* [tip: x86/sev] x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c
@ 2021-10-19 13:36 tip-bot2 for Tom Lendacky
0 siblings, 0 replies; only message in thread
From: tip-bot2 for Tom Lendacky @ 2021-10-19 13:36 UTC (permalink / raw)
To: linux-tip-commits
Cc: Tom Lendacky, Borislav Petkov, Kirill A. Shutemov, stable, x86,
linux-kernel
The following commit has been merged into the x86/sev branch of tip:
Commit-ID: e7d445ab26db833d6640d4c9a08bee176777cc82
Gitweb: https://git.kernel.org/tip/e7d445ab26db833d6640d4c9a08bee176777cc82
Author: Tom Lendacky <thomas.lendacky@amd.com>
AuthorDate: Fri, 15 Oct 2021 12:24:16 -05:00
Committer: Borislav Petkov <bp@suse.de>
CommitterDate: Tue, 19 Oct 2021 14:07:17 +02:00
x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c
When runtime support for converting between 4-level and 5-level pagetables
was added to the kernel, the SME code that built pagetables was updated
to use the pagetable functions, e.g. p4d_offset(), etc., in order to
simplify the code. However, the use of the pagetable functions in early
boot code requires the use of the USE_EARLY_PGTABLE_L5 #define in order to
ensure that the proper definition of pgtable_l5_enabled() is used.
Without the #define, pgtable_l5_enabled() is #defined as
cpu_feature_enabled(X86_FEATURE_LA57). In early boot, the CPU features
have not yet been discovered and populated, so pgtable_l5_enabled() will
return false even when 5-level paging is enabled. This causes the SME code
to always build 4-level pagetables to perform the in-place encryption.
If 5-level paging is enabled, switching to the SME pagetables results in
a page-fault that kills the boot.
Adding the #define results in pgtable_l5_enabled() using the
__pgtable_l5_enabled variable set in early boot and the SME code building
pagetables for the proper paging level.
Fixes: aad983913d77 ("x86/mm/encrypt: Simplify sme_populate_pgd() and sme_populate_pgd_large()")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: <stable@vger.kernel.org> # 4.18.x
Link: https://lkml.kernel.org/r/2cb8329655f5c753905812d951e212022a480475.1634318656.git.thomas.lendacky@amd.com
---
arch/x86/mm/mem_encrypt_identity.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
index 470b202..700ce8f 100644
--- a/arch/x86/mm/mem_encrypt_identity.c
+++ b/arch/x86/mm/mem_encrypt_identity.c
@@ -27,6 +27,15 @@
#undef CONFIG_PARAVIRT_XXL
#undef CONFIG_PARAVIRT_SPINLOCKS
+/*
+ * This code runs before CPU feature bits are set. By default, the
+ * pgtable_l5_enabled() function uses bit X86_FEATURE_LA57 to determine if
+ * 5-level paging is active, so that won't work here. USE_EARLY_PGTABLE_L5
+ * is provided to handle this situation and, instead, use a variable that
+ * has been set by the early boot code.
+ */
+#define USE_EARLY_PGTABLE_L5
+
#include <linux/kernel.h>
#include <linux/mm.h>
#include <linux/mem_encrypt.h>
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-10-19 13:36 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-19 13:36 [tip: x86/sev] x86/sme: Use #define USE_EARLY_PGTABLE_L5 in mem_encrypt_identity.c tip-bot2 for Tom Lendacky
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.