korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 08:14:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
77a512e35d
linux/arch/x86/boot
History
Sean Christopherson 77a512e35d x86/boot: Avoid #VE during boot for TDX platforms 
There are a few MSRs and control register bits that the kernel
normally needs to modify during boot. But, TDX disallows
modification of these registers to help provide consistent security
guarantees. Fortunately, TDX ensures that these are all in the correct
state before the kernel loads, which means the kernel does not need to
modify them.

The conditions to avoid are:

 * Any writes to the EFER MSR
 * Clearing CR4.MCE

This theoretically makes the guest boot more fragile. If, for instance,
EFER was set up incorrectly and a WRMSR was performed, it will trigger
early exception panic or a triple fault, if it's before early
exceptions are set up. However, this is likely to trip up the guest
BIOS long before control reaches the kernel. In any case, these kinds
of problems are unlikely to occur in production environments, and
developers have good debug tools to fix them quickly.

Change the common boot code to work on TDX and non-TDX systems.
This should have no functional effect on non-TDX systems.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Reviewed-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20220405232939.73860-24-kirill.shutemov@linux.intel.com
2022-04-07 08:27:53 -07:00
..
compressed x86/boot: Avoid #VE during boot for TDX platforms 2022-04-07 08:27:53 -07:00
tools x86/build: Declutter the build output 2020-08-20 08:17:40 +02:00
.gitignore x86/boot: Modernize genimage script; hdimage+EFI support 2021-05-10 12:27:50 +02:00
a20.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
apm.c x86/boot: Fix comment spelling 2020-03-17 20:52:52 +01:00
bioscall.S treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 83 2019-05-24 17:37:52 +02:00
bitops.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
boot.h x86/boot: Port I/O: Allow to hook up alternative helpers 2022-04-07 08:27:52 -07:00
cmdline.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
copy.S x86/asm: Do not annotate functions with GLOBAL 2019-10-18 11:25:58 +02:00
cpu.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
cpucheck.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
cpuflags.c x86/tdx: Detect TDX at early kernel decompression time 2022-04-07 08:27:51 -07:00
cpuflags.h x86/tdx: Detect TDX at early kernel decompression time 2022-04-07 08:27:51 -07:00
ctype.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
early_serial_console.c x86: Clean up 'sizeof x' => 'sizeof(x)' 2018-10-29 07:13:28 +01:00
edd.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
genimage.sh x86/boot: Fix make hdimage with older versions of mtools 2021-09-29 11:06:47 +02:00
header.S x86: Bump ZO_z_extra_bytes margin for zstd 2020-07-31 11:49:08 +02:00
install.sh
io.h x86/boot: Port I/O: Allow to hook up alternative helpers 2022-04-07 08:27:52 -07:00
main.c x86/boot: Port I/O: Allow to hook up alternative helpers 2022-04-07 08:27:52 -07:00
Makefile x86/build: Move the install rule to arch/x86/Makefile 2021-08-25 11:57:38 +02:00
memory.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
mkcpustr.c x86/cpu: Print VMX flags in /proc/cpuinfo using VMX_FEATURES_* 2020-01-13 18:36:02 +01:00
mtools.conf.in x86/boot: Fix make hdimage with older versions of mtools 2021-09-29 11:06:47 +02:00
pm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
pmjump.S x86/asm: Do not annotate functions with GLOBAL 2019-10-18 11:25:58 +02:00
printf.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
regs.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 83 2019-05-24 17:37:52 +02:00
setup.ld x86/boot: Add .text.* to setup.ld 2020-08-14 12:52:35 +02:00
string.c x86/boot: Add kstrtoul() from lib/ 2020-05-04 15:19:07 +02:00
string.h x86/boot/string: Add missing function prototypes 2021-12-10 19:49:06 +01:00
tty.c treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00
version.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
vesa.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 48 2019-05-24 17:27:13 +02:00
video-bios.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
video-mode.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
video-vesa.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
video-vga.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
video.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 497 2019-06-19 17:09:53 +02:00
video.h treewide: Convert macro and uses of __section(foo) to __section("foo") 2020-10-25 14:51:49 -07:00