提交 6e0b52d4 编写于 作者: B Borislav Petkov 提交者: Thomas Gleixner

x86/mm: Fix SME encryption stack ptr handling

sme_encrypt_execute() stashes the stack pointer on entry into %rbp
because it allocates a one-page stack in the non-encrypted area for the
encryption routine to use. When the latter is done, it restores it from
%rbp again, before returning.

However, it uses the FRAME_* macros partially but restores %rsp from
%rbp explicitly with a MOV. And this is fine as long as the macros
*actually* do something.

Unless, you do a !CONFIG_FRAME_POINTER build where those macros
are empty. Then, we still restore %rsp from %rbp but %rbp contains
*something* and this leads to a stack corruption. The manifestation
being a triple-fault during early boot when testing SME. Good luck to me
debugging this with the clumsy endless-loop-in-asm method and narrowing
it down gradually. :-(

So, long story short, open-code the frame macros so that there's no
monkey business and we avoid subtly breaking SME depending on the
.config.

Fixes: 6ebcb060 ("x86/mm: Add support to encrypt the kernel in-place")
Signed-off-by: NBorislav Petkov <bp@suse.de>
Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
Acked-by: NTom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Link: http://lkml.kernel.org/r/20170827163924.25552-1-bp@alien8.de
上级 ea2800dd
...@@ -15,7 +15,6 @@ ...@@ -15,7 +15,6 @@
#include <asm/page.h> #include <asm/page.h>
#include <asm/processor-flags.h> #include <asm/processor-flags.h>
#include <asm/msr-index.h> #include <asm/msr-index.h>
#include <asm/frame.h>
.text .text
.code64 .code64
...@@ -33,7 +32,8 @@ ENTRY(sme_encrypt_execute) ...@@ -33,7 +32,8 @@ ENTRY(sme_encrypt_execute)
* R8 - physcial address of the pagetables to use for encryption * R8 - physcial address of the pagetables to use for encryption
*/ */
FRAME_BEGIN /* RBP now has original stack pointer */ push %rbp
movq %rsp, %rbp /* RBP now has original stack pointer */
/* Set up a one page stack in the non-encrypted memory area */ /* Set up a one page stack in the non-encrypted memory area */
movq %rcx, %rax /* Workarea stack page */ movq %rcx, %rax /* Workarea stack page */
...@@ -64,7 +64,7 @@ ENTRY(sme_encrypt_execute) ...@@ -64,7 +64,7 @@ ENTRY(sme_encrypt_execute)
pop %r12 pop %r12
movq %rbp, %rsp /* Restore original stack pointer */ movq %rbp, %rsp /* Restore original stack pointer */
FRAME_END pop %rbp
ret ret
ENDPROC(sme_encrypt_execute) ENDPROC(sme_encrypt_execute)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册