On Fri, 14 Sep 2018, Tom Lendacky wrote:
> On 09/14/2018 09:12 AM, Borislav Petkov wrote:
> > On Fri, Sep 14, 2018 at 02:17:05PM +0200, Thomas Gleixner wrote:
> >>> The sme_encrypt_kernel() does not have access to pmd (after pointer
> >>> fixup is applied). You can extend the sme_encrypt_kernel()
On 09/14/2018 09:12 AM, Borislav Petkov wrote:
> On Fri, Sep 14, 2018 at 02:17:05PM +0200, Thomas Gleixner wrote:
>>> The sme_encrypt_kernel() does not have access to pmd (after pointer
>>> fixup is applied). You can extend the sme_encrypt_kernel() to pass an
>>> additional arguments but then we st
On Fri, Sep 14, 2018 at 09:27:09AM -0500, Brijesh Singh wrote:
> The above code will never get executed for the SEV case.
>
> See if (!sme_active()) check in the start of function.
>
> If we decide to go on this patch, then we have to do something like
> this:
>
> sme_encrypt_kernel(...)
> {
>
On 09/14/2018 09:12 AM, Borislav Petkov wrote:
On Fri, Sep 14, 2018 at 02:17:05PM +0200, Thomas Gleixner wrote:
The sme_encrypt_kernel() does not have access to pmd (after pointer
fixup is applied). You can extend the sme_encrypt_kernel() to pass an
additional arguments but then we start gett
On Fri, Sep 14, 2018 at 02:17:05PM +0200, Thomas Gleixner wrote:
> > The sme_encrypt_kernel() does not have access to pmd (after pointer
> > fixup is applied). You can extend the sme_encrypt_kernel() to pass an
> > additional arguments but then we start getting in include hell. The pmd
> > is defin
On Fri, 14 Sep 2018, Brijesh Singh wrote:
> On 9/14/18 2:10 AM, Borislav Petkov wrote:
> >>/*
> >> + * Clear the memory encryption mask from the .bss..decrypted section.
> >> + * The bss section will be memset to zero later in the initialization so
> >> + * there is no need to zero it aft
On 9/14/18 2:10 AM, Borislav Petkov wrote:
> On Thu, Sep 13, 2018 at 04:51:10PM -0500, Brijesh Singh wrote:
>> kvmclock defines few static variables which are shared with the
>> hypervisor during the kvmclock initialization.
> ...
>
>> diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head
On Thu, Sep 13, 2018 at 04:51:10PM -0500, Brijesh Singh wrote:
> kvmclock defines few static variables which are shared with the
> hypervisor during the kvmclock initialization.
...
> diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c
> index 8047379..c16af27 100644
> --- a/arch/x86
On 9/13/18 6:24 PM, Thomas Gleixner wrote:
> On Thu, 13 Sep 2018, Brijesh Singh wrote:
>>
>> +void __weak mem_encrypt_free_decrypted_mem(void) { }
>> +
>> void __ref free_initmem(void)
>> {
>> e820__reallocate_tables();
>>
>> +mem_encrypt_free_decrypted_mem();
>> +
>> free_ke
On Thu, 13 Sep 2018, Brijesh Singh wrote:
>
> +void __weak mem_encrypt_free_decrypted_mem(void) { }
> +
> void __ref free_initmem(void)
> {
> e820__reallocate_tables();
>
> + mem_encrypt_free_decrypted_mem();
> +
> free_kernel_image_pages(&__init_begin, &__init_end);
> }
>
kvmclock defines few static variables which are shared with the
hypervisor during the kvmclock initialization.
When SEV is active, memory is encrypted with a guest-specific key, and
if the guest OS wants to share the memory region with the hypervisor
then it must clear the C-bit before sharing it.
11 matches
Mail list logo
