- Set up the kernel CS earlier in the boot process in case EFI boots the
kernel after bypassing the decompressor and the CS descriptor used ends up being the EFI one which is not mapped in the identity page table, leading to early SEV/SNP guest communication exceptions resulting in the guest crashing -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmSFqi8ACgkQEsHwGGHe VUoJWhAAqSYKHVMuOebeCiS4mF7gKIdwE5UwxF5vVWa7nwOLxRUygdFTweyjqV2n bKoGGNwEquYxhKUoRjrBr+dxZXx6qapDS8oGUL9Ndus93Zs/zIe6KF23EJbkZKoy 4uh37D0G2lgA+E3Ke/hX5ac94AYtcTd8cfSw63GIs10vt/bsupdhreSY3e2Z8zcQ e2OngvL/PUX06g4/wXYsAlQszRwyPwJO++y82OdqisJXJLV65fxui7YRS8g4Koh2 DjKHmQyuFTN3D40C7F7vlH0iq9+kAhDpMaG6lL2/QaWGQSAA4sw9qArxy9JTDATw 0Dk+L4iHimPFopke1z6rPG13TRhtLt0cWGCp1/cKQA6w6/eBvpOdpkxUeL7kF8UP yZMh3XeBRWIOewfXeN+sjhsetVHSK3dMRPppN/pry0bgTUWbGBo7nnl3QgrdYyrk l+BigY0JTOBRzkk3ECqCcR88jYcI1jNm/iaqCuPwqhkpanElKryD268cu4FINz60 UFDlrKiEVmQhMrf6MJji3eJec6CezjDtTfuboPPLyUxz/At/5khcxEtAalmieYpy WZmj2hlG9Mzdfv5TA3JX5BvOt7ODicf7wtxJ3W3qxz2iUMJ3uCO0fSn1b9sJz0L7 LwRZ7uskHz5J122AQhEEDq0T6n0rY4GBdZhzONN64wXttSGJTqY= =yaY/ -----END PGP SIGNATURE----- Merge tag 'x86_urgent_for_v6.4_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull x86 fix from Borislav Petkov: - Set up the kernel CS earlier in the boot process in case EFI boots the kernel after bypassing the decompressor and the CS descriptor used ends up being the EFI one which is not mapped in the identity page table, leading to early SEV/SNP guest communication exceptions resulting in the guest crashing * tag 'x86_urgent_for_v6.4_rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed
This commit is contained in:
commit
4c605260bc
@ -77,6 +77,15 @@ SYM_CODE_START_NOALIGN(startup_64)
|
|||||||
call startup_64_setup_env
|
call startup_64_setup_env
|
||||||
popq %rsi
|
popq %rsi
|
||||||
|
|
||||||
|
/* Now switch to __KERNEL_CS so IRET works reliably */
|
||||||
|
pushq $__KERNEL_CS
|
||||||
|
leaq .Lon_kernel_cs(%rip), %rax
|
||||||
|
pushq %rax
|
||||||
|
lretq
|
||||||
|
|
||||||
|
.Lon_kernel_cs:
|
||||||
|
UNWIND_HINT_END_OF_STACK
|
||||||
|
|
||||||
#ifdef CONFIG_AMD_MEM_ENCRYPT
|
#ifdef CONFIG_AMD_MEM_ENCRYPT
|
||||||
/*
|
/*
|
||||||
* Activate SEV/SME memory encryption if supported/enabled. This needs to
|
* Activate SEV/SME memory encryption if supported/enabled. This needs to
|
||||||
@ -90,15 +99,6 @@ SYM_CODE_START_NOALIGN(startup_64)
|
|||||||
popq %rsi
|
popq %rsi
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Now switch to __KERNEL_CS so IRET works reliably */
|
|
||||||
pushq $__KERNEL_CS
|
|
||||||
leaq .Lon_kernel_cs(%rip), %rax
|
|
||||||
pushq %rax
|
|
||||||
lretq
|
|
||||||
|
|
||||||
.Lon_kernel_cs:
|
|
||||||
UNWIND_HINT_END_OF_STACK
|
|
||||||
|
|
||||||
/* Sanitize CPU configuration */
|
/* Sanitize CPU configuration */
|
||||||
call verify_cpu
|
call verify_cpu
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user