Re: [PATCH v3 2/2] eif/capsule-pstore: Add capsule pstore backend

On Mon, Jun 19, 2017 at 10:54 AM, Qiuxu Zhuo wrote: > The EFI capsule mechanism allows data blobs to be passed to the EFI > firmware. By setting the EFI_CAPSULE_POPULATE_SYSTEM_TABLE and the > EFI_CAPSULE_PERSIST_ACROSS_REBOOT flags, the firmware will place a > pointer to

Re: [PATCH v7 07/36] x86/mm: Don't use phys_to_virt in ioremap() if SME is active

On Fri, 16 Jun 2017, Tom Lendacky wrote: > Currently there is a check if the address being mapped is in the ISA > range (is_ISA_range()), and if it is then phys_to_virt() is used to > perform the mapping. When SME is active, however, this will result > in the mapping having the encryption bit

[PATCH 2/2] x86/xen/efi: Init only efi struct members used by Xen

Current approach, wholesale efi struct initialization from efi_xen, is not good. Usually if new member is defined then it is properly initialized in drivers/firmware/efi/efi.c but not in arch/x86/xen/efi.c. As I saw it happened a few times until now. So, let's initialize only efi struct members

[PATCH 1/2] efi: Process MEMATTR table only if EFI_MEMMAP

Otherwise e.g. Xen dom0 on x86_64 EFI platforms crashes. In theory we can check EFI_PARAVIRT too, however, EFI_MEMMAP looks more generic and covers more cases. Signed-off-by: Daniel Kiper --- drivers/firmware/efi/efi.c |3 ++- 1 file changed, 2 insertions(+), 1

[PATCH 0/2] xen/efi: Fixes

Hey, Two small fixes for Xen dom0 running on x86_64 EFI platforms. I am CC-ing stable maintainers because similar stuff is needed for various stable kernels too. Unfortunately, almost every version needs a bit different set of fixes. So, please treat this email more as head up than real set of

Re: [PATCH v7 11/36] x86/mm: Add SME support for read_cr3_pa()

On 6/20/2017 11:17 AM, Andy Lutomirski wrote: On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky wrote: The cr3 register entry can contain the SME encryption mask that indicates the PGD is encrypted. The encryption mask should not be used when creating a virtual address

Re: [PATCH v7 11/36] x86/mm: Add SME support for read_cr3_pa()

On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky wrote: > The cr3 register entry can contain the SME encryption mask that indicates > the PGD is encrypted. The encryption mask should not be used when > creating a virtual address from the cr3 register, so remove the SME >

Re: Problem with new X.509 is_hash_blacklisted() interface

James Bottomley wrote: > Added by > > commit 436529562df2748fd9918f578205b22cf8ced277 > Author: David Howells > Date: Mon Apr 3 16:07:25 2017 +0100 > > X.509: Allow X.509 certs to be blacklisted > > Ironically it duplicates a

Re: [PATCH v7 08/36] x86/mm: Add support to enable SME in early boot processing

On 6/20/2017 2:38 AM, Borislav Petkov wrote: On Fri, Jun 16, 2017 at 01:51:15PM -0500, Tom Lendacky wrote: Add support to the early boot code to use Secure Memory Encryption (SME). Since the kernel has been loaded into memory in a decrypted state, encrypt the kernel in place and update the

Re: [PATCH v7 14/36] x86/mm: Insure that boot memory areas are mapped properly

On Fri, Jun 16, 2017 at 01:52:32PM -0500, Tom Lendacky wrote: > The boot data and command line data are present in memory in a decrypted > state and are copied early in the boot process. The early page fault > support will map these areas as encrypted, so before attempting to copy > them, add

Re: [PATCH V17 00/11] Add UEFI 2.6 and ACPI 6.1 updates for RAS on ARM64

Hi Robert, On Tue, Jun 20, 2017 at 08:34:39AM +0200, Robert Richter wrote: > On 07.06.17 12:50:12, Will Deacon wrote: > > > Thanks, I've pushed this out as: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git > > for-next/ras-apei > > > > which I'll merge into for-next/core

[PATCH v3 2/2] eif/capsule-pstore: Add capsule pstore backend

The EFI capsule mechanism allows data blobs to be passed to the EFI firmware. By setting the EFI_CAPSULE_POPULATE_SYSTEM_TABLE and the EFI_CAPSULE_PERSIST_ACROSS_REBOOT flags, the firmware will place a pointer to our data blob in the EFI System Table on the next boot. We can utilise this facility

[PATCH v3 0/2] Add EFI capsule pstore backend support

Change Log v2->v3: - Get rid of 'capsule' in efi structure, and add 'nr_config_table' in efi structure for iterating over configuration table array. - Move efi_capsule_lookup() from capsule.c to capsule-pstore.c, and extract capsule with any GUID by iterating over the configuration table

[PATCH v3 1/2] efi: Add 'nr_config_table' variable in efi structure

The 'nr_config_table' and 'config_table' (alreay in efi structure) in efi structure provide a way for some driver(e.g. capsule-pstore goes through the configuration table to extract crash capsules to aid in debugging) iterates over the EFI configuration table array. Signed-off-by: Qiuxu Zhuo

Re: [PATCH v7 11/36] x86/mm: Add SME support for read_cr3_pa()

On Fri, Jun 16, 2017 at 01:51:55PM -0500, Tom Lendacky wrote: > The cr3 register entry can contain the SME encryption mask that indicates > the PGD is encrypted. The encryption mask should not be used when > creating a virtual address from the cr3 register, so remove the SME > encryption mask in

Re: [PATCH v7 08/36] x86/mm: Add support to enable SME in early boot processing

On Fri, Jun 16, 2017 at 01:51:15PM -0500, Tom Lendacky wrote: > Add support to the early boot code to use Secure Memory Encryption (SME). > Since the kernel has been loaded into memory in a decrypted state, encrypt > the kernel in place and update the early pagetables with the memory > encryption

Re: [PATCH v7 03/36] x86, mpparse, x86/acpi, x86/PCI, x86/dmi, SFI: Use memremap for RAM mappings

On Fri, Jun 16, 2017 at 01:50:23PM -0500, Tom Lendacky wrote: > The ioremap() function is intended for mapping MMIO. For RAM, the > memremap() function should be used. Convert calls from ioremap() to > memremap() when re-mapping RAM. > > This will be used later by SME to control how the

Re: [PATCH v2 18/31] efi-stub.txt: standardize document format

On 17 June 2017 at 17:25, Mauro Carvalho Chehab wrote: > Each text file under Documentation follows a different > format. Some doesn't even have titles! > > Change its representation to follow the adopted standard, > using ReST markups for it to be parseable by Sphinx: >

Re: [PATCH V17 00/11] Add UEFI 2.6 and ACPI 6.1 updates for RAS on ARM64

Will, On 07.06.17 12:50:12, Will Deacon wrote: > Thanks, I've pushed this out as: > > git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git > for-next/ras-apei > > which I'll merge into for-next/core (and therefore linux-next) either the > end of this week or the beginning of next