leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

x86/sev-es: Check required CPU features for SEV-ES

Browse Source 
Make sure the machine supports RDRAND, otherwise there is no trusted
source of randomness in the system.

To also check this in the pre-decompression stage, make has_cpuflag()
not depend on CONFIG_RANDOMIZE_BASE anymore.

Signed-off-by: Martin Radev <martin.b.radev@gmail.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/20200907131613.12703-73-joro@8bytes.org
This commit is contained in:
Martin Radev 2020-09-07 15:16:13 +02:00 committed by Borislav Petkov
parent 39336f4ffb
commit f5ed777586
5 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
arch/x86/boot/compressed/cpuflags.c
View File

@ -1,6 +1,4 @@
// SPDX-License-Identifier: GPL-2.0 // SPDX-License-Identifier: GPL-2.0
#ifdef CONFIG_RANDOMIZE_BASE
#include "../cpuflags.c" #include "../cpuflags.c"
bool has_cpuflag(int flag) bool has_cpuflag(int flag)
@ -9,5 +7,3 @@ bool has_cpuflag(int flag)
return test_bit(flag, cpu.flags); return test_bit(flag, cpu.flags);
} }
#endif

5
arch/x86/boot/compressed/misc.h
View File

@ -85,8 +85,6 @@ void choose_random_location(unsigned long input,
unsigned long *output, unsigned long *output,
unsigned long output_size, unsigned long output_size,
unsigned long *virt_addr); unsigned long *virt_addr);
/* cpuflags.c */
bool has_cpuflag(int flag);
#else #else
static inline void choose_random_location(unsigned long input, static inline void choose_random_location(unsigned long input,
unsigned long input_size, unsigned long input_size,
@ -97,6 +95,9 @@ static inline void choose_random_location(unsigned long input,
} }
#endif #endif
/* cpuflags.c */
bool has_cpuflag(int flag);
#ifdef CONFIG_X86_64 #ifdef CONFIG_X86_64
extern int set_page_decrypted(unsigned long address); extern int set_page_decrypted(unsigned long address);
extern int set_page_encrypted(unsigned long address); extern int set_page_encrypted(unsigned long address);

3
arch/x86/boot/compressed/sev-es.c
View File

@ -145,6 +145,9 @@ void sev_es_shutdown_ghcb(void)
if (!boot_ghcb) if (!boot_ghcb)
return; return;
if (!sev_es_check_cpu_features())
error("SEV-ES CPU Features missing.");
/* /*
* GHCB Page must be flushed from the cache and mapped encrypted again. * GHCB Page must be flushed from the cache and mapped encrypted again.
* Otherwise the running kernel will see strange cache effects when * Otherwise the running kernel will see strange cache effects when

15
arch/x86/kernel/sev-es-shared.c
View File

@ -9,6 +9,21 @@
* and is included directly into both code-bases. * and is included directly into both code-bases.
*/ */
#ifndef __BOOT_COMPRESSED
#define error(v) pr_err(v)
#define has_cpuflag(f) boot_cpu_has(f)
#endif
static bool __init sev_es_check_cpu_features(void)
{
if (!has_cpuflag(X86_FEATURE_RDRAND)) {
error("RDRAND instruction not supported - no trusted source of randomness available\n");
return false;
}
return true;
}
static void sev_es_terminate(unsigned int reason) static void sev_es_terminate(unsigned int reason)
{ {
u64 val = GHCB_SEV_TERMINATE; u64 val = GHCB_SEV_TERMINATE;

3
arch/x86/kernel/sev-es.c
View File

@ -665,6 +665,9 @@ void __init sev_es_init_vc_handling(void)
if (!sev_es_active()) if (!sev_es_active())
return; return;
if (!sev_es_check_cpu_features())
panic("SEV-ES CPU Features missing");
/* Enable SEV-ES special handling */ /* Enable SEV-ES special handling */
static_branch_enable(&sev_es_enable_key); static_branch_enable(&sev_es_enable_key);