[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v2 1/7] x86/boot: Remove verify_cpu() from secondary_startup_64()

The boot trampolines from trampoline_64.S have code flow like:

  16bit BIOS                    SEV-ES                          64bit EFI

  trampoline_start()            sev_es_trampoline_start()       
trampoline_start_64()
    verify_cpu()                          |                             |
  switch_to_protected:    <---------------'                             v
       |                                                        
pa_trampoline_compat()
       v                                                                |
  startup_32()          <-----------------------------------------------'
       |
       v
  startup_64()
       |
       v
  tr_start() := head_64.S:secondary_startup_64()

Since AP bringup always goes through the 16bit BIOS path (EFI doesn't
touch the APs), there is already a verify_cpu() invocation.

Removing the verify_cpu() invocation from secondary_startup_64()
renders the whole secondary_startup_64_no_verify() thing moot, so
remove that too.

Cc: jroedel@xxxxxxx
Cc: hpa@xxxxxxxxx
Fixes: e81dc127ef69 ("x86/callthunks: Add call patching for call depth 
tracking")
Reported-by: Joan Bruguera <joanbrugueram@xxxxxxxxx>
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
---
 arch/x86/include/asm/realmode.h |    1 -
 arch/x86/kernel/head_64.S       |   16 ----------------
 arch/x86/realmode/init.c        |    6 ------
 3 files changed, 23 deletions(-)

--- a/arch/x86/include/asm/realmode.h
+++ b/arch/x86/include/asm/realmode.h
@@ -73,7 +73,6 @@ extern unsigned char startup_32_smp[];
 extern unsigned char boot_gdt[];
 #else
 extern unsigned char secondary_startup_64[];
-extern unsigned char secondary_startup_64_no_verify[];
 #endif
 
 static inline size_t real_mode_size_needed(void)
--- a/arch/x86/kernel/head_64.S
+++ b/arch/x86/kernel/head_64.S
@@ -143,22 +143,6 @@ SYM_CODE_START(secondary_startup_64)
         * after the boot processor executes this code.
         */
 
-       /* Sanitize CPU configuration */
-       call verify_cpu
-
-       /*
-        * The secondary_startup_64_no_verify entry point is only used by
-        * SEV-ES guests. In those guests the call to verify_cpu() would cause
-        * #VC exceptions which can not be handled at this stage of secondary
-        * CPU bringup.
-        *
-        * All non SEV-ES systems, especially Intel systems, need to execute
-        * verify_cpu() above to make sure NX is enabled.
-        */
-SYM_INNER_LABEL(secondary_startup_64_no_verify, SYM_L_GLOBAL)
-       UNWIND_HINT_EMPTY
-       ANNOTATE_NOENDBR
-
        /*
         * Retrieve the modifier (SME encryption mask if SME is active) to be
         * added to the initial pgdir entry that will be programmed into CR3.
--- a/arch/x86/realmode/init.c
+++ b/arch/x86/realmode/init.c
@@ -74,12 +74,6 @@ static void __init sme_sev_setup_real_mo
                th->flags |= TH_FLAGS_SME_ACTIVE;
 
        if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) {
-               /*
-                * Skip the call to verify_cpu() in secondary_startup_64 as it
-                * will cause #VC exceptions when the AP can't handle them yet.
-                */
-               th->start = (u64) secondary_startup_64_no_verify;
-
                if (sev_es_setup_ap_jump_table(real_mode_header))
                        panic("Failed to get/update SEV-ES AP Jump Table");
        }

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.