On Mon, 2023-03-27 at 19:47 +0200, Borislav Petkov wrote: > > Making sure that the stack protector is either disabled or properly > > set up, and disabling any instrumentation/profiling/debug crap that > > isn't initialized yet. > > Lemme dump brain of what Tom and I were talking about today so that it > is documented somewhere. > > * re: stack protector: I was thinking to mark this function > >  __attribute__((no_stack_protector)) > > but gcc added the function attribute way later: > > ~/src/gcc/gcc.git> git tag --contains 346b302d09c1e6db56d9fe69048acb32fbb97845 > basepoints/gcc-12 > basepoints/gcc-13 > releases/gcc-11.1.0 > releases/gcc-11.2.0 > releases/gcc-11.3.0 > releases/gcc-12.1.0 > releases/gcc-12.2.0 > > which means, that function would have to live somewhere in a file which > has stack protector disabled. One possible place would be > arch/x86/mm/mem_encrypt_identity.c which is kinda related. Shouldn't the rest of head64.c have the stack protector disabled, for similar reasons? > * re: stack: in order to be able to call a C function that early, we'd > have to put the VA of the initial stack back into %rsp as we switch > pagetables a bit earlier in there (thx Tom). Hm, don't you have a stack at the point you added that call? I thought you did? It doesn't have to be *the* stack for the AP in question. Just "a" stack. And you have the lock on the real-mode one that you're using. > So by then, doing all that cargo-cult just in order to not have a bunch > of lines in asm doesn't sound all that great anymore. > > * The __head per-function attribute is easily solved by lifting the > __head define into a common header. > > So meh, dunno. I guess we can do the asm thing for now, until a cleaner > solution without too many warts presents itself. Hm, doesn't most of that just go away (or at least become "Already Broken; Someone Else's Problem™") if you just concede to put your new C function into head64.c along with a whole bunch of other existing CONFIG_AMD_MEM_ENCRYPT support? (We still have to fix it if it's Someone Else's Problem, of course. It's just that you don't have to count that complexity towards your own part.)