From: Tom Lendacky <thomas.lendacky@amd.com> To: Borislav Petkov <bp@alien8.de> Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, "Radim Krčmář" <rkrcmar@redhat.com>, "Arnd Bergmann" <arnd@arndb.de>, "Jonathan Corbet" <corbet@lwn.net>, "Matt Fleming" <matt@codeblueprint.co.uk>, "Joerg Roedel" <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, "Andrey Ryabinin" <aryabinin@virtuozzo.com>, "Ingo Molnar" <mingo@redhat.com>, "Andy Lutomirski" <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, "Paolo Bonzini" <pbonzini@redhat.com>, "Alexander Potapenko" <glider@google.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.com> Subject: Re: [RFC PATCH v2 20/20] x86: Add support to make use of Secure Memory Encryption Date: Wed, 14 Sep 2016 09:31:42 -0500 [thread overview] Message-ID: <11306db6-fec1-db98-5e1b-400f7d828f7e@amd.com> (raw) In-Reply-To: <20160912170856.2uklaoc4vxmkgnkq@pd.tnic> On 09/12/2016 12:08 PM, Borislav Petkov wrote: > On Mon, Aug 22, 2016 at 05:39:08PM -0500, Tom Lendacky wrote: >> This patch adds the support to check if SME has been enabled and if the >> mem_encrypt=on command line option is set. If both of these conditions >> are true, then the encryption mask is set and the kernel is encrypted >> "in place." >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> --- >> Documentation/kernel-parameters.txt | 3 >> arch/x86/kernel/asm-offsets.c | 2 >> arch/x86/kernel/mem_encrypt.S | 302 +++++++++++++++++++++++++++++++++++ >> arch/x86/mm/mem_encrypt.c | 2 >> 4 files changed, 309 insertions(+) >> >> diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt >> index 46c030a..a1986c8 100644 >> --- a/Documentation/kernel-parameters.txt >> +++ b/Documentation/kernel-parameters.txt >> @@ -2268,6 +2268,9 @@ bytes respectively. Such letter suffixes can also be entirely omitted. >> memory contents and reserves bad memory >> regions that are detected. >> >> + mem_encrypt=on [X86_64] Enable memory encryption on processors >> + that support this feature. >> + >> meye.*= [HW] Set MotionEye Camera parameters >> See Documentation/video4linux/meye.txt. >> >> diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c >> index 2bd5c6f..e485ada 100644 >> --- a/arch/x86/kernel/asm-offsets.c >> +++ b/arch/x86/kernel/asm-offsets.c >> @@ -85,6 +85,8 @@ void common(void) { >> OFFSET(BP_init_size, boot_params, hdr.init_size); >> OFFSET(BP_pref_address, boot_params, hdr.pref_address); >> OFFSET(BP_code32_start, boot_params, hdr.code32_start); >> + OFFSET(BP_cmd_line_ptr, boot_params, hdr.cmd_line_ptr); >> + OFFSET(BP_ext_cmd_line_ptr, boot_params, ext_cmd_line_ptr); >> >> BLANK(); >> DEFINE(PTREGS_SIZE, sizeof(struct pt_regs)); >> diff --git a/arch/x86/kernel/mem_encrypt.S b/arch/x86/kernel/mem_encrypt.S >> index f2e0536..bf9f6a9 100644 >> --- a/arch/x86/kernel/mem_encrypt.S >> +++ b/arch/x86/kernel/mem_encrypt.S >> @@ -12,13 +12,230 @@ >> >> #include <linux/linkage.h> >> >> +#include <asm/processor-flags.h> >> +#include <asm/pgtable.h> >> +#include <asm/page.h> >> +#include <asm/msr.h> >> +#include <asm/asm-offsets.h> >> + >> .text >> .code64 >> ENTRY(sme_enable) >> +#ifdef CONFIG_AMD_MEM_ENCRYPT >> + /* Check for AMD processor */ >> + xorl %eax, %eax >> + cpuid >> + cmpl $0x68747541, %ebx # AuthenticAMD >> + jne .Lmem_encrypt_exit >> + cmpl $0x69746e65, %edx >> + jne .Lmem_encrypt_exit >> + cmpl $0x444d4163, %ecx >> + jne .Lmem_encrypt_exit >> + >> + /* Check for memory encryption leaf */ >> + movl $0x80000000, %eax >> + cpuid >> + cmpl $0x8000001f, %eax >> + jb .Lmem_encrypt_exit >> + >> + /* >> + * Check for memory encryption feature: >> + * CPUID Fn8000_001F[EAX] - Bit 0 >> + * Secure Memory Encryption support >> + * CPUID Fn8000_001F[EBX] - Bits 5:0 >> + * Pagetable bit position used to indicate encryption >> + * CPUID Fn8000_001F[EBX] - Bits 11:6 >> + * Reduction in physical address space (in bits) when enabled >> + */ >> + movl $0x8000001f, %eax >> + cpuid >> + bt $0, %eax >> + jnc .Lmem_encrypt_exit >> + >> + /* Check if BIOS/UEFI has allowed memory encryption */ >> + movl $MSR_K8_SYSCFG, %ecx >> + rdmsr >> + bt $MSR_K8_SYSCFG_MEM_ENCRYPT_BIT, %eax >> + jnc .Lmem_encrypt_exit > > Like other people suggested, it would be great if this were in C. Should be > actually readable :) Yup, working on that. I'll try and make it all completely C. > >> + >> + /* Check for the mem_encrypt=on command line option */ >> + push %rsi /* Save RSI (real_mode_data) */ >> + push %rbx /* Save CPUID information */ >> + movl BP_ext_cmd_line_ptr(%rsi), %ecx >> + shlq $32, %rcx >> + movl BP_cmd_line_ptr(%rsi), %edi >> + addq %rcx, %rdi >> + leaq mem_encrypt_enable_option(%rip), %rsi >> + call cmdline_find_option_bool >> + pop %rbx /* Restore CPUID information */ >> + pop %rsi /* Restore RSI (real_mode_data) */ >> + testl %eax, %eax >> + jz .Lno_mem_encrypt > > This too. > >> + >> + /* Set memory encryption mask */ >> + movl %ebx, %ecx >> + andl $0x3f, %ecx >> + bts %ecx, sme_me_mask(%rip) >> + >> +.Lno_mem_encrypt: >> + /* >> + * BIOS/UEFI has allowed memory encryption so we need to set >> + * the amount of physical address space reduction even if >> + * the user decides not to use memory encryption. >> + */ >> + movl %ebx, %ecx >> + shrl $6, %ecx >> + andl $0x3f, %ecx >> + movb %cl, sme_me_loss(%rip) >> + >> +.Lmem_encrypt_exit: >> +#endif /* CONFIG_AMD_MEM_ENCRYPT */ >> + >> ret >> ENDPROC(sme_enable) >> >> ENTRY(sme_encrypt_kernel) > > This should be doable too but I guess you'll have to try it to see. > > ... > >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index 2f28d87..1154353 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -183,6 +183,8 @@ void __init mem_encrypt_init(void) >> >> /* Make SWIOTLB use an unencrypted DMA area */ >> swiotlb_clear_encryption(); >> + >> + pr_info("memory encryption active\n"); > > Let's make it more official with nice caps and so on... > > pr_info("AMD Secure Memory Encryption active.\n"); Will do. Thanks, Tom >
WARNING: multiple messages have this Message-ID (diff)
From: Tom Lendacky <thomas.lendacky@amd.com> To: Borislav Petkov <bp@alien8.de> Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, "Radim Krčmář" <rkrcmar@redhat.com>, "Arnd Bergmann" <arnd@arndb.de>, "Jonathan Corbet" <corbet@lwn.net>, "Matt Fleming" <matt@codeblueprint.co.uk>, "Joerg Roedel" <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, "Andrey Ryabinin" <aryabinin@virtuozzo.com>, "Ingo Molnar" <mingo@redhat.com>, "Andy Lutomirski" <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, "Paolo Bonzini" <pbonzini@redhat.com>, "Alexander Potapenko" <glider@google.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.com> Subject: Re: [RFC PATCH v2 20/20] x86: Add support to make use of Secure Memory Encryption Date: Wed, 14 Sep 2016 09:31:42 -0500 [thread overview] Message-ID: <11306db6-fec1-db98-5e1b-400f7d828f7e@amd.com> (raw) In-Reply-To: <20160912170856.2uklaoc4vxmkgnkq@pd.tnic> On 09/12/2016 12:08 PM, Borislav Petkov wrote: > On Mon, Aug 22, 2016 at 05:39:08PM -0500, Tom Lendacky wrote: >> This patch adds the support to check if SME has been enabled and if the >> mem_encrypt=on command line option is set. If both of these conditions >> are true, then the encryption mask is set and the kernel is encrypted >> "in place." >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> --- >> Documentation/kernel-parameters.txt | 3 >> arch/x86/kernel/asm-offsets.c | 2 >> arch/x86/kernel/mem_encrypt.S | 302 +++++++++++++++++++++++++++++++++++ >> arch/x86/mm/mem_encrypt.c | 2 >> 4 files changed, 309 insertions(+) >> >> diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt >> index 46c030a..a1986c8 100644 >> --- a/Documentation/kernel-parameters.txt >> +++ b/Documentation/kernel-parameters.txt >> @@ -2268,6 +2268,9 @@ bytes respectively. Such letter suffixes can also be entirely omitted. >> memory contents and reserves bad memory >> regions that are detected. >> >> + mem_encrypt=on [X86_64] Enable memory encryption on processors >> + that support this feature. >> + >> meye.*= [HW] Set MotionEye Camera parameters >> See Documentation/video4linux/meye.txt. >> >> diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c >> index 2bd5c6f..e485ada 100644 >> --- a/arch/x86/kernel/asm-offsets.c >> +++ b/arch/x86/kernel/asm-offsets.c >> @@ -85,6 +85,8 @@ void common(void) { >> OFFSET(BP_init_size, boot_params, hdr.init_size); >> OFFSET(BP_pref_address, boot_params, hdr.pref_address); >> OFFSET(BP_code32_start, boot_params, hdr.code32_start); >> + OFFSET(BP_cmd_line_ptr, boot_params, hdr.cmd_line_ptr); >> + OFFSET(BP_ext_cmd_line_ptr, boot_params, ext_cmd_line_ptr); >> >> BLANK(); >> DEFINE(PTREGS_SIZE, sizeof(struct pt_regs)); >> diff --git a/arch/x86/kernel/mem_encrypt.S b/arch/x86/kernel/mem_encrypt.S >> index f2e0536..bf9f6a9 100644 >> --- a/arch/x86/kernel/mem_encrypt.S >> +++ b/arch/x86/kernel/mem_encrypt.S >> @@ -12,13 +12,230 @@ >> >> #include <linux/linkage.h> >> >> +#include <asm/processor-flags.h> >> +#include <asm/pgtable.h> >> +#include <asm/page.h> >> +#include <asm/msr.h> >> +#include <asm/asm-offsets.h> >> + >> .text >> .code64 >> ENTRY(sme_enable) >> +#ifdef CONFIG_AMD_MEM_ENCRYPT >> + /* Check for AMD processor */ >> + xorl %eax, %eax >> + cpuid >> + cmpl $0x68747541, %ebx # AuthenticAMD >> + jne .Lmem_encrypt_exit >> + cmpl $0x69746e65, %edx >> + jne .Lmem_encrypt_exit >> + cmpl $0x444d4163, %ecx >> + jne .Lmem_encrypt_exit >> + >> + /* Check for memory encryption leaf */ >> + movl $0x80000000, %eax >> + cpuid >> + cmpl $0x8000001f, %eax >> + jb .Lmem_encrypt_exit >> + >> + /* >> + * Check for memory encryption feature: >> + * CPUID Fn8000_001F[EAX] - Bit 0 >> + * Secure Memory Encryption support >> + * CPUID Fn8000_001F[EBX] - Bits 5:0 >> + * Pagetable bit position used to indicate encryption >> + * CPUID Fn8000_001F[EBX] - Bits 11:6 >> + * Reduction in physical address space (in bits) when enabled >> + */ >> + movl $0x8000001f, %eax >> + cpuid >> + bt $0, %eax >> + jnc .Lmem_encrypt_exit >> + >> + /* Check if BIOS/UEFI has allowed memory encryption */ >> + movl $MSR_K8_SYSCFG, %ecx >> + rdmsr >> + bt $MSR_K8_SYSCFG_MEM_ENCRYPT_BIT, %eax >> + jnc .Lmem_encrypt_exit > > Like other people suggested, it would be great if this were in C. Should be > actually readable :) Yup, working on that. I'll try and make it all completely C. > >> + >> + /* Check for the mem_encrypt=on command line option */ >> + push %rsi /* Save RSI (real_mode_data) */ >> + push %rbx /* Save CPUID information */ >> + movl BP_ext_cmd_line_ptr(%rsi), %ecx >> + shlq $32, %rcx >> + movl BP_cmd_line_ptr(%rsi), %edi >> + addq %rcx, %rdi >> + leaq mem_encrypt_enable_option(%rip), %rsi >> + call cmdline_find_option_bool >> + pop %rbx /* Restore CPUID information */ >> + pop %rsi /* Restore RSI (real_mode_data) */ >> + testl %eax, %eax >> + jz .Lno_mem_encrypt > > This too. > >> + >> + /* Set memory encryption mask */ >> + movl %ebx, %ecx >> + andl $0x3f, %ecx >> + bts %ecx, sme_me_mask(%rip) >> + >> +.Lno_mem_encrypt: >> + /* >> + * BIOS/UEFI has allowed memory encryption so we need to set >> + * the amount of physical address space reduction even if >> + * the user decides not to use memory encryption. >> + */ >> + movl %ebx, %ecx >> + shrl $6, %ecx >> + andl $0x3f, %ecx >> + movb %cl, sme_me_loss(%rip) >> + >> +.Lmem_encrypt_exit: >> +#endif /* CONFIG_AMD_MEM_ENCRYPT */ >> + >> ret >> ENDPROC(sme_enable) >> >> ENTRY(sme_encrypt_kernel) > > This should be doable too but I guess you'll have to try it to see. > > ... > >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index 2f28d87..1154353 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -183,6 +183,8 @@ void __init mem_encrypt_init(void) >> >> /* Make SWIOTLB use an unencrypted DMA area */ >> swiotlb_clear_encryption(); >> + >> + pr_info("memory encryption active\n"); > > Let's make it more official with nice caps and so on... > > pr_info("AMD Secure Memory Encryption active.\n"); Will do. Thanks, Tom > -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-09-14 14:31 UTC|newest] Thread overview: 229+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-08-22 22:35 [RFC PATCH v2 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` [RFC PATCH v2 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-09-02 8:50 ` Borislav Petkov 2016-09-02 8:50 ` Borislav Petkov 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 15:23 ` Borislav Petkov 2016-09-07 15:23 ` Borislav Petkov 2016-08-22 22:35 ` [RFC PATCH v2 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-25 3:58 ` Borislav Petkov 2016-08-25 3:58 ` Borislav Petkov 2016-08-22 22:35 ` [RFC PATCH v2 03/20] x86: Secure Memory Encryption (SME) build enablement Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-09-02 11:03 ` Borislav Petkov 2016-09-02 11:03 ` Borislav Petkov 2016-09-07 14:03 ` Tom Lendacky 2016-09-07 14:03 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 04/20] x86: Secure Memory Encryption (SME) support Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-25 13:04 ` Thomas Gleixner 2016-08-25 13:04 ` Thomas Gleixner 2016-08-30 13:19 ` Tom Lendacky 2016-08-30 13:19 ` Tom Lendacky 2016-08-30 14:57 ` Andy Lutomirski 2016-08-30 14:57 ` Andy Lutomirski 2016-08-30 14:57 ` Andy Lutomirski 2016-08-31 13:26 ` Tom Lendacky 2016-08-31 13:26 ` Tom Lendacky 2016-08-31 13:26 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 05/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-09-02 14:09 ` Borislav Petkov 2016-09-02 14:09 ` Borislav Petkov 2016-09-07 14:07 ` Tom Lendacky 2016-09-07 14:07 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 06/20] x86: Handle reduction in physical address size with SME Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-09-02 18:14 ` Borislav Petkov 2016-09-02 18:14 ` Borislav Petkov 2016-09-07 14:11 ` Tom Lendacky 2016-09-07 14:11 ` Tom Lendacky 2016-09-05 8:48 ` Borislav Petkov 2016-09-05 8:48 ` Borislav Petkov 2016-09-07 14:16 ` Tom Lendacky 2016-09-07 14:16 ` Tom Lendacky 2016-09-05 15:22 ` Borislav Petkov 2016-09-05 15:22 ` Borislav Petkov 2016-09-07 14:19 ` Tom Lendacky 2016-09-07 14:19 ` Tom Lendacky 2016-09-07 14:19 ` Tom Lendacky 2016-09-06 9:31 ` Borislav Petkov 2016-09-06 9:31 ` Borislav Petkov 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 15:55 ` Borislav Petkov 2016-09-07 15:55 ` Borislav Petkov 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:55 ` Borislav Petkov 2016-09-08 13:55 ` Borislav Petkov 2016-09-12 13:43 ` Tom Lendacky 2016-09-12 13:43 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 08/20] x86: Extend the early_memmap support with additional attrs Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 09/20] x86: Add support for early encryption/decryption of memory Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-06 16:12 ` Borislav Petkov 2016-09-06 16:12 ` Borislav Petkov 2016-08-22 22:37 ` [RFC PATCH v2 10/20] x86: Insure that memory areas are encrypted when possible Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 15:53 ` Borislav Petkov 2016-09-09 15:53 ` Borislav Petkov 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 16:33 ` Borislav Petkov 2016-09-12 16:33 ` Borislav Petkov 2016-09-14 14:11 ` Tom Lendacky 2016-09-14 14:11 ` Tom Lendacky 2016-09-14 14:11 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 16:38 ` Borislav Petkov 2016-09-09 16:38 ` Borislav Petkov 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 16:35 ` Borislav Petkov 2016-09-12 16:35 ` Borislav Petkov 2016-09-12 16:55 ` Andy Lutomirski 2016-09-12 16:55 ` Andy Lutomirski 2016-09-12 16:55 ` Andy Lutomirski 2016-09-14 14:20 ` Tom Lendacky 2016-09-14 14:20 ` Tom Lendacky 2016-09-14 14:20 ` Tom Lendacky 2016-09-15 9:57 ` Matt Fleming 2016-09-15 9:57 ` Matt Fleming 2016-09-15 9:57 ` Matt Fleming 2016-09-15 16:52 ` Tom Lendacky 2016-09-15 16:52 ` Tom Lendacky 2016-09-15 16:52 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 12/20] x86: Add support for changing memory encryption attribute Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 17:23 ` Borislav Petkov 2016-09-09 17:23 ` Borislav Petkov 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 16:41 ` Borislav Petkov 2016-09-12 16:41 ` Borislav Petkov 2016-08-22 22:37 ` [RFC PATCH v2 13/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 17:34 ` Borislav Petkov 2016-09-09 17:34 ` Borislav Petkov 2016-09-12 15:43 ` Tom Lendacky 2016-09-12 15:43 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 14/20] x86: DMA support for memory encryption Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 10:58 ` Borislav Petkov 2016-09-12 10:58 ` Borislav Petkov 2016-09-14 13:36 ` Tom Lendacky 2016-09-14 13:36 ` Tom Lendacky 2016-09-14 13:36 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 15/20] iommu/amd: AMD IOMMU " Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 11:45 ` Borislav Petkov 2016-09-12 11:45 ` Borislav Petkov 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 14:41 ` Borislav Petkov 2016-09-14 14:41 ` Borislav Petkov 2016-09-15 16:57 ` Tom Lendacky 2016-09-15 16:57 ` Tom Lendacky 2016-09-15 16:57 ` Tom Lendacky 2016-09-16 7:08 ` Borislav Petkov 2016-09-16 7:08 ` Borislav Petkov 2016-08-22 22:38 ` [RFC PATCH v2 16/20] x86: Check for memory encryption on the APs Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 12:17 ` Borislav Petkov 2016-09-12 12:17 ` Borislav Petkov 2016-09-14 13:50 ` Tom Lendacky 2016-09-14 13:50 ` Tom Lendacky 2016-09-12 16:43 ` Borislav Petkov 2016-09-12 16:43 ` Borislav Petkov 2016-09-14 14:12 ` Tom Lendacky 2016-09-14 14:12 ` Tom Lendacky 2016-09-14 14:12 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 17/20] x86: Do not specify encrypted memory for VGA mapping Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 18/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 14:35 ` Borislav Petkov 2016-09-12 14:35 ` Borislav Petkov 2016-09-14 14:02 ` Tom Lendacky 2016-09-14 14:02 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 19/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 16:59 ` Borislav Petkov 2016-09-12 16:59 ` Borislav Petkov 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:51 ` Borislav Petkov 2016-09-14 14:51 ` Borislav Petkov 2016-09-15 17:08 ` Tom Lendacky 2016-09-15 17:08 ` Tom Lendacky 2016-09-15 17:08 ` Tom Lendacky 2016-09-16 7:11 ` Borislav Petkov 2016-09-16 7:11 ` Borislav Petkov 2016-08-22 22:39 ` [RFC PATCH v2 20/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-09-12 17:08 ` Borislav Petkov 2016-09-12 17:08 ` Borislav Petkov 2016-09-14 14:31 ` Tom Lendacky [this message] 2016-09-14 14:31 ` Tom Lendacky
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=11306db6-fec1-db98-5e1b-400f7d828f7e@amd.com \ --to=thomas.lendacky@amd.com \ --cc=arnd@arndb.de \ --cc=aryabinin@virtuozzo.com \ --cc=bp@alien8.de \ --cc=corbet@lwn.net \ --cc=dvyukov@google.com \ --cc=glider@google.com \ --cc=hpa@zytor.com \ --cc=iommu@lists.linux-foundation.org \ --cc=joro@8bytes.org \ --cc=kasan-dev@googlegroups.com \ --cc=konrad.wilk@oracle.com \ --cc=kvm@vger.kernel.org \ --cc=linux-arch@vger.kernel.org \ --cc=linux-doc@vger.kernel.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=matt@codeblueprint.co.uk \ --cc=mingo@redhat.com \ --cc=pbonzini@redhat.com \ --cc=rkrcmar@redhat.com \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.