git.ipfire.org Git - people/arne

author	Borislav Petkov <bp@suse.de>
	Sun, 27 Aug 2017 16:39:24 +0000 (18:39 +0200)
committer	Thomas Gleixner <tglx@linutronix.de>
	Tue, 29 Aug 2017 08:57:16 +0000 (10:57 +0200)
commit	6e0b52d406f64d2bd65731968a072387b91b44d2
tree	619bdafe4ff21abc38a0269d5f0f94878db90289	tree \| snapshot
parent	ea2800ddb20d6e66042051a61f66e6bea4fa0db7	commit \| diff

x86/mm: Fix SME encryption stack ptr handling

sme_encrypt_execute() stashes the stack pointer on entry into %rbp
because it allocates a one-page stack in the non-encrypted area for the
encryption routine to use. When the latter is done, it restores it from
%rbp again, before returning.

However, it uses the FRAME_* macros partially but restores %rsp from
%rbp explicitly with a MOV. And this is fine as long as the macros
*actually* do something.

Unless, you do a !CONFIG_FRAME_POINTER build where those macros
are empty. Then, we still restore %rsp from %rbp but %rbp contains
*something* and this leads to a stack corruption. The manifestation
being a triple-fault during early boot when testing SME. Good luck to me
debugging this with the clumsy endless-loop-in-asm method and narrowing
it down gradually. :-(

So, long story short, open-code the frame macros so that there's no
monkey business and we avoid subtly breaking SME depending on the
.config.

Fixes: 6ebcb060713f ("x86/mm: Add support to encrypt the kernel in-place")
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Link: http://lkml.kernel.org/r/20170827163924.25552-1-bp@alien8.de