On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro at 8bytes.org> wrote:> > From: Joerg Roedel <jroedel at suse.de> > > With SEV-ES, exception handling is needed very early, even before the > kernel has cleared the bss segment. In order to prevent clearing the > currently used IDT, move the IDT to the data segment.Ugh. At the very least this needs a comment in the code. I had a patch to fix the kernel ELF loader to clear BSS, which would fix this problem once and for all, but it didn't work due to the messy way that the decompressor handles memory. I never got around to fixing this, sadly.
On Tue, Feb 11, 2020 at 02:41:25PM -0800, Andy Lutomirski wrote:> On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro at 8bytes.org> wrote: > > > > From: Joerg Roedel <jroedel at suse.de> > > > > With SEV-ES, exception handling is needed very early, even before the > > kernel has cleared the bss segment. In order to prevent clearing the > > currently used IDT, move the IDT to the data segment. > > Ugh. At the very least this needs a comment in the code.Yes, right, added a comment for that.> I had a patch to fix the kernel ELF loader to clear BSS, which would > fix this problem once and for all, but it didn't work due to the messy > way that the decompressor handles memory. I never got around to > fixing this, sadly.Aren't there other ways of booting (Xen-PV?) which don't use the kernel ELF loader? Regards, Joerg
> On Feb 12, 2020, at 3:55 AM, Joerg Roedel <joro at 8bytes.org> wrote: > > ?On Tue, Feb 11, 2020 at 02:41:25PM -0800, Andy Lutomirski wrote: >>> On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel <joro at 8bytes.org> wrote: >>> >>> From: Joerg Roedel <jroedel at suse.de> >>> >>> With SEV-ES, exception handling is needed very early, even before the >>> kernel has cleared the bss segment. In order to prevent clearing the >>> currently used IDT, move the IDT to the data segment. >> >> Ugh. At the very least this needs a comment in the code. > > Yes, right, added a comment for that. > >> I had a patch to fix the kernel ELF loader to clear BSS, which would >> fix this problem once and for all, but it didn't work due to the messy >> way that the decompressor handles memory. I never got around to >> fixing this, sadly. > > Aren't there other ways of booting (Xen-PV?) which don't use the kernel > ELF loader?Dunno. I would hope the any sane loader would clear BSS before executing anything. This isn?t currently the case, though. Oh well.> > Regards, > > Joerg