diff options
| author | Borislav Petkov | 2017-08-27 18:39:24 +0200 |
|---|---|---|
| committer | Thomas Gleixner | 2017-08-29 10:57:16 +0200 |
| commit | 6e0b52d406f64d2bd65731968a072387b91b44d2 (patch) | |
| tree | 619bdafe4ff21abc38a0269d5f0f94878db90289 /arch/x86/mm/pgtable.c | |
| parent | kvm/x86: Avoid clearing the C-bit in rsvd_bits() (diff) | |
| download | kernel-qcow2-linux-6e0b52d406f64d2bd65731968a072387b91b44d2.tar.gz kernel-qcow2-linux-6e0b52d406f64d2bd65731968a072387b91b44d2.tar.xz kernel-qcow2-linux-6e0b52d406f64d2bd65731968a072387b91b44d2.zip | |
x86/mm: Fix SME encryption stack ptr handling
sme_encrypt_execute() stashes the stack pointer on entry into %rbp
because it allocates a one-page stack in the non-encrypted area for the
encryption routine to use. When the latter is done, it restores it from
%rbp again, before returning.
However, it uses the FRAME_* macros partially but restores %rsp from
%rbp explicitly with a MOV. And this is fine as long as the macros
*actually* do something.
Unless, you do a !CONFIG_FRAME_POINTER build where those macros
are empty. Then, we still restore %rsp from %rbp but %rbp contains
*something* and this leads to a stack corruption. The manifestation
being a triple-fault during early boot when testing SME. Good luck to me
debugging this with the clumsy endless-loop-in-asm method and narrowing
it down gradually. :-(
So, long story short, open-code the frame macros so that there's no
monkey business and we avoid subtly breaking SME depending on the
.config.
Fixes: 6ebcb060713f ("x86/mm: Add support to encrypt the kernel in-place")
Signed-off-by: Borislav Petkov <bp@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Link: http://lkml.kernel.org/r/20170827163924.25552-1-bp@alien8.de
Diffstat (limited to 'arch/x86/mm/pgtable.c')
0 files changed, 0 insertions, 0 deletions