• Borislav Petkov's avatar
    x86/mm: Fix SME encryption stack ptr handling · 6e0b52d4
    Borislav Petkov authored
    sme_encrypt_execute() stashes the stack pointer on entry into %rbp
    because it allocates a one-page stack in the non-encrypted area for the
    encryption routine to use. When the latter is done, it restores it from
    %rbp again, before returning.
    
    However, it uses the FRAME_* macros partially but restores %rsp from
    %rbp explicitly with a MOV. And this is fine as long as the macros
    *actually* do something.
    
    Unless, you do a !CONFIG_FRAME_POINTER build where those macros
    are empty. Then, we still restore %rsp from %rbp but %rbp contains
    *something* and this leads to a stack corruption. The manifestation
    being a triple-fault during early boot when testing SME. Good luck to me
    debugging this with the clumsy endless-loop-in-asm method and narrowing
    it down gradually. :-(
    
    So, long story short, open-code the frame macros so that there's no
    monkey business and we avoid subtly breaking SME depending on the
    .config.
    
    Fixes: 6ebcb060 ("x86/mm: Add support to encrypt the kernel in-place")
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Acked-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Cc: Brijesh Singh <brijesh.singh@amd.com>
    Link: http://lkml.kernel.org/r/20170827163924.25552-1-bp@alien8.de
    6e0b52d4
mem_encrypt_boot.S 4.4 KB