Commit f5ed7775 authored by Martin Radev's avatar Martin Radev Committed by Borislav Petkov

x86/sev-es: Check required CPU features for SEV-ES

Make sure the machine supports RDRAND, otherwise there is no trusted
source of randomness in the system.

To also check this in the pre-decompression stage, make has_cpuflag()
not depend on CONFIG_RANDOMIZE_BASE anymore.
Signed-off-by: default avatarMartin Radev <martin.b.radev@gmail.com>
Signed-off-by: default avatarJoerg Roedel <jroedel@suse.de>
Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/20200907131613.12703-73-joro@8bytes.org
parent 39336f4f
// SPDX-License-Identifier: GPL-2.0 // SPDX-License-Identifier: GPL-2.0
#ifdef CONFIG_RANDOMIZE_BASE
#include "../cpuflags.c" #include "../cpuflags.c"
bool has_cpuflag(int flag) bool has_cpuflag(int flag)
...@@ -9,5 +7,3 @@ bool has_cpuflag(int flag) ...@@ -9,5 +7,3 @@ bool has_cpuflag(int flag)
return test_bit(flag, cpu.flags); return test_bit(flag, cpu.flags);
} }
#endif
...@@ -85,8 +85,6 @@ void choose_random_location(unsigned long input, ...@@ -85,8 +85,6 @@ void choose_random_location(unsigned long input,
unsigned long *output, unsigned long *output,
unsigned long output_size, unsigned long output_size,
unsigned long *virt_addr); unsigned long *virt_addr);
/* cpuflags.c */
bool has_cpuflag(int flag);
#else #else
static inline void choose_random_location(unsigned long input, static inline void choose_random_location(unsigned long input,
unsigned long input_size, unsigned long input_size,
...@@ -97,6 +95,9 @@ static inline void choose_random_location(unsigned long input, ...@@ -97,6 +95,9 @@ static inline void choose_random_location(unsigned long input,
} }
#endif #endif
/* cpuflags.c */
bool has_cpuflag(int flag);
#ifdef CONFIG_X86_64 #ifdef CONFIG_X86_64
extern int set_page_decrypted(unsigned long address); extern int set_page_decrypted(unsigned long address);
extern int set_page_encrypted(unsigned long address); extern int set_page_encrypted(unsigned long address);
......
...@@ -145,6 +145,9 @@ void sev_es_shutdown_ghcb(void) ...@@ -145,6 +145,9 @@ void sev_es_shutdown_ghcb(void)
if (!boot_ghcb) if (!boot_ghcb)
return; return;
if (!sev_es_check_cpu_features())
error("SEV-ES CPU Features missing.");
/* /*
* GHCB Page must be flushed from the cache and mapped encrypted again. * GHCB Page must be flushed from the cache and mapped encrypted again.
* Otherwise the running kernel will see strange cache effects when * Otherwise the running kernel will see strange cache effects when
......
...@@ -9,6 +9,21 @@ ...@@ -9,6 +9,21 @@
* and is included directly into both code-bases. * and is included directly into both code-bases.
*/ */
#ifndef __BOOT_COMPRESSED
#define error(v) pr_err(v)
#define has_cpuflag(f) boot_cpu_has(f)
#endif
static bool __init sev_es_check_cpu_features(void)
{
if (!has_cpuflag(X86_FEATURE_RDRAND)) {
error("RDRAND instruction not supported - no trusted source of randomness available\n");
return false;
}
return true;
}
static void sev_es_terminate(unsigned int reason) static void sev_es_terminate(unsigned int reason)
{ {
u64 val = GHCB_SEV_TERMINATE; u64 val = GHCB_SEV_TERMINATE;
......
...@@ -665,6 +665,9 @@ void __init sev_es_init_vc_handling(void) ...@@ -665,6 +665,9 @@ void __init sev_es_init_vc_handling(void)
if (!sev_es_active()) if (!sev_es_active())
return; return;
if (!sev_es_check_cpu_features())
panic("SEV-ES CPU Features missing");
/* Enable SEV-ES special handling */ /* Enable SEV-ES special handling */
static_branch_enable(&sev_es_enable_key); static_branch_enable(&sev_es_enable_key);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment