[PATCH 4.19 138/220] kexec: Allocate decrypted control pages for kdump if SME is enabled

From: Greg Kroah-Hartman
Date: Fri Nov 22 2019 - 06:10:36 EST


From: Lianbo Jiang <lijiang@xxxxxxxxxx>

[ Upstream commit 9cf38d5559e813cccdba8b44c82cc46ba48d0896 ]

When SME is enabled in the first kernel, it needs to allocate decrypted
pages for kdump because when the kdump kernel boots, these pages need to
be accessed decrypted in the initial boot stage, before SME is enabled.

[ bp: clean up text. ]

Signed-off-by: Lianbo Jiang <lijiang@xxxxxxxxxx>
Signed-off-by: Borislav Petkov <bp@xxxxxxx>
Reviewed-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: kexec@xxxxxxxxxxxxxxxxxxx
Cc: tglx@xxxxxxxxxxxxx
Cc: mingo@xxxxxxxxxx
Cc: hpa@xxxxxxxxx
Cc: akpm@xxxxxxxxxxxxxxxxxxxx
Cc: dan.j.williams@xxxxxxxxx
Cc: bhelgaas@xxxxxxxxxx
Cc: baiyaowei@xxxxxxxxxxxxxxxxxxxx
Cc: tiwai@xxxxxxx
Cc: brijesh.singh@xxxxxxx
Cc: dyoung@xxxxxxxxxx
Cc: bhe@xxxxxxxxxx
Cc: jroedel@xxxxxxx
Link: https://lkml.kernel.org/r/20180930031033.22110-3-lijiang@xxxxxxxxxx
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
kernel/kexec_core.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
index f50b90d0d1c28..faeec8255e7e0 100644
--- a/kernel/kexec_core.c
+++ b/kernel/kexec_core.c
@@ -473,6 +473,10 @@ static struct page *kimage_alloc_crash_control_pages(struct kimage *image,
}
}

+ /* Ensure that these pages are decrypted if SME is enabled. */
+ if (pages)
+ arch_kexec_post_alloc_pages(page_address(pages), 1 << order, 0);
+
return pages;
}

@@ -869,6 +873,7 @@ static int kimage_load_crash_segment(struct kimage *image,
result = -ENOMEM;
goto out;
}
+ arch_kexec_post_alloc_pages(page_address(page), 1, 0);
ptr = kmap(page);
ptr += maddr & ~PAGE_MASK;
mchunk = min_t(size_t, mbytes,
@@ -886,6 +891,7 @@ static int kimage_load_crash_segment(struct kimage *image,
result = copy_from_user(ptr, buf, uchunk);
kexec_flush_icache_page(page);
kunmap(page);
+ arch_kexec_pre_free_pages(page_address(page), 1);
if (result) {
result = -EFAULT;
goto out;
--
2.20.1