On Mon, Jun 19, 2017 at 10:54 AM, Qiuxu Zhuo wrote:
> The EFI capsule mechanism allows data blobs to be passed to the EFI
> firmware. By setting the EFI_CAPSULE_POPULATE_SYSTEM_TABLE and the
> EFI_CAPSULE_PERSIST_ACROSS_REBOOT flags, the firmware will place a
> pointer to
On Fri, 16 Jun 2017, Tom Lendacky wrote:
> Currently there is a check if the address being mapped is in the ISA
> range (is_ISA_range()), and if it is then phys_to_virt() is used to
> perform the mapping. When SME is active, however, this will result
> in the mapping having the encryption bit
Current approach, wholesale efi struct initialization from efi_xen, is not
good. Usually if new member is defined then it is properly initialized in
drivers/firmware/efi/efi.c but not in arch/x86/xen/efi.c. As I saw it happened
a few times until now. So, let's initialize only efi struct members
Otherwise e.g. Xen dom0 on x86_64 EFI platforms crashes.
In theory we can check EFI_PARAVIRT too, however,
EFI_MEMMAP looks more generic and covers more cases.
Signed-off-by: Daniel Kiper
---
drivers/firmware/efi/efi.c |3 ++-
1 file changed, 2 insertions(+), 1
Hey,
Two small fixes for Xen dom0 running on x86_64 EFI platforms.
I am CC-ing stable maintainers because similar stuff is needed for various
stable kernels too. Unfortunately, almost every version needs a bit different
set of fixes. So, please treat this email more as head up than real set of
On 6/20/2017 11:17 AM, Andy Lutomirski wrote:
On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky wrote:
The cr3 register entry can contain the SME encryption mask that indicates
the PGD is encrypted. The encryption mask should not be used when
creating a virtual address
On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky wrote:
> The cr3 register entry can contain the SME encryption mask that indicates
> the PGD is encrypted. The encryption mask should not be used when
> creating a virtual address from the cr3 register, so remove the SME
>
James Bottomley wrote:
> Added by
>
> commit 436529562df2748fd9918f578205b22cf8ced277
> Author: David Howells
> Date: Mon Apr 3 16:07:25 2017 +0100
>
> X.509: Allow X.509 certs to be blacklisted
>
> Ironically it duplicates a
On 6/20/2017 2:38 AM, Borislav Petkov wrote:
On Fri, Jun 16, 2017 at 01:51:15PM -0500, Tom Lendacky wrote:
Add support to the early boot code to use Secure Memory Encryption (SME).
Since the kernel has been loaded into memory in a decrypted state, encrypt
the kernel in place and update the
On Fri, Jun 16, 2017 at 01:52:32PM -0500, Tom Lendacky wrote:
> The boot data and command line data are present in memory in a decrypted
> state and are copied early in the boot process. The early page fault
> support will map these areas as encrypted, so before attempting to copy
> them, add
Hi Robert,
On Tue, Jun 20, 2017 at 08:34:39AM +0200, Robert Richter wrote:
> On 07.06.17 12:50:12, Will Deacon wrote:
>
> > Thanks, I've pushed this out as:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
> > for-next/ras-apei
> >
> > which I'll merge into for-next/core
The EFI capsule mechanism allows data blobs to be passed to the EFI
firmware. By setting the EFI_CAPSULE_POPULATE_SYSTEM_TABLE and the
EFI_CAPSULE_PERSIST_ACROSS_REBOOT flags, the firmware will place a
pointer to our data blob in the EFI System Table on the next boot.
We can utilise this facility
Change Log v2->v3:
- Get rid of 'capsule' in efi structure, and add 'nr_config_table' in efi
structure for iterating over configuration table array.
- Move efi_capsule_lookup() from capsule.c to capsule-pstore.c, and extract
capsule with any GUID by iterating over the configuration table
The 'nr_config_table' and 'config_table' (alreay in efi structure)
in efi structure provide a way for some driver(e.g. capsule-pstore
goes through the configuration table to extract crash capsules to
aid in debugging) iterates over the EFI configuration table array.
Signed-off-by: Qiuxu Zhuo
On Fri, Jun 16, 2017 at 01:51:55PM -0500, Tom Lendacky wrote:
> The cr3 register entry can contain the SME encryption mask that indicates
> the PGD is encrypted. The encryption mask should not be used when
> creating a virtual address from the cr3 register, so remove the SME
> encryption mask in
On Fri, Jun 16, 2017 at 01:51:15PM -0500, Tom Lendacky wrote:
> Add support to the early boot code to use Secure Memory Encryption (SME).
> Since the kernel has been loaded into memory in a decrypted state, encrypt
> the kernel in place and update the early pagetables with the memory
> encryption
On Fri, Jun 16, 2017 at 01:50:23PM -0500, Tom Lendacky wrote:
> The ioremap() function is intended for mapping MMIO. For RAM, the
> memremap() function should be used. Convert calls from ioremap() to
> memremap() when re-mapping RAM.
>
> This will be used later by SME to control how the
On 17 June 2017 at 17:25, Mauro Carvalho Chehab
wrote:
> Each text file under Documentation follows a different
> format. Some doesn't even have titles!
>
> Change its representation to follow the adopted standard,
> using ReST markups for it to be parseable by Sphinx:
>
Will,
On 07.06.17 12:50:12, Will Deacon wrote:
> Thanks, I've pushed this out as:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
> for-next/ras-apei
>
> which I'll merge into for-next/core (and therefore linux-next) either the
> end of this week or the beginning of next
19 matches
Mail list logo