Linus,
Please pull the latest efi-urgent-for-linus git tree from:
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git
efi-urgent-for-linus
# HEAD: d1eb98143c56f24fef125f5bbed49ae0b52fb7d6 efi/arm: Fix boot crash
with CONFIG_CPUMASK_OFFSTACK=y
A boot crash fix, and a secure boot
On Tue, Mar 7, 2017 at 8:22 AM, Namhyung Kim wrote:
> On Tue, Mar 7, 2017 at 6:55 AM, Kees Cook wrote:
>> The read/mkfile pair pass the same arguments and should be cleared
>> between calls. Move to a structure and wipe it after every loop.
>>
>>
Hi Tyler,
On 06/03/17 20:45, Tyler Baicar wrote:
> Currently external aborts are unsupported by the guest abort
> handling. Add handling for SEAs so that the host kernel reports
> SEAs which occur in the guest kernel.
> diff --git a/arch/arm/include/asm/kvm_arm.h b/arch/arm/include/asm/kvm_arm.h
On Thu, Mar 02, 2017 at 10:12:20AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> Provide support for Secure Encyrpted Virtualization (SEV). This initial
> support defines a flag that is used by the kernel to determine if it is
> running with SEV active.
>
>
On Thu, Mar 02, 2017 at 10:13:21AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> EFI data is encrypted when the kernel is run under SEV. Update the
> page table references to be sure the EFI memory areas are accessed
> encrypted.
>
> Signed-off-by: Tom Lendacky
On Thu, Mar 02, 2017 at 10:12:59AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> When Secure Encrypted Virtualization (SEV) is active, BOOT data (such as
> EFI related data, setup data) is encrypted and needs to be accessed as
> such when mapped. Update the
Hi Tyler,
On 06/03/17 20:44, Tyler Baicar wrote:
> When a memory error, CPU error, PCIe error, or other type of hardware error
> that's covered by RAS occurs, firmware should populate the shared GHES memory
> location with the proper GHES structures to notify the OS of the error.
> For example,
Hi Tyler,
On 06/03/17 20:44, Tyler Baicar wrote:
> ARM APEI extension proposal added SEA (Synchronous External Abort)
> notification type for ARMv8.
> Add a new GHES error source handling function for SEA. If an error
> source's notification type is SEA, then this function can be registered
>
On Thu, Mar 02, 2017 at 10:13:32AM -0500, Brijesh Singh wrote:
> From: Tom Lendacky
>
> In order for memory pages to be properly mapped when SEV is active, we
> need to use the PAGE_KERNEL protection attribute as the base protection.
> This will insure that memory
On Tue, Mar 7, 2017 at 6:55 AM, Kees Cook wrote:
> The read/mkfile pair pass the same arguments and should be cleared
> between calls. Move to a structure and wipe it after every loop.
>
> Signed-off-by: Kees Cook
> ---
> fs/pstore/platform.c | 55
On 3/7/2017 4:37 AM, James Morse wrote:
Hi Tyler,
On 06/03/17 20:44, Tyler Baicar wrote:
When a memory error, CPU error, PCIe error, or other type of hardware error
that's covered by RAS occurs, firmware should populate the shared GHES memory
location with the proper GHES structures to notify
Hello James,
On 3/7/2017 4:37 AM, James Morse wrote:
On 06/03/17 20:44, Tyler Baicar wrote:
ARM APEI extension proposal added SEA (Synchronous External Abort)
notification type for ARMv8.
Add a new GHES error source handling function for SEA. If an error
source's notification type is SEA,
Hi Kees,
On Tue, Mar 7, 2017 at 6:55 AM, Kees Cook wrote:
> Technically, it might be possible for struct pstore_info to go out of
> scope after the module_put(), so report the backend name first.
But in that case, using pstore will crash the kernel anyway, right?
If so,
On Tue, Mar 7, 2017 at 8:16 AM, Namhyung Kim wrote:
> Hi Kees,
>
> On Tue, Mar 7, 2017 at 6:55 AM, Kees Cook wrote:
>> Technically, it might be possible for struct pstore_info to go out of
>> scope after the module_put(), so report the backend name
On 3/1/2017 12:40 PM, Borislav Petkov wrote:
On Thu, Feb 16, 2017 at 09:48:25AM -0600, Tom Lendacky wrote:
This patch adds the support to check if SME has been enabled and if
memory encryption should be activated (checking of command line option
based on the configuration of the default state).
On 02/16/17 at 09:45am, Tom Lendacky wrote:
[snip]
> + * This function determines if an address should be mapped encrypted.
> + * Boot setup data, EFI data and E820 areas are checked in making this
> + * determination.
> + */
> +static bool memremap_should_map_encrypted(resource_size_t phys_addr,
On 02/16/17 at 09:47am, Tom Lendacky wrote:
> Use memremap() to map the setup data. This simplifies the code and will
> make the appropriate decision as to whether a RAM remapping can be done
> or if a fallback to ioremap_cache() is needed (which includes checking
> PageHighMem).
>
>
On 02/16/17 at 09:47am, Tom Lendacky wrote:
> Use memremap() to map the setup data. This will make the appropriate
> decision as to whether a RAM remapping can be done or if a fallback to
> ioremap_cache() is needed (similar to the setup data debugfs support).
>
> Signed-off-by: Tom Lendacky
EFI allocates runtime services regions top-down, starting from EFI_VA_START
to EFI_VA_END. So EFI_VA_START is bigger than EFI_VA_END and is the end of
EFI region. The upper boundary of memory regions randomized by KASLR should
be EFI_VA_END if it's adjacent to EFI region, but not EFI_VA_START.
EFI allocate runtime services regions down from EFI_VA_START, -4G.
It should be top-down handling.
Signed-off-by: Baoquan He
---
arch/x86/platform/efi/efi_64.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/platform/efi/efi_64.c
Hello James,
On 3/7/2017 4:48 AM, James Morse wrote:
On 06/03/17 20:45, Tyler Baicar wrote:
Currently external aborts are unsupported by the guest abort
handling. Add handling for SEAs so that the host kernel reports
SEAs which occur in the guest kernel.
diff --git
21 matches
Mail list logo