AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
46dcf66d6e
kernel_optimize_test/arch
History
Tom Lendacky dded8d76a7 x86/sme: Explicitly map new EFI memmap table as encrypted 
commit 1ff2fc02862d52e18fd3daabcfe840ec27e920a8 upstream.

Reserving memory using efi_mem_reserve() calls into the x86
efi_arch_mem_reserve() function. This function will insert a new EFI
memory descriptor into the EFI memory map representing the area of
memory to be reserved and marking it as EFI runtime memory. As part
of adding this new entry, a new EFI memory map is allocated and mapped.
The mapping is where a problem can occur. This new memory map is mapped
using early_memremap() and generally mapped encrypted, unless the new
memory for the mapping happens to come from an area of memory that is
marked as EFI_BOOT_SERVICES_DATA memory. In this case, the new memory will
be mapped unencrypted. However, during replacement of the old memory map,
efi_mem_type() is disabled, so the new memory map will now be long-term
mapped encrypted (in efi.memmap), resulting in the map containing invalid
data and causing the kernel boot to crash.

Since it is known that the area will be mapped encrypted going forward,
explicitly map the new memory map as encrypted using early_memremap_prot().

Cc: <stable@vger.kernel.org> # 4.14.x
Fixes: 8f716c9b5f ("x86/mm: Add support to access boot related data in the clear")
Link: https://lore.kernel.org/all/ebf1eb2940405438a09d51d121ec0d02c8755558.1634752931.git.thomas.lendacky@amd.com/
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
[ardb: incorporate Kconfig fix by Arnd]
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-12-14 11:32:35 +01:00
..
alpha alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile 2021-09-30 10:11:07 +02:00
arc ARC: export clear_user_page() for modules 2021-09-22 12:28:04 +02:00
arm ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE 2021-12-01 09:19:03 +01:00
arm64 arm64: ftrace: add missing BTIs 2021-12-08 09:03:24 +01:00
c6x
csky csky: Fixup regs.sr broken in ptrace 2021-10-20 11:44:58 +02:00
h8300
hexagon hexagon: clean up timer-regs.h 2021-11-26 10:39:19 +01:00
ia64 ia64: don't do IA64_CMPXCHG_DEBUG without CONFIG_PRINTK 2021-11-18 14:03:55 +01:00
m68k m68k: set a default value for MEMORY_RESERVE 2021-11-18 14:04:24 +01:00
microblaze
mips MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 2021-12-01 09:19:07 +01:00
nds32
nios2 nios2: Make NIOS2_DTB_SOURCE_BOOL depend on !COMPILE_TEST 2021-11-02 19:48:23 +01:00
openrisc openrisc: fix SMP tlb flush NULL pointer dereference 2021-11-18 14:04:25 +01:00
parisc parisc: Mark cr16 CPU clocksource unstable on all SMP machines 2021-12-08 09:03:29 +01:00
powerpc powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" 2021-12-08 09:03:18 +01:00
riscv riscv: Fix asan-stack clang build 2021-11-02 19:48:25 +01:00
s390 s390/pci: move pseudo-MMIO to prevent MIO overlap 2021-12-08 09:03:21 +01:00
sh sh: define __BIG_ENDIAN for math-emu 2021-11-26 10:39:12 +01:00
sparc sparc64: fix pci_iounmap() when CONFIG_PCI is not set 2021-10-09 14:40:56 +02:00
um um: virtio_uml: fix memory leak on init failures 2021-09-26 14:08:57 +02:00
x86 x86/sme: Explicitly map new EFI memmap table as encrypted 2021-12-14 11:32:35 +01:00
xtensa xtensa: xtfpga: Try software restart before simulating CPU reset 2021-10-27 09:56:47 +02:00
.gitignore
Kconfig arch/cc: Introduce a function to check for confidential computing features 2021-11-18 14:04:32 +01:00