Add sysfs support for SME so that user-space utilities (kdump, etc.) can
determine if SME is active.
A new directory will be created:
/sys/kernel/mm/sme/
And two entries within the new directory:
/sys/kernel/mm/sme/active
/sys/kernel/mm/sme/encryption_mask
Signed-off-by: Tom Lendacky
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/head_64.S |1 +
arch/x86/mm/mem_encrypt.c | 83 +++--
2 files changed, 80 insertions(+), 4 deletions(-)
diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
index abfe5ee..77d7495 100644
Btw, I tried to update all the subjects and descriptions to be
more descriptive but I'm sure there is still room for improvement
so keep the comments on them coming.
On Tue, Apr 18, 2017 at 04:16:25PM -0500, Tom Lendacky wrote:
Create a Documentation entry to describe the AMD Secure Memo
On 4/20/2017 11:59 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:17:11PM -0500, Tom Lendacky wrote:
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch
On 4/18/2017 4:22 PM, Tom Lendacky wrote:
Add support to check if SME has been enabled and if memory encryption
should be activated (checking of command line option based on the
configuration of the default state). If memory encryption is to be
activated, then the encryption mask is set and the
On 4/21/2017 9:55 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:17:35PM -0500, Tom Lendacky wrote:
Add support to the early boot code to use Secure Memory Encryption (SME).
Since the kernel has been loaded into memory in a decrypted state, support
is added to encrypt the kernel in place
On 4/21/2017 4:52 PM, Dave Hansen wrote:
On 04/18/2017 02:17 PM, Tom Lendacky wrote:
@@ -55,7 +57,7 @@ static inline void copy_user_page(void *to, void *from,
unsigned long vaddr,
__phys_addr_symbol(__phys_reloc_hide((unsigned long)(x)))
#ifndef __va
-#define __va(x
On 4/24/2017 10:57 AM, Dave Hansen wrote:
On 04/24/2017 08:53 AM, Tom Lendacky wrote:
On 4/21/2017 4:52 PM, Dave Hansen wrote:
On 04/18/2017 02:17 PM, Tom Lendacky wrote:
@@ -55,7 +57,7 @@ static inline void copy_user_page(void *to, void
*from, unsigned long vaddr,
__phys_addr_symbol
On 4/27/2017 2:25 AM, Dave Young wrote:
On 04/21/17 at 02:55pm, Dave Hansen wrote:
On 04/18/2017 02:22 PM, Tom Lendacky wrote:
Add sysfs support for SME so that user-space utilities (kdump, etc.) can
determine if SME is active.
A new directory will be created:
/sys/kernel/mm/sme/
And two
On 4/27/2017 10:52 AM, Dave Hansen wrote:
On 04/27/2017 12:25 AM, Dave Young wrote:
On 04/21/17 at 02:55pm, Dave Hansen wrote:
On 04/18/2017 02:22 PM, Tom Lendacky wrote:
Add sysfs support for SME so that user-space utilities (kdump, etc.) can
determine if SME is active.
A new directory will
On 4/27/2017 10:46 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:17:27PM -0500, Tom Lendacky wrote:
Add support for Secure Memory Encryption (SME). This initial support
provides a Kconfig entry to build the SME support into the kernel and
defines the memory encryption mask that will be
On 4/27/2017 11:12 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:17:54PM -0500, Tom Lendacky wrote:
Changes to the existing page table macros will allow the SME support to
be enabled in a simple fashion with minimal changes to files that use these
macros. Since the memory encryption
On 5/4/2017 5:16 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:18:22PM -0500, Tom Lendacky wrote:
The boot data and command line data are present in memory in a decrypted
state and are copied early in the boot process. The early page fault
support will map these areas as encrypted, so
On 5/7/2017 12:18 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:19:00PM -0500, Tom Lendacky wrote:
The efi_mem_type() function currently returns a 0, which maps to
EFI_RESERVED_TYPE, if the function is unable to find a memmap entry for
the supplied physical address. Returning
On 5/4/2017 9:36 AM, Borislav Petkov wrote:
On Thu, May 04, 2017 at 09:24:11AM -0500, Tom Lendacky wrote:
I did this so that an the include order wouldn't cause issues (including
asm/mem_encrypt.h followed by later by a linux/mem_encrypt.h include).
I can make this a bit clearer by h
On 5/15/2017 1:09 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:18:48PM -0500, Tom Lendacky wrote:
Add a function that will determine if a supplied physical address matches
the address of an EFI table.
Signed-off-by: Tom Lendacky
---
drivers/firmware/efi/efi.c | 33
On 5/15/2017 1:35 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:19:21PM -0500, Tom Lendacky wrote:
Boot data (such as EFI related data) is not encrypted when the system is
booted because UEFI/BIOS does not run with SME active. In order to access
this data properly it needs to be mapped
On 5/16/2017 3:36 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:19:30PM -0500, Tom Lendacky wrote:
The SMP MP-table is built by UEFI and placed in memory in a decrypted
state. These tables are accessed using a mix of early_memremap(),
early_memunmap(), phys_to_virt() and virt_to_phys
On 5/16/2017 9:04 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:19:42PM -0500, Tom Lendacky wrote:
Persistent memory is expected to persist across reboots. The encryption
key used by SME will change across reboots which will result in corrupted
persistent memory. Persistent memory is
On 5/16/2017 9:27 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:20:10PM -0500, Tom Lendacky wrote:
Since DMA addresses will effectively look like 48-bit addresses when the
memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
device performing the DMA does not support
On 5/16/2017 9:52 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:20:19PM -0500, Tom Lendacky wrote:
Add warnings to let the user know when bounce buffers are being used for
DMA when SME is active. Since the bounce buffers are not in encrypted
memory, these notifications are to allow the
On 5/17/2017 2:17 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:21:21PM -0500, Tom Lendacky wrote:
Provide support so that kexec can be used to boot a kernel when SME is
enabled.
Support is needed to allocate pages for kexec without encryption. This
is needed in order to be able to
On 5/18/2017 4:02 AM, Borislav Petkov wrote:
On Wed, May 17, 2017 at 01:54:39PM -0500, Tom Lendacky wrote:
I was worried what the compiler might do when CONFIG_EFI is not set,
but it appears to take care of it. I'll double check though.
There's a efi_enabled() !CONFIG_EFI versi
On 5/19/2017 3:58 PM, Borislav Petkov wrote:
On Fri, May 19, 2017 at 03:45:28PM -0500, Tom Lendacky wrote:
Actually there is. The above will result in data in the cache because
halt() turns into a function call if CONFIG_PARAVIRT is defined (refer
to the comment above where do_wbinvd_halt is
On 5/19/2017 4:28 PM, Borislav Petkov wrote:
On Fri, May 19, 2017 at 04:07:24PM -0500, Tom Lendacky wrote:
As long as those never change from static inline everything will be
fine. I can change it, but I really like how it explicitly indicates
I know what you want to do. But you&#x
On 5/18/2017 7:46 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:21:49PM -0500, Tom Lendacky wrote:
Add the support to encrypt the kernel in-place. This is done by creating
new page mappings for the kernel - a decrypted write-protected mapping
and an encrypted mapping. The kernel is
, 2017 at 04:22:12PM -0500, Tom Lendacky wrote:
Add sysfs support for SME so that user-space utilities (kdump, etc.) can
determine if SME is active.
But why do user-space tools need to know that?
I mean, when we load the kdump kernel, we do it with the first kernel,
with the kexec_load() syscall
On 5/18/2017 2:50 PM, Matt Fleming wrote:
On Mon, 15 May, at 08:35:17PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:19:21PM -0500, Tom Lendacky wrote:
+ paddr = boot_params.efi_info.efi_memmap_hi;
+ paddr <<= 32;
+
On 5/19/2017 6:27 AM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:22:23PM -0500, Tom Lendacky wrote:
Add support to check if SME has been enabled and if memory encryption
should be activated (checking of command line option based on the
configuration of the default state). If memory
On 5/30/2017 9:55 AM, Borislav Petkov wrote:
> On Tue, May 30, 2017 at 09:38:36AM -0500, Tom Lendacky wrote:
>> In this case we're running identity mapped and the "on" constant ends up
>> as kernel address (0x81...) which results in a segfault.
>
>
On 5/19/2017 6:30 AM, Borislav Petkov wrote:
On Fri, Apr 21, 2017 at 01:56:13PM -0500, Tom Lendacky wrote:
On 4/18/2017 4:22 PM, Tom Lendacky wrote:
Add support to check if SME has been enabled and if memory encryption
should be activated (checking of command line option based on the
On 5/19/2017 3:16 PM, Josh Poimboeuf wrote:
On Fri, May 19, 2017 at 01:30:05PM +0200, Borislav Petkov wrote:
it is called so early. I can get past it by adding:
CFLAGS_mem_encrypt.o := $(nostackp)
in the arch/x86/mm/Makefile, but that obviously eliminates the support
for the whole file. Would
On 5/26/2017 11:25 AM, Borislav Petkov wrote:
On Thu, May 25, 2017 at 05:24:27PM -0500, Tom Lendacky wrote:
I guess I could do that, but this will probably only end up clearing a
single PGD entry anyway since it's highly doubtful the address range
would cross a 512GB boundary.
Or yo
On 5/21/2017 2:16 AM, Borislav Petkov wrote:
On Fri, May 19, 2017 at 03:50:32PM -0500, Tom Lendacky wrote:
The "worker" function would be doing the loop through the setup data,
but since the setup data is mapped inside the loop I can't do the __init
calling the non-init function
On 5/25/2017 11:17 PM, Xunlei Pang wrote:
On 04/19/2017 at 05:21 AM, Tom Lendacky wrote:
Provide support so that kexec can be used to boot a kernel when SME is
enabled.
Support is needed to allocate pages for kexec without encryption. This
is needed in order to be able to reboot in the kernel
On 5/26/2017 11:35 AM, Borislav Petkov wrote:
On Fri, May 26, 2017 at 11:22:36AM -0500, Tom Lendacky wrote:
In addition to the same issue as efi.memmap.phys_map, efi_phys has
the __initdata attribute so it will be released/freed which will cause
problems in checks performed afterwards.
Sounds
On 5/16/2017 12:35 PM, Borislav Petkov wrote:
On Tue, Apr 18, 2017 at 04:20:56PM -0500, Tom Lendacky wrote:
Since video memory needs to be accessed decrypted, be sure that the
memory encryption mask is not set for the video ranges.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/vga.h
On 5/31/2017 4:51 AM, Borislav Petkov wrote:
On Tue, May 30, 2017 at 11:39:07AM -0500, Tom Lendacky wrote:
Yes, it's from objtool:
arch/x86/mm/mem_encrypt_boot.o: warning: objtool: .text+0xd2: return
instruction outside of a callable function
Oh, well, let's make it a global symbol
On 5/31/2017 3:49 AM, Borislav Petkov wrote:
On Tue, May 30, 2017 at 10:37:03AM -0500, Tom Lendacky wrote:
I can define the command line option and the "on" and "off" values as
character buffers in the function and initialize them on a per character
basis (using a static st
flushing of protection domain TLBs to only the protection
domains associated with the iova data being freed
This patch series is based on the master branch of the iommu tree.
---
Tom Lendacky (3):
iommu/amd: Reduce amount of MMIO when submitting commands
iommu/amd: Reduce delay
be room in the command buffer and then re-checking the
available space reduces the number of times the head pointer has to be
read.
Signed-off-by: Tom Lendacky
---
drivers/iommu/amd_iommu.c | 35 ++-
drivers/iommu/amd_iommu_init.c |2 ++
drivers/iommu
e opportunistic read of the head pointer. If it is still found that
there is not sufficient space, then the udelay() will be performed.
Signed-off-by: Leo Duran
Signed-off-by: Tom Lendacky
---
drivers/iommu/amd_iommu.c | 33 +
1 file changed, 13 insertions(+), 2
iova's on the flush queue.
Create a separate queue that tracks the protection domains associated with
the iova's on the flush queue. This new queue optimizes the flushing of
TLBs to the required protection domains.
Reviewed-by: Arindam Nath
Signed-off-by: Tom Lendacky
---
drivers/iommu/a
On 6/6/2017 7:05 AM, Joerg Roedel wrote:
Hey Tom,
Hi Joerg,
On Mon, Jun 05, 2017 at 02:52:35PM -0500, Tom Lendacky wrote:
After reducing the amount of MMIO performed by the IOMMU during operation,
perf data shows that flushing the TLB for all protection domains during
DMA unmapping is a
On 6/6/2017 8:36 AM, Tom Lendacky wrote:
On 6/6/2017 7:05 AM, Joerg Roedel wrote:
Hey Tom,
Hi Joerg,
On Mon, Jun 05, 2017 at 02:52:35PM -0500, Tom Lendacky wrote:
After reducing the amount of MMIO performed by the IOMMU during
operation,
perf data shows that flushing the TLB for all
Create a Documentation entry to describe the AMD Secure Memory
Encryption (SME) feature and add documentation for the mem_encrypt=
kernel parameter.
Reviewed-by: Borislav Petkov
Signed-off-by: Tom Lendacky
---
Documentation/admin-guide/kernel-parameters.txt | 11
Documentation/x86/amd
reduction of physical address size
of the processor. It is possible that BIOS could have configured resources
resources into a range that will now not be addressable. To prevent this,
rely on BIOS to set the SYSCFG[MEME] bit and only then enable memory
encryption support in the ke
For processors that support PAT, set the write-protect cache mode
(_PAGE_CACHE_MODE_WP) entry to the actual write-protect value (x05).
Acked-by: Borislav Petkov
Signed-off-by: Tom Lendacky
---
arch/x86/mm/pat.c |6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch
being mapped
decrypted vs encrypted.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/dmi.h |8
arch/x86/kernel/acpi/boot.c |6 +++---
arch/x86/kernel/kdebugfs.c | 34 +++---
arch/x86/kernel/ksysfs.c | 28 ++--
arch
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/amd.c | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/arch/x86
.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/cpufeatures.h |1 +
arch/x86/include/asm/msr-index.h |2 ++
arch/x86/kernel/cpu/amd.c | 13 +
arch/x86/kernel/cpu/scattered.c|1 +
4 files changed, 17 insertions(+)
diff --git a/arch/x86/include/asm
Add support for Secure Memory Encryption (SME). This initial support
provides a Kconfig entry to build the SME support into the kernel and
defines the memory encryption mask that will be used in subsequent
patches to mark pages as encrypted.
Signed-off-by: Tom Lendacky
---
arch/x86/Kconfig
Create a pgd_pfn() macro similar to the p[um]d_pfn() macros and then
use the p[gum]d_pfn() macros in the p[gum]d_page() macros instead of
duplicating the code.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/pgtable.h | 16 +---
1 file changed, 9 insertions(+), 7 deletions
have the encryption bit set. So only use the
phys_to_virt() function if SME is not active
Signed-off-by: Tom Lendacky
---
arch/x86/mm/ioremap.c |7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
index bbc558b..2a0fa89
routines depending on CONFIG_AMD_MEM_ENCRYPT.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/head_64.S | 61 -
arch/x86/mm/Makefile |4 +--
arch/x86/mm/mem_encrypt.c | 26 +++
3 files changed, 86 insertions(+), 5 deletions
encryption mask so
that user-space allocations will automatically have the encryption mask
applied.
Signed-off-by: Tom Lendacky
---
arch/x86/boot/compressed/pagetable.c |7 +
arch/x86/include/asm/fixmap.h|7 +
arch/x86/include/asm/mem_encrypt.h | 25
function is then used where a virtual
address of the PGD needs to be created/used from the cr3 register.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/special_insns.h |9 +
arch/x86/kernel/head64.c |2 +-
arch/x86/mm/fault.c | 10 +-
arch/x86
s that the hardware will never give the core a
dirty line with this memtype.
Signed-off-by: Tom Lendacky
---
arch/x86/Kconfig |4 +++
arch/x86/include/asm/fixmap.h| 13 ++
arch/x86/include/asm/pgtable_types.h |8 ++
arch/x86/mm/ioremap.c
initrd will have been loaded by the boot loader and will not be
encrypted, but the memory that it resides in is marked as encrypted).
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/mem_encrypt.h | 15 +++
arch/x86/mm/mem_encrypt.c | 76
initrd, encrypt this data in place. Since the future mapping of the
initrd area will be mapped as encrypted the data will be accessed properly.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/mem_encrypt.h | 11 +
arch/x86/include/asm/pgtable.h |3 +
arch/x86/kernel/head64.c
Add a function that will return the E820 type associated with an address
range.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/e820/api.h |2 ++
arch/x86/kernel/e820.c | 26 +++---
2 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/arch/x86
on to return a negative error value when no memmap entry is
found.
Signed-off-by: Tom Lendacky
---
arch/ia64/kernel/efi.c |4 ++--
arch/x86/platform/efi/efi.c |6 +++---
include/linux/efi.h |2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/arch/ia64/k
Add a function that will determine if a supplied physical address matches
the address of an EFI table.
Signed-off-by: Tom Lendacky
---
drivers/firmware/efi/efi.c | 33 +
include/linux/efi.h|7 +++
2 files changed, 40 insertions(+)
diff --git a
.
Signed-off-by: Tom Lendacky
---
arch/x86/mm/ioremap.c | 31 ++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
index 34ed59d..99cda55 100644
--- a/arch/x86/mm/ioremap.c
+++ b/arch/x86/mm/ioremap.c
encryption mask so that the data can be successfully accessed when
SME is active.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/mpparse.c | 98 -
1 file changed, 70 insertions(+), 28 deletions(-)
diff --git a/arch/x86/kernel/mpparse.c b/arch/x86/kernel
successfully. The pagetable mapping
as well as the kernel are also added to the pagetable mapping as encrypted.
All other EFI mappings are mapped decrypted (tables, etc.).
Signed-off-by: Tom Lendacky
---
arch/x86/platform/efi/efi_64.c | 15 +++
1 file changed, 11 insertions(+), 4
mask range.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/set_memory.h |3 ++
arch/x86/mm/pageattr.c| 62 +
2 files changed, 65 insertions(+)
diff --git a/arch/x86/include/asm/set_memory.h
b/arch/x86/include/asm/set_memory.h
index ea
remapping, ioremap_cache() will be used
instead, which will provide a decrypted mapping of the boot related data.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/io.h |4 +
arch/x86/mm/ioremap.c | 179 +
include/linux/io.h|2
.
Signed-off-by: Tom Lendacky
---
arch/x86/realmode/init.c | 11 +++
mm/early_ioremap.c |2 +-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c
index a163a90..195ba29 100644
--- a/arch/x86/realmode/init.c
+++ b/arch
-by: Tom Lendacky
---
arch/x86/include/asm/dma-mapping.h |5 ++-
arch/x86/include/asm/mem_encrypt.h |5 +++
arch/x86/kernel/pci-dma.c | 11 +--
arch/x86/kernel/pci-nommu.c|2 +
arch/x86/kernel/pci-swiotlb.c | 15 --
arch/x86/mm/mem_encrypt.c
Add warnings to let the user know when bounce buffers are being used for
DMA when SME is active. Since the bounce buffers are not in encrypted
memory, these notifications are to allow the user to determine some
appropriate action - if necessary.
Signed-off-by: Tom Lendacky
---
arch/x86/include
included in these physical addresses during configuration.
The PTE entries created by the IOMMU should also include the encryption
mask so that when the device behind the IOMMU performs a DMA, the DMA
will be performed to encrypted memory.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm
the
AP to continue start up.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/realmode.h | 12
arch/x86/realmode/init.c |4
arch/x86/realmode/rm/trampoline_64.S | 24
3 files changed, 40 insertions(+)
diff --git a/arch/x86
tables.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/kvm_host.h |2 +-
arch/x86/kvm/mmu.c | 12
arch/x86/kvm/mmu.h |2 +-
arch/x86/kvm/svm.c | 35 ++-
arch/x86/kvm/vmx.c |3
Since video memory needs to be accessed decrypted, be sure that the
memory encryption mask is not set for the video ranges.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/vga.h | 14 +-
arch/x86/mm/pageattr.c |2 ++
drivers/gpu/drm/drm_gem.c|2
mapped encrypted then the VMA protection
value is updated to remove the encryption bit.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/io.h |3 +++
arch/x86/mm/ioremap.c | 18 +-
arch/x86/mm/pat.c |3 +++
3 files changed, 15 insertions(+), 9 deletions
encryption bit. This
can cause random memory corruption when caches are flushed depending on
which cacheline is written last.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/init.h |1 +
arch/x86/include/asm/kexec.h |8
arch/x86/include/asm/pgtable_types.h
Add the support to encrypt the kernel in-place. This is done by creating
new page mappings for the kernel - a decrypted write-protected mapping
and an encrypted mapping. The kernel is encrypted by copying it through
a temporary buffer.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm
Add a cmdline_find_option() function to look for cmdline options that
take arguments. The argument is returned in a supplied buffer and the
argument length (regardless of whether it fits in the supplied buffer)
is returned, with -1 indicating not found.
Signed-off-by: Tom Lendacky
---
arch/x86
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/head_64.S |1
arch/x86/mm/mem_encrypt.c | 93 +++--
2 files changed, 89 insertions(+), 5 deletions(-)
diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S
index 1fe944b..660bf8e 100644
On 6/7/2017 5:06 PM, Boris Ostrovsky wrote:
On 06/07/2017 03:14 PM, Tom Lendacky wrote:
The cr3 register entry can contain the SME encryption bit that indicates
the PGD is encrypted. The encryption bit should not be used when creating
a virtual address for the PGD table.
Create a new function
On 6/7/2017 9:38 PM, Nick Sarnie wrote:
On Wed, Jun 7, 2017 at 3:17 PM, Tom Lendacky wrote:
The IOMMU is programmed with physical addresses for the various tables
and buffers that are used to communicate between the device and the
driver. When the driver allocates this memory it is encrypted
On 6/7/2017 9:40 PM, Nick Sarnie wrote:
On Wed, Jun 7, 2017 at 3:13 PM, Tom Lendacky wrote:
This patch series provides support for AMD's new Secure Memory Encryption (SME)
feature.
SME can be used to mark individual pages of memory as encrypted through the
page tables. A page of memory
On 6/8/2017 3:51 PM, Boris Ostrovsky wrote:
What may be needed is making sure X86_FEATURE_SME is not set for PV
guests.
And that may be something that Xen will need to control through either
CPUID or MSR support for the PV guests.
Only on newer versions of Xen. On earlier versions (2-3 y
://github.com/0day-ci/linux/commits/Tom-Lendacky/x86-Secure-Memory-Encryption-AMD/20170608-104147
config: sparc-defconfig (attached as .config)
compiler: sparc-linux-gcc (GCC) 6.2.0
reproduce:
wget
https://raw.githubusercontent.com/01org/lkp-tests/master/sbin/make.cross -O
~/bin/make.cross
On 6/8/2017 1:05 AM, Andy Lutomirski wrote:
On Wed, Jun 7, 2017 at 12:14 PM, Tom Lendacky wrote:
The cr3 register entry can contain the SME encryption bit that indicates
the PGD is encrypted. The encryption bit should not be used when creating
a virtual address for the PGD table.
Create a
On 6/8/2017 2:58 AM, Christoph Hellwig wrote:
On Wed, Jun 07, 2017 at 02:17:32PM -0500, Tom Lendacky wrote:
Add warnings to let the user know when bounce buffers are being used for
DMA when SME is active. Since the bounce buffers are not in encrypted
memory, these notifications are to allow
On 6/8/2017 5:01 PM, Andrew Cooper wrote:
On 08/06/2017 22:17, Boris Ostrovsky wrote:
On 06/08/2017 05:02 PM, Tom Lendacky wrote:
On 6/8/2017 3:51 PM, Boris Ostrovsky wrote:
What may be needed is making sure X86_FEATURE_SME is not set for PV
guests.
And that may be something that Xen will
On 6/9/2017 1:43 PM, Boris Ostrovsky wrote:
On 06/09/2017 02:36 PM, Tom Lendacky wrote:
On 6/8/2017 5:01 PM, Andrew Cooper wrote:
On 08/06/2017 22:17, Boris Ostrovsky wrote:
On 06/08/2017 05:02 PM, Tom Lendacky wrote:
On 6/8/2017 3:51 PM, Boris Ostrovsky wrote:
What may be needed is making
On 6/9/2017 1:46 PM, Andy Lutomirski wrote:
On Thu, Jun 8, 2017 at 3:38 PM, Tom Lendacky wrote:
On 6/8/2017 1:05 AM, Andy Lutomirski wrote:
On Wed, Jun 7, 2017 at 12:14 PM, Tom Lendacky
wrote:
The cr3 register entry can contain the SME encryption bit that indicates
the PGD is encrypted
On 6/10/2017 11:01 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:15:39PM -0500, Tom Lendacky wrote:
The boot data and command line data are present in memory in a decrypted
state and are copied early in the boot process. The early page fault
support will map these areas as encrypted
On 6/14/2017 11:24 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:17:09PM -0500, Tom Lendacky wrote:
When Secure Memory Encryption is enabled, the trampoline area must not
be encrypted. A CPU running in real mode will not be able to decrypt
memory that has been encrypted because it will
On 6/14/2017 11:07 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:16:43PM -0500, Tom Lendacky wrote:
The SMP MP-table is built by UEFI and placed in memory in a decrypted
state. These tables are accessed using a mix of early_memremap(),
early_memunmap(), phys_to_virt() and virt_to_phys
On 6/14/2017 11:45 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:17:21PM -0500, Tom Lendacky wrote:
Since DMA addresses will effectively look like 48-bit addresses when the
memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
device performing the DMA does not support
On 6/14/2017 11:50 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:17:32PM -0500, Tom Lendacky wrote:
Add warnings to let the user know when bounce buffers are being used for
DMA when SME is active. Since the bounce buffers are not in encrypted
memory, these notifications are to allow
On 6/14/2017 12:42 PM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:17:45PM -0500, Tom Lendacky wrote:
The IOMMU is programmed with physical addresses for the various tables
and buffers that are used to communicate between the device and the
driver. When the driver allocates this memory it
On 6/15/2017 4:08 AM, Borislav Petkov wrote:
On Wed, Jun 14, 2017 at 02:49:02PM -0500, Tom Lendacky wrote:
I guess I don't need the sme_active() check since the second part of the
if statement can only ever be true if SME is active (since mask is
unsigned).
... and you can define sme_me
On 6/15/2017 4:41 AM, Borislav Petkov wrote:
On Wed, Jun 14, 2017 at 03:40:28PM -0500, Tom Lendacky wrote:
I was trying to keep all the logic for it here in the SME related files
rather than put it in the iommu code itself. But it is easy enough to
move if you think it's worth it.
Yes p
On 6/15/2017 10:33 AM, Borislav Petkov wrote:
On Thu, Jun 15, 2017 at 09:59:45AM -0500, Tom Lendacky wrote:
Actually the detection routine, amd_iommu_detect(), is part of the
IOMMU_INIT_FINISH macro support which is called early through mm_init()
from start_kernel() and that routine is called
On 6/15/2017 5:03 AM, Borislav Petkov wrote:
On Wed, Jun 07, 2017 at 02:18:27PM -0500, Tom Lendacky wrote:
Provide support so that kexec can be used to boot a kernel when SME is
enabled.
Support is needed to allocate pages for kexec without encryption. This
is needed in order to be able to
101 - 200 of 620 matches
Mail list logo
