Re: [PATCH v5 29/32] x86/mm: Add support to encrypt the kernel in-place
From: Tom Lendacky
Date: Wed May 31 2017 - 09:13:16 EST
On 5/31/2017 4:51 AM, Borislav Petkov wrote:
On Tue, May 30, 2017 at 11:39:07AM -0500, Tom Lendacky wrote:
Yes, it's from objtool:
arch/x86/mm/mem_encrypt_boot.o: warning: objtool: .text+0xd2: return
instruction outside of a callable function
Oh, well, let's make it a global symbol then. Who knows, we might have
to live-patch it someday :-)
Can do.
Thanks,
Tom
---
diff --git a/arch/x86/mm/mem_encrypt_boot.S b/arch/x86/mm/mem_encrypt_boot.S
index fb58f9f953e3..7720b0050840 100644
--- a/arch/x86/mm/mem_encrypt_boot.S
+++ b/arch/x86/mm/mem_encrypt_boot.S
@@ -47,9 +47,9 @@ ENTRY(sme_encrypt_execute)
movq %rdx, %r12 /* Kernel length */
/* Copy encryption routine into the workarea */
- movq %rax, %rdi /* Workarea encryption routine */
- leaq .Lenc_start(%rip), %rsi /* Encryption routine */
- movq $(.Lenc_stop - .Lenc_start), %rcx /* Encryption routine length */
+ movq %rax, %rdi /* Workarea encryption routine */
+ leaq __enc_copy(%rip), %rsi /* Encryption routine */
+ movq $(.L__enc_copy_end - __enc_copy), %rcx /* Encryption routine length */
rep movsb
/* Setup registers for call */
@@ -70,8 +70,7 @@ ENTRY(sme_encrypt_execute)
ret
ENDPROC(sme_encrypt_execute)
-.Lenc_start:
-ENTRY(sme_enc_routine)
+ENTRY(__enc_copy)
/*
* Routine used to encrypt kernel.
* This routine must be run outside of the kernel proper since
@@ -147,5 +146,5 @@ ENTRY(sme_enc_routine)
wrmsr
ret
-ENDPROC(sme_enc_routine)
-.Lenc_stop:
+.L__enc_copy_end:
+ENDPROC(__enc_copy)