From: Borislav Petkov <bp@suse.de>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, stable@vger.kernel.org,
"Tom Lendacky" <thomas.lendacky@amd.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Radim Krčmář" <rkrcmar@redhat.com>
Subject: Re: [PATCH v2 1/3] x86/mm: Restructure sme_encrypt_kernel()
Date: Wed, 29 Aug 2018 15:13:31 +0200 [thread overview]
Message-ID: <20180829131331.GE6337@nazgul.tnic> (raw)
In-Reply-To: <1535494377-25600-2-git-send-email-brijesh.singh@amd.com>
On Tue, Aug 28, 2018 at 05:12:55PM -0500, Brijesh Singh wrote:
> Re-arrange the sme_encrypt_kernel() by moving the workarea map/unmap
> logic in a separate static function. There are no logical changes in this
> patch. The restructuring will allow us to expand the sme_encrypt_kernel
> in future.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> Cc: stable@vger.kernel.org
This patch is going to be a prerequisite for the actual fix so you
probably should write here:
Cc: stable@vger.kernel.org # prerequisite for <patch name>
or better yet do a separate backport/submission to stable@ once those
have been upstreamed.
...
> +void __init sme_encrypt_kernel(struct boot_params *bp)
> +{
> + struct sme_populate_pgd_data ppd;
> + struct sme_workarea_data wa;
> +
> + if (!sme_active())
> + return;
> +
> + build_workarea_map(bp, &wa, &ppd);
> +
> + /* When SEV is active, encrypt kernel and initrd */
> + sme_encrypt_execute(wa.kernel_start,
> + wa.kernel_start + wa.decrypted_base,
> + wa.kernel_len, wa.workarea_start,
> + (unsigned long)ppd.pgd);
> +
> + if (wa.initrd_len)
> + sme_encrypt_execute(wa.initrd_start,
> + wa.initrd_start + wa.decrypted_base,
> + wa.initrd_len, wa.workarea_start,
> + (unsigned long)ppd.pgd);
> +
> + remove_workarea_map(&wa, &ppd);
teardown_workarea_map() is a better naming counterpart to
build_workarea_map().
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--
next prev parent reply other threads:[~2018-08-29 13:13 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-28 22:12 [PATCH v2 0/3] x86: Fix SEV guest regression Brijesh Singh
2018-08-28 22:12 ` [PATCH v2 1/3] x86/mm: Restructure sme_encrypt_kernel() Brijesh Singh
2018-08-29 13:13 ` Borislav Petkov [this message]
2018-08-28 22:12 ` [PATCH v2 2/3] x86/mm: add .data..decrypted section to hold shared variables Brijesh Singh
2018-08-29 13:59 ` Borislav Petkov
2018-08-29 14:37 ` Brijesh Singh
2018-08-30 9:21 ` Borislav Petkov
2018-08-29 15:54 ` Brijesh Singh
2018-08-30 9:22 ` Borislav Petkov
2018-08-29 15:03 ` Sean Christopherson
2018-08-29 15:33 ` Brijesh Singh
2018-08-30 9:26 ` Borislav Petkov
2018-08-28 22:12 ` [PATCH v2 3/3] x86/kvm: use __decrypted attribute when declaring " Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180829131331.GE6337@nazgul.tnic \
--to=bp@suse.de \
--cc=brijesh.singh@amd.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.