From: Greg Kroah-Hartman Date: Tue, 16 Nov 2021 13:32:14 +0000 (+0100) Subject: 5.10-stable patches X-Git-Tag: v5.4.160~9 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d00a906003e01f50538a0e6662dc2f1729f3264b;p=thirdparty%2Fkernel%2Fstable-queue.git 5.10-stable patches added patches: arch-cc-introduce-a-function-to-check-for-confidential-computing-features.patch x86-sev-add-an-x86-version-of-cc_platform_has.patch x86-sev-make-the-vc-exception-stacks-part-of-the-default-stacks-storage.patch --- diff --git a/queue-5.10/arch-cc-introduce-a-function-to-check-for-confidential-computing-features.patch b/queue-5.10/arch-cc-introduce-a-function-to-check-for-confidential-computing-features.patch new file mode 100644 index 00000000000..7e2da3a9235 --- /dev/null +++ b/queue-5.10/arch-cc-introduce-a-function-to-check-for-confidential-computing-features.patch @@ -0,0 +1,135 @@ +From 46b49b12f3fc5e1347dba37d4639e2165f447871 Mon Sep 17 00:00:00 2001 +From: Tom Lendacky +Date: Wed, 8 Sep 2021 17:58:33 -0500 +Subject: arch/cc: Introduce a function to check for confidential computing features + +From: Tom Lendacky + +commit 46b49b12f3fc5e1347dba37d4639e2165f447871 upstream. + +In preparation for other confidential computing technologies, introduce +a generic helper function, cc_platform_has(), that can be used to +check for specific active confidential computing attributes, like +memory encryption. This is intended to eliminate having to add multiple +technology-specific checks to the code (e.g. if (sev_active() || +tdx_active() || ... ). + + [ bp: s/_CC_PLATFORM_H/_LINUX_CC_PLATFORM_H/g ] + +Co-developed-by: Andi Kleen +Signed-off-by: Andi Kleen +Co-developed-by: Kuppuswamy Sathyanarayanan +Signed-off-by: Kuppuswamy Sathyanarayanan +Signed-off-by: Tom Lendacky +Signed-off-by: Borislav Petkov +Link: https://lkml.kernel.org/r/20210928191009.32551-3-bp@alien8.de +Signed-off-by: Greg Kroah-Hartman +--- + arch/Kconfig | 3 + + include/linux/cc_platform.h | 88 ++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 91 insertions(+) + create mode 100644 include/linux/cc_platform.h + +--- a/arch/Kconfig ++++ b/arch/Kconfig +@@ -1026,6 +1026,9 @@ config RELR + config ARCH_HAS_MEM_ENCRYPT + bool + ++config ARCH_HAS_CC_PLATFORM ++ bool ++ + config HAVE_SPARSE_SYSCALL_NR + bool + help +--- /dev/null ++++ b/include/linux/cc_platform.h +@@ -0,0 +1,88 @@ ++/* SPDX-License-Identifier: GPL-2.0-only */ ++/* ++ * Confidential Computing Platform Capability checks ++ * ++ * Copyright (C) 2021 Advanced Micro Devices, Inc. ++ * ++ * Author: Tom Lendacky ++ */ ++ ++#ifndef _LINUX_CC_PLATFORM_H ++#define _LINUX_CC_PLATFORM_H ++ ++#include ++#include ++ ++/** ++ * enum cc_attr - Confidential computing attributes ++ * ++ * These attributes represent confidential computing features that are ++ * currently active. ++ */ ++enum cc_attr { ++ /** ++ * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active ++ * ++ * The platform/OS is running with active memory encryption. This ++ * includes running either as a bare-metal system or a hypervisor ++ * and actively using memory encryption or as a guest/virtual machine ++ * and actively using memory encryption. ++ * ++ * Examples include SME, SEV and SEV-ES. ++ */ ++ CC_ATTR_MEM_ENCRYPT, ++ ++ /** ++ * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active ++ * ++ * The platform/OS is running as a bare-metal system or a hypervisor ++ * and actively using memory encryption. ++ * ++ * Examples include SME. ++ */ ++ CC_ATTR_HOST_MEM_ENCRYPT, ++ ++ /** ++ * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active ++ * ++ * The platform/OS is running as a guest/virtual machine and actively ++ * using memory encryption. ++ * ++ * Examples include SEV and SEV-ES. ++ */ ++ CC_ATTR_GUEST_MEM_ENCRYPT, ++ ++ /** ++ * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active ++ * ++ * The platform/OS is running as a guest/virtual machine and actively ++ * using memory encryption and register state encryption. ++ * ++ * Examples include SEV-ES. ++ */ ++ CC_ATTR_GUEST_STATE_ENCRYPT, ++}; ++ ++#ifdef CONFIG_ARCH_HAS_CC_PLATFORM ++ ++/** ++ * cc_platform_has() - Checks if the specified cc_attr attribute is active ++ * @attr: Confidential computing attribute to check ++ * ++ * The cc_platform_has() function will return an indicator as to whether the ++ * specified Confidential Computing attribute is currently active. ++ * ++ * Context: Any context ++ * Return: ++ * * TRUE - Specified Confidential Computing attribute is active ++ * * FALSE - Specified Confidential Computing attribute is not active ++ */ ++bool cc_platform_has(enum cc_attr attr); ++ ++#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ ++ ++static inline bool cc_platform_has(enum cc_attr attr) { return false; } ++ ++#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ ++ ++#endif /* _LINUX_CC_PLATFORM_H */ diff --git a/queue-5.10/series b/queue-5.10/series index c5142998503..59cc206180b 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -575,3 +575,6 @@ ath10k-fix-invalid-dma_addr_t-token-assignment.patch mmc-moxart-fix-null-pointer-dereference-on-pointer-host.patch selftests-bpf-fix-also-no-alu32-strobemeta-selftest.patch ataflop-fix-off-by-one-in-ataflop_probe.patch +arch-cc-introduce-a-function-to-check-for-confidential-computing-features.patch +x86-sev-add-an-x86-version-of-cc_platform_has.patch +x86-sev-make-the-vc-exception-stacks-part-of-the-default-stacks-storage.patch diff --git a/queue-5.10/x86-sev-add-an-x86-version-of-cc_platform_has.patch b/queue-5.10/x86-sev-add-an-x86-version-of-cc_platform_has.patch new file mode 100644 index 00000000000..fc4da9b73cc --- /dev/null +++ b/queue-5.10/x86-sev-add-an-x86-version-of-cc_platform_has.patch @@ -0,0 +1,164 @@ +From aa5a461171f98fde0df78c4f6b5018a1e967cf81 Mon Sep 17 00:00:00 2001 +From: Tom Lendacky +Date: Wed, 8 Sep 2021 17:58:34 -0500 +Subject: x86/sev: Add an x86 version of cc_platform_has() + +From: Tom Lendacky + +commit aa5a461171f98fde0df78c4f6b5018a1e967cf81 upstream. + +Introduce an x86 version of the cc_platform_has() function. This will be +used to replace vendor specific calls like sme_active(), sev_active(), +etc. + +Signed-off-by: Tom Lendacky +Signed-off-by: Borislav Petkov +Link: https://lkml.kernel.org/r/20210928191009.32551-4-bp@alien8.de +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/Kconfig | 1 + arch/x86/include/asm/mem_encrypt.h | 1 + arch/x86/kernel/Makefile | 6 +++ + arch/x86/kernel/cc_platform.c | 69 +++++++++++++++++++++++++++++++++++++ + arch/x86/mm/mem_encrypt.c | 1 + 5 files changed, 78 insertions(+) + create mode 100644 arch/x86/kernel/cc_platform.c + +--- a/arch/x86/Kconfig ++++ b/arch/x86/Kconfig +@@ -1527,6 +1527,7 @@ config AMD_MEM_ENCRYPT + select ARCH_USE_MEMREMAP_PROT + select ARCH_HAS_FORCE_DMA_UNENCRYPTED + select INSTRUCTION_DECODER ++ select ARCH_HAS_CC_PLATFORM + help + Say yes to enable support for the encryption of system memory. + This requires an AMD processor that supports Secure Memory +--- a/arch/x86/include/asm/mem_encrypt.h ++++ b/arch/x86/include/asm/mem_encrypt.h +@@ -13,6 +13,7 @@ + #ifndef __ASSEMBLY__ + + #include ++#include + + #include + +--- a/arch/x86/kernel/Makefile ++++ b/arch/x86/kernel/Makefile +@@ -21,6 +21,7 @@ CFLAGS_REMOVE_ftrace.o = -pg + CFLAGS_REMOVE_early_printk.o = -pg + CFLAGS_REMOVE_head64.o = -pg + CFLAGS_REMOVE_sev-es.o = -pg ++CFLAGS_REMOVE_cc_platform.o = -pg + endif + + KASAN_SANITIZE_head$(BITS).o := n +@@ -29,6 +30,7 @@ KASAN_SANITIZE_dumpstack_$(BITS).o := + KASAN_SANITIZE_stacktrace.o := n + KASAN_SANITIZE_paravirt.o := n + KASAN_SANITIZE_sev-es.o := n ++KASAN_SANITIZE_cc_platform.o := n + + # With some compiler versions the generated code results in boot hangs, caused + # by several compilation units. To be safe, disable all instrumentation. +@@ -48,6 +50,7 @@ endif + KCOV_INSTRUMENT := n + + CFLAGS_head$(BITS).o += -fno-stack-protector ++CFLAGS_cc_platform.o += -fno-stack-protector + + CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace + +@@ -151,6 +154,9 @@ obj-$(CONFIG_UNWINDER_FRAME_POINTER) += + obj-$(CONFIG_UNWINDER_GUESS) += unwind_guess.o + + obj-$(CONFIG_AMD_MEM_ENCRYPT) += sev-es.o ++ ++obj-$(CONFIG_ARCH_HAS_CC_PLATFORM) += cc_platform.o ++ + ### + # 64 bit specific files + ifeq ($(CONFIG_X86_64),y) +--- /dev/null ++++ b/arch/x86/kernel/cc_platform.c +@@ -0,0 +1,69 @@ ++// SPDX-License-Identifier: GPL-2.0-only ++/* ++ * Confidential Computing Platform Capability checks ++ * ++ * Copyright (C) 2021 Advanced Micro Devices, Inc. ++ * ++ * Author: Tom Lendacky ++ */ ++ ++#include ++#include ++#include ++ ++#include ++ ++static bool __maybe_unused intel_cc_platform_has(enum cc_attr attr) ++{ ++#ifdef CONFIG_INTEL_TDX_GUEST ++ return false; ++#else ++ return false; ++#endif ++} ++ ++/* ++ * SME and SEV are very similar but they are not the same, so there are ++ * times that the kernel will need to distinguish between SME and SEV. The ++ * cc_platform_has() function is used for this. When a distinction isn't ++ * needed, the CC_ATTR_MEM_ENCRYPT attribute can be used. ++ * ++ * The trampoline code is a good example for this requirement. Before ++ * paging is activated, SME will access all memory as decrypted, but SEV ++ * will access all memory as encrypted. So, when APs are being brought ++ * up under SME the trampoline area cannot be encrypted, whereas under SEV ++ * the trampoline area must be encrypted. ++ */ ++static bool amd_cc_platform_has(enum cc_attr attr) ++{ ++#ifdef CONFIG_AMD_MEM_ENCRYPT ++ switch (attr) { ++ case CC_ATTR_MEM_ENCRYPT: ++ return sme_me_mask; ++ ++ case CC_ATTR_HOST_MEM_ENCRYPT: ++ return sme_me_mask && !(sev_status & MSR_AMD64_SEV_ENABLED); ++ ++ case CC_ATTR_GUEST_MEM_ENCRYPT: ++ return sev_status & MSR_AMD64_SEV_ENABLED; ++ ++ case CC_ATTR_GUEST_STATE_ENCRYPT: ++ return sev_status & MSR_AMD64_SEV_ES_ENABLED; ++ ++ default: ++ return false; ++ } ++#else ++ return false; ++#endif ++} ++ ++ ++bool cc_platform_has(enum cc_attr attr) ++{ ++ if (sme_me_mask) ++ return amd_cc_platform_has(attr); ++ ++ return false; ++} ++EXPORT_SYMBOL_GPL(cc_platform_has); +--- a/arch/x86/mm/mem_encrypt.c ++++ b/arch/x86/mm/mem_encrypt.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + + #include + #include diff --git a/queue-5.10/x86-sev-make-the-vc-exception-stacks-part-of-the-default-stacks-storage.patch b/queue-5.10/x86-sev-make-the-vc-exception-stacks-part-of-the-default-stacks-storage.patch new file mode 100644 index 00000000000..e9a2ed70aba --- /dev/null +++ b/queue-5.10/x86-sev-make-the-vc-exception-stacks-part-of-the-default-stacks-storage.patch @@ -0,0 +1,129 @@ +From 541ac97186d9ea88491961a46284de3603c914fd Mon Sep 17 00:00:00 2001 +From: Borislav Petkov +Date: Fri, 1 Oct 2021 21:41:20 +0200 +Subject: x86/sev: Make the #VC exception stacks part of the default stacks storage + +From: Borislav Petkov + +commit 541ac97186d9ea88491961a46284de3603c914fd upstream. + +The size of the exception stacks was increased by the commit in Fixes, +resulting in stack sizes greater than a page in size. The #VC exception +handling was only mapping the first (bottom) page, resulting in an +SEV-ES guest failing to boot. + +Make the #VC exception stacks part of the default exception stacks +storage and allocate them with a CONFIG_AMD_MEM_ENCRYPT=y .config. Map +them only when a SEV-ES guest has been detected. + +Rip out the custom VC stacks mapping and storage code. + + [ bp: Steal and adapt Tom's commit message. ] + +Fixes: 7fae4c24a2b8 ("x86: Increase exception stack sizes") +Signed-off-by: Borislav Petkov +Tested-by: Tom Lendacky +Tested-by: Brijesh Singh +Link: https://lkml.kernel.org/r/YVt1IMjIs7pIZTRR@zn.tnic +Signed-off-by: Greg Kroah-Hartman +--- + arch/x86/include/asm/cpu_entry_area.h | 8 +++++++- + arch/x86/kernel/sev-es.c | 32 -------------------------------- + arch/x86/mm/cpu_entry_area.c | 7 +++++++ + 3 files changed, 14 insertions(+), 33 deletions(-) + +--- a/arch/x86/include/asm/cpu_entry_area.h ++++ b/arch/x86/include/asm/cpu_entry_area.h +@@ -10,6 +10,12 @@ + + #ifdef CONFIG_X86_64 + ++#ifdef CONFIG_AMD_MEM_ENCRYPT ++#define VC_EXCEPTION_STKSZ EXCEPTION_STKSZ ++#else ++#define VC_EXCEPTION_STKSZ 0 ++#endif ++ + /* Macro to enforce the same ordering and stack sizes */ + #define ESTACKS_MEMBERS(guardsize, optional_stack_size) \ + char DF_stack_guard[guardsize]; \ +@@ -28,7 +34,7 @@ + + /* The exception stacks' physical storage. No guard pages required */ + struct exception_stacks { +- ESTACKS_MEMBERS(0, 0) ++ ESTACKS_MEMBERS(0, VC_EXCEPTION_STKSZ) + }; + + /* The effective cpu entry area mapping with guard pages. */ +--- a/arch/x86/kernel/sev-es.c ++++ b/arch/x86/kernel/sev-es.c +@@ -46,16 +46,6 @@ static struct ghcb __initdata *boot_ghcb + struct sev_es_runtime_data { + struct ghcb ghcb_page; + +- /* Physical storage for the per-CPU IST stack of the #VC handler */ +- char ist_stack[EXCEPTION_STKSZ] __aligned(PAGE_SIZE); +- +- /* +- * Physical storage for the per-CPU fall-back stack of the #VC handler. +- * The fall-back stack is used when it is not safe to switch back to the +- * interrupted stack in the #VC entry code. +- */ +- char fallback_stack[EXCEPTION_STKSZ] __aligned(PAGE_SIZE); +- + /* + * Reserve one page per CPU as backup storage for the unencrypted GHCB. + * It is needed when an NMI happens while the #VC handler uses the real +@@ -99,27 +89,6 @@ DEFINE_STATIC_KEY_FALSE(sev_es_enable_ke + /* Needed in vc_early_forward_exception */ + void do_early_exception(struct pt_regs *regs, int trapnr); + +-static void __init setup_vc_stacks(int cpu) +-{ +- struct sev_es_runtime_data *data; +- struct cpu_entry_area *cea; +- unsigned long vaddr; +- phys_addr_t pa; +- +- data = per_cpu(runtime_data, cpu); +- cea = get_cpu_entry_area(cpu); +- +- /* Map #VC IST stack */ +- vaddr = CEA_ESTACK_BOT(&cea->estacks, VC); +- pa = __pa(data->ist_stack); +- cea_set_pte((void *)vaddr, pa, PAGE_KERNEL); +- +- /* Map VC fall-back stack */ +- vaddr = CEA_ESTACK_BOT(&cea->estacks, VC2); +- pa = __pa(data->fallback_stack); +- cea_set_pte((void *)vaddr, pa, PAGE_KERNEL); +-} +- + static __always_inline bool on_vc_stack(struct pt_regs *regs) + { + unsigned long sp = regs->sp; +@@ -753,7 +722,6 @@ void __init sev_es_init_vc_handling(void + for_each_possible_cpu(cpu) { + alloc_runtime_data(cpu); + init_ghcb(cpu); +- setup_vc_stacks(cpu); + } + + sev_es_setup_play_dead(); +--- a/arch/x86/mm/cpu_entry_area.c ++++ b/arch/x86/mm/cpu_entry_area.c +@@ -110,6 +110,13 @@ static void __init percpu_setup_exceptio + cea_map_stack(NMI); + cea_map_stack(DB); + cea_map_stack(MCE); ++ ++ if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) { ++ if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) { ++ cea_map_stack(VC); ++ cea_map_stack(VC2); ++ } ++ } + } + #else + static inline void percpu_setup_exception_stacks(unsigned int cpu)