The following commit has been merged into the x86/urgent branch of tip: Commit-ID: b57feed2cc2622ae14b2fa62f19e973e5e0a60cf Gitweb: https://git.kernel.org/tip/b57feed2cc2622ae14b2fa62f19e973e5e0a60cf Author: Michael Roth <michael.roth@xxxxxxx> AuthorDate: Tue, 05 Jul 2022 21:53:15 -05:00 Committer: Borislav Petkov <bp@xxxxxxx> CommitterDate: Wed, 06 Jul 2022 11:23:39 +02:00 x86/compressed/64: Add identity mappings for setup_data entries The decompressed kernel initially relies on the identity map set up by the boot/compressed kernel for accessing things like boot_params. With the recent introduction of SEV-SNP support, the decompressed kernel also needs to access the setup_data entries pointed to by boot_params->hdr.setup_data. This can lead to a crash in the kexec kernel during early boot due to these entries not currently being included in the initial identity map, see thread at Link below. Include mappings for the setup_data entries in the initial identity map. [ bp: Massage commit message and use a helper var for better readability. ] Fixes: b190a043c49a ("x86/sev: Add SEV-SNP feature detection/setup") Reported-by: Jun'ichi Nomura <junichi.nomura@xxxxxxx> Signed-off-by: Michael Roth <michael.roth@xxxxxxx> Signed-off-by: Borislav Petkov <bp@xxxxxxx> Link: https://lore.kernel.org/r/TYCPR01MB694815CD815E98945F63C99183B49@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx --- arch/x86/boot/compressed/ident_map_64.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c index 44c350d..d4a314c 100644 --- a/arch/x86/boot/compressed/ident_map_64.c +++ b/arch/x86/boot/compressed/ident_map_64.c @@ -110,6 +110,7 @@ void kernel_add_identity_map(unsigned long start, unsigned long end) void initialize_identity_maps(void *rmode) { unsigned long cmdline; + struct setup_data *sd; /* Exclude the encryption mask from __PHYSICAL_MASK */ physical_mask &= ~sme_me_mask; @@ -163,6 +164,18 @@ void initialize_identity_maps(void *rmode) cmdline = get_cmd_line_ptr(); kernel_add_identity_map(cmdline, cmdline + COMMAND_LINE_SIZE); + /* + * Also map the setup_data entries passed via boot_params in case they + * need to be accessed by uncompressed kernel via the identity mapping. + */ + sd = (struct setup_data *)boot_params->hdr.setup_data; + while (sd) { + unsigned long sd_addr = (unsigned long)sd; + + kernel_add_identity_map(sd_addr, sd_addr + sizeof(*sd) + sd->len); + sd = (struct setup_data *)sd->next; + } + sev_prep_identity_maps(top_level_pgt); /* Load the new page-table. */