github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
Linux kernel source tree
1,046,594 Commits 1 Branch 934 Tags 20 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
b964ecdb71
Go to file
Tom Lendacky b964ecdb71 x86/sme: Explicitly map new EFI memmap table as encrypted 
commit 1ff2fc0286 upstream.

Reserving memory using efi_mem_reserve() calls into the x86
efi_arch_mem_reserve() function. This function will insert a new EFI
memory descriptor into the EFI memory map representing the area of
memory to be reserved and marking it as EFI runtime memory. As part
of adding this new entry, a new EFI memory map is allocated and mapped.
The mapping is where a problem can occur. This new memory map is mapped
using early_memremap() and generally mapped encrypted, unless the new
memory for the mapping happens to come from an area of memory that is
marked as EFI_BOOT_SERVICES_DATA memory. In this case, the new memory will
be mapped unencrypted. However, during replacement of the old memory map,
efi_mem_type() is disabled, so the new memory map will now be long-term
mapped encrypted (in efi.memmap), resulting in the map containing invalid
data and causing the kernel boot to crash.

Since it is known that the area will be mapped encrypted going forward,
explicitly map the new memory map as encrypted using early_memremap_prot().

Cc: <stable@vger.kernel.org> # 4.14.x
Fixes: 8f716c9b5f ("x86/mm: Add support to access boot related data in the clear")
Link: https://lore.kernel.org/all/ebf1eb2940405438a09d51d121ec0d02c8755558.1634752931.git.thomas.lendacky@amd.com/
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
[ardb: incorporate Kconfig fix by Arnd]
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-12-14 10:57:08 +01:00
arch x86/sme: Explicitly map new EFI memmap table as encrypted 2021-12-14 10:57:08 +01:00
block block: avoid to quiesce queue in elevator_init_mq 2021-12-01 09:04:56 +01:00
certs certs: Add support for using elliptic curve keys for signing modules 2021-08-23 19:55:42 +03:00
crypto crypto: pcrypt - Delay write to padata->info 2021-11-18 19:16:44 +01:00
Documentation docs: accounting: update delay-accounting.rst reference 2021-12-01 09:04:56 +01:00
drivers net: dsa: mv88e6xxx: allow use of PHYs on CPU and DSA ports 2021-12-14 10:57:08 +01:00
fs io-wq: don't retry task_work creation failure on fatal conditions 2021-12-08 09:04:53 +01:00
include HID: add hid_is_usb() function to make it simpler for USB detection 2021-12-14 10:57:05 +01:00
init init: make unknown command line param message clearer 2021-11-18 19:17:11 +01:00
ipc shm: extend forced shm destroy to support objects from several IPC nses 2021-11-25 09:48:42 +01:00
kernel sched/uclamp: Fix rq->uclamp_max not set on first enqueue 2021-12-08 09:04:54 +01:00
lib siphash: use _unaligned version by default 2021-12-08 09:04:47 +01:00
LICENSES LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes" 2021-07-15 06:31:24 -06:00
mm hugetlbfs: flush TLBs correctly after huge_pmd_unshare 2021-11-25 09:49:07 +01:00
net nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groups 2021-12-14 10:57:06 +01:00
samples samples/bpf: Fix incorrect use of strlen in xdp_redirect_cpu 2021-11-25 09:48:33 +01:00
scripts leaking_addresses: Always print a trailing newline 2021-11-18 19:16:16 +01:00
security selinux: fix NULL-pointer dereference when hashtab allocation fails 2021-11-25 09:49:07 +01:00
sound ASoC: rk817: Add module alias for rk817-codec 2021-12-08 09:04:52 +01:00
tools selftests: net: Correct case name 2021-12-08 09:04:47 +01:00
usr .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
virt KVM: Ensure local memslot copies operate on up-to-date arch-specific data 2021-12-08 09:04:43 +01:00
.clang-format clang-format: Update with the latest for_each macro list 2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap mailmap: add Andrej Shadura 2021-10-18 20:22:03 -10:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Daniel Drake to credits 2021-09-21 08:34:58 +03:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS drm fixes for 5.15 final 2021-10-28 12:17:01 -07:00
Makefile Linux 5.15.7 2021-12-08 09:04:57 +01:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.