From: Borislav Petkov <bp@alien8.de> To: Tom Lendacky <thomas.lendacky@amd.com> Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, "Rik van Riel" <riel@redhat.com>, "Radim Krčmář" <rkrcmar@redhat.com>, "Arnd Bergmann" <arnd@arndb.de>, "Jonathan Corbet" <corbet@lwn.net>, "Matt Fleming" <matt@codeblueprint.co.uk>, "Joerg Roedel" <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, "Paolo Bonzini" <pbonzini@redhat.com>, "Larry Woodman" <lwoodman@redhat.com>, "Ingo Molnar" <mingo@redhat.com>, "Andy Lutomirski" <luto@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>, "Andrey Ryabinin" <aryabinin@virtuozzo.com>, "Alexander Potapenko" <glider@google.com>, "Thomas Gleixner" <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.com> Subject: Re: [RFC PATCH v3 11/20] x86: Add support for changing memory encryption attribute Date: Thu, 17 Nov 2016 18:39:45 +0100 [thread overview] Message-ID: <20161117173945.gnar3arpyeeh5xm2@pd.tnic> (raw) In-Reply-To: <20161110003655.3280.57333.stgit@tlendack-t1.amdoffice.net> On Wed, Nov 09, 2016 at 06:36:55PM -0600, Tom Lendacky wrote: > This patch adds support to be change the memory encryption attribute for > one or more memory pages. "Add support for changing ..." > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/include/asm/cacheflush.h | 3 + > arch/x86/include/asm/mem_encrypt.h | 13 ++++++ > arch/x86/mm/mem_encrypt.c | 43 +++++++++++++++++++++ > arch/x86/mm/pageattr.c | 73 ++++++++++++++++++++++++++++++++++++ > 4 files changed, 132 insertions(+) ... > diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c > index 411210d..41cfdf9 100644 > --- a/arch/x86/mm/mem_encrypt.c > +++ b/arch/x86/mm/mem_encrypt.c > @@ -18,6 +18,7 @@ > #include <asm/fixmap.h> > #include <asm/setup.h> > #include <asm/bootparam.h> > +#include <asm/cacheflush.h> > > extern pmdval_t early_pmd_flags; > int __init __early_make_pgtable(unsigned long, pmdval_t); > @@ -33,6 +34,48 @@ EXPORT_SYMBOL_GPL(sme_me_mask); > /* Buffer used for early in-place encryption by BSP, no locking needed */ > static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); > > +int sme_set_mem_enc(void *vaddr, unsigned long size) > +{ > + unsigned long addr, numpages; > + > + if (!sme_me_mask) > + return 0; So those interfaces look duplicated to me: you have exported sme_set_mem_enc/sme_set_mem_unenc which take @size and then you have set_memory_enc/set_memory_dec which take numpages. And then you're testing sme_me_mask in both. What I'd prefer to have is only *two* set_memory_enc/set_memory_dec which take size in bytes and one workhorse __set_memory_enc_dec() which does it all. The user shouldn't have to care about numpages or size or whatever. Ok? > + > + addr = (unsigned long)vaddr & PAGE_MASK; > + numpages = PAGE_ALIGN(size) >> PAGE_SHIFT; > + > + /* > + * The set_memory_xxx functions take an integer for numpages, make > + * sure it doesn't exceed that. > + */ > + if (numpages > INT_MAX) > + return -EINVAL; > + > + return set_memory_enc(addr, numpages); > +} > +EXPORT_SYMBOL_GPL(sme_set_mem_enc); > + > +int sme_set_mem_unenc(void *vaddr, unsigned long size) > +{ > + unsigned long addr, numpages; > + > + if (!sme_me_mask) > + return 0; > + > + addr = (unsigned long)vaddr & PAGE_MASK; > + numpages = PAGE_ALIGN(size) >> PAGE_SHIFT; > + > + /* > + * The set_memory_xxx functions take an integer for numpages, make > + * sure it doesn't exceed that. > + */ > + if (numpages > INT_MAX) > + return -EINVAL; > + > + return set_memory_dec(addr, numpages); > +} > +EXPORT_SYMBOL_GPL(sme_set_mem_unenc); > + > /* > * This routine does not change the underlying encryption setting of the > * page(s) that map this memory. It assumes that eventually the memory is > diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c > index b8e6bb5..babf3a6 100644 > --- a/arch/x86/mm/pageattr.c > +++ b/arch/x86/mm/pageattr.c > @@ -1729,6 +1729,79 @@ int set_memory_4k(unsigned long addr, int numpages) > __pgprot(0), 1, 0, NULL); > } > > +static int __set_memory_enc_dec(struct cpa_data *cpa) > +{ > + unsigned long addr; > + int numpages; > + int ret; > + > + /* People should not be passing in unaligned addresses */ > + if (WARN_ONCE(*cpa->vaddr & ~PAGE_MASK, > + "misaligned address: %#lx\n", *cpa->vaddr)) > + *cpa->vaddr &= PAGE_MASK; > + > + addr = *cpa->vaddr; > + numpages = cpa->numpages; > + > + /* Must avoid aliasing mappings in the highmem code */ > + kmap_flush_unused(); > + vm_unmap_aliases(); > + > + ret = __change_page_attr_set_clr(cpa, 1); > + > + /* Check whether we really changed something */ > + if (!(cpa->flags & CPA_FLUSHTLB)) > + goto out; That label is used only once - just "return ret;" here. > + /* > + * On success we use CLFLUSH, when the CPU supports it to > + * avoid the WBINVD. > + */ > + if (!ret && static_cpu_has(X86_FEATURE_CLFLUSH)) > + cpa_flush_range(addr, numpages, 1); > + else > + cpa_flush_all(1); > + > +out: > + return ret; > +} > + > +int set_memory_enc(unsigned long addr, int numpages) > +{ > + struct cpa_data cpa; > + > + if (!sme_me_mask) > + return 0; > + > + memset(&cpa, 0, sizeof(cpa)); > + cpa.vaddr = &addr; > + cpa.numpages = numpages; > + cpa.mask_set = __pgprot(_PAGE_ENC); > + cpa.mask_clr = __pgprot(0); > + cpa.pgd = init_mm.pgd; You could move that... > + > + return __set_memory_enc_dec(&cpa); > +} > +EXPORT_SYMBOL(set_memory_enc); > + > +int set_memory_dec(unsigned long addr, int numpages) > +{ > + struct cpa_data cpa; > + > + if (!sme_me_mask) > + return 0; > + > + memset(&cpa, 0, sizeof(cpa)); > + cpa.vaddr = &addr; > + cpa.numpages = numpages; > + cpa.mask_set = __pgprot(0); > + cpa.mask_clr = __pgprot(_PAGE_ENC); > + cpa.pgd = init_mm.pgd; ... and that into __set_memory_enc_dec() too and pass in a "bool dec" or "bool enc" or so which presets mask_set and mask_clr properly. See above. I think two functions exported to other in-kernel users are more than enough. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org> To: Tom Lendacky <thomas.lendacky-5C7GfCeVMHo@public.gmane.org> Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, "Radim Krčmář" <rkrcmar-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, "Matt Fleming" <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>, x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org, "Alexander Potapenko" <glider-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>, "H. Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>, "Larry Woodman" <lwoodman-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, "Jonathan Corbet" <corbet-T1hC0tSOHrs@public.gmane.org>, linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kasan-dev-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org, "Ingo Molnar" <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, "Andrey Ryabinin" <aryabinin-5HdwGun5lf+gSpxsJD1C4w@public.gmane.org>, "Rik van Riel" <riel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, "Arnd Bergmann" <arnd-r2nGTMty4D4@public.gmane.org>, "Andy Lutomirski" <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>, "Thomas Gleixner" <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>, "Dmitry Vyukov" <dvyukov-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org, "Paolo Bonzini" <pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> Subject: Re: [RFC PATCH v3 11/20] x86: Add support for changing memory encryption attribute Date: Thu, 17 Nov 2016 18:39:45 +0100 [thread overview] Message-ID: <20161117173945.gnar3arpyeeh5xm2@pd.tnic> (raw) In-Reply-To: <20161110003655.3280.57333.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org> On Wed, Nov 09, 2016 at 06:36:55PM -0600, Tom Lendacky wrote: > This patch adds support to be change the memory encryption attribute for > one or more memory pages. "Add support for changing ..." > Signed-off-by: Tom Lendacky <thomas.lendacky-5C7GfCeVMHo@public.gmane.org> > --- > arch/x86/include/asm/cacheflush.h | 3 + > arch/x86/include/asm/mem_encrypt.h | 13 ++++++ > arch/x86/mm/mem_encrypt.c | 43 +++++++++++++++++++++ > arch/x86/mm/pageattr.c | 73 ++++++++++++++++++++++++++++++++++++ > 4 files changed, 132 insertions(+) ... > diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c > index 411210d..41cfdf9 100644 > --- a/arch/x86/mm/mem_encrypt.c > +++ b/arch/x86/mm/mem_encrypt.c > @@ -18,6 +18,7 @@ > #include <asm/fixmap.h> > #include <asm/setup.h> > #include <asm/bootparam.h> > +#include <asm/cacheflush.h> > > extern pmdval_t early_pmd_flags; > int __init __early_make_pgtable(unsigned long, pmdval_t); > @@ -33,6 +34,48 @@ EXPORT_SYMBOL_GPL(sme_me_mask); > /* Buffer used for early in-place encryption by BSP, no locking needed */ > static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); > > +int sme_set_mem_enc(void *vaddr, unsigned long size) > +{ > + unsigned long addr, numpages; > + > + if (!sme_me_mask) > + return 0; So those interfaces look duplicated to me: you have exported sme_set_mem_enc/sme_set_mem_unenc which take @size and then you have set_memory_enc/set_memory_dec which take numpages. And then you're testing sme_me_mask in both. What I'd prefer to have is only *two* set_memory_enc/set_memory_dec which take size in bytes and one workhorse __set_memory_enc_dec() which does it all. The user shouldn't have to care about numpages or size or whatever. Ok? > + > + addr = (unsigned long)vaddr & PAGE_MASK; > + numpages = PAGE_ALIGN(size) >> PAGE_SHIFT; > + > + /* > + * The set_memory_xxx functions take an integer for numpages, make > + * sure it doesn't exceed that. > + */ > + if (numpages > INT_MAX) > + return -EINVAL; > + > + return set_memory_enc(addr, numpages); > +} > +EXPORT_SYMBOL_GPL(sme_set_mem_enc); > + > +int sme_set_mem_unenc(void *vaddr, unsigned long size) > +{ > + unsigned long addr, numpages; > + > + if (!sme_me_mask) > + return 0; > + > + addr = (unsigned long)vaddr & PAGE_MASK; > + numpages = PAGE_ALIGN(size) >> PAGE_SHIFT; > + > + /* > + * The set_memory_xxx functions take an integer for numpages, make > + * sure it doesn't exceed that. > + */ > + if (numpages > INT_MAX) > + return -EINVAL; > + > + return set_memory_dec(addr, numpages); > +} > +EXPORT_SYMBOL_GPL(sme_set_mem_unenc); > + > /* > * This routine does not change the underlying encryption setting of the > * page(s) that map this memory. It assumes that eventually the memory is > diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c > index b8e6bb5..babf3a6 100644 > --- a/arch/x86/mm/pageattr.c > +++ b/arch/x86/mm/pageattr.c > @@ -1729,6 +1729,79 @@ int set_memory_4k(unsigned long addr, int numpages) > __pgprot(0), 1, 0, NULL); > } > > +static int __set_memory_enc_dec(struct cpa_data *cpa) > +{ > + unsigned long addr; > + int numpages; > + int ret; > + > + /* People should not be passing in unaligned addresses */ > + if (WARN_ONCE(*cpa->vaddr & ~PAGE_MASK, > + "misaligned address: %#lx\n", *cpa->vaddr)) > + *cpa->vaddr &= PAGE_MASK; > + > + addr = *cpa->vaddr; > + numpages = cpa->numpages; > + > + /* Must avoid aliasing mappings in the highmem code */ > + kmap_flush_unused(); > + vm_unmap_aliases(); > + > + ret = __change_page_attr_set_clr(cpa, 1); > + > + /* Check whether we really changed something */ > + if (!(cpa->flags & CPA_FLUSHTLB)) > + goto out; That label is used only once - just "return ret;" here. > + /* > + * On success we use CLFLUSH, when the CPU supports it to > + * avoid the WBINVD. > + */ > + if (!ret && static_cpu_has(X86_FEATURE_CLFLUSH)) > + cpa_flush_range(addr, numpages, 1); > + else > + cpa_flush_all(1); > + > +out: > + return ret; > +} > + > +int set_memory_enc(unsigned long addr, int numpages) > +{ > + struct cpa_data cpa; > + > + if (!sme_me_mask) > + return 0; > + > + memset(&cpa, 0, sizeof(cpa)); > + cpa.vaddr = &addr; > + cpa.numpages = numpages; > + cpa.mask_set = __pgprot(_PAGE_ENC); > + cpa.mask_clr = __pgprot(0); > + cpa.pgd = init_mm.pgd; You could move that... > + > + return __set_memory_enc_dec(&cpa); > +} > +EXPORT_SYMBOL(set_memory_enc); > + > +int set_memory_dec(unsigned long addr, int numpages) > +{ > + struct cpa_data cpa; > + > + if (!sme_me_mask) > + return 0; > + > + memset(&cpa, 0, sizeof(cpa)); > + cpa.vaddr = &addr; > + cpa.numpages = numpages; > + cpa.mask_set = __pgprot(0); > + cpa.mask_clr = __pgprot(_PAGE_ENC); > + cpa.pgd = init_mm.pgd; ... and that into __set_memory_enc_dec() too and pass in a "bool dec" or "bool enc" or so which presets mask_set and mask_clr properly. See above. I think two functions exported to other in-kernel users are more than enough. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.
next prev parent reply other threads:[~2016-11-17 17:39 UTC|newest] Thread overview: 244+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-11-10 0:34 [RFC PATCH v3 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 10:51 ` Borislav Petkov 2016-11-10 10:51 ` Borislav Petkov 2016-11-14 17:15 ` Tom Lendacky 2016-11-14 17:15 ` Tom Lendacky 2016-11-14 17:15 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 13:14 ` Borislav Petkov 2016-11-10 13:14 ` Borislav Petkov 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 03/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-11 11:53 ` Borislav Petkov 2016-11-11 11:53 ` Borislav Petkov 2016-11-10 0:35 ` [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:14 ` Borislav Petkov 2016-11-15 12:14 ` Borislav Petkov 2016-11-15 14:40 ` Tom Lendacky 2016-11-15 14:40 ` Tom Lendacky 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:33 ` Borislav Petkov 2016-11-15 16:33 ` Borislav Petkov 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 22:01 ` Tom Lendacky 2016-11-15 22:01 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-10 0:35 ` [RFC PATCH v3 05/20] x86: Add Secure Memory Encryption (SME) support Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` [RFC PATCH v3 06/20] x86: Add support to enable SME during early boot processing Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-14 17:29 ` Borislav Petkov 2016-11-14 17:29 ` Borislav Petkov 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 20:01 ` Borislav Petkov 2016-11-14 20:01 ` Borislav Petkov 2016-11-10 0:35 ` [RFC PATCH v3 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 08/20] x86: Add support for early encryption/decryption of memory Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-16 10:46 ` Borislav Petkov 2016-11-16 10:46 ` Borislav Petkov 2016-11-16 19:22 ` Tom Lendacky 2016-11-16 19:22 ` Tom Lendacky 2016-11-16 19:22 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 09/20] x86: Insure that boot memory areas are mapped properly Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-17 12:20 ` Borislav Petkov 2016-11-17 12:20 ` Borislav Petkov 2016-11-19 18:12 ` Tom Lendacky 2016-11-19 18:12 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 10/20] Add support to access boot related data in the clear Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-11 16:17 ` Kani, Toshimitsu 2016-11-11 16:17 ` Kani, Toshimitsu 2016-11-14 16:24 ` Tom Lendacky 2016-11-14 16:24 ` Tom Lendacky 2016-11-14 16:24 ` Tom Lendacky 2016-11-17 15:55 ` Borislav Petkov 2016-11-17 15:55 ` Borislav Petkov 2016-11-19 18:33 ` Tom Lendacky 2016-11-19 18:33 ` Tom Lendacky 2016-11-19 18:33 ` Tom Lendacky 2016-11-20 23:04 ` Borislav Petkov 2016-11-20 23:04 ` Borislav Petkov 2016-12-07 13:19 ` Matt Fleming 2016-12-07 13:19 ` Matt Fleming 2016-12-07 13:19 ` Matt Fleming 2016-12-09 14:26 ` Tom Lendacky 2016-12-09 14:26 ` Tom Lendacky 2016-12-09 14:26 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 11/20] x86: Add support for changing memory encryption attribute Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-17 17:39 ` Borislav Petkov [this message] 2016-11-17 17:39 ` Borislav Petkov 2016-11-19 18:48 ` Tom Lendacky 2016-11-19 18:48 ` Tom Lendacky 2016-11-21 8:27 ` Borislav Petkov 2016-11-21 8:27 ` Borislav Petkov 2016-11-10 0:37 ` [RFC PATCH v3 12/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-17 18:09 ` Borislav Petkov 2016-11-17 18:09 ` Borislav Petkov 2016-11-19 18:50 ` Tom Lendacky 2016-11-19 18:50 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 13/20] x86: DMA support for memory encryption Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:41 ` Borislav Petkov 2016-11-22 15:41 ` Borislav Petkov 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-10 0:37 ` [RFC PATCH v3 14/20] iommu/amd: Disable AMD IOMMU if memory encryption is active Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:48 ` Tom Lendacky 2016-11-14 16:48 ` Tom Lendacky 2016-11-14 16:48 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 15/20] x86: Check for memory encryption on the APs Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-22 19:25 ` Borislav Petkov 2016-11-22 19:25 ` Borislav Petkov 2016-11-29 18:00 ` Tom Lendacky 2016-11-29 18:00 ` Tom Lendacky 2016-11-29 18:00 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 16/20] x86: Do not specify encrypted memory for video mappings Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 17/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 18/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 19/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-24 12:50 ` Borislav Petkov 2016-11-24 12:50 ` Borislav Petkov 2016-11-24 12:50 ` Borislav Petkov 2016-11-29 18:40 ` Tom Lendacky 2016-11-29 18:40 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 20/20] " Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-22 18:58 ` Borislav Petkov 2016-11-22 18:58 ` Borislav Petkov 2016-11-22 18:58 ` Borislav Petkov 2016-11-26 20:47 ` Borislav Petkov 2016-11-26 20:47 ` Borislav Petkov 2016-11-29 18:48 ` Tom Lendacky 2016-11-29 18:48 ` Tom Lendacky 2016-11-29 19:56 ` Borislav Petkov 2016-11-29 19:56 ` Borislav Petkov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20161117173945.gnar3arpyeeh5xm2@pd.tnic \ --to=bp@alien8.de \ --cc=arnd@arndb.de \ --cc=aryabinin@virtuozzo.com \ --cc=corbet@lwn.net \ --cc=dvyukov@google.com \ --cc=glider@google.com \ --cc=hpa@zytor.com \ --cc=iommu@lists.linux-foundation.org \ --cc=joro@8bytes.org \ --cc=kasan-dev@googlegroups.com \ --cc=konrad.wilk@oracle.com \ --cc=kvm@vger.kernel.org \ --cc=linux-arch@vger.kernel.org \ --cc=linux-doc@vger.kernel.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=lwoodman@redhat.com \ --cc=matt@codeblueprint.co.uk \ --cc=mingo@redhat.com \ --cc=pbonzini@redhat.com \ --cc=riel@redhat.com \ --cc=rkrcmar@redhat.com \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.