Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 17 July 2018 at 03:15, Brijesh Singh wrote: > Hi Ard, > > > > On 07/11/2018 05:00 AM, Ard Biesheuvel wrote: >> >> On 3 July 2018 at 15:32, Brijesh Singh wrote: >>> >>> SEV guest fails to update the UEFI runtime variables stored in the >>> flash. commit 1379edd59673 ("x86/efi: Access EFI data

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

Hi Ard, On 07/11/2018 05:00 AM, Ard Biesheuvel wrote: On 3 July 2018 at 15:32, Brijesh Singh wrote: SEV guest fails to update the UEFI runtime variables stored in the flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted when SEV is active") unconditionally maps all the UEFI

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 3 July 2018 at 15:32, Brijesh Singh wrote: > SEV guest fails to update the UEFI runtime variables stored in the > flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted > when SEV is active") unconditionally maps all the UEFI runtime data > as 'encrypted' (C=1). When SEV is active

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 3 July 2018 at 23:46, Borislav Petkov wrote: > On Tue, Jul 03, 2018 at 04:16:57PM -0500, Brijesh Singh wrote: >> I agree with Ard, it may be good idea to extend the UEFI spec to >> include encryption information. Having this information may be helpful >> in some cases, e.g if we ever need to

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On Tue, Jul 03, 2018 at 04:16:57PM -0500, Brijesh Singh wrote: > I agree with Ard,  it may be good idea to extend the UEFI spec to > include encryption information. Having this information may be helpful > in some cases, e.g if we ever need to map a specific non IO memory as > unencrypted. So far

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 7/3/18 10:44 AM, Borislav Petkov wrote: > (dropping stable@ as this is not how you send patches to stable). > > On Tue, Jul 03, 2018 at 05:37:18PM +0200, Ard Biesheuvel wrote: >> On 3 July 2018 at 15:32, Brijesh Singh wrote: >>> SEV guest fails to update the UEFI runtime variables stored in

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 7/3/2018 8:32 AM, Brijesh Singh wrote: > SEV guest fails to update the UEFI runtime variables stored in the > flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted > when SEV is active") unconditionally maps all the UEFI runtime data > as 'encrypted' (C=1). When SEV is active the

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

(dropping stable@ as this is not how you send patches to stable). On Tue, Jul 03, 2018 at 05:37:18PM +0200, Ard Biesheuvel wrote: > On 3 July 2018 at 15:32, Brijesh Singh wrote: > > SEV guest fails to update the UEFI runtime variables stored in the > > flash. commit 1379edd59673 ("x86/efi:

Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

On 3 July 2018 at 15:32, Brijesh Singh wrote: > SEV guest fails to update the UEFI runtime variables stored in the > flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted > when SEV is active") unconditionally maps all the UEFI runtime data > as 'encrypted' (C=1). When SEV is active

[PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active

SEV guest fails to update the UEFI runtime variables stored in the flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted when SEV is active") unconditionally maps all the UEFI runtime data as 'encrypted' (C=1). When SEV is active the UEFI runtime data marked as EFI_MEMORY_MAPPED_IO