Merge: x86/sev: Ensure that RMP table fixups are reserved

emmil · emmil · commit a724fac418bb · 2024-12-10T14:32:24.000Z
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/5933 JIRA: https://issues.redhat.com/browse/RHEL-68360 AMD reports that a SEV-SNP host crash can occur with fairly heavy load and repeatedly rebooting multiple k8 pods in a confidential containers setup. The most likely cause is that some PFN ranges can cause violations if they aren't marked reserved and the kernel tries to use them. Signed-off-by: Bandan Das <bsd@redhat.com> Approved-by: Vitaly Kuznetsov <vkuznets@redhat.com> Approved-by: David Arcari <darcari@redhat.com> Approved-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> Merged-by: Rado Vrbovsky <rvrbovsk@redhat.com>
diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c
@@ -173,6 +173,8 @@ static void __init __snp_fixup_e820_tables(u64 pa)
 		e820__range_update(pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);
 		e820__range_update_table(e820_table_kexec, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);
 		e820__range_update_table(e820_table_firmware, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);
+		if (!memblock_is_region_reserved(pa, PMD_SIZE))
+			memblock_reserve(pa, PMD_SIZE);
 	}
 }
 

Original file line number	Diff line number	Diff line change
`@@ -173,6 +173,8 @@ static void __init __snp_fixup_e820_tables(u64 pa)`
`173`	`173`	`e820__range_update(pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);`
`174`	`174`	`e820__range_update_table(e820_table_kexec, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);`
`175`	`175`	`e820__range_update_table(e820_table_firmware, pa, PMD_SIZE, E820_TYPE_RAM, E820_TYPE_RESERVED);`
	`176`	`+ if (!memblock_is_region_reserved(pa, PMD_SIZE))`
	`177`	`+ memblock_reserve(pa, PMD_SIZE);`
`176`	`178`	`}`
`177`	`179`	`}`
`178`	`180`