From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 75737C433FE for ; Fri, 24 Sep 2021 09:41:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5E2C8610F7 for ; Fri, 24 Sep 2021 09:41:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245277AbhIXJnK (ORCPT ); Fri, 24 Sep 2021 05:43:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245259AbhIXJnF (ORCPT ); Fri, 24 Sep 2021 05:43:05 -0400 Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 24D46C061756 for ; Fri, 24 Sep 2021 02:41:32 -0700 (PDT) Received: by mail-lf1-x12a.google.com with SMTP id i25so38290942lfg.6 for ; Fri, 24 Sep 2021 02:41:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=a94RXEUJuMmQvxSDKok9kJbMV98Mo28f1Csi4Z4iwvW7+MkRyX5SrQhnYAAaonglNs TqzSbC141ptsWvvzM0S2r5099PgvSLUTd+llMs5cQH1O/KYv2VKwA3rHbEQ17XEUoJiN b88sf+8/Kq6CN5gKqNMDbt0WofHePWjCWhJfrHH/URopiQYKQJViZtb5wMUubTQfdu6m e490qkHKD0Pb0R4D5rMx+0JuhhDDbQUkFWETXBCjCVPYNSZnkKFRM+sk+iiLVm+sara7 E1aPac0dVliF4TZMk0iL6yousngzwZf3UFxxtnempLUEnPswt9hwLB+6ECQ/gPgJLFvg u+ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=c6bWIICYv8pg0ofw/uUqBtylw7uQSyQt/p3XO30P4hofxTJq0sGKh2vpZya/v+HkRK vvsz/Vuvx1nRgh0qZ2khlEq6SHtspAiiKVoMmpe0tGO/CBGntF66zyyCONOBmKxqbLLy RAJ/uwIqVtZrB7q+n5737Sn+1BD5J8Wi/uf0sB8m9jhoK3n2LUROhiB5hXxUrHmfVov2 68P0CqXB/0s3lD25MbYjNe9OXqcGsa9IBB0Dm0E6cQY2ffWuRbKWJBuXjKM3fd8eBJ/N 6Jka2SONZcJJLUsLrPntkPMwwE7Nc4AWszUx0/dL4vHfqKFXcdYsMparbauM8dMGJ0v6 abxw== X-Gm-Message-State: AOAM531nVqJR/DCPm4StIHf6yLU5J7d2R5VQvw2EitHT4V79TIeBSEsx cTX6oLzg+O4nm50kb37PLPuX+A== X-Google-Smtp-Source: ABdhPJz+tcQG7FGy3FlEBQPrN+mpMikLwlc4Lo7J+ey+pIvMNuRrMxCLd7yfmXFIncsb4Qxt6AJb6g== X-Received: by 2002:a2e:804c:: with SMTP id p12mr10420673ljg.344.1632476490492; Fri, 24 Sep 2021 02:41:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k21sm952544lji.81.2021.09.24.02.41.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Sep 2021 02:41:29 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 84289103068; Fri, 24 Sep 2021 12:41:32 +0300 (+03) Date: Fri, 24 Sep 2021 12:41:32 +0300 From: "Kirill A. Shutemov" To: Borislav Petkov Cc: Tom Lendacky , linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org, Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Will Deacon Subject: Re: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Message-ID: <20210924094132.gxyqp4z3qdk5w4j6@box.shutemov.name> References: <20210921212059.wwlytlmxoft4cdth@box.shutemov.name> <20210921213401.i2pzaotgjvn4efgg@box.shutemov.name> <00f52bf8-cbc6-3721-f40e-2f51744751b0@amd.com> <20210921215830.vqxd75r4eyau6cxy@box.shutemov.name> <01891f59-7ec3-cf62-a8fc-79f79ca76587@amd.com> <20210922143015.vvxvh6ec73lffvkf@box.shutemov.name> <20210922210558.itofvu3725dap5xx@box.shutemov.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Sep 23, 2021 at 08:21:03PM +0200, Borislav Petkov wrote: > On Thu, Sep 23, 2021 at 12:05:58AM +0300, Kirill A. Shutemov wrote: > > Unless we find other way to guarantee RIP-relative access, we must use > > fixup_pointer() to access any global variables. > > Yah, I've asked compiler folks about any guarantees we have wrt > rip-relative addresses but it doesn't look good. Worst case, we'd have > to do the fixup_pointer() thing. > > In the meantime, Tom and I did some more poking at this and here's a > diff ontop. > > The direction being that we'll stick both the AMD and Intel > *cc_platform_has() call into cc_platform.c for which instrumentation > will be disabled so no issues with that. > > And that will keep all that querying all together in a single file. And still do cc_platform_has() calls in __startup_64() codepath? It's broken. Intel detection in cc_platform_has() relies on boot_cpu_data.x86_vendor which is not initialized until early_cpu_init() in setup_arch(). Given that X86_VENDOR_INTEL is 0 it leads to false-positive. I think opencode these two calls is the way forward. Maybe also move the check from sme_encrypt_kernel() to __startup_64(). -- Kirill A. Shutemov From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6E3EFC433EF for ; Fri, 24 Sep 2021 09:41:36 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2420760E97 for ; Fri, 24 Sep 2021 09:41:36 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 2420760E97 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=shutemov.name Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id CF52F403E1; Fri, 24 Sep 2021 09:41:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZWh32Xa7XeuG; Fri, 24 Sep 2021 09:41:34 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTPS id 7C2B5403E0; Fri, 24 Sep 2021 09:41:34 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5020AC000F; Fri, 24 Sep 2021 09:41:34 +0000 (UTC) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9DCE6C000D for ; Fri, 24 Sep 2021 09:41:33 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 77CB760701 for ; Fri, 24 Sep 2021 09:41:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=shutemov-name.20210112.gappssmtp.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F5rpfu499rmh for ; Fri, 24 Sep 2021 09:41:32 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) by smtp3.osuosl.org (Postfix) with ESMTPS id 9A7496061C for ; Fri, 24 Sep 2021 09:41:32 +0000 (UTC) Received: by mail-lf1-x12d.google.com with SMTP id i25so38290943lfg.6 for ; Fri, 24 Sep 2021 02:41:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=a94RXEUJuMmQvxSDKok9kJbMV98Mo28f1Csi4Z4iwvW7+MkRyX5SrQhnYAAaonglNs TqzSbC141ptsWvvzM0S2r5099PgvSLUTd+llMs5cQH1O/KYv2VKwA3rHbEQ17XEUoJiN b88sf+8/Kq6CN5gKqNMDbt0WofHePWjCWhJfrHH/URopiQYKQJViZtb5wMUubTQfdu6m e490qkHKD0Pb0R4D5rMx+0JuhhDDbQUkFWETXBCjCVPYNSZnkKFRM+sk+iiLVm+sara7 E1aPac0dVliF4TZMk0iL6yousngzwZf3UFxxtnempLUEnPswt9hwLB+6ECQ/gPgJLFvg u+ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=NkdC4x0lWcENebXVkjrIIz/Jro2ROtj2L2IaGiLwswD6Ke7G+uSnKTHVJPT6zVK3S9 kNaSYrtcY0ylHWYsZ6ZduSbF5GvDxSM8dvp/cyvJPhr67D+BxzI78QmytkmhfiwUGU97 zn5M5qlqLpWrAjaKaU4OX2tMZeg/CXxiST3ZmQk0e9LzasCbniHj9rBMsvM4bvJ0Xxio sXfdEvCpJbrHMzppf8uurQNdr1izWNNqvhKLid0H/HP+R0hessoec2zn9Cdlzj0VoebP 8nLedFIloTcqa3KVp/Mmf7razohJaBP/thLl4b0oX8RrHkRIEO34ma8fRwNlsEL1R2yE aNbA== X-Gm-Message-State: AOAM530ScFLhYCShjLy2fVwHJDGXlKTRCQfAvvw2LUqcwTMss1MQXGgL UHfO/8T0h33DD5W1PTXcg+ZXrg== X-Google-Smtp-Source: ABdhPJz+tcQG7FGy3FlEBQPrN+mpMikLwlc4Lo7J+ey+pIvMNuRrMxCLd7yfmXFIncsb4Qxt6AJb6g== X-Received: by 2002:a2e:804c:: with SMTP id p12mr10420673ljg.344.1632476490492; Fri, 24 Sep 2021 02:41:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k21sm952544lji.81.2021.09.24.02.41.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Sep 2021 02:41:29 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 84289103068; Fri, 24 Sep 2021 12:41:32 +0300 (+03) Date: Fri, 24 Sep 2021 12:41:32 +0300 From: "Kirill A. Shutemov" To: Borislav Petkov Subject: Re: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Message-ID: <20210924094132.gxyqp4z3qdk5w4j6@box.shutemov.name> References: <20210921212059.wwlytlmxoft4cdth@box.shutemov.name> <20210921213401.i2pzaotgjvn4efgg@box.shutemov.name> <00f52bf8-cbc6-3721-f40e-2f51744751b0@amd.com> <20210921215830.vqxd75r4eyau6cxy@box.shutemov.name> <01891f59-7ec3-cf62-a8fc-79f79ca76587@amd.com> <20210922143015.vvxvh6ec73lffvkf@box.shutemov.name> <20210922210558.itofvu3725dap5xx@box.shutemov.name> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Cc: linux-efi@vger.kernel.org, Brijesh Singh , kvm@vger.kernel.org, Peter Zijlstra , Dave Hansen , dri-devel@lists.freedesktop.org, platform-driver-x86@vger.kernel.org, Will Deacon , linux-s390@vger.kernel.org, Andi Kleen , x86@kernel.org, amd-gfx@lists.freedesktop.org, Christoph Hellwig , Ingo Molnar , linux-graphics-maintainer@vmware.com, Tom Lendacky , Tianyu Lan , Andy Lutomirski , Thomas Gleixner , kexec@lists.infradead.org, linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org, linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: iommu-bounces@lists.linux-foundation.org Sender: "iommu" On Thu, Sep 23, 2021 at 08:21:03PM +0200, Borislav Petkov wrote: > On Thu, Sep 23, 2021 at 12:05:58AM +0300, Kirill A. Shutemov wrote: > > Unless we find other way to guarantee RIP-relative access, we must use > > fixup_pointer() to access any global variables. > > Yah, I've asked compiler folks about any guarantees we have wrt > rip-relative addresses but it doesn't look good. Worst case, we'd have > to do the fixup_pointer() thing. > > In the meantime, Tom and I did some more poking at this and here's a > diff ontop. > > The direction being that we'll stick both the AMD and Intel > *cc_platform_has() call into cc_platform.c for which instrumentation > will be disabled so no issues with that. > > And that will keep all that querying all together in a single file. And still do cc_platform_has() calls in __startup_64() codepath? It's broken. Intel detection in cc_platform_has() relies on boot_cpu_data.x86_vendor which is not initialized until early_cpu_init() in setup_arch(). Given that X86_VENDOR_INTEL is 0 it leads to false-positive. I think opencode these two calls is the way forward. Maybe also move the check from sme_encrypt_kernel() to __startup_64(). -- Kirill A. Shutemov _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5CE5FC433F5 for ; Fri, 24 Sep 2021 09:41:35 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1F33F60E97 for ; Fri, 24 Sep 2021 09:41:35 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 1F33F60E97 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=shutemov.name Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 8052F6E19B; Fri, 24 Sep 2021 09:41:33 +0000 (UTC) Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) by gabe.freedesktop.org (Postfix) with ESMTPS id 41B446E19B for ; Fri, 24 Sep 2021 09:41:32 +0000 (UTC) Received: by mail-lf1-x12f.google.com with SMTP id u8so37175127lff.9 for ; Fri, 24 Sep 2021 02:41:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=a94RXEUJuMmQvxSDKok9kJbMV98Mo28f1Csi4Z4iwvW7+MkRyX5SrQhnYAAaonglNs TqzSbC141ptsWvvzM0S2r5099PgvSLUTd+llMs5cQH1O/KYv2VKwA3rHbEQ17XEUoJiN b88sf+8/Kq6CN5gKqNMDbt0WofHePWjCWhJfrHH/URopiQYKQJViZtb5wMUubTQfdu6m e490qkHKD0Pb0R4D5rMx+0JuhhDDbQUkFWETXBCjCVPYNSZnkKFRM+sk+iiLVm+sara7 E1aPac0dVliF4TZMk0iL6yousngzwZf3UFxxtnempLUEnPswt9hwLB+6ECQ/gPgJLFvg u+ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=5VAeeG4cv1UxYLdZM0oF2pVyDyA81ouZiaAXFEpqWFAYct4P9Ee3nkCpc8ow7UUkO0 sUj+JlG4DzmCbapbaNZXK3qL8D3ZsxrlOKo+7koCfYGEiyPD3tkanL/iHBBI7OMPu6zD KoiAE0jfuQuhp5FySS3Udj7UMoWzgSIyUUVn8ALLvxTBoR+GXpDCEAHRMxScM9pJVIXR EnZrc6B//SghdKZId2iRVWEFRjKv+W4CbQEDpbK6ku1ndAETgWcWHrpt0Zi+8V7a95IL Y57D2ZFOI45PWMGUp5o2b0yvQHy10OdfTEqO2Ni31sAih3fF6I8KnbnpRPidRxog6yWE 28UA== X-Gm-Message-State: AOAM531Yw+5qBpiNwYMUdPM9ekibry6Cp06neg0R+wDObkmgBBibSJNJ P0g1xaSBMLgpICL7VfjO4BN5cg== X-Google-Smtp-Source: ABdhPJz+tcQG7FGy3FlEBQPrN+mpMikLwlc4Lo7J+ey+pIvMNuRrMxCLd7yfmXFIncsb4Qxt6AJb6g== X-Received: by 2002:a2e:804c:: with SMTP id p12mr10420673ljg.344.1632476490492; Fri, 24 Sep 2021 02:41:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k21sm952544lji.81.2021.09.24.02.41.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Sep 2021 02:41:29 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 84289103068; Fri, 24 Sep 2021 12:41:32 +0300 (+03) Date: Fri, 24 Sep 2021 12:41:32 +0300 From: "Kirill A. Shutemov" To: Borislav Petkov Cc: Tom Lendacky , linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org, Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Will Deacon Subject: Re: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Message-ID: <20210924094132.gxyqp4z3qdk5w4j6@box.shutemov.name> References: <20210921212059.wwlytlmxoft4cdth@box.shutemov.name> <20210921213401.i2pzaotgjvn4efgg@box.shutemov.name> <00f52bf8-cbc6-3721-f40e-2f51744751b0@amd.com> <20210921215830.vqxd75r4eyau6cxy@box.shutemov.name> <01891f59-7ec3-cf62-a8fc-79f79ca76587@amd.com> <20210922143015.vvxvh6ec73lffvkf@box.shutemov.name> <20210922210558.itofvu3725dap5xx@box.shutemov.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" On Thu, Sep 23, 2021 at 08:21:03PM +0200, Borislav Petkov wrote: > On Thu, Sep 23, 2021 at 12:05:58AM +0300, Kirill A. Shutemov wrote: > > Unless we find other way to guarantee RIP-relative access, we must use > > fixup_pointer() to access any global variables. > > Yah, I've asked compiler folks about any guarantees we have wrt > rip-relative addresses but it doesn't look good. Worst case, we'd have > to do the fixup_pointer() thing. > > In the meantime, Tom and I did some more poking at this and here's a > diff ontop. > > The direction being that we'll stick both the AMD and Intel > *cc_platform_has() call into cc_platform.c for which instrumentation > will be disabled so no issues with that. > > And that will keep all that querying all together in a single file. And still do cc_platform_has() calls in __startup_64() codepath? It's broken. Intel detection in cc_platform_has() relies on boot_cpu_data.x86_vendor which is not initialized until early_cpu_init() in setup_arch(). Given that X86_VENDOR_INTEL is 0 it leads to false-positive. I think opencode these two calls is the way forward. Maybe also move the check from sme_encrypt_kernel() to __startup_64(). -- Kirill A. Shutemov From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.6 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C1A4BC433EF for ; Fri, 24 Sep 2021 09:42:22 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 02C2560238 for ; Fri, 24 Sep 2021 09:42:21 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 02C2560238 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=shutemov.name Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.ozlabs.org Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4HG6Wc2dK2z3bjB for ; Fri, 24 Sep 2021 19:42:20 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=shutemov-name.20210112.gappssmtp.com header.i=@shutemov-name.20210112.gappssmtp.com header.a=rsa-sha256 header.s=20210112 header.b=a94RXEUJ; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=shutemov.name (client-ip=2a00:1450:4864:20::12d; helo=mail-lf1-x12d.google.com; envelope-from=kirill@shutemov.name; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=shutemov-name.20210112.gappssmtp.com header.i=@shutemov-name.20210112.gappssmtp.com header.a=rsa-sha256 header.s=20210112 header.b=a94RXEUJ; dkim-atps=neutral Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4HG6Vn71Fdz2ynX for ; Fri, 24 Sep 2021 19:41:36 +1000 (AEST) Received: by mail-lf1-x12d.google.com with SMTP id u8so37175159lff.9 for ; Fri, 24 Sep 2021 02:41:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20210112.gappssmtp.com; s=20210112; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=a94RXEUJuMmQvxSDKok9kJbMV98Mo28f1Csi4Z4iwvW7+MkRyX5SrQhnYAAaonglNs TqzSbC141ptsWvvzM0S2r5099PgvSLUTd+llMs5cQH1O/KYv2VKwA3rHbEQ17XEUoJiN b88sf+8/Kq6CN5gKqNMDbt0WofHePWjCWhJfrHH/URopiQYKQJViZtb5wMUubTQfdu6m e490qkHKD0Pb0R4D5rMx+0JuhhDDbQUkFWETXBCjCVPYNSZnkKFRM+sk+iiLVm+sara7 E1aPac0dVliF4TZMk0iL6yousngzwZf3UFxxtnempLUEnPswt9hwLB+6ECQ/gPgJLFvg u+ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=7QWYmDDdQ14wxTTMWtNorG+4hnmrm04qfz4ZOujDnZs=; b=ejRo644Q3XBqM8EWg3x3sr3bbaXw5RSRbOd7zutKKSNVmId0vmdAb3/wamUdtLnn8C KsR2MqW7/es+5TlrZr222475ojdTE3iPRpRGsYyHRo3CyR8kBwkezvh/N18+Jddj9jnt KbmFoiY4kMeMtuBo38di+V1d9lPwi3CRMjvKb0gQxbLhPeyXbveukoCXHJxJFjg/ZOQV Aatc+SQyHEYypGczb03Qnn/P++OYlE0NYu521hzvH7RBGxGM5Yiw+s9OnYXKS6G5V1c8 gmsz3vatwruzF6ou6Met+uNX4Qmro84xC7A2aNvXxaljiDSiZoS9YeLIjV4KCOd+6zsZ dXXg== X-Gm-Message-State: AOAM531OAlBev2IPX8dRfsgphKKtTGNQSjxkLWKr4OFDZlVSnwXS7C69 JPpTA326gklS51jbGDyYz9EWkQ== X-Google-Smtp-Source: ABdhPJz+tcQG7FGy3FlEBQPrN+mpMikLwlc4Lo7J+ey+pIvMNuRrMxCLd7yfmXFIncsb4Qxt6AJb6g== X-Received: by 2002:a2e:804c:: with SMTP id p12mr10420673ljg.344.1632476490492; Fri, 24 Sep 2021 02:41:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k21sm952544lji.81.2021.09.24.02.41.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Sep 2021 02:41:29 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 84289103068; Fri, 24 Sep 2021 12:41:32 +0300 (+03) Date: Fri, 24 Sep 2021 12:41:32 +0300 From: "Kirill A. Shutemov" To: Borislav Petkov Subject: Re: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Message-ID: <20210924094132.gxyqp4z3qdk5w4j6@box.shutemov.name> References: <20210921212059.wwlytlmxoft4cdth@box.shutemov.name> <20210921213401.i2pzaotgjvn4efgg@box.shutemov.name> <00f52bf8-cbc6-3721-f40e-2f51744751b0@amd.com> <20210921215830.vqxd75r4eyau6cxy@box.shutemov.name> <01891f59-7ec3-cf62-a8fc-79f79ca76587@amd.com> <20210922143015.vvxvh6ec73lffvkf@box.shutemov.name> <20210922210558.itofvu3725dap5xx@box.shutemov.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Sathyanarayanan Kuppuswamy , linux-efi@vger.kernel.org, Brijesh Singh , kvm@vger.kernel.org, Peter Zijlstra , Dave Hansen , dri-devel@lists.freedesktop.org, platform-driver-x86@vger.kernel.org, Will Deacon , linux-s390@vger.kernel.org, Andi Kleen , Joerg Roedel , x86@kernel.org, amd-gfx@lists.freedesktop.org, Christoph Hellwig , Ingo Molnar , linux-graphics-maintainer@vmware.com, Tom Lendacky , Tianyu Lan , Andy Lutomirski , Thomas Gleixner , kexec@lists.infradead.org, linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org, linux-fsdevel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On Thu, Sep 23, 2021 at 08:21:03PM +0200, Borislav Petkov wrote: > On Thu, Sep 23, 2021 at 12:05:58AM +0300, Kirill A. Shutemov wrote: > > Unless we find other way to guarantee RIP-relative access, we must use > > fixup_pointer() to access any global variables. > > Yah, I've asked compiler folks about any guarantees we have wrt > rip-relative addresses but it doesn't look good. Worst case, we'd have > to do the fixup_pointer() thing. > > In the meantime, Tom and I did some more poking at this and here's a > diff ontop. > > The direction being that we'll stick both the AMD and Intel > *cc_platform_has() call into cc_platform.c for which instrumentation > will be disabled so no issues with that. > > And that will keep all that querying all together in a single file. And still do cc_platform_has() calls in __startup_64() codepath? It's broken. Intel detection in cc_platform_has() relies on boot_cpu_data.x86_vendor which is not initialized until early_cpu_init() in setup_arch(). Given that X86_VENDOR_INTEL is 0 it leads to false-positive. I think opencode these two calls is the way forward. Maybe also move the check from sme_encrypt_kernel() to __startup_64(). -- Kirill A. Shutemov From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-lf1-x130.google.com ([2a00:1450:4864:20::130]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mThi0-00Dv5A-29 for kexec@lists.infradead.org; Fri, 24 Sep 2021 09:41:33 +0000 Received: by mail-lf1-x130.google.com with SMTP id b15so37079516lfe.7 for ; Fri, 24 Sep 2021 02:41:31 -0700 (PDT) Date: Fri, 24 Sep 2021 12:41:32 +0300 From: "Kirill A. Shutemov" Subject: Re: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Message-ID: <20210924094132.gxyqp4z3qdk5w4j6@box.shutemov.name> References: <20210921212059.wwlytlmxoft4cdth@box.shutemov.name> <20210921213401.i2pzaotgjvn4efgg@box.shutemov.name> <00f52bf8-cbc6-3721-f40e-2f51744751b0@amd.com> <20210921215830.vqxd75r4eyau6cxy@box.shutemov.name> <01891f59-7ec3-cf62-a8fc-79f79ca76587@amd.com> <20210922143015.vvxvh6ec73lffvkf@box.shutemov.name> <20210922210558.itofvu3725dap5xx@box.shutemov.name> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Borislav Petkov Cc: Tom Lendacky , linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org, Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Will Deacon On Thu, Sep 23, 2021 at 08:21:03PM +0200, Borislav Petkov wrote: > On Thu, Sep 23, 2021 at 12:05:58AM +0300, Kirill A. Shutemov wrote: > > Unless we find other way to guarantee RIP-relative access, we must use > > fixup_pointer() to access any global variables. > > Yah, I've asked compiler folks about any guarantees we have wrt > rip-relative addresses but it doesn't look good. Worst case, we'd have > to do the fixup_pointer() thing. > > In the meantime, Tom and I did some more poking at this and here's a > diff ontop. > > The direction being that we'll stick both the AMD and Intel > *cc_platform_has() call into cc_platform.c for which instrumentation > will be disabled so no issues with that. > > And that will keep all that querying all together in a single file. And still do cc_platform_has() calls in __startup_64() codepath? It's broken. Intel detection in cc_platform_has() relies on boot_cpu_data.x86_vendor which is not initialized until early_cpu_init() in setup_arch(). Given that X86_VENDOR_INTEL is 0 it leads to false-positive. I think opencode these two calls is the way forward. Maybe also move the check from sme_encrypt_kernel() to __startup_64(). -- Kirill A. Shutemov _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec