Re: [PATCH 0/3] Resolve problems with kexec identity mapping

From: Borislav Petkov
Date: Tue Jul 09 2024 - 13:12:27 EST

Next message: Simon Horman: "Re: [PATCH net-next] net/sched: act_skbmod: convert comma to semicolon"
Previous message: Tejun Heo: "Re: [PATCH v2 2/2] sched_ext: Add cpuperf support"
In reply to: Steve Wahl: "Re: [PATCH 0/3] Resolve problems with kexec identity mapping"
Next in thread: Steve Wahl: "Re: [PATCH 0/3] Resolve problems with kexec identity mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 09, 2024 at 10:07:48AM -0500, Steve Wahl wrote:
> I think perhaps the cover letter was also too verbose on the history
> and unintentionally hid the information necesary to understand the
> situation. I will try to make it more concise.

Thanks.

And while we're at it, I think we should do this too.

Which should actually fix your issue too.

---
diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
index cd44e120fe53..a838cad72532 100644
--- a/arch/x86/boot/compressed/sev.c
+++ b/arch/x86/boot/compressed/sev.c
@@ -484,6 +484,15 @@ static bool early_snp_init(struct boot_params *bp)
{
struct cc_blob_sev_info *cc_info;

+ /*
+ * Bail out if not running on a hypervisor (HV). If the HV
+ * doesn't set the bit, that's an easy SEV-* guest DOS but that
+ * HV has then bigger problems: the SEV-* guest simply won't
+ * start.
+ */
+ if (!(native_cpuid_ecx(1) & BIT(31)))
+ return false;
+
if (!bp)
return false;

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Simon Horman: "Re: [PATCH net-next] net/sched: act_skbmod: convert comma to semicolon"
Previous message: Tejun Heo: "Re: [PATCH v2 2/2] sched_ext: Add cpuperf support"
In reply to: Steve Wahl: "Re: [PATCH 0/3] Resolve problems with kexec identity mapping"
Next in thread: Steve Wahl: "Re: [PATCH 0/3] Resolve problems with kexec identity mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]