From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>
Cc: Sean Christopherson <seanjc@google.com>,
Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Borislav Petkov <bp@suse.de>,
Tom Lendacky <thomas.lendacky@amd.com>,
Brijesh Singh <brijesh.singh@amd.com>
Subject: [PATCH v5 06/15] x86/sev: Drop redundant and potentially misleading 'sev_enabled'
Date: Wed, 21 Apr 2021 19:11:16 -0700 [thread overview]
Message-ID: <20210422021125.3417167-7-seanjc@google.com> (raw)
In-Reply-To: <20210422021125.3417167-1-seanjc@google.com>
Drop the sev_enabled flag and switch its one user over to sev_active().
sev_enabled was made redundant with the introduction of sev_status in
commit b57de6cd1639 ("x86/sev-es: Add SEV-ES Feature Detection").
sev_enabled and sev_active() are guaranteed to be equivalent, as each is
true iff 'sev_status & MSR_AMD64_SEV_ENABLED' is true, and are only ever
written in tandem (ignoring compressed boot's version of sev_status).
Removing sev_enabled avoids confusion over whether it refers to the guest
or the host, and will also allow KVM to usurp "sev_enabled" for its own
purposes.
No functional change intended.
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
arch/x86/include/asm/mem_encrypt.h | 1 -
arch/x86/mm/mem_encrypt.c | 12 +++++-------
arch/x86/mm/mem_encrypt_identity.c | 1 -
3 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h
index 31c4df123aa0..9c80c68d75b5 100644
--- a/arch/x86/include/asm/mem_encrypt.h
+++ b/arch/x86/include/asm/mem_encrypt.h
@@ -20,7 +20,6 @@
extern u64 sme_me_mask;
extern u64 sev_status;
-extern bool sev_enabled;
void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr,
unsigned long decrypted_kernel_vaddr,
diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
index 4b01f7dbaf30..be384d8d0543 100644
--- a/arch/x86/mm/mem_encrypt.c
+++ b/arch/x86/mm/mem_encrypt.c
@@ -44,8 +44,6 @@ EXPORT_SYMBOL(sme_me_mask);
DEFINE_STATIC_KEY_FALSE(sev_enable_key);
EXPORT_SYMBOL_GPL(sev_enable_key);
-bool sev_enabled __section(".data");
-
/* Buffer used for early in-place encryption by BSP, no locking needed */
static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE);
@@ -373,15 +371,15 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size)
* up under SME the trampoline area cannot be encrypted, whereas under SEV
* the trampoline area must be encrypted.
*/
-bool sme_active(void)
-{
- return sme_me_mask && !sev_enabled;
-}
-
bool sev_active(void)
{
return sev_status & MSR_AMD64_SEV_ENABLED;
}
+
+bool sme_active(void)
+{
+ return sme_me_mask && !sev_active();
+}
EXPORT_SYMBOL_GPL(sev_active);
/* Needs to be called from non-instrumentable code */
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
index 6c5eb6f3f14f..0c2759b7f03a 100644
--- a/arch/x86/mm/mem_encrypt_identity.c
+++ b/arch/x86/mm/mem_encrypt_identity.c
@@ -545,7 +545,6 @@ void __init sme_enable(struct boot_params *bp)
/* SEV state cannot be controlled by a command line option */
sme_me_mask = me_mask;
- sev_enabled = true;
physical_mask &= ~sme_me_mask;
return;
}
--
2.31.1.498.g6c1eba8ee3d-goog
next prev parent reply other threads:[~2021-04-22 2:12 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 2:11 [PATCH v5 00/15] KVM: SVM: Misc SEV cleanups Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 01/15] KVM: SVM: Zero out the VMCB array used to track SEV ASID association Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 02/15] KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails Sean Christopherson
2021-04-22 19:34 ` Tom Lendacky
2021-04-22 2:11 ` [PATCH v5 03/15] KVM: SVM: Disable SEV/SEV-ES if NPT is disabled Sean Christopherson
2021-04-22 7:14 ` Paolo Bonzini
2021-04-22 16:15 ` Sean Christopherson
2021-04-22 17:08 ` Paolo Bonzini
2021-04-22 18:11 ` Sean Christopherson
2021-04-23 7:08 ` Paolo Bonzini
2021-04-22 2:11 ` [PATCH v5 04/15] KVM: SVM: Move SEV module params/variables to sev.c Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 05/15] KVM: SEV: Mask CPUID[0x8000001F].eax according to supported features Sean Christopherson
2021-04-22 2:11 ` Sean Christopherson [this message]
2021-04-22 12:05 ` [PATCH v5 06/15] x86/sev: Drop redundant and potentially misleading 'sev_enabled' Paolo Bonzini
2021-04-22 12:18 ` Borislav Petkov
2021-04-22 12:16 ` Borislav Petkov
2021-04-22 2:11 ` [PATCH v5 07/15] KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control variables Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 08/15] KVM: SVM: Condition sev_enabled and sev_es_enabled on CONFIG_KVM_AMD_SEV=y Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 09/15] KVM: SVM: Enable SEV/SEV-ES functionality by default (when supported) Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 10/15] KVM: SVM: Unconditionally invoke sev_hardware_teardown() Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 11/15] KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup() Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 12/15] KVM: SVM: Move SEV VMCB tracking allocation to sev.c Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 13/15] KVM: SVM: Drop redundant svm_sev_enabled() helper Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 14/15] KVM: SVM: Remove an unnecessary prototype declaration of sev_flush_asids() Sean Christopherson
2021-04-22 2:11 ` [PATCH v5 15/15] KVM: SVM: Skip SEV cache flush if no ASIDs have been used Sean Christopherson
2021-04-22 7:30 ` Paolo Bonzini
2021-04-22 7:30 ` [PATCH v5 00/15] KVM: SVM: Misc SEV cleanups Paolo Bonzini
2021-04-22 16:02 ` Sean Christopherson
2021-04-22 17:08 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210422021125.3417167-7-seanjc@google.com \
--to=seanjc@google.com \
--cc=bp@suse.de \
--cc=brijesh.singh@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=thomas.lendacky@amd.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.