• Dave Hansen's avatar
    x86/pti: Make unpoison of pgd for trusted boot work for real · ae1fc8de
    Dave Hansen authored
    commit 445b69e3 upstream
    
    The inital fix for trusted boot and PTI potentially misses the pgd clearing
    if pud_alloc() sets a PGD.  It probably works in *practice* because for two
    adjacent calls to map_tboot_page() that share a PGD entry, the first will
    clear NX, *then* allocate and set the PGD (without NX clear).  The second
    call will *not* allocate but will clear the NX bit.
    
    Defer the NX clearing to a point after it is known that all top-level
    allocations have occurred.  Add a comment to clarify why.
    
    [ tglx: Massaged changelog ]
    
    [ hughd notes: I have not tested tboot, but this looks to me as necessary
    and as safe in old-Kaiser backports as it is upstream; I'm not submitting
    the commit-to-be-fixed 262b6b30, since it was undone by 445b69e3,
    and makes conflict trouble because of 5-level's p4d versus 4-level's pgd.]
    
    Fixes: 262b6b30 ("x86/tboot: Unbreak tboot with PTI enabled")
    Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
    Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Reviewed-by: default avatarAndrea Arcangeli <aarcange@redhat.com>
    Cc: Jon Masters <jcm@redhat.com>
    Cc: Tim Chen <tim.c.chen@linux.intel.com>
    Cc: gnomes@lxorguk.ukuu.org.uk
    Cc: peterz@infradead.org
    Cc: ning.sun@intel.com
    Cc: tboot-devel@lists.sourceforge.net
    Cc: andi@firstfloor.org
    Cc: luto@kernel.org
    Cc: law@redhat.com
    Cc: pbonzini@redhat.com
    Cc: torvalds@linux-foundation.org
    Cc: gregkh@linux-foundation.org
    Cc: dwmw@amazon.co.uk
    Cc: nickc@redhat.com
    Link: https://lkml.kernel.org/r/20180110224939.2695CD47@viggo.jf.intel.com
    Cc: Jiri Kosina <jkosina@suse.cz>
    Signed-off-by: default avatarHugh Dickins <hughd@google.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    ae1fc8de
tboot.c 13.1 KB