Message ID | 20160426225749.13567.40821.stgit@tlendack-t1.amdoffice.net (mailing list archive) |
---|---|
State | New, archived |
Headers | show
Return-Path: <kvm-owner@kernel.org> X-Original-To: patchwork-kvm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 4F54E9F441 for <patchwork-kvm@patchwork.kernel.org>; Tue, 26 Apr 2016 23:03:29 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 782B02011B for <patchwork-kvm@patchwork.kernel.org>; Tue, 26 Apr 2016 23:03:28 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 856882015A for <patchwork-kvm@patchwork.kernel.org>; Tue, 26 Apr 2016 23:03:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753647AbcDZW6H (ORCPT <rfc822;patchwork-kvm@patchwork.kernel.org>); Tue, 26 Apr 2016 18:58:07 -0400 Received: from mail-bl2on0087.outbound.protection.outlook.com ([65.55.169.87]:25047 "EHLO na01-bl2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753621AbcDZW6A (ORCPT <rfc822;kvm@vger.kernel.org>); Tue, 26 Apr 2016 18:58:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+kbU8prqyKgR1N9ZmzjyqSQGnCBDB4dI2DfZeQzYmVg=; b=rk2SuS7E98rYGG3pCyLTaHIPzbzQj/q/fHAiU5V9vCHe116KXlj6rUdcxuQXymc0Mfk6a/V10EGVZIfwxCT1Qy6CuwCSBUd6eQttumMNZ8kuaN/tftmIb2dorOzJoZUjbOPdG6eErhhd/U5JysXSh+yEVf90ymZtQbpTzKssEm0= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from tlendack-t1.amdoffice.net (165.204.77.1) by DM3PR1201MB1118.namprd12.prod.outlook.com (10.164.198.18) with Microsoft SMTP Server (TLS) id 15.1.477.8; Tue, 26 Apr 2016 22:57:53 +0000 From: Tom Lendacky <thomas.lendacky@amd.com> Subject: [RFC PATCH v1 11/18] x86: Decrypt trampoline area if memory encryption is active To: <linux-arch@vger.kernel.org>, <linux-efi@vger.kernel.org>, <kvm@vger.kernel.org>, <linux-doc@vger.kernel.org>, <x86@kernel.org>, <linux-kernel@vger.kernel.org>, <kasan-dev@googlegroups.com>, <linux-mm@kvack.org>, <iommu@lists.linux-foundation.org> CC: Radim =?utf-8?b?S3LEjW3DocWZ?= <rkrcmar@redhat.com>, Arnd Bergmann <arnd@arndb.de>, Jonathan Corbet <corbet@lwn.net>, Matt Fleming <matt@codeblueprint.co.uk>, Joerg Roedel <joro@8bytes.org>, "Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>, Paolo Bonzini <pbonzini@redhat.com>, "Ingo Molnar" <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>, Andrey Ryabinin <aryabinin@virtuozzo.com>, "Alexander Potapenko" <glider@google.com>, Thomas Gleixner <tglx@linutronix.de>, "Dmitry Vyukov" <dvyukov@google.com> Date: Tue, 26 Apr 2016 17:57:49 -0500 Message-ID: <20160426225749.13567.40821.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20160426225553.13567.19459.stgit@tlendack-t1.amdoffice.net> References: <20160426225553.13567.19459.stgit@tlendack-t1.amdoffice.net> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BLUPR13CA0075.namprd13.prod.outlook.com (10.160.82.46) To DM3PR1201MB1118.namprd12.prod.outlook.com (10.164.198.18) X-MS-Office365-Filtering-Correlation-Id: d4704385-0dc4-458a-dffd-08d36e263428 X-Microsoft-Exchange-Diagnostics: 1; DM3PR1201MB1118; 2:umV8fQg9WGYBgBqtYW1fs/eUXqO0jSVYwiEsBrhJoedPCBpkr2IQM0ARzHHhW32o6/qBmR3mqV2OtFJD1z4WFyrLQ5PnrQVodE3bLHKErWyhRC+Bgu5MPxxZCHxGeTcvbLm+75Su/mHIpPRupiSwmR7mp3nOSiKrapRk12KpRe6sCZC7n8eAKAFFG6KBPORk; 3:QwSDxk3+xm0XpPQf76nt7DceaSeGVlvIZGPIb3RbvvROzkA/2gn52lWXfls8p+4U2H/vKxh1tyytnNrIzgs/MRgq7eiaX9BS+Aq8owddk+4+1JaXssuKsGgrXyScVPU2 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM3PR1201MB1118; X-Microsoft-Exchange-Diagnostics: 1; DM3PR1201MB1118; 25:v0LboSem2vtw83mlzSzhhj/TJ48JOaQWUkSIUKajgYnNZqAgc4uSRS9FYfB4b/M9uFu7JTA7/3kxe19P1jInAB1wzXzdoNOb7S+Z+JDevahw1UXLOvAbvvEp/50OjUrKwALARRq5YtPRPkyOdW3TmzNugDfZfkvTce1DEdf6ppUCb/jpJXvnPHo75DDfZws3RyG0OXTwqJnmsRKzzcHlHPlBEznz/idNib9fp5BSfrTluiOA/FOEFpYjanHG025wBcsRSP4DRgyKi+YdmgcOiZYKw53sl9n2Odnqv2vSnsDM5U9wawQs3mzUkk5wue01sJ/37BKW6LJ+CygNxNlrwknPrczXWiH9t7OVL6u6w19CjB0JZLntepAj5oGvt1NjnNlGj6z5kxDj1nJfVGl8y5RhbUJ+AulllLkQZ4navzYoPc3H1D78Z2EUXLrvtw9WBzUkriIAWjeTOJZOp/vQQOI2wXq1w4+rJOsP1A9joFU6C3rMDPNCYNYPszcoJaR0ka4fogzo2JRv6GPNbQNEzf2vs2ld5OzYLaa5bI5bozR4zzXmUtqQ6Fe3lthbCr51pI40LS/yC49S68QNRfvVw2tHEKf2onqvfnBgpMNw3/n7nze9K1hrXnsMZHhxCgvw+LtElw/p3vwq9yQl+I8KKQuTRVKZm5eWk6zHloJDENs= X-Microsoft-Exchange-Diagnostics: 1; DM3PR1201MB1118; 20:fsYjR7ZVV/AKjdSXn8Z81iwTZck/OKWI98XtNPEOmEhD51yT8/SDHe3CWx1VbYfpG4sRUyREU8p+w9j9yTdBzb6H09dGaaIUwUMJOszUJGhBs1cNTu82tKTuYCR/HMD895fdsLvZdMNw7dDffUjaDznpSRz+LK0P1qjFflh0fFkUY9XP+MDfaXPEn76saCVcfv7lV3/waD6+H/lM0ov6dlHzBQflSMQhE3os6wRppHtVsp/12pUL4DProVo0wQ3fAHnzUQhvd+T7AKJ9RuGo922IeGUhHssa4tlCrh4EpQvH5Eg7bS+V883cBhw6vkoJHdZwnOdFJcm/fs9of5djDe/cM6g5XulQ4qwsytaxmo3KjZxnzmRZ8BbBHg6B+qV4lPj5sD812EyqEr61QK3A326HSpGK7bjYi7nqPYI2+s/3jbOiHiON0uysR5TnChqV4tIV1I+4baHUIqXswbsg2eeVI0/F0HqqGlhMidgoUa4jqbQ/4Rw9jUWZvaHYAumT; 4:7xWk8wQEL+L8RZoIBD6ugt2Yfks9oJ+/P5V16W7RXEz8x8kBfvzH5gMoHLwsyn0u1IRqlIrVmSDo6XYszxDOOUoej1+HDqfxRxqP2+7IEf30I2KqsX0ddl0akaxg12afjXPdT7SOLwoBHazkvGE6DUplBNJOchOfNnyI24qfcpHcbdIgdsKI8fGdIIZgkjxsUAJgkZvYdNx3NhX7R+ZshwFXLLbFIk8FQp+LzjPzkdr1+H3AMdgQXrtDWCBKO/ptDeIXB4KnQ8AvpFzx8W0tzXS0e3dN6nOrQP2g0YXahxb3/26Y7EfZcNho31o3xhIyLdlsXMeEwK7XEDY0saGp5BD9JIcDJlVXLNB7xpVm+/8qLiCxRiYefgzBh+csCZ45sRIoxN4HnI3n4NUhHL9U7kzfezrOL0LnhZsg 8GnsloU= X-Microsoft-Antispam-PRVS: <DM3PR1201MB11182B448252184F6646200AEC630@DM3PR1201MB1118.namprd12.prod.outlook.com> X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(9101521072)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:DM3PR1201MB1118; BCL:0; PCL:0; RULEID:; SRVR:DM3PR1201MB1118; X-Forefront-PRVS: 0924C6A0D5 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(229853001)(5001770100001)(4326007)(92566002)(1096002)(77096005)(23676002)(2906002)(2201001)(5004730100002)(4001350100001)(6116002)(53416004)(81166005)(2950100001)(586003)(33646002)(189998001)(1076002)(86362001)(50986999)(103116003)(42186005)(66066001)(19580395003)(19580405001)(47776003)(9686002)(50466002)(97746001)(54356999)(5008740100001)(230700001)(76176999)(71626007)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM3PR1201MB1118; H:tlendack-t1.amdoffice.net; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTNQUjEyMDFNQjExMTg7MjM6TjArUUNSd3FhcmJWRzZaYTRNOE9vTFYy?= =?utf-8?B?VW5tVTMzRkhhdmwzSGt4SytNejJoQVNoSWZHakJOZUlHNTc3VUwwY1l3K3gz?= =?utf-8?B?b1crVmtNczQ5U1p5b2hMMGgzMnI3OEhQWitpNnpRM1M3Q1FSMmNzK3EvZmti?= =?utf-8?B?QzdtTWR1VzdjSmZuQUoyWTRjOUNrR0E0N2w1dVVLbVRtNUhKQkdFckZWYkxp?= =?utf-8?B?QzhCbnBIMnFjWlVkaXMxeGZ0VE1HTlVvU01KVHR2RUYwN21abkJkbWVtMmdH?= =?utf-8?B?TXQwMStmb1FqbGovcXJ4WWVQSlpiWmswMkZqeFB1WUdwN3RvMlNDY2NVMkYv?= =?utf-8?B?eGxheVJid05uL1p2QlpNN2V3c01iUFRidXRqcUs0TENwa3ZyM2dnWWRhdHZZ?= =?utf-8?B?d3UwWWFOZ1lGeDMwSmdibzM2M2RydVRjQ2gxc3ozalVmaUVWL0J4WVZZOVZw?= =?utf-8?B?S3gyb3RMMnhXOWdhaU5tbjJjMDBaSEpLcnRvVGtidFpERXkxSmt3LzI1ZXBX?= =?utf-8?B?a1RUUmtKSW1DMHpVY3JUeDZ3QXBJcm1XcGFLakNHWWpnV3l0WVFSN0hFL2o4?= =?utf-8?B?T0FoU2xQQWwvTW9tR2d5UjU1alRML2gvRFdRY01QWDNZV1E2VEpzTXJZVjhO?= =?utf-8?B?amVtc2R5UERldnVGTzVNUllEZjNDNk55RXpTT3RJKzNNMnJ3eDdUWVVLN1Q2?= =?utf-8?B?Mm9mRVV0QjRza2ZnMnZRQ244RnIwQk1VZXNtZzFydHlxQlpvNFR5cWxDQUNp?= =?utf-8?B?aU9xSTNOcUxsOFpmZkhSdEpaTUpPUGUyUGl6dWtGWE1PTEpwTFRrQ1VSamZD?= =?utf-8?B?a2ZkTXMxQ1RZZlBCS0F2dk5IK0FjS0ZGaW13ME8vQ3JLZURMMFNMYVNDQ0JZ?= =?utf-8?B?QktBaDZRVURiUlVla2ZZMGV2T3RUS2Z6SGowbWpyU2VPTnU2OHJoTitEZmxw?= =?utf-8?B?dWtVSmY3T1FHVGZuTWIyNFc3ckVxUjZ4Z3dGcVJBWm0rUVhxQTdYTG8rY3I4?= =?utf-8?B?cXFvNTdJVzJyNmJZbmdFVDB0WGZDUXdRSGxmRkhkUGg2WTltSGE2eE5tU2Nt?= =?utf-8?B?TVRteHFPM29RaFZzb29WTXhaelZMbDFZdlBwTE9rZEF3Qm9DSUsxYm5ReTBE?= =?utf-8?B?UFdsV1NYTzVtTW15Ymh1VmRMRnp4WitRQUNjdDYvMVVvUjhGOXRiN2JPYW5H?= =?utf-8?B?dFcvbDNhVjdNaWFNWDdTOVdNbUdITWVHYUxRL1VOVEZMNXhWRFZBUFhsNWF6?= =?utf-8?B?azVUdjhqVXpreXI0eFFHRmVCSjRCZkhsSHNJWVJiZjVKWXRMRk9RTnh1NFBR?= =?utf-8?B?RzNzRmE0c2ovQjg4aC9aTnZxMmlOUDUyRzFpWFo4eCs5b0MyQkRpMllOb2hE?= =?utf-8?B?V0Z3SHhGVzV6WnZxWVAvOWtwTEpXWUMwVWg4Q0FCaEE9PQ==?= X-Microsoft-Exchange-Diagnostics: 1; DM3PR1201MB1118; 5:0tBgg6weTiAU3pSFcd+Qt8I6GvWj2ZgA123jay0TL2vBPUQWsofiH7SQScg6VqX3pEkRpCL5WJvOOuOxCM86LfU/VGh7Ltux0x8AvkS/jUdnw1MMvuEqebldpGV/GflhBGDS09of2CoQpjxstb9oNg==; 24:5Tm/+0Dl/UivLgdAhVe56+Deo0TsQK/0Nr+EJ5/0pRfR3rlrzJPROsOXwk0DiodOJtLDDtXxrfieC3nYCqaAczeUen6H+iWESCWs7f1O3eU=; 7:uLH8lqYb+YOhFHoeMiTf4txs4sMZFnTKFjWhiyHuks5kIU9RVlCrhE6BmUoccnVf/X5Rl9fldMCXqYEyry3UNV3PlKkLtLEJz1/OGKnIqxN3p3cgag3JT3FDwehVMiZpAhvXMW1I5N/BqtxvIIkoY8NgVZ8nle9rF8IQAiu45Cs=; 20:qtx3NYEo4wI68NVIO586QQidnVj6WDdyR5W5szkvQZppeFXiwQGv908qzvqK4caOgjQ6XaWfUBnIQ4cOhcbG8GgheiLShytkJiZyzTtwSbvX5XjqKKiTJkX2mGbxW8RWekDE+WuVhsQLF3KVBzsKZCcyHaIVn1caC3pgxGCa9aH3xZ5154/Uuyl9CPKvNHIATN/p6RXoVhYU4GJXT7IiAqYFmJciPlExSmqzbLXEXZ+8tORo3hHxzasPL1QgoKTF X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Apr 2016 22:57:53.2433 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM3PR1201MB1118 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: <kvm.vger.kernel.org> X-Mailing-List: kvm@vger.kernel.org X-Spam-Status: No, score=-7.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index 0b7a63d..85b145c 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -4,6 +4,7 @@ #include <asm/cacheflush.h> #include <asm/pgtable.h> #include <asm/realmode.h> +#include <asm/mem_encrypt.h> struct real_mode_header *real_mode_header; u32 *trampoline_cr4_features; @@ -113,6 +114,14 @@ static int __init set_real_mode_permissions(void) unsigned long text_start = (unsigned long) __va(real_mode_header->text_start); + /* + * If memory encryption is active, the trampoline area will need to + * be in non-encrypted memory in order to bring up other processors + * successfully. + */ + sme_early_mem_dec(__pa(base), size); + sme_set_mem_dec(base, size); + set_memory_nx((unsigned long) base, size >> PAGE_SHIFT); set_memory_ro((unsigned long) base, ro_size >> PAGE_SHIFT); set_memory_x((unsigned long) text_start, text_size >> PAGE_SHIFT);
When Secure Memory Encryption is enabled, the trampoline area must not be encrypted. A cpu running in real mode will not be able to decrypt memory that has been encrypted because it will not be able to use addresses with the memory encryption mask. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> --- arch/x86/realmode/init.c | 9 +++++++++ 1 file changed, 9 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html