On Mon, Apr 08, 2024 at 03:25:33PM +0200, Ard Biesheuvel wrote: > On Mon, 8 Apr 2024 at 13:56, <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > This is a note to let you know that I've just added the patch titled > > > > x86/boot: Move mem_encrypt= parsing to the decompressor > > > > to the 6.6-stable tree which can be found at: > > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary > > > > The filename of the patch is: > > x86-boot-move-mem_encrypt-parsing-to-the-decompressor.patch > > and it can be found in the queue-6.6 subdirectory. > > > > If you, or anyone else, feels it should not be added to the stable tree, > > please let <stable@xxxxxxxxxxxxxxx> know about it. > > > > > > From cd0d9d92c8bb46e77de62efd7df13069ddd61e7d Mon Sep 17 00:00:00 2001 > > From: Ard Biesheuvel <ardb@xxxxxxxxxx> > > Date: Tue, 27 Feb 2024 16:19:14 +0100 > > Subject: x86/boot: Move mem_encrypt= parsing to the decompressor > > > > From: Ard Biesheuvel <ardb@xxxxxxxxxx> > > > > commit cd0d9d92c8bb46e77de62efd7df13069ddd61e7d upstream. > > > > The early SME/SEV code parses the command line very early, in order to > > decide whether or not memory encryption should be enabled, which needs > > to occur even before the initial page tables are created. > > > > This is problematic for a number of reasons: > > - this early code runs from the 1:1 mapping provided by the decompressor > > or firmware, which uses a different translation than the one assumed by > > the linker, and so the code needs to be built in a special way; > > - parsing external input while the entire kernel image is still mapped > > writable is a bad idea in general, and really does not belong in > > security minded code; > > - the current code ignores the built-in command line entirely (although > > this appears to be the case for the entire decompressor) > > > > Given that the decompressor/EFI stub is an intrinsic part of the x86 > > bootable kernel image, move the command line parsing there and out of > > the core kernel. This removes the need to build lib/cmdline.o in a > > special way, or to use RIP-relative LEA instructions in inline asm > > blocks. > > > > This involves a new xloadflag in the setup header to indicate > > that mem_encrypt=on appeared on the kernel command line. > > > > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > > Signed-off-by: Borislav Petkov (AMD) <bp@xxxxxxxxx> > > Tested-by: Tom Lendacky <thomas.lendacky@xxxxxxx> > > Link: https://lore.kernel.org/r/20240227151907.387873-17-ardb+git@xxxxxxxxxx > > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > > --- > > arch/x86/boot/compressed/misc.c | 15 +++++++++++++++ > > arch/x86/include/uapi/asm/bootparam.h | 1 + > > arch/x86/lib/Makefile | 13 ------------- > > arch/x86/mm/mem_encrypt_identity.c | 32 +++----------------------------- > > drivers/firmware/efi/libstub/x86-stub.c | 3 +++ > > 5 files changed, 22 insertions(+), 42 deletions(-) > > > > --- a/arch/x86/boot/compressed/misc.c > > +++ b/arch/x86/boot/compressed/misc.c > > @@ -358,6 +358,19 @@ unsigned long decompress_kernel(unsigned > > } > > > > /* > > + * Set the memory encryption xloadflag based on the mem_encrypt= command line > > + * parameter, if provided. > > + */ > > +static void parse_mem_encrypt(struct setup_header *hdr) > > +{ > > + int on = cmdline_find_option_bool("mem_encrypt=on"); > > + int off = cmdline_find_option_bool("mem_encrypt=off"); > > + > > + if (on > off) > > + hdr->xloadflags |= XLF_MEM_ENCRYPTION; > > +} > > + > > +/* > > * The compressed kernel image (ZO), has been moved so that its position > > * is against the end of the buffer used to hold the uncompressed kernel > > * image (VO) and the execution environment (.bss, .brk), which makes sure > > @@ -387,6 +400,8 @@ asmlinkage __visible void *extract_kerne > > /* Clear flags intended for solely in-kernel use. */ > > boot_params->hdr.loadflags &= ~KASLR_FLAG; > > > > + parse_mem_encrypt(&boot_params_ptr->hdr); > > + > > s/boot_params_ptr/boot_params > Thanks for this, now fixed up and added properly. greg k-h
