 .name = "sev-guest", 1017 1019 },