Commit ae8d1d00 authored by Tom Lendacky's avatar Tom Lendacky Committed by Thomas Gleixner

x86/mm/sme: Disable stack protection for mem_encrypt_identity.c

Stack protection is not compatible with early boot code.  All of the early
SME boot code is now isolated in a separate file, mem_encrypt_identity.c,
so arch/x86/mm/Makefile can be updated to turn off stack protection for
the entire file.  This eliminates the need to worry about other functions
within the file being instrumented with stack protection (as was seen
when a newer version of GCC instrumented sme_encrypt_kernel() where an
older version hadn't).  It also allows removal of the __nostackprotector
attribute from individual functions.
Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
Acked-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Borislav Petkov <bp@alien8.de>
Link: https://lkml.kernel.org/r/20180226232554.14108.16881.stgit@tlendack-t1.amdoffice.net
parent 1ea4fe84
...@@ -19,6 +19,7 @@ obj-y := init.o init_$(BITS).o fault.o ioremap.o extable.o pageattr.o mmap.o \ ...@@ -19,6 +19,7 @@ obj-y := init.o init_$(BITS).o fault.o ioremap.o extable.o pageattr.o mmap.o \
nostackp := $(call cc-option, -fno-stack-protector) nostackp := $(call cc-option, -fno-stack-protector)
CFLAGS_physaddr.o := $(nostackp) CFLAGS_physaddr.o := $(nostackp)
CFLAGS_setup_nx.o := $(nostackp) CFLAGS_setup_nx.o := $(nostackp)
CFLAGS_mem_encrypt_identity.o := $(nostackp)
CFLAGS_fault.o := -I$(src)/../include/asm/trace CFLAGS_fault.o := -I$(src)/../include/asm/trace
......
...@@ -266,7 +266,7 @@ static unsigned long __init sme_pgtable_calc(unsigned long len) ...@@ -266,7 +266,7 @@ static unsigned long __init sme_pgtable_calc(unsigned long len)
return entries + tables; return entries + tables;
} }
void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp) void __init sme_encrypt_kernel(struct boot_params *bp)
{ {
unsigned long workarea_start, workarea_end, workarea_len; unsigned long workarea_start, workarea_end, workarea_len;
unsigned long execute_start, execute_end, execute_len; unsigned long execute_start, execute_end, execute_len;
...@@ -468,7 +468,7 @@ void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp) ...@@ -468,7 +468,7 @@ void __init __nostackprotector sme_encrypt_kernel(struct boot_params *bp)
native_write_cr3(__native_read_cr3()); native_write_cr3(__native_read_cr3());
} }
void __init __nostackprotector sme_enable(struct boot_params *bp) void __init sme_enable(struct boot_params *bp)
{ {
const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off; const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off;
unsigned int eax, ebx, ecx, edx; unsigned int eax, ebx, ecx, edx;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment