From: Matt Fleming <matt@codeblueprint.co.uk>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Andy Lutomirski" <luto@amacapital.net>,
kasan-dev <kasan-dev@googlegroups.com>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
iommu@lists.linux-foundation.org,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"Alexander Potapenko" <glider@google.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Dmitry Vyukov" <dvyukov@google.com>,
"Arnd Bergmann" <arnd@arndb.de>, "Joerg Roedel" <joro@8bytes.org>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"H. Peter Anvin" <hpa@zytor.com>, "X86 ML" <x86@kernel.org>,
"kvm list" <kvm@vger.kernel.org>,
"Dave Young" <dyoung@redhat.com>
Subject: Re: [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear
Date: Thu, 15 Sep 2016 10:57:09 +0100 [thread overview]
Message-ID: <20160915095709.GB16797@codeblueprint.co.uk> (raw)
In-Reply-To: <e30ddb53-df6c-28ee-54fe-f3e52e515acb@amd.com>
On Wed, 14 Sep, at 09:20:44AM, Tom Lendacky wrote:
> On 09/12/2016 11:55 AM, Andy Lutomirski wrote:
> > On Aug 22, 2016 6:53 PM, "Tom Lendacky" <thomas.lendacky@amd.com> wrote:
> >>
> >> BOOT data (such as EFI related data) is not encyrpted when the system is
> >> booted and needs to be accessed as non-encrypted. Add support to the
> >> early_memremap API to identify the type of data being accessed so that
> >> the proper encryption attribute can be applied. Currently, two types
> >> of data are defined, KERNEL_DATA and BOOT_DATA.
> >
> > What happens when you memremap boot services data outside of early
> > boot? Matt just added code that does this.
> >
> > IMO this API is not so great. It scatters a specialized consideration
> > all over the place. Could early_memremap not look up the PA to figure
> > out what to do?
>
> Yes, I could see if the PA falls outside of the kernel usable area and,
> if so, remove the memory encryption attribute from the mapping (for both
> early_memremap and memremap).
>
> Let me look into that, I would prefer something along that line over
> this change.
So, the last time we talked about using the address to figure out
whether to encrypt/decrypt you said,
"I looked into this and this would be a large change also to parse
tables and build lists."
Has something changed that makes this approach easier?
And again, you need to be careful with the EFI kexec code paths, since
you've got a mixture of boot and kernel data being passed. In
particular the EFI memory map is allocated by the firmware on first
boot (BOOT_DATA) but by the kernel on kexec (KERNEL_DATA).
That's one of the reasons I suggested requiring the caller to decide
on BOOT_DATA vs KERNEL_DATA - when you start looking at kexec the
distinction isn't easily made.
WARNING: multiple messages have this Message-ID (diff)
From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Tom Lendacky <thomas.lendacky-5C7GfCeVMHo@public.gmane.org>
Cc: "linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"kvm list" <kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"Radim Krčmář" <rkrcmar-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org"
<linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org>,
"Alexander Potapenko"
<glider-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
"H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
linux-arch <linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"Jonathan Corbet" <corbet-T1hC0tSOHrs@public.gmane.org>,
"X86 ML" <x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
kasan-dev <kasan-dev-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org>,
"Ingo Molnar" <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Andrey Ryabinin"
<aryabinin-5HdwGun5lf+gSpxsJD1C4w@public.gmane.org>,
"Dave Young" <dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Arnd Bergmann" <arnd-r2nGTMty4D4@public.gmane.org>,
"Borislav Petkov" <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>,
"Thomas Gleixner" <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
"Dmitry Vyukov" <dvyukov-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
"linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"Andy Lutomirski" <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
"Paolo Bonzini"
<pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: Re: [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear
Date: Thu, 15 Sep 2016 10:57:09 +0100 [thread overview]
Message-ID: <20160915095709.GB16797@codeblueprint.co.uk> (raw)
In-Reply-To: <e30ddb53-df6c-28ee-54fe-f3e52e515acb-5C7GfCeVMHo@public.gmane.org>
On Wed, 14 Sep, at 09:20:44AM, Tom Lendacky wrote:
> On 09/12/2016 11:55 AM, Andy Lutomirski wrote:
> > On Aug 22, 2016 6:53 PM, "Tom Lendacky" <thomas.lendacky-5C7GfCeVMHo@public.gmane.org> wrote:
> >>
> >> BOOT data (such as EFI related data) is not encyrpted when the system is
> >> booted and needs to be accessed as non-encrypted. Add support to the
> >> early_memremap API to identify the type of data being accessed so that
> >> the proper encryption attribute can be applied. Currently, two types
> >> of data are defined, KERNEL_DATA and BOOT_DATA.
> >
> > What happens when you memremap boot services data outside of early
> > boot? Matt just added code that does this.
> >
> > IMO this API is not so great. It scatters a specialized consideration
> > all over the place. Could early_memremap not look up the PA to figure
> > out what to do?
>
> Yes, I could see if the PA falls outside of the kernel usable area and,
> if so, remove the memory encryption attribute from the mapping (for both
> early_memremap and memremap).
>
> Let me look into that, I would prefer something along that line over
> this change.
So, the last time we talked about using the address to figure out
whether to encrypt/decrypt you said,
"I looked into this and this would be a large change also to parse
tables and build lists."
Has something changed that makes this approach easier?
And again, you need to be careful with the EFI kexec code paths, since
you've got a mixture of boot and kernel data being passed. In
particular the EFI memory map is allocated by the firmware on first
boot (BOOT_DATA) but by the kernel on kexec (KERNEL_DATA).
That's one of the reasons I suggested requiring the caller to decide
on BOOT_DATA vs KERNEL_DATA - when you start looking at kexec the
distinction isn't easily made.
WARNING: multiple messages have this Message-ID (diff)
From: Matt Fleming <matt@codeblueprint.co.uk>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Andy Lutomirski" <luto@amacapital.net>,
kasan-dev <kasan-dev@googlegroups.com>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
linux-arch <linux-arch@vger.kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
iommu@lists.linux-foundation.org,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"Alexander Potapenko" <glider@google.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Dmitry Vyukov" <dvyukov@google.com>,
"Arnd Bergmann" <arnd@arndb.de>, "Joerg Roedel" <joro@8bytes.org>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"H. Peter Anvin" <hpa@zytor.com>, "X86 ML" <x86@kernel.org>,
"kvm list" <kvm@vger.kernel.org>,
"Dave Young" <dyoung@redhat.com>
Subject: Re: [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear
Date: Thu, 15 Sep 2016 10:57:09 +0100 [thread overview]
Message-ID: <20160915095709.GB16797@codeblueprint.co.uk> (raw)
In-Reply-To: <e30ddb53-df6c-28ee-54fe-f3e52e515acb@amd.com>
On Wed, 14 Sep, at 09:20:44AM, Tom Lendacky wrote:
> On 09/12/2016 11:55 AM, Andy Lutomirski wrote:
> > On Aug 22, 2016 6:53 PM, "Tom Lendacky" <thomas.lendacky@amd.com> wrote:
> >>
> >> BOOT data (such as EFI related data) is not encyrpted when the system is
> >> booted and needs to be accessed as non-encrypted. Add support to the
> >> early_memremap API to identify the type of data being accessed so that
> >> the proper encryption attribute can be applied. Currently, two types
> >> of data are defined, KERNEL_DATA and BOOT_DATA.
> >
> > What happens when you memremap boot services data outside of early
> > boot? Matt just added code that does this.
> >
> > IMO this API is not so great. It scatters a specialized consideration
> > all over the place. Could early_memremap not look up the PA to figure
> > out what to do?
>
> Yes, I could see if the PA falls outside of the kernel usable area and,
> if so, remove the memory encryption attribute from the mapping (for both
> early_memremap and memremap).
>
> Let me look into that, I would prefer something along that line over
> this change.
So, the last time we talked about using the address to figure out
whether to encrypt/decrypt you said,
"I looked into this and this would be a large change also to parse
tables and build lists."
Has something changed that makes this approach easier?
And again, you need to be careful with the EFI kexec code paths, since
you've got a mixture of boot and kernel data being passed. In
particular the EFI memory map is allocated by the firmware on first
boot (BOOT_DATA) but by the kernel on kexec (KERNEL_DATA).
That's one of the reasons I suggested requiring the caller to decide
on BOOT_DATA vs KERNEL_DATA - when you start looking at kexec the
distinction isn't easily made.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-09-15 9:57 UTC|newest]
Thread overview: 229+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-22 22:35 [RFC PATCH v2 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` [RFC PATCH v2 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-09-02 8:50 ` Borislav Petkov
2016-09-02 8:50 ` Borislav Petkov
2016-09-07 14:02 ` Tom Lendacky
2016-09-07 14:02 ` Tom Lendacky
2016-09-07 14:02 ` Tom Lendacky
2016-09-07 15:23 ` Borislav Petkov
2016-09-07 15:23 ` Borislav Petkov
2016-08-22 22:35 ` [RFC PATCH v2 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-25 3:58 ` Borislav Petkov
2016-08-25 3:58 ` Borislav Petkov
2016-08-22 22:35 ` [RFC PATCH v2 03/20] x86: Secure Memory Encryption (SME) build enablement Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-08-22 22:35 ` Tom Lendacky
2016-09-02 11:03 ` Borislav Petkov
2016-09-02 11:03 ` Borislav Petkov
2016-09-07 14:03 ` Tom Lendacky
2016-09-07 14:03 ` Tom Lendacky
2016-08-22 22:36 ` [RFC PATCH v2 04/20] x86: Secure Memory Encryption (SME) support Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-25 13:04 ` Thomas Gleixner
2016-08-25 13:04 ` Thomas Gleixner
2016-08-30 13:19 ` Tom Lendacky
2016-08-30 13:19 ` Tom Lendacky
2016-08-30 14:57 ` Andy Lutomirski
2016-08-30 14:57 ` Andy Lutomirski
2016-08-30 14:57 ` Andy Lutomirski
2016-08-31 13:26 ` Tom Lendacky
2016-08-31 13:26 ` Tom Lendacky
2016-08-31 13:26 ` Tom Lendacky
2016-08-22 22:36 ` [RFC PATCH v2 05/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-09-02 14:09 ` Borislav Petkov
2016-09-02 14:09 ` Borislav Petkov
2016-09-07 14:07 ` Tom Lendacky
2016-09-07 14:07 ` Tom Lendacky
2016-08-22 22:36 ` [RFC PATCH v2 06/20] x86: Handle reduction in physical address size with SME Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-08-22 22:36 ` Tom Lendacky
2016-09-02 18:14 ` Borislav Petkov
2016-09-02 18:14 ` Borislav Petkov
2016-09-07 14:11 ` Tom Lendacky
2016-09-07 14:11 ` Tom Lendacky
2016-09-05 8:48 ` Borislav Petkov
2016-09-05 8:48 ` Borislav Petkov
2016-09-07 14:16 ` Tom Lendacky
2016-09-07 14:16 ` Tom Lendacky
2016-09-05 15:22 ` Borislav Petkov
2016-09-05 15:22 ` Borislav Petkov
2016-09-07 14:19 ` Tom Lendacky
2016-09-07 14:19 ` Tom Lendacky
2016-09-07 14:19 ` Tom Lendacky
2016-09-06 9:31 ` Borislav Petkov
2016-09-06 9:31 ` Borislav Petkov
2016-09-07 14:30 ` Tom Lendacky
2016-09-07 14:30 ` Tom Lendacky
2016-09-07 14:30 ` Tom Lendacky
2016-09-07 15:55 ` Borislav Petkov
2016-09-07 15:55 ` Borislav Petkov
2016-09-08 13:26 ` Tom Lendacky
2016-09-08 13:26 ` Tom Lendacky
2016-09-08 13:26 ` Tom Lendacky
2016-09-08 13:55 ` Borislav Petkov
2016-09-08 13:55 ` Borislav Petkov
2016-09-12 13:43 ` Tom Lendacky
2016-09-12 13:43 ` Tom Lendacky
2016-08-22 22:37 ` [RFC PATCH v2 08/20] x86: Extend the early_memmap support with additional attrs Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` [RFC PATCH v2 09/20] x86: Add support for early encryption/decryption of memory Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-09-06 16:12 ` Borislav Petkov
2016-09-06 16:12 ` Borislav Petkov
2016-08-22 22:37 ` [RFC PATCH v2 10/20] x86: Insure that memory areas are encrypted when possible Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-09-09 15:53 ` Borislav Petkov
2016-09-09 15:53 ` Borislav Petkov
2016-09-12 15:05 ` Tom Lendacky
2016-09-12 15:05 ` Tom Lendacky
2016-09-12 15:05 ` Tom Lendacky
2016-09-12 16:33 ` Borislav Petkov
2016-09-12 16:33 ` Borislav Petkov
2016-09-14 14:11 ` Tom Lendacky
2016-09-14 14:11 ` Tom Lendacky
2016-09-14 14:11 ` Tom Lendacky
2016-08-22 22:37 ` [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-09-09 16:38 ` Borislav Petkov
2016-09-09 16:38 ` Borislav Petkov
2016-09-12 15:14 ` Tom Lendacky
2016-09-12 15:14 ` Tom Lendacky
2016-09-12 15:14 ` Tom Lendacky
2016-09-12 16:35 ` Borislav Petkov
2016-09-12 16:35 ` Borislav Petkov
2016-09-12 16:55 ` Andy Lutomirski
2016-09-12 16:55 ` Andy Lutomirski
2016-09-12 16:55 ` Andy Lutomirski
2016-09-14 14:20 ` Tom Lendacky
2016-09-14 14:20 ` Tom Lendacky
2016-09-14 14:20 ` Tom Lendacky
2016-09-15 9:57 ` Matt Fleming [this message]
2016-09-15 9:57 ` Matt Fleming
2016-09-15 9:57 ` Matt Fleming
2016-09-15 16:52 ` Tom Lendacky
2016-09-15 16:52 ` Tom Lendacky
2016-09-15 16:52 ` Tom Lendacky
2016-08-22 22:37 ` [RFC PATCH v2 12/20] x86: Add support for changing memory encryption attribute Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-09-09 17:23 ` Borislav Petkov
2016-09-09 17:23 ` Borislav Petkov
2016-09-12 15:41 ` Tom Lendacky
2016-09-12 15:41 ` Tom Lendacky
2016-09-12 15:41 ` Tom Lendacky
2016-09-12 16:41 ` Borislav Petkov
2016-09-12 16:41 ` Borislav Petkov
2016-08-22 22:37 ` [RFC PATCH v2 13/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-08-22 22:37 ` Tom Lendacky
2016-09-09 17:34 ` Borislav Petkov
2016-09-09 17:34 ` Borislav Petkov
2016-09-12 15:43 ` Tom Lendacky
2016-09-12 15:43 ` Tom Lendacky
2016-08-22 22:38 ` [RFC PATCH v2 14/20] x86: DMA support for memory encryption Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-09-12 10:58 ` Borislav Petkov
2016-09-12 10:58 ` Borislav Petkov
2016-09-14 13:36 ` Tom Lendacky
2016-09-14 13:36 ` Tom Lendacky
2016-09-14 13:36 ` Tom Lendacky
2016-08-22 22:38 ` [RFC PATCH v2 15/20] iommu/amd: AMD IOMMU " Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-09-12 11:45 ` Borislav Petkov
2016-09-12 11:45 ` Borislav Petkov
2016-09-14 13:45 ` Tom Lendacky
2016-09-14 13:45 ` Tom Lendacky
2016-09-14 13:45 ` Tom Lendacky
2016-09-14 14:41 ` Borislav Petkov
2016-09-14 14:41 ` Borislav Petkov
2016-09-15 16:57 ` Tom Lendacky
2016-09-15 16:57 ` Tom Lendacky
2016-09-15 16:57 ` Tom Lendacky
2016-09-16 7:08 ` Borislav Petkov
2016-09-16 7:08 ` Borislav Petkov
2016-08-22 22:38 ` [RFC PATCH v2 16/20] x86: Check for memory encryption on the APs Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-09-12 12:17 ` Borislav Petkov
2016-09-12 12:17 ` Borislav Petkov
2016-09-14 13:50 ` Tom Lendacky
2016-09-14 13:50 ` Tom Lendacky
2016-09-12 16:43 ` Borislav Petkov
2016-09-12 16:43 ` Borislav Petkov
2016-09-14 14:12 ` Tom Lendacky
2016-09-14 14:12 ` Tom Lendacky
2016-09-14 14:12 ` Tom Lendacky
2016-08-22 22:38 ` [RFC PATCH v2 17/20] x86: Do not specify encrypted memory for VGA mapping Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` [RFC PATCH v2 18/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-09-12 14:35 ` Borislav Petkov
2016-09-12 14:35 ` Borislav Petkov
2016-09-14 14:02 ` Tom Lendacky
2016-09-14 14:02 ` Tom Lendacky
2016-08-22 22:38 ` [RFC PATCH v2 19/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-08-22 22:38 ` Tom Lendacky
2016-09-12 16:59 ` Borislav Petkov
2016-09-12 16:59 ` Borislav Petkov
2016-09-14 14:29 ` Tom Lendacky
2016-09-14 14:29 ` Tom Lendacky
2016-09-14 14:29 ` Tom Lendacky
2016-09-14 14:51 ` Borislav Petkov
2016-09-14 14:51 ` Borislav Petkov
2016-09-15 17:08 ` Tom Lendacky
2016-09-15 17:08 ` Tom Lendacky
2016-09-15 17:08 ` Tom Lendacky
2016-09-16 7:11 ` Borislav Petkov
2016-09-16 7:11 ` Borislav Petkov
2016-08-22 22:39 ` [RFC PATCH v2 20/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky
2016-08-22 22:39 ` Tom Lendacky
2016-08-22 22:39 ` Tom Lendacky
2016-08-22 22:39 ` Tom Lendacky
2016-09-12 17:08 ` Borislav Petkov
2016-09-12 17:08 ` Borislav Petkov
2016-09-14 14:31 ` Tom Lendacky
2016-09-14 14:31 ` Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160915095709.GB16797@codeblueprint.co.uk \
--to=matt@codeblueprint.co.uk \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=dyoung@redhat.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=kasan-dev@googlegroups.com \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@amacapital.net \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.