From: Greg Kroah-Hartman Date: Mon, 15 Apr 2024 12:54:27 +0000 (+0200) Subject: 6.1-stable patches X-Git-Tag: v5.15.156~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4610c7384eaad52598821941b97aa84c127229f9;p=thirdparty%2Fkernel%2Fstable-queue.git 6.1-stable patches added patches: x86-apic-force-native_apic_mem_read-to-use-the-mov-instruction.patch --- diff --git a/queue-6.1/series b/queue-6.1/series index 8144fe6feb5..ceeaa3fa192 100644 --- a/queue-6.1/series +++ b/queue-6.1/series @@ -53,3 +53,4 @@ vhost-add-smp_rmb-in-vhost_enable_notify.patch perf-x86-fix-out-of-range-data.patch x86-cpu-actually-turn-off-mitigations-by-default-for-speculation_mitigations-n.patch selftests-timers-fix-abs-warning-in-posix_timers-test.patch +x86-apic-force-native_apic_mem_read-to-use-the-mov-instruction.patch diff --git a/queue-6.1/x86-apic-force-native_apic_mem_read-to-use-the-mov-instruction.patch b/queue-6.1/x86-apic-force-native_apic_mem_read-to-use-the-mov-instruction.patch new file mode 100644 index 00000000000..ab9fe65b3a8 --- /dev/null +++ b/queue-6.1/x86-apic-force-native_apic_mem_read-to-use-the-mov-instruction.patch @@ -0,0 +1,70 @@ +From 5ce344beaca688f4cdea07045e0b8f03dc537e74 Mon Sep 17 00:00:00 2001 +From: Adam Dunlap +Date: Mon, 18 Mar 2024 16:09:27 -0700 +Subject: x86/apic: Force native_apic_mem_read() to use the MOV instruction + +From: Adam Dunlap + +commit 5ce344beaca688f4cdea07045e0b8f03dc537e74 upstream. + +When done from a virtual machine, instructions that touch APIC memory +must be emulated. By convention, MMIO accesses are typically performed +via io.h helpers such as readl() or writeq() to simplify instruction +emulation/decoding (ex: in KVM hosts and SEV guests) [0]. + +Currently, native_apic_mem_read() does not follow this convention, +allowing the compiler to emit instructions other than the MOV +instruction generated by readl(). In particular, when the kernel is +compiled with clang and run as a SEV-ES or SEV-SNP guest, the compiler +would emit a TESTL instruction which is not supported by the SEV-ES +emulator, causing a boot failure in that environment. It is likely the +same problem would happen in a TDX guest as that uses the same +instruction emulator as SEV-ES. + +To make sure all emulators can emulate APIC memory reads via MOV, use +the readl() function in native_apic_mem_read(). It is expected that any +emulator would support MOV in any addressing mode as it is the most +generic and is what is usually emitted currently. + +The TESTL instruction is emitted when native_apic_mem_read() is inlined +into apic_mem_wait_icr_idle(). The emulator comes from +insn_decode_mmio() in arch/x86/lib/insn-eval.c. It's not worth it to +extend insn_decode_mmio() to support more instructions since, in theory, +the compiler could choose to output nearly any instruction for such +reads which would bloat the emulator beyond reason. + + [0] https://lore.kernel.org/all/20220405232939.73860-12-kirill.shutemov@linux.intel.com/ + + [ bp: Massage commit message, fix typos. ] + +Signed-off-by: Adam Dunlap +Signed-off-by: Borislav Petkov (AMD) +Reviewed-by: Thomas Gleixner +Reviewed-by: Ard Biesheuvel +Tested-by: Kevin Loughlin +Cc: +Link: https://lore.kernel.org/r/20240318230927.2191933-1-acdunlap@google.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/include/asm/apic.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/arch/x86/include/asm/apic.h ++++ b/arch/x86/include/asm/apic.h +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #define ARCH_APICTIMER_STOPS_ON_C3 1 + +@@ -109,7 +110,7 @@ static inline void native_apic_mem_write + + static inline u32 native_apic_mem_read(u32 reg) + { +- return *((volatile u32 *)(APIC_BASE + reg)); ++ return readl((void __iomem *)(APIC_BASE + reg)); + } + + extern void native_apic_wait_icr_idle(void);