Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Borislav Petkov <bp@alien8.de>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Brian Gerst <brgerst@gmail.com>, X86 ML <x86@kernel.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [RFC PATCH] x86: Make sure verify_cpu has a good stack
Date: Thu, 3 Mar 2016 13:28:36 +0100	[thread overview]
Message-ID: <20160303122836.GC24621@pd.tnic> (raw)
In-Reply-To: <EFC40C33-9525-409C-B57B-A70BC5F00C1B@zytor.com>

On Wed, Mar 02, 2016 at 02:32:54PM -0800, H. Peter Anvin wrote:
> I'm trying to think of any reason why we couldn't simply have a symbol
> at the top of the initial stack? Then a simple leaq would suffice;
> this is for the BSP after all.

How about something like this:

---
From: Borislav Petkov <bp@suse.de>
Date: Sun, 28 Feb 2016 21:35:44 +0100
Subject: [PATCH -v2] x86/asm: Make sure verify_cpu() has a good stack
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

04633df0c43d ("x86/cpu: Call verify_cpu() after having entered long mode too")
added the call to verify_cpu() for sanitizing CPU configuration.

The latter uses the stack minimally and it can happen that we land in
startup_64() directly from a 64-bit bootloader. Then we want to use our
own, known good stack.

Do that.

APs don't need this as the trampoline sets up a stack for them.

Reported-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Mika Penttilä <mika.penttila@nextfour.com>
---
 arch/x86/kernel/head_64.S         | 3 +++
 include/asm-generic/vmlinux.lds.h | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
index 22fbf9df61bb..968d6408b887 100644
--- a/arch/x86/kernel/head_64.S
+++ b/arch/x86/kernel/head_64.S
@@ -64,6 +64,9 @@ startup_64:
 	 * tables and then reload them.
 	 */
 
+	/* Setup stack for verify_cpu(). */
+	leaq	(__end_init_task - 8)(%rip), %rsp
+
 	/* Sanitize CPU configuration */
 	call verify_cpu
 
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index 772c784ba763..cba2a26628fc 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -246,7 +246,9 @@
 
 #define INIT_TASK_DATA(align)						\
 	. = ALIGN(align);						\
-	*(.data..init_task)
+	VMLINUX_SYMBOL(__start_init_task) = .;				\
+	*(.data..init_task)						\
+	VMLINUX_SYMBOL(__end_init_task) = .;
 
 /*
  * Read only Data
-- 
2.3.5

-- 
Regards/Gruss,
    Boris.

ECO tip #101: Trim your mails when you reply.

next prev parent reply	other threads:[~2016-03-03 12:28 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-02 11:20 [RFC PATCH] x86: Make sure verify_cpu has a good stack Borislav Petkov
2016-03-02 15:55 ` Mika Penttilä
2016-03-02 16:15   ` Borislav Petkov
2016-03-02 16:38     ` Mika Penttilä
2016-03-02 16:55       ` Borislav Petkov
2016-03-02 17:44         ` Mika Penttilä
2016-03-02 16:22 ` Brian Gerst
2016-03-02 16:25   ` Borislav Petkov
2016-03-02 17:53     ` H. Peter Anvin
2016-03-02 18:15       ` Borislav Petkov
2016-03-02 18:25         ` H. Peter Anvin
2016-03-02 18:39         ` H. Peter Anvin
2016-03-02 19:50           ` Borislav Petkov
2016-03-02 20:46             ` Borislav Petkov
2016-03-02 21:35             ` H. Peter Anvin
2016-03-02 21:46               ` Borislav Petkov
2016-03-02 21:54                 ` H. Peter Anvin
2016-03-02 22:09                   ` Borislav Petkov
2016-03-02 22:11                     ` H. Peter Anvin
2016-03-02 22:28                       ` Borislav Petkov
2016-03-02 22:32                         ` H. Peter Anvin
2016-03-02 22:40                           ` Borislav Petkov
2016-03-03  0:13                           ` Yinghai Lu
2016-03-03  1:00                             ` Yinghai Lu
2016-03-03  2:50                               ` Yinghai Lu
2016-03-03 12:28                           ` Borislav Petkov [this message]
2016-03-03 15:26                             ` H. Peter Anvin
2016-03-03 16:29                               ` Borislav Petkov
2016-03-03 20:22                                 ` H. Peter Anvin
2016-03-03 20:54                                   ` Borislav Petkov
2016-03-03 21:22                                     ` H. Peter Anvin
2016-03-03 21:38                                       ` Borislav Petkov
2016-03-04  1:18                             ` Yinghai Lu
2016-03-04  2:25                             ` Yinghai Lu

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:22fbf9df61b dfblob:968d6408b88 dfblob:772c784ba76
dfblob:cba2a26628f )
 OR (
bs:"x86/asm: Make sure verify_cpu() has a good stack" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160303122836.GC24621@pd.tnic \
    --to=bp@alien8.de \
    --cc=brgerst@gmail.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=thomas.lendacky@amd.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox