tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'x86_urgent_for_v6.1_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 fixes from Borislav Petkov:

- ioremap: mask out the bits which are not part of the physical address
*after* the size computation is done to prevent any hypothetical
ioremap failures

- Change the MSR save/restore functionality during suspend to rely on
flags denoting that the related MSRs are actually supported vs
reading them and assuming they are (an Atom one allows reading but
not writing, thus breaking this scheme at resume time)

- prevent IV reuse in the AES-GCM communication scheme between SNP
guests and the AMD secure processor

* tag 'x86_urgent_for_v6.1_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/ioremap: Fix page aligned size calculation in __ioremap_caller()
x86/pm: Add enumeration check before spec MSRs save/restore setup
x86/tsx: Add a feature bit for TSX control MSR support
virt/sev-guest: Prevent IV reuse in the SNP guest driver

Linus Torvalds 08b06441 5afcab22

+112 -44
+3
arch/x86/include/asm/cpufeatures.h
··· 305 305 #define X86_FEATURE_USE_IBPB_FW (11*32+16) /* "" Use IBPB during runtime firmware calls */ 306 306 #define X86_FEATURE_RSB_VMEXIT_LITE (11*32+17) /* "" Fill RSB on VM exit when EIBRS is enabled */ 307 307 308 + 309 + #define X86_FEATURE_MSR_TSX_CTRL (11*32+20) /* "" MSR IA32_TSX_CTRL (Intel) implemented */ 310 + 308 311 /* Intel-defined CPU features, CPUID level 0x00000007:1 (EAX), word 12 */ 309 312 #define X86_FEATURE_AVX_VNNI (12*32+ 4) /* AVX VNNI instructions */ 310 313 #define X86_FEATURE_AVX512_BF16 (12*32+ 5) /* AVX512 BFLOAT16 instructions */
+17 -21
arch/x86/kernel/cpu/tsx.c
··· 58 58 wrmsrl(MSR_IA32_TSX_CTRL, tsx); 59 59 } 60 60 61 - static bool tsx_ctrl_is_supported(void) 62 - { 63 - u64 ia32_cap = x86_read_arch_cap_msr(); 64 - 65 - /* 66 - * TSX is controlled via MSR_IA32_TSX_CTRL. However, support for this 67 - * MSR is enumerated by ARCH_CAP_TSX_MSR bit in MSR_IA32_ARCH_CAPABILITIES. 68 - * 69 - * TSX control (aka MSR_IA32_TSX_CTRL) is only available after a 70 - * microcode update on CPUs that have their MSR_IA32_ARCH_CAPABILITIES 71 - * bit MDS_NO=1. CPUs with MDS_NO=0 are not planned to get 72 - * MSR_IA32_TSX_CTRL support even after a microcode update. Thus, 73 - * tsx= cmdline requests will do nothing on CPUs without 74 - * MSR_IA32_TSX_CTRL support. 75 - */ 76 - return !!(ia32_cap & ARCH_CAP_TSX_CTRL_MSR); 77 - } 78 - 79 61 static enum tsx_ctrl_states x86_get_tsx_auto_mode(void) 80 62 { 81 63 if (boot_cpu_has_bug(X86_BUG_TAA)) ··· 117 135 rdmsrl(MSR_TSX_FORCE_ABORT, msr); 118 136 msr |= MSR_TFA_TSX_CPUID_CLEAR; 119 137 wrmsrl(MSR_TSX_FORCE_ABORT, msr); 120 - } else if (tsx_ctrl_is_supported()) { 138 + } else if (cpu_feature_enabled(X86_FEATURE_MSR_TSX_CTRL)) { 121 139 rdmsrl(MSR_IA32_TSX_CTRL, msr); 122 140 msr |= TSX_CTRL_CPUID_CLEAR; 123 141 wrmsrl(MSR_IA32_TSX_CTRL, msr); ··· 140 158 u64 mcu_opt_ctrl; 141 159 142 160 /* Check if RTM_ALLOW exists */ 143 - if (!boot_cpu_has_bug(X86_BUG_TAA) || !tsx_ctrl_is_supported() || 161 + if (!boot_cpu_has_bug(X86_BUG_TAA) || 162 + !cpu_feature_enabled(X86_FEATURE_MSR_TSX_CTRL) || 144 163 !cpu_feature_enabled(X86_FEATURE_SRBDS_CTRL)) 145 164 return; 146 165 ··· 174 191 return; 175 192 } 176 193 177 - if (!tsx_ctrl_is_supported()) { 194 + /* 195 + * TSX is controlled via MSR_IA32_TSX_CTRL. However, support for this 196 + * MSR is enumerated by ARCH_CAP_TSX_MSR bit in MSR_IA32_ARCH_CAPABILITIES. 197 + * 198 + * TSX control (aka MSR_IA32_TSX_CTRL) is only available after a 199 + * microcode update on CPUs that have their MSR_IA32_ARCH_CAPABILITIES 200 + * bit MDS_NO=1. CPUs with MDS_NO=0 are not planned to get 201 + * MSR_IA32_TSX_CTRL support even after a microcode update. Thus, 202 + * tsx= cmdline requests will do nothing on CPUs without 203 + * MSR_IA32_TSX_CTRL support. 204 + */ 205 + if (x86_read_arch_cap_msr() & ARCH_CAP_TSX_CTRL_MSR) { 206 + setup_force_cpu_cap(X86_FEATURE_MSR_TSX_CTRL); 207 + } else { 178 208 tsx_ctrl_state = TSX_CTRL_NOT_SUPPORTED; 179 209 return; 180 210 }
+7 -1
arch/x86/mm/ioremap.c
··· 217 217 * Mappings have to be page-aligned 218 218 */ 219 219 offset = phys_addr & ~PAGE_MASK; 220 - phys_addr &= PHYSICAL_PAGE_MASK; 220 + phys_addr &= PAGE_MASK; 221 221 size = PAGE_ALIGN(last_addr+1) - phys_addr; 222 + 223 + /* 224 + * Mask out any bits not part of the actual physical 225 + * address, like memory encryption bits. 226 + */ 227 + phys_addr &= PHYSICAL_PAGE_MASK; 222 228 223 229 retval = memtype_reserve(phys_addr, (u64)phys_addr + size, 224 230 pcm, &new_pcm);
+15 -8
arch/x86/power/cpu.c
··· 513 513 514 514 static void pm_save_spec_msr(void) 515 515 { 516 - u32 spec_msr_id[] = { 517 - MSR_IA32_SPEC_CTRL, 518 - MSR_IA32_TSX_CTRL, 519 - MSR_TSX_FORCE_ABORT, 520 - MSR_IA32_MCU_OPT_CTRL, 521 - MSR_AMD64_LS_CFG, 522 - MSR_AMD64_DE_CFG, 516 + struct msr_enumeration { 517 + u32 msr_no; 518 + u32 feature; 519 + } msr_enum[] = { 520 + { MSR_IA32_SPEC_CTRL, X86_FEATURE_MSR_SPEC_CTRL }, 521 + { MSR_IA32_TSX_CTRL, X86_FEATURE_MSR_TSX_CTRL }, 522 + { MSR_TSX_FORCE_ABORT, X86_FEATURE_TSX_FORCE_ABORT }, 523 + { MSR_IA32_MCU_OPT_CTRL, X86_FEATURE_SRBDS_CTRL }, 524 + { MSR_AMD64_LS_CFG, X86_FEATURE_LS_CFG_SSBD }, 525 + { MSR_AMD64_DE_CFG, X86_FEATURE_LFENCE_RDTSC }, 523 526 }; 527 + int i; 524 528 525 - msr_build_context(spec_msr_id, ARRAY_SIZE(spec_msr_id)); 529 + for (i = 0; i < ARRAY_SIZE(msr_enum); i++) { 530 + if (boot_cpu_has(msr_enum[i].feature)) 531 + msr_build_context(&msr_enum[i].msr_no, 1); 532 + } 526 533 } 527 534 528 535 static int pm_check_save_msr(void)
+70 -14
drivers/virt/coco/sev-guest/sev-guest.c
··· 67 67 return true; 68 68 } 69 69 70 + /* 71 + * If an error is received from the host or AMD Secure Processor (ASP) there 72 + * are two options. Either retry the exact same encrypted request or discontinue 73 + * using the VMPCK. 74 + * 75 + * This is because in the current encryption scheme GHCB v2 uses AES-GCM to 76 + * encrypt the requests. The IV for this scheme is the sequence number. GCM 77 + * cannot tolerate IV reuse. 78 + * 79 + * The ASP FW v1.51 only increments the sequence numbers on a successful 80 + * guest<->ASP back and forth and only accepts messages at its exact sequence 81 + * number. 82 + * 83 + * So if the sequence number were to be reused the encryption scheme is 84 + * vulnerable. If the sequence number were incremented for a fresh IV the ASP 85 + * will reject the request. 86 + */ 70 87 static void snp_disable_vmpck(struct snp_guest_dev *snp_dev) 71 88 { 89 + dev_alert(snp_dev->dev, "Disabling vmpck_id %d to prevent IV reuse.\n", 90 + vmpck_id); 72 91 memzero_explicit(snp_dev->vmpck, VMPCK_KEY_LEN); 73 92 snp_dev->vmpck = NULL; 74 93 } ··· 340 321 if (rc) 341 322 return rc; 342 323 343 - /* Call firmware to process the request */ 324 + /* 325 + * Call firmware to process the request. In this function the encrypted 326 + * message enters shared memory with the host. So after this call the 327 + * sequence number must be incremented or the VMPCK must be deleted to 328 + * prevent reuse of the IV. 329 + */ 344 330 rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); 331 + 332 + /* 333 + * If the extended guest request fails due to having too small of a 334 + * certificate data buffer, retry the same guest request without the 335 + * extended data request in order to increment the sequence number 336 + * and thus avoid IV reuse. 337 + */ 338 + if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST && 339 + err == SNP_GUEST_REQ_INVALID_LEN) { 340 + const unsigned int certs_npages = snp_dev->input.data_npages; 341 + 342 + exit_code = SVM_VMGEXIT_GUEST_REQUEST; 343 + 344 + /* 345 + * If this call to the firmware succeeds, the sequence number can 346 + * be incremented allowing for continued use of the VMPCK. If 347 + * there is an error reflected in the return value, this value 348 + * is checked further down and the result will be the deletion 349 + * of the VMPCK and the error code being propagated back to the 350 + * user as an ioctl() return code. 351 + */ 352 + rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); 353 + 354 + /* 355 + * Override the error to inform callers the given extended 356 + * request buffer size was too small and give the caller the 357 + * required buffer size. 358 + */ 359 + err = SNP_GUEST_REQ_INVALID_LEN; 360 + snp_dev->input.data_npages = certs_npages; 361 + } 362 + 345 363 if (fw_err) 346 364 *fw_err = err; 347 365 348 - if (rc) 349 - return rc; 366 + if (rc) { 367 + dev_alert(snp_dev->dev, 368 + "Detected error from ASP request. rc: %d, fw_err: %llu\n", 369 + rc, *fw_err); 370 + goto disable_vmpck; 371 + } 350 372 351 - /* 352 - * The verify_and_dec_payload() will fail only if the hypervisor is 353 - * actively modifying the message header or corrupting the encrypted payload. 354 - * This hints that hypervisor is acting in a bad faith. Disable the VMPCK so that 355 - * the key cannot be used for any communication. The key is disabled to ensure 356 - * that AES-GCM does not use the same IV while encrypting the request payload. 357 - */ 358 373 rc = verify_and_dec_payload(snp_dev, resp_buf, resp_sz); 359 374 if (rc) { 360 375 dev_alert(snp_dev->dev, 361 - "Detected unexpected decode failure, disabling the vmpck_id %d\n", 362 - vmpck_id); 363 - snp_disable_vmpck(snp_dev); 364 - return rc; 376 + "Detected unexpected decode failure from ASP. rc: %d\n", 377 + rc); 378 + goto disable_vmpck; 365 379 } 366 380 367 381 /* Increment to new message sequence after payload decryption was successful. */ 368 382 snp_inc_msg_seqno(snp_dev); 369 383 370 384 return 0; 385 + 386 + disable_vmpck: 387 + snp_disable_vmpck(snp_dev); 388 + return rc; 371 389 } 372 390 373 391 static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)