Re: [PATCH v2 0/2] x86/sev-es: Resolve early #VC handler UB

From: Ingo Molnar
Date: Thu Sep 28 2023 - 16:52:06 EST

Next message: Ingo Molnar: "Re: [RESEND PATCH 2/2] locking/x86: Wire up sync_try_cmpxchg"
Previous message: Rob Herring: "Re: [PATCH] dt-bindings: remoteproc: mtk,scp: Add missing additionalProperties on child node schemas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Adam Dunlap <acdunlap@xxxxxxxxxx> wrote:

> In v0 of this patch, I mistakenly claimed that
> boot_cpu_data.x86_virt_bits was not getting set to 0 in some
> configurations. However, it is in fact reliably being set to 0 because
> it is specified to be in the .data..read_mostly section, and .data is
> initialized at this point. The boot failures that we were seeing were
> actually due to the gcc 12.3 compiler exploiting the undefined
> behavior to return false from __is_canonical_address when
> boot_cpu_data.x86_virt_bits is 0.
>
> This patch set applies the 2 changes posted by Dave Hansen: remove the
> UB by explicily checking for 0, and remove the period of time where
> x86_virt_bits may be temporarily set to the wrong value where the #VC
> handler could observe it.
>
>
> Adam Dunlap (2):
> x86/sev-es: Allow copy_from_kernel_nofault in earlier boot
> x86/sev-es: Only set x86_virt_bits to correct value

I've applied these fixes to tip:x86/mm, thanks!

Note that I switched around the order of patches: we first want
to enhance x86_virt_bits to be reliable, only then do we want to
change copy_from_kernel_nofault_allowed() to be able to rely on it,
to fix early #VC accesses, right?

I also improved the changelogs & titles a bit.

Thanks,

Ingo

Next message: Ingo Molnar: "Re: [RESEND PATCH 2/2] locking/x86: Wire up sync_try_cmpxchg"
Previous message: Rob Herring: "Re: [PATCH] dt-bindings: remoteproc: mtk,scp: Add missing additionalProperties on child node schemas"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]