From: Borislav Petkov <bp@alien8.de> To: Tom Lendacky <thomas.lendacky@amd.com> Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, "Radim Krčmář" <rkrcmar@redhat.com>, "Arnd Bergmann" <arnd@arndb.de>, "Jonathan Corbet" <corbet@lwn.net>, "Matt Fleming" <matt@codeblueprint.co.uk>, "Joerg Roedel" <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, "Andrey Ryabinin" <aryabinin@virtuozzo.com>, "Ingo Molnar" <mingo@redhat.com>, "Andy Lutomirski" <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, "Paolo Bonzini" <pbonzini@redhat.com>, "Alexander Potapenko" <glider@google.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.com> Subject: Re: [RFC PATCH v2 10/20] x86: Insure that memory areas are encrypted when possible Date: Fri, 9 Sep 2016 17:53:06 +0200 [thread overview] Message-ID: <20160909155305.bmm2fvw7ndjjhqvo@pd.tnic> (raw) In-Reply-To: <20160822223722.29880.94331.stgit@tlendack-t1.amdoffice.net> On Mon, Aug 22, 2016 at 05:37:23PM -0500, Tom Lendacky wrote: > Encrypt memory areas in place when possible (e.g. zero page, etc.) so > that special handling isn't needed afterwards. > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/kernel/head64.c | 93 ++++++++++++++++++++++++++++++++++++++++++++-- > arch/x86/kernel/setup.c | 8 ++++ > 2 files changed, 96 insertions(+), 5 deletions(-) ... > +int __init early_make_pgtable(unsigned long address) > +{ > + unsigned long physaddr = address - __PAGE_OFFSET; > + pmdval_t pmd; > + > + pmd = (physaddr & PMD_MASK) + early_pmd_flags; > + > + return __early_make_pgtable(address, pmd); > +} > + > +static void __init create_unencrypted_mapping(void *address, unsigned long size) > +{ > + unsigned long physaddr = (unsigned long)address - __PAGE_OFFSET; > + pmdval_t pmd_flags, pmd; > + > + if (!sme_me_mask) > + return; > + > + /* Clear the encryption mask from the early_pmd_flags */ > + pmd_flags = early_pmd_flags & ~sme_me_mask; > + > + do { > + pmd = (physaddr & PMD_MASK) + pmd_flags; > + __early_make_pgtable((unsigned long)address, pmd); > + > + address += PMD_SIZE; > + physaddr += PMD_SIZE; > + size = (size < PMD_SIZE) ? 0 : size - PMD_SIZE; > + } while (size); > +} > + > +static void __init __clear_mapping(unsigned long address) Should be called something with "pmd" in the name as it clears a PMD, i.e. __clear_pmd_mapping or so. > +{ > + unsigned long physaddr = address - __PAGE_OFFSET; > + pgdval_t pgd, *pgd_p; > + pudval_t pud, *pud_p; > + pmdval_t *pmd_p; > + > + /* Invalid address or early pgt is done ? */ > + if (physaddr >= MAXMEM || > + read_cr3() != __sme_pa_nodebug(early_level4_pgt)) > + return; > + > + pgd_p = &early_level4_pgt[pgd_index(address)].pgd; > + pgd = *pgd_p; > + > + if (!pgd) > + return; > + > + /* > + * The use of __START_KERNEL_map rather than __PAGE_OFFSET here matches > + * __early_make_pgtable where the entry was created. > + */ > + pud_p = (pudval_t *)((pgd & PTE_PFN_MASK) + __START_KERNEL_map - phys_base); > + pud_p += pud_index(address); > + pud = *pud_p; > + > + if (!pud) > + return; > + > + pmd_p = (pmdval_t *)((pud & PTE_PFN_MASK) + __START_KERNEL_map - phys_base); > + pmd_p[pmd_index(address)] = 0; > +} > + > +static void __init clear_mapping(void *address, unsigned long size) > +{ > + if (!sme_me_mask) > + return; > + > + do { > + __clear_mapping((unsigned long)address); > + > + address += PMD_SIZE; > + size = (size < PMD_SIZE) ? 0 : size - PMD_SIZE; > + } while (size); > +} > + > +static void __init sme_memcpy(void *dst, void *src, unsigned long size) > +{ > + create_unencrypted_mapping(src, size); > + memcpy(dst, src, size); > + clear_mapping(src, size); > +} > + In any case, this whole functionality is SME-specific and should be somewhere in an SME-specific file. arch/x86/mm/mem_encrypt.c or so... > /* Don't add a printk in there. printk relies on the PDA which is not initialized > yet. */ > static void __init clear_bss(void) > @@ -122,12 +205,12 @@ static void __init copy_bootdata(char *real_mode_data) > char * command_line; > unsigned long cmd_line_ptr; > > - memcpy(&boot_params, real_mode_data, sizeof boot_params); > + sme_memcpy(&boot_params, real_mode_data, sizeof boot_params); checkpatch.pl: WARNING: sizeof boot_params should be sizeof(boot_params) #155: FILE: arch/x86/kernel/head64.c:208: + sme_memcpy(&boot_params, real_mode_data, sizeof boot_params); > sanitize_boot_params(&boot_params); > cmd_line_ptr = get_cmd_line_ptr(); > if (cmd_line_ptr) { > command_line = __va(cmd_line_ptr); > - memcpy(boot_command_line, command_line, COMMAND_LINE_SIZE); > + sme_memcpy(boot_command_line, command_line, COMMAND_LINE_SIZE); > } > } > > diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c > index 1489da8..1fdaa11 100644 > --- a/arch/x86/kernel/setup.c > +++ b/arch/x86/kernel/setup.c > @@ -114,6 +114,7 @@ > #include <asm/microcode.h> > #include <asm/mmu_context.h> > #include <asm/kaslr.h> > +#include <asm/mem_encrypt.h> > > /* > * max_low_pfn_mapped: highest direct mapped pfn under 4GB > @@ -376,6 +377,13 @@ static void __init reserve_initrd(void) > !ramdisk_image || !ramdisk_size) > return; /* No initrd provided by bootloader */ > > + /* > + * This memory is marked encrypted by the kernel but the ramdisk > + * was loaded in the clear by the bootloader, so make sure that > + * the ramdisk image is encrypted. > + */ > + sme_early_mem_enc(ramdisk_image, ramdisk_end - ramdisk_image); What happens if we go and relocate the ramdisk? I.e., the function above this one: relocate_initrd(). We have to encrypt it then too, I presume. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply.
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp@alien8.de> To: Tom Lendacky <thomas.lendacky@amd.com> Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, "Radim Krčmář" <rkrcmar@redhat.com>, "Arnd Bergmann" <arnd@arndb.de>, "Jonathan Corbet" <corbet@lwn.net>, "Matt Fleming" <matt@codeblueprint.co.uk>, "Joerg Roedel" <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, "Andrey Ryabinin" <aryabinin@virtuozzo.com>, "Ingo Molnar" <mingo@redhat.com>, "Andy Lutomirski" <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, "Paolo Bonzini" <pbonzini@redhat.com>, "Alexander Potapenko" <glider@google.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.> Subject: Re: [RFC PATCH v2 10/20] x86: Insure that memory areas are encrypted when possible Date: Fri, 9 Sep 2016 17:53:06 +0200 [thread overview] Message-ID: <20160909155305.bmm2fvw7ndjjhqvo@pd.tnic> (raw) In-Reply-To: <20160822223722.29880.94331.stgit@tlendack-t1.amdoffice.net> On Mon, Aug 22, 2016 at 05:37:23PM -0500, Tom Lendacky wrote: > Encrypt memory areas in place when possible (e.g. zero page, etc.) so > that special handling isn't needed afterwards. > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/kernel/head64.c | 93 ++++++++++++++++++++++++++++++++++++++++++++-- > arch/x86/kernel/setup.c | 8 ++++ > 2 files changed, 96 insertions(+), 5 deletions(-) ... > +int __init early_make_pgtable(unsigned long address) > +{ > + unsigned long physaddr = address - __PAGE_OFFSET; > + pmdval_t pmd; > + > + pmd = (physaddr & PMD_MASK) + early_pmd_flags; > + > + return __early_make_pgtable(address, pmd); > +} > + > +static void __init create_unencrypted_mapping(void *address, unsigned long size) > +{ > + unsigned long physaddr = (unsigned long)address - __PAGE_OFFSET; > + pmdval_t pmd_flags, pmd; > + > + if (!sme_me_mask) > + return; > + > + /* Clear the encryption mask from the early_pmd_flags */ > + pmd_flags = early_pmd_flags & ~sme_me_mask; > + > + do { > + pmd = (physaddr & PMD_MASK) + pmd_flags; > + __early_make_pgtable((unsigned long)address, pmd); > + > + address += PMD_SIZE; > + physaddr += PMD_SIZE; > + size = (size < PMD_SIZE) ? 0 : size - PMD_SIZE; > + } while (size); > +} > + > +static void __init __clear_mapping(unsigned long address) Should be called something with "pmd" in the name as it clears a PMD, i.e. __clear_pmd_mapping or so. > +{ > + unsigned long physaddr = address - __PAGE_OFFSET; > + pgdval_t pgd, *pgd_p; > + pudval_t pud, *pud_p; > + pmdval_t *pmd_p; > + > + /* Invalid address or early pgt is done ? */ > + if (physaddr >= MAXMEM || > + read_cr3() != __sme_pa_nodebug(early_level4_pgt)) > + return; > + > + pgd_p = &early_level4_pgt[pgd_index(address)].pgd; > + pgd = *pgd_p; > + > + if (!pgd) > + return; > + > + /* > + * The use of __START_KERNEL_map rather than __PAGE_OFFSET here matches > + * __early_make_pgtable where the entry was created. > + */ > + pud_p = (pudval_t *)((pgd & PTE_PFN_MASK) + __START_KERNEL_map - phys_base); > + pud_p += pud_index(address); > + pud = *pud_p; > + > + if (!pud) > + return; > + > + pmd_p = (pmdval_t *)((pud & PTE_PFN_MASK) + __START_KERNEL_map - phys_base); > + pmd_p[pmd_index(address)] = 0; > +} > + > +static void __init clear_mapping(void *address, unsigned long size) > +{ > + if (!sme_me_mask) > + return; > + > + do { > + __clear_mapping((unsigned long)address); > + > + address += PMD_SIZE; > + size = (size < PMD_SIZE) ? 0 : size - PMD_SIZE; > + } while (size); > +} > + > +static void __init sme_memcpy(void *dst, void *src, unsigned long size) > +{ > + create_unencrypted_mapping(src, size); > + memcpy(dst, src, size); > + clear_mapping(src, size); > +} > + In any case, this whole functionality is SME-specific and should be somewhere in an SME-specific file. arch/x86/mm/mem_encrypt.c or so... > /* Don't add a printk in there. printk relies on the PDA which is not initialized > yet. */ > static void __init clear_bss(void) > @@ -122,12 +205,12 @@ static void __init copy_bootdata(char *real_mode_data) > char * command_line; > unsigned long cmd_line_ptr; > > - memcpy(&boot_params, real_mode_data, sizeof boot_params); > + sme_memcpy(&boot_params, real_mode_data, sizeof boot_params); checkpatch.pl: WARNING: sizeof boot_params should be sizeof(boot_params) #155: FILE: arch/x86/kernel/head64.c:208: + sme_memcpy(&boot_params, real_mode_data, sizeof boot_params); > sanitize_boot_params(&boot_params); > cmd_line_ptr = get_cmd_line_ptr(); > if (cmd_line_ptr) { > command_line = __va(cmd_line_ptr); > - memcpy(boot_command_line, command_line, COMMAND_LINE_SIZE); > + sme_memcpy(boot_command_line, command_line, COMMAND_LINE_SIZE); > } > } > > diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c > index 1489da8..1fdaa11 100644 > --- a/arch/x86/kernel/setup.c > +++ b/arch/x86/kernel/setup.c > @@ -114,6 +114,7 @@ > #include <asm/microcode.h> > #include <asm/mmu_context.h> > #include <asm/kaslr.h> > +#include <asm/mem_encrypt.h> > > /* > * max_low_pfn_mapped: highest direct mapped pfn under 4GB > @@ -376,6 +377,13 @@ static void __init reserve_initrd(void) > !ramdisk_image || !ramdisk_size) > return; /* No initrd provided by bootloader */ > > + /* > + * This memory is marked encrypted by the kernel but the ramdisk > + * was loaded in the clear by the bootloader, so make sure that > + * the ramdisk image is encrypted. > + */ > + sme_early_mem_enc(ramdisk_image, ramdisk_end - ramdisk_image); What happens if we go and relocate the ramdisk? I.e., the function above this one: relocate_initrd(). We have to encrypt it then too, I presume. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply.
next prev parent reply other threads:[~2016-09-09 15:53 UTC|newest] Thread overview: 229+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-08-22 22:35 [RFC PATCH v2 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` [RFC PATCH v2 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-09-02 8:50 ` Borislav Petkov 2016-09-02 8:50 ` Borislav Petkov 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 14:02 ` Tom Lendacky 2016-09-07 15:23 ` Borislav Petkov 2016-09-07 15:23 ` Borislav Petkov 2016-08-22 22:35 ` [RFC PATCH v2 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-25 3:58 ` Borislav Petkov 2016-08-25 3:58 ` Borislav Petkov 2016-08-22 22:35 ` [RFC PATCH v2 03/20] x86: Secure Memory Encryption (SME) build enablement Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-08-22 22:35 ` Tom Lendacky 2016-09-02 11:03 ` Borislav Petkov 2016-09-02 11:03 ` Borislav Petkov 2016-09-07 14:03 ` Tom Lendacky 2016-09-07 14:03 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 04/20] x86: Secure Memory Encryption (SME) support Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-25 13:04 ` Thomas Gleixner 2016-08-25 13:04 ` Thomas Gleixner 2016-08-30 13:19 ` Tom Lendacky 2016-08-30 13:19 ` Tom Lendacky 2016-08-30 14:57 ` Andy Lutomirski 2016-08-30 14:57 ` Andy Lutomirski 2016-08-30 14:57 ` Andy Lutomirski 2016-08-31 13:26 ` Tom Lendacky 2016-08-31 13:26 ` Tom Lendacky 2016-08-31 13:26 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 05/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-09-02 14:09 ` Borislav Petkov 2016-09-02 14:09 ` Borislav Petkov 2016-09-07 14:07 ` Tom Lendacky 2016-09-07 14:07 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 06/20] x86: Handle reduction in physical address size with SME Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-08-22 22:36 ` Tom Lendacky 2016-09-02 18:14 ` Borislav Petkov 2016-09-02 18:14 ` Borislav Petkov 2016-09-07 14:11 ` Tom Lendacky 2016-09-07 14:11 ` Tom Lendacky 2016-09-05 8:48 ` Borislav Petkov 2016-09-05 8:48 ` Borislav Petkov 2016-09-07 14:16 ` Tom Lendacky 2016-09-07 14:16 ` Tom Lendacky 2016-09-05 15:22 ` Borislav Petkov 2016-09-05 15:22 ` Borislav Petkov 2016-09-07 14:19 ` Tom Lendacky 2016-09-07 14:19 ` Tom Lendacky 2016-09-07 14:19 ` Tom Lendacky 2016-09-06 9:31 ` Borislav Petkov 2016-09-06 9:31 ` Borislav Petkov 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 14:30 ` Tom Lendacky 2016-09-07 15:55 ` Borislav Petkov 2016-09-07 15:55 ` Borislav Petkov 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:26 ` Tom Lendacky 2016-09-08 13:55 ` Borislav Petkov 2016-09-08 13:55 ` Borislav Petkov 2016-09-12 13:43 ` Tom Lendacky 2016-09-12 13:43 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 08/20] x86: Extend the early_memmap support with additional attrs Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 09/20] x86: Add support for early encryption/decryption of memory Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-06 16:12 ` Borislav Petkov 2016-09-06 16:12 ` Borislav Petkov 2016-08-22 22:37 ` [RFC PATCH v2 10/20] x86: Insure that memory areas are encrypted when possible Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 15:53 ` Borislav Petkov [this message] 2016-09-09 15:53 ` Borislav Petkov 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 15:05 ` Tom Lendacky 2016-09-12 16:33 ` Borislav Petkov 2016-09-12 16:33 ` Borislav Petkov 2016-09-14 14:11 ` Tom Lendacky 2016-09-14 14:11 ` Tom Lendacky 2016-09-14 14:11 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 16:38 ` Borislav Petkov 2016-09-09 16:38 ` Borislav Petkov 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 15:14 ` Tom Lendacky 2016-09-12 16:35 ` Borislav Petkov 2016-09-12 16:35 ` Borislav Petkov 2016-09-12 16:55 ` Andy Lutomirski 2016-09-12 16:55 ` Andy Lutomirski 2016-09-12 16:55 ` Andy Lutomirski 2016-09-14 14:20 ` Tom Lendacky 2016-09-14 14:20 ` Tom Lendacky 2016-09-14 14:20 ` Tom Lendacky 2016-09-15 9:57 ` Matt Fleming 2016-09-15 9:57 ` Matt Fleming 2016-09-15 9:57 ` Matt Fleming 2016-09-15 16:52 ` Tom Lendacky 2016-09-15 16:52 ` Tom Lendacky 2016-09-15 16:52 ` Tom Lendacky 2016-08-22 22:37 ` [RFC PATCH v2 12/20] x86: Add support for changing memory encryption attribute Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 17:23 ` Borislav Petkov 2016-09-09 17:23 ` Borislav Petkov 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 15:41 ` Tom Lendacky 2016-09-12 16:41 ` Borislav Petkov 2016-09-12 16:41 ` Borislav Petkov 2016-08-22 22:37 ` [RFC PATCH v2 13/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-08-22 22:37 ` Tom Lendacky 2016-09-09 17:34 ` Borislav Petkov 2016-09-09 17:34 ` Borislav Petkov 2016-09-12 15:43 ` Tom Lendacky 2016-09-12 15:43 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 14/20] x86: DMA support for memory encryption Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 10:58 ` Borislav Petkov 2016-09-12 10:58 ` Borislav Petkov 2016-09-14 13:36 ` Tom Lendacky 2016-09-14 13:36 ` Tom Lendacky 2016-09-14 13:36 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 15/20] iommu/amd: AMD IOMMU " Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 11:45 ` Borislav Petkov 2016-09-12 11:45 ` Borislav Petkov 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 13:45 ` Tom Lendacky 2016-09-14 14:41 ` Borislav Petkov 2016-09-14 14:41 ` Borislav Petkov 2016-09-15 16:57 ` Tom Lendacky 2016-09-15 16:57 ` Tom Lendacky 2016-09-15 16:57 ` Tom Lendacky 2016-09-16 7:08 ` Borislav Petkov 2016-09-16 7:08 ` Borislav Petkov 2016-08-22 22:38 ` [RFC PATCH v2 16/20] x86: Check for memory encryption on the APs Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 12:17 ` Borislav Petkov 2016-09-12 12:17 ` Borislav Petkov 2016-09-14 13:50 ` Tom Lendacky 2016-09-14 13:50 ` Tom Lendacky 2016-09-12 16:43 ` Borislav Petkov 2016-09-12 16:43 ` Borislav Petkov 2016-09-14 14:12 ` Tom Lendacky 2016-09-14 14:12 ` Tom Lendacky 2016-09-14 14:12 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 17/20] x86: Do not specify encrypted memory for VGA mapping Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 18/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 14:35 ` Borislav Petkov 2016-09-12 14:35 ` Borislav Petkov 2016-09-14 14:02 ` Tom Lendacky 2016-09-14 14:02 ` Tom Lendacky 2016-08-22 22:38 ` [RFC PATCH v2 19/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-08-22 22:38 ` Tom Lendacky 2016-09-12 16:59 ` Borislav Petkov 2016-09-12 16:59 ` Borislav Petkov 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:29 ` Tom Lendacky 2016-09-14 14:51 ` Borislav Petkov 2016-09-14 14:51 ` Borislav Petkov 2016-09-15 17:08 ` Tom Lendacky 2016-09-15 17:08 ` Tom Lendacky 2016-09-15 17:08 ` Tom Lendacky 2016-09-16 7:11 ` Borislav Petkov 2016-09-16 7:11 ` Borislav Petkov 2016-08-22 22:39 ` [RFC PATCH v2 20/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-08-22 22:39 ` Tom Lendacky 2016-09-12 17:08 ` Borislav Petkov 2016-09-12 17:08 ` Borislav Petkov 2016-09-14 14:31 ` Tom Lendacky 2016-09-14 14:31 ` Tom Lendacky
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20160909155305.bmm2fvw7ndjjhqvo@pd.tnic \ --to=bp@alien8.de \ --cc=arnd@arndb.de \ --cc=aryabinin@virtuozzo.com \ --cc=corbet@lwn.net \ --cc=dvyukov@google.com \ --cc=glider@google.com \ --cc=hpa@zytor.com \ --cc=iommu@lists.linux-foundation.org \ --cc=joro@8bytes.org \ --cc=kasan-dev@googlegroups.com \ --cc=konrad.wilk@oracle.com \ --cc=kvm@vger.kernel.org \ --cc=linux-arch@vger.kernel.org \ --cc=linux-doc@vger.kernel.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=matt@codeblueprint.co.uk \ --cc=mingo@redhat.com \ --cc=pbonzini@redhat.com \ --cc=rkrcmar@redhat.com \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.