From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
Michael Roth <michael.roth@amd.com>
Subject: [PATCH v2 14/16] x86/compressed: move startup32_check_sev_cbit() out of head_64.S
Date: Wed, 21 Sep 2022 16:54:20 +0200 [thread overview]
Message-ID: <20220921145422.437618-15-ardb@kernel.org> (raw)
In-Reply-To: <20220921145422.437618-1-ardb@kernel.org>
Now that the startup32_check_sev_cbit() routine can execute from
anywhere and behaves like an ordinary function, we no longer need to
keep it in head_64.S.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
arch/x86/boot/compressed/head_64.S | 71 --------------------
arch/x86/boot/compressed/mem_encrypt.S | 68 +++++++++++++++++++
2 files changed, 68 insertions(+), 71 deletions(-)
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 639f688e4949..232cd3fa3e84 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -710,77 +710,6 @@ SYM_DATA_START(boot_idt)
.endr
SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end)
-/*
- * Check for the correct C-bit position when the startup_32 boot-path is used.
- *
- * The check makes use of the fact that all memory is encrypted when paging is
- * disabled. The function creates 64 bits of random data using the RDRAND
- * instruction. RDRAND is mandatory for SEV guests, so always available. If the
- * hypervisor violates that the kernel will crash right here.
- *
- * The 64 bits of random data are stored to a memory location and at the same
- * time kept in the %eax and %ebx registers. Since encryption is always active
- * when paging is off the random data will be stored encrypted in main memory.
- *
- * Then paging is enabled. When the C-bit position is correct all memory is
- * still mapped encrypted and comparing the register values with memory will
- * succeed. An incorrect C-bit position will map all memory unencrypted, so that
- * the compare will use the encrypted random data and fail.
- */
-#ifdef CONFIG_AMD_MEM_ENCRYPT
- .text
-SYM_FUNC_START(startup32_check_sev_cbit)
- pushl %ebx
- pushl %ebp
-
- call 0f
-0: popl %ebp
-
- /* Check for non-zero sev_status */
- movl (sev_status - 0b)(%ebp), %eax
- testl %eax, %eax
- jz 4f
-
- /*
- * Get two 32-bit random values - Don't bail out if RDRAND fails
- * because it is better to prevent forward progress if no random value
- * can be gathered.
- */
-1: rdrand %eax
- jnc 1b
-2: rdrand %ebx
- jnc 2b
-
- /* Store to memory and keep it in the registers */
- leal (sev_check_data - 0b)(%ebp), %ebp
- movl %eax, 0(%ebp)
- movl %ebx, 4(%ebp)
-
- /* Enable paging to see if encryption is active */
- movl %cr0, %edx /* Backup %cr0 in %edx */
- movl $(X86_CR0_PG | X86_CR0_PE), %ecx /* Enable Paging and Protected mode */
- movl %ecx, %cr0
-
- cmpl %eax, 0(%ebp)
- jne 3f
- cmpl %ebx, 4(%ebp)
- jne 3f
-
- movl %edx, %cr0 /* Restore previous %cr0 */
-
- jmp 4f
-
-3: /* Check failed - hlt the machine */
- hlt
- jmp 3b
-
-4:
- popl %ebp
- popl %ebx
- RET
-SYM_FUNC_END(startup32_check_sev_cbit)
-#endif
-
/*
* Stack and heap for uncompression
*/
diff --git a/arch/x86/boot/compressed/mem_encrypt.S b/arch/x86/boot/compressed/mem_encrypt.S
index 6747e5e4c696..14cf04a1ed09 100644
--- a/arch/x86/boot/compressed/mem_encrypt.S
+++ b/arch/x86/boot/compressed/mem_encrypt.S
@@ -243,6 +243,74 @@ SYM_FUNC_START(startup32_load_idt)
RET
SYM_FUNC_END(startup32_load_idt)
+/*
+ * Check for the correct C-bit position when the startup_32 boot-path is used.
+ *
+ * The check makes use of the fact that all memory is encrypted when paging is
+ * disabled. The function creates 64 bits of random data using the RDRAND
+ * instruction. RDRAND is mandatory for SEV guests, so always available. If the
+ * hypervisor violates that the kernel will crash right here.
+ *
+ * The 64 bits of random data are stored to a memory location and at the same
+ * time kept in the %eax and %ebx registers. Since encryption is always active
+ * when paging is off the random data will be stored encrypted in main memory.
+ *
+ * Then paging is enabled. When the C-bit position is correct all memory is
+ * still mapped encrypted and comparing the register values with memory will
+ * succeed. An incorrect C-bit position will map all memory unencrypted, so that
+ * the compare will use the encrypted random data and fail.
+ */
+SYM_FUNC_START(startup32_check_sev_cbit)
+ pushl %ebx
+ pushl %ebp
+
+ call 0f
+0: popl %ebp
+
+ /* Check for non-zero sev_status */
+ movl (sev_status - 0b)(%ebp), %eax
+ testl %eax, %eax
+ jz 4f
+
+ /*
+ * Get two 32-bit random values - Don't bail out if RDRAND fails
+ * because it is better to prevent forward progress if no random value
+ * can be gathered.
+ */
+1: rdrand %eax
+ jnc 1b
+2: rdrand %ebx
+ jnc 2b
+
+ /* Store to memory and keep it in the registers */
+ leal (sev_check_data - 0b)(%ebp), %ebp
+ movl %eax, 0(%ebp)
+ movl %ebx, 4(%ebp)
+
+ /* Enable paging to see if encryption is active */
+ movl %cr0, %edx /* Backup %cr0 in %edx */
+ movl $(X86_CR0_PG | X86_CR0_PE), %ecx /* Enable Paging and Protected mode */
+ movl %ecx, %cr0
+
+ cmpl %eax, 0(%ebp)
+ jne 3f
+ cmpl %ebx, 4(%ebp)
+ jne 3f
+
+ movl %edx, %cr0 /* Restore previous %cr0 */
+
+ jmp 4f
+
+3: /* Check failed - hlt the machine */
+ hlt
+ jmp 3b
+
+4:
+ popl %ebp
+ popl %ebx
+ RET
+SYM_FUNC_END(startup32_check_sev_cbit)
+
.code64
#include "../../kernel/sev_verify_cbit.S"
--
2.35.1
next prev parent reply other threads:[~2022-09-21 14:56 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-21 14:54 [PATCH v2 00/16] x86: head_64.S spring cleaning Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 01/16] x86/compressed: efi-mixed: rename efi_thunk_64.S to efi-mixed.S Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 02/16] x86/compressed: efi-mixed: move 32-bit entrypoint code into .text section Ard Biesheuvel
2022-10-06 10:42 ` Borislav Petkov
2022-10-06 10:56 ` Ard Biesheuvel
2022-10-06 11:13 ` Borislav Petkov
2022-10-06 11:19 ` Ard Biesheuvel
2022-10-06 12:27 ` Ard Biesheuvel
2022-10-07 8:56 ` Borislav Petkov
2022-09-21 14:54 ` [PATCH v2 03/16] x86/compressed: efi-mixed: move bootargs parsing out of 32-bit startup code Ard Biesheuvel
2022-10-06 11:03 ` Borislav Petkov
2022-10-06 11:29 ` Ard Biesheuvel
2022-10-07 9:30 ` Borislav Petkov
2022-09-21 14:54 ` [PATCH v2 04/16] x86/compressed: efi-mixed: move efi32_pe_entry into .text section Ard Biesheuvel
2022-11-17 15:57 ` Borislav Petkov
2022-11-17 16:06 ` Ard Biesheuvel
2022-11-17 17:08 ` Borislav Petkov
2022-09-21 14:54 ` [PATCH v2 05/16] x86/compressed: efi-mixed: move efi32_entry out of head_64.S Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 06/16] x86/compressed: efi-mixed: move efi32_pe_entry() " Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 07/16] x86/compressed: efi: merge multiple definitions of image_offset into one Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 08/16] x86/compressed: efi-mixed: simplify IDT/GDT preserve/restore Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 09/16] x86/compressed: avoid touching ECX in startup32_set_idt_entry() Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 10/16] x86/compressed: pull global variable ref up into startup32_load_idt() Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 11/16] x86/compressed: move startup32_load_idt() into .text section Ard Biesheuvel
2022-11-18 16:44 ` Borislav Petkov
2022-09-21 14:54 ` [PATCH v2 12/16] x86/compressed: move startup32_load_idt() out of head_64.S Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 13/16] x86/compressed: move startup32_check_sev_cbit() into .text Ard Biesheuvel
2022-09-21 14:54 ` Ard Biesheuvel [this message]
2022-09-21 14:54 ` [PATCH v2 15/16] x86/compressed: adhere to calling convention in get_sev_encryption_bit() Ard Biesheuvel
2022-09-21 14:54 ` [PATCH v2 16/16] x86/compressed: only build mem_encrypt.S if AMD_MEM_ENCRYPT=y Ard Biesheuvel
2022-11-18 18:26 ` [PATCH v2 00/16] x86: head_64.S spring cleaning Borislav Petkov
2022-11-18 23:31 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220921145422.437618-15-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.