Commit e814b59e authored by Ard Biesheuvel's avatar Ard Biesheuvel Committed by Borislav Petkov (AMD)

x86/sme: Fix memory encryption setting if enabled by default and not overridden

Commit

  cbebd68f ("x86/mm: Fix use of uninitialized buffer in sme_enable()")

'fixed' an issue in sme_enable() detected by static analysis, and broke
the common case in the process.

cmdline_find_option() will return < 0 on an error, or when the command
line argument does not appear at all. In this particular case, the
latter is not an error condition, and so the early exit is wrong.

Instead, without mem_encrypt= on the command line, the compile time
default should be honoured, which could be to enable memory encryption,
and this is currently broken.

Fix it by setting sme_me_mask to a preliminary value based on the
compile time default, and only omitting the command line argument test
when cmdline_find_option() returns an error.

  [ bp: Drop active_by_default while at it. ]

Fixes: cbebd68f ("x86/mm: Fix use of uninitialized buffer in sme_enable()")
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Link: https://lore.kernel.org/r/20240126163918.2908990-2-ardb+git@google.com
parent 4cab62c0
...@@ -507,7 +507,6 @@ void __init sme_enable(struct boot_params *bp) ...@@ -507,7 +507,6 @@ void __init sme_enable(struct boot_params *bp)
const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off; const char *cmdline_ptr, *cmdline_arg, *cmdline_on, *cmdline_off;
unsigned int eax, ebx, ecx, edx; unsigned int eax, ebx, ecx, edx;
unsigned long feature_mask; unsigned long feature_mask;
bool active_by_default;
unsigned long me_mask; unsigned long me_mask;
char buffer[16]; char buffer[16];
bool snp; bool snp;
...@@ -593,22 +592,19 @@ void __init sme_enable(struct boot_params *bp) ...@@ -593,22 +592,19 @@ void __init sme_enable(struct boot_params *bp)
: "p" (sme_cmdline_off)); : "p" (sme_cmdline_off));
if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT)) if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT))
active_by_default = true; sme_me_mask = me_mask;
else
active_by_default = false;
cmdline_ptr = (const char *)((u64)bp->hdr.cmd_line_ptr | cmdline_ptr = (const char *)((u64)bp->hdr.cmd_line_ptr |
((u64)bp->ext_cmd_line_ptr << 32)); ((u64)bp->ext_cmd_line_ptr << 32));
if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0) if (cmdline_find_option(cmdline_ptr, cmdline_arg, buffer, sizeof(buffer)) < 0)
return; goto out;
if (!strncmp(buffer, cmdline_on, sizeof(buffer))) if (!strncmp(buffer, cmdline_on, sizeof(buffer)))
sme_me_mask = me_mask; sme_me_mask = me_mask;
else if (!strncmp(buffer, cmdline_off, sizeof(buffer))) else if (!strncmp(buffer, cmdline_off, sizeof(buffer)))
sme_me_mask = 0; sme_me_mask = 0;
else
sme_me_mask = active_by_default ? me_mask : 0;
out: out:
if (sme_me_mask) { if (sme_me_mask) {
physical_mask &= ~sme_me_mask; physical_mask &= ~sme_me_mask;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment