Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Mon, Oct 30, 2017 at 08:29:25PM -0500, Brijesh Singh wrote: > Okay, Just tried static global with CONFIG_VMAP_STACK=y and I am getting > wrong physical address with __pa. PSP command fails with error code > "INVALID_ADDRESS". The same thing works fine with kmalloc() buffer. Ah, right, module

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On 10/30/17 12:57 PM, Borislav Petkov wrote: > On Mon, Oct 30, 2017 at 12:49:14PM -0500, Brijesh Singh wrote: >> If the buffer is allocated on the stack then there is no guarantee that > static global is not allocated on the stack. Okay, Just tried static global with CONFIG_VMAP_STACK=y and I

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Mon, Oct 30, 2017 at 12:49:14PM -0500, Brijesh Singh wrote: > If the buffer is allocated on the stack then there is no guarantee that static global is not allocated on the stack. > I can certainly move the allocation outside, but then it may increase the > code size in other functions. If its

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On 10/30/2017 12:21 PM, Borislav Petkov wrote: ... Useless forward declarations. Actually its helpful in other patches. I was trying to avoid making too many code movement in other patches to eliminate the forward declarations. I guess I can fix in v7. static struct psp_device

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

On Sun, Oct 29, 2017 at 03:48:25PM -0500, Brijesh Singh wrote: > AMD's new Secure Encrypted Virtualization (SEV) feature allows the > memory contents of virtual machines to be transparently encrypted with a > key unique to the VM. The programming and management of the encryption > keys are handled

Re: [Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

I just realized that this should be marked as "PATCH v6.1 13/38 ...". I had some  debug patch before this hence it was pushed below in the stack. On 10/29/17 3:48 PM, Brijesh Singh wrote: > AMD's new Secure Encrypted Virtualization (SEV) feature allows the > memory contents of virtual machines

[Part2 PATCH v6.1 16/38] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support

AMD's new Secure Encrypted Virtualization (SEV) feature allows the memory contents of virtual machines to be transparently encrypted with a key unique to the VM. The programming and management of the encryption keys are handled by the AMD Secure Processor (AMD-SP) which exposes the commands for