diff mbox series

[v4,27/75] x86/idt: Move IDT to data segment

Message ID	20200714120917.11253-28-joro@8bytes.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=PKWe=AZ=vger.kernel.org=kvm-owner@kernel.org> Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 490EE13B4 for <patchwork-kvm@patchwork.kernel.org>; Tue, 14 Jul 2020 12:16:09 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 32A7C223C6 for <patchwork-kvm@patchwork.kernel.org>; Tue, 14 Jul 2020 12:16:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728809AbgGNMQE (ORCPT <rfc822;patchwork-kvm@patchwork.kernel.org>); Tue, 14 Jul 2020 08:16:04 -0400 Received: from 8bytes.org ([81.169.241.247]:53184 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728268AbgGNMKu (ORCPT <rfc822;kvm@vger.kernel.org>); Tue, 14 Jul 2020 08:10:50 -0400 Received: from cap.home.8bytes.org (p5b006776.dip0.t-ipconnect.de [91.0.103.118]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by theia.8bytes.org (Postfix) with ESMTPSA id 9CA87B2D; Tue, 14 Jul 2020 14:10:47 +0200 (CEST) From: Joerg Roedel <joro@8bytes.org> To: x86@kernel.org Cc: Joerg Roedel <joro@8bytes.org>, Joerg Roedel <jroedel@suse.de>, hpa@zytor.com, Andy Lutomirski <luto@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Peter Zijlstra <peterz@infradead.org>, Jiri Slaby <jslaby@suse.cz>, Dan Williams <dan.j.williams@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, Juergen Gross <jgross@suse.com>, Kees Cook <keescook@chromium.org>, David Rientjes <rientjes@google.com>, Cfir Cohen <cfir@google.com>, Erdem Aktas <erdemaktas@google.com>, Masami Hiramatsu <mhiramat@kernel.org>, Mike Stunes <mstunes@vmware.com>, Sean Christopherson <sean.j.christopherson@intel.com>, Martin Radev <martin.b.radev@gmail.com>, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: [PATCH v4 27/75] x86/idt: Move IDT to data segment Date: Tue, 14 Jul 2020 14:08:29 +0200 Message-Id: <20200714120917.11253-28-joro@8bytes.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200714120917.11253-1-joro@8bytes.org> References: <20200714120917.11253-1-joro@8bytes.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: <kvm.vger.kernel.org> X-Mailing-List: kvm@vger.kernel.org
Series	x86: SEV-ES Guest Support \| expand [v4,00/75] x86: SEV-ES Guest Support [v4,01/75] KVM: SVM: Add GHCB definitions [v4,02/75] KVM: SVM: Add GHCB Accessor functions [v4,03/75] KVM: SVM: Use __packed shorthand [v4,04/75] x86/cpufeatures: Add SEV-ES CPU feature [v4,05/75] x86/traps: Move pf error codes to <asm/trap_pf.h> [v4,06/75] x86/insn: Make inat-tables.c suitable for pre-decompression code [v4,07/75] x86/umip: Factor out instruction fetch [v4,08/75] x86/umip: Factor out instruction decoding [v4,09/75] x86/insn: Add insn_get_modrm_reg_off() [v4,10/75] x86/insn: Add insn_has_rep_prefix() helper [v4,11/75] x86/boot/compressed/64: Disable red-zone usage [v4,12/75] x86/boot/compressed/64: Add IDT Infrastructure [v4,13/75] x86/boot/compressed/64: Rename kaslr_64.c to ident_map_64.c [v4,14/75] x86/boot/compressed/64: Add page-fault handler [v4,15/75] x86/boot/compressed/64: Always switch to own page-table [v4,16/75] x86/boot/compressed/64: Don't pre-map memory in KASLR code [v4,17/75] x86/boot/compressed/64: Change add_identity_map() to take start and end [v4,18/75] x86/boot/compressed/64: Add stage1 #VC handler [v4,19/75] x86/boot/compressed/64: Call set_sev_encryption_mask earlier [v4,20/75] x86/boot/compressed/64: Check return value of kernel_ident_mapping_init() [v4,21/75] x86/boot/compressed/64: Add set_page_en/decrypted() helpers [v4,22/75] x86/boot/compressed/64: Setup GHCB Based VC Exception handler [v4,23/75] x86/boot/compressed/64: Unmap GHCB page before booting the kernel [v4,24/75] x86/sev-es: Add support for handling IOIO exceptions [v4,25/75] x86/fpu: Move xgetbv()/xsetbv() into separate header [v4,26/75] x86/sev-es: Add CPUID handling to #VC handler [v4,27/75] x86/idt: Move IDT to data segment [v4,28/75] x86/idt: Split idt_data setup out of set_intr_gate() [v4,29/75] x86/idt: Move two function from k/idt.c to i/a/desc.h [v4,30/75] x86/head/64: Install boot GDT [v4,31/75] x86/head/64: Reload GDT after switch to virtual addresses [v4,32/75] x86/head/64: Load segment registers earlier [v4,33/75] x86/head/64: Switch to initial stack earlier [v4,34/75] x86/head/64: Build k/head64.c with -fno-stack-protector [v4,35/75] x86/head/64: Load IDT earlier [v4,36/75] x86/head/64: Move early exception dispatch to C code [v4,37/75] x86/sev-es: Add SEV-ES Feature Detection [v4,38/75] x86/sev-es: Print SEV-ES info into kernel log [v4,39/75] x86/sev-es: Compile early handler code into kernel image [v4,40/75] x86/sev-es: Setup early #VC handler [v4,41/75] x86/sev-es: Setup GHCB based boot #VC handler [v4,42/75] x86/sev-es: Setup per-cpu GHCBs for the runtime handler [v4,43/75] x86/sev-es: Allocate and Map stacks for #VC handler [v4,44/75] x86/sev-es: Allocate and setup IST entry for #VC [v4,45/75] x86/sev-es: Adjust #VC IST Stack on entering NMI handler [v4,46/75] x86/dumpstack/64: Add noinstr version of get_stack_info() [v4,47/75] x86/entry/64: Add entry code for #VC handler [v4,48/75] x86/sev-es: Add Runtime #VC Exception Handler [v4,49/75] x86/sev-es: Wire up existing #VC exit-code handlers [v4,50/75] x86/sev-es: Handle instruction fetches from user-space [v4,51/75] x86/sev-es: Handle MMIO events [v4,52/75] x86/sev-es: Handle MMIO String Instructions [v4,53/75] x86/sev-es: Handle MSR events [v4,54/75] x86/sev-es: Handle DR7 read/write events [v4,55/75] x86/sev-es: Handle WBINVD Events [v4,56/75] x86/sev-es: Handle RDTSC(P) Events [v4,57/75] x86/sev-es: Handle RDPMC Events [v4,58/75] x86/sev-es: Handle INVD Events [v4,59/75] x86/sev-es: Handle MONITOR/MONITORX Events [v4,60/75] x86/sev-es: Handle MWAIT/MWAITX Events [v4,61/75] x86/sev-es: Handle VMMCALL Events [v4,62/75] x86/sev-es: Handle #AC Events [v4,63/75] x86/sev-es: Handle #DB Events [v4,64/75] x86/paravirt: Allow hypervisor specific VMMCALL handling under SEV-ES [v4,65/75] x86/kvm: Add KVM specific VMMCALL handling under SEV-ES [v4,66/75] x86/vmware: Add VMware specific handling for VMMCALL under SEV-ES [v4,67/75] x86/realmode: Add SEV-ES specific trampoline entry point [v4,68/75] x86/realmode: Setup AP jump table [v4,69/75] x86/head/64: Setup TSS early for secondary CPUs [v4,70/75] x86/head/64: Don't call verify_cpu() on starting APs [v4,71/75] x86/head/64: Rename start_cpu0 [v4,72/75] x86/sev-es: Support CPU offline/online [v4,73/75] x86/sev-es: Handle NMI State [v4,74/75] x86/efi: Add GHCB mappings when SEV-ES is active [v4,75/75] x86/sev-es: Check required CPU features for SEV-ES

Commit Message

Joerg Roedel July 14, 2020, 12:08 p.m. UTC

From: Joerg Roedel <jroedel@suse.de>

With SEV-ES, exception handling is needed very early, even before the
kernel has cleared the bss segment. In order to prevent clearing the
currently used IDT, move the IDT to the data segment.

Signed-off-by: Joerg Roedel <jroedel@suse.de>
---
 arch/x86/kernel/idt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Kees Cook July 15, 2020, 1:25 a.m. UTC | #1

On Tue, Jul 14, 2020 at 02:08:29PM +0200, Joerg Roedel wrote:
> From: Joerg Roedel <jroedel@suse.de>
> 
> With SEV-ES, exception handling is needed very early, even before the
> kernel has cleared the bss segment. In order to prevent clearing the
> currently used IDT, move the IDT to the data segment.
> 
> Signed-off-by: Joerg Roedel <jroedel@suse.de>

Reviewed-by: Kees Cook <keescook@chromium.org>

diff mbox series

Patch

diff --git a/arch/x86/kernel/idt.c b/arch/x86/kernel/idt.c
index 0db21206f2f3..b920f2352df5 100644
--- a/arch/x86/kernel/idt.c
+++ b/arch/x86/kernel/idt.c
@@ -158,7 +158,7 @@  static const __initconst struct idt_data apic_idts[] = {
 };
 
 /* Must be page-aligned because the real IDT is used in the cpu entry area */
-static gate_desc idt_table[IDT_ENTRIES] __page_aligned_bss;
+static gate_desc idt_table[IDT_ENTRIES] __page_aligned_data;
 
 struct desc_ptr idt_descr __ro_after_init = {
 	.size		= IDT_TABLE_SIZE - 1,