From patchwork Mon Aug 22 22:37:57 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 9294601 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id EE1C2607FF for ; Mon, 22 Aug 2016 23:14:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DEC6C28ACA for ; Mon, 22 Aug 2016 23:14:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D339928AFC; Mon, 22 Aug 2016 23:14:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3FC4828ACA for ; Mon, 22 Aug 2016 23:14:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932405AbcHVXNt (ORCPT ); Mon, 22 Aug 2016 19:13:49 -0400 Received: from mail-bl2nam02on0084.outbound.protection.outlook.com ([104.47.38.84]:25219 "EHLO NAM02-BL2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932807AbcHVXNG (ORCPT ); Mon, 22 Aug 2016 19:13:06 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xaROerbozwWFL0FVngFyYXbLzZr/TvQCj1Kjo+eqma4=; b=eNd4505an2b5K4p6M7gy6fPLsBrSjBLz/hTcr34S70SomaDwgYgc5nu6yi329K0Dy3ps9g7FQYn8GExCmTPnS2IMIdcBomR5oMdyn/JC0agc8Fj9uF4qpf8aGJkhZVSn0lx4syGQYataHuSVK3ybJBxg/kJG3spyv71lozhWWmY= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from tlendack-t1.amdoffice.net (165.204.77.1) by DM5PR12MB1148.namprd12.prod.outlook.com (10.168.236.143) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.557.21; Mon, 22 Aug 2016 22:38:01 +0000 From: Tom Lendacky Subject: [RFC PATCH v2 13/20] x86: Decrypt trampoline area if memory encryption is active To: , , , , , , , , CC: Radim =?utf-8?b?S3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , "Konrad Rzeszutek Wilk" , Andrey Ryabinin , Ingo Molnar , Borislav Petkov , "Andy Lutomirski" , "H. Peter Anvin" , "Paolo Bonzini" , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov Date: Mon, 22 Aug 2016 17:37:57 -0500 Message-ID: <20160822223757.29880.24107.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR01CA0027.prod.exchangelabs.com (10.165.224.37) To DM5PR12MB1148.namprd12.prod.outlook.com (10.168.236.143) X-MS-Office365-Filtering-Correlation-Id: 8e088371-609d-4e9a-beb9-08d3cadcfa1b X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB1148; 2:aLtw481Q71+C+VC/qjQNMXGskBABCLxqopJRwFtogcOF4x+SVou798nmx8WgYgfjWk7R+u1+sJqfClrxYGR8vUc7qFSFoRljTKlCWwOvhLc2J4gakLBEJAfcCgxwaPdD9mQ43qZmUnG2rgt+opfR4MMi+9i99K6aQN7+Wc42MwN1ub2x7dwgnkKIB0cLwrHl; 3:IQrHUVSraMAiPUrn+s3AV0OnubjN+U8dzSk3D8zRXYTnWq74UcAJUlMFml6iQkIxh44W4l9/tV6dNjBB5+ooWhW6fLFBmZNjucaWmbAjah5PuoAB1SMMpXNhRiSw5TzL; 25:DLLvIrT1Z3b3jX2IH6qwK8f7etMr5+aSKGBq6rUELjfJgbvNDERwf3AgmDTEWISqOVKI++3yHLt3TroGnBz8EqU57hM3oKINdzzqPiBl8ngejuDIeUPdFjacEmAdpS4/GtInJoPMXPZ+qm3NB/CSbsxmA+8FbIXF6dedhXwREN0SuoTgS+12b9eD87ri54s1uNxEf0E5GCd7hE5AbLrxJ308fVBngDn61HunlVdi7kvvnENVy0paggRGCy8FRXup3FIHyH7P2MOBovK0JXdig6EjTGyb5ukX2r5j2abRfZFc9eLcaFMaU/ywK4Gf5E+NRDdBmNJwEv9V9cDN7K7eKJbN5+iJBySKBncUYD3oaAcgJL165eZIdKS/wIwfsaWiRBdJ3M3Bj7TDIfakNDn9Y6BVKe2jiIFZhuPPbjgJCPs= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM5PR12MB1148; X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB1148; 31:60SfjL5cTzgOXrlbj+a5hr68We0VHW9d8Qs0WEmiYEiUsSOY4E4Mc8+Cnq+ea1af5T1WnVk+tbF6kaLFAys/kmvYQ3iNhTdkpouJGKO6oEM3SLWDb1nmgNX61F+sMF+Xb0tGcPwmzH6vt91WGWROFV6lBwn5ravg/gmMgpby2IHt3/iP6VpB9QDgtee1zmuKj2emdhm5HvEKCz0nJ0WqIof8UALVbJQCKQd1jRtCIFc=; 20:/3hpVjSbpI3rDJV38LcGjgksdYN9faQfMLQq4jfW/hbtFgaONz3asUSP50r68ObJBvxSLku60rshWT9aNrLf46OeqkX0uSL7YLJzzY2aIJS/fbmdoTbmech1zfnQrhOOvmEn7YjRcFHng+V2QCamWo3XhlNhkKjuvH/6KkZ/ht4b3RwIlCn1ALs/D6sYmAZk3wg+IlW/7NneI9m4DejeO6gFII/zlrw7oOHEeVKpzA1/DqGNn/JhiRrt1nrcSGq7KyXbvVPb57d2KTB08LAMB8QjfPz1sJJd3W5ykTpWRHbYMdX/X3aFJWk2JecvFnJ/8FyO1rsinEVru5H5rmpic7fVsN6LezF85/qL96J2GVjUwA2aEmp3T0Ctsetgpx0VXRcvd5R9rqKATjJ0xNrIm5Nf5OHFTkLANdJwF3P89ivchhI34S/L5yuBF1toQq58cODZ6ZT+Z55YdNWUf1t8LiuTRznqjI0ojSPtpW4hsDtKCglmfCCunHHjfp3oUuf9 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:DM5PR12MB1148; BCL:0; PCL:0; RULEID:; SRVR:DM5PR12MB1148; X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB1148; 4:YftZHz9KybIKE5LG3GsJlW8XzRANAqIXUeH25dKlSy5fbY7PWhqM6yGz/6nzog3SIEz3+p/0ifuyFqoZUAiUKKuHI02myzIifGR63yw9j2XxO2Ja5HiUNz0GqOm8iV+j4rdnGzx+ZU+ceXtr80vCCHs6VMcNFEr/h3aZC6wZf2ahkTMnY7EKcPnyW/ogpYs6R6mN4DDLfkcExZzrln36qeES0P/bNxuvFaeSY4cOjk0HnoFno63s9ICFmMSVOleakMzuWtQThN0WxU94Hxm8sp5PxtbcYs1kd5IKzuctiWUIJfzW2BjCBp5BNmsIHGvDsMD9Is1zRQF1R+Nu6+jWbM1Nyy3ZOdbnpnBahWll7Kr4WIOnl93VGqxG+24SKL2w1ctKrZW1f3Eb9P2QWeN0YNZglQmLS6HiZ2J8Gif5/XC71kKGrszR40zslqeK7SdL X-Forefront-PRVS: 00429279BA X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(7916002)(189002)(199003)(81156014)(81166006)(2950100001)(77096005)(8676002)(86362001)(586003)(3846002)(106356001)(101416001)(4001350100001)(6116002)(42186005)(97736004)(5001770100001)(230700001)(229853001)(23676002)(92566002)(1076002)(19580405001)(19580395003)(305945005)(7736002)(7846002)(53416004)(33646002)(4326007)(50466002)(2201001)(7416002)(2906002)(105586002)(68736007)(50986999)(69596002)(47776003)(54356999)(76176999)(83506001)(9686002)(189998001)(5660300001)(97746001)(103116003)(66066001)(71626007)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR12MB1148; H:tlendack-t1.amdoffice.net; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ4OzIzOnlQbzhOTnVIU3NxaGluczBvbTdFVVEzdXFF?= =?utf-8?B?UUwyQi9YSHZRajN3V0FJZm5hZzYxMHVKYVczM2RLUkZUNWlKa0FNZm9DcjFz?= =?utf-8?B?bnNNNUdmOHczUFJJU2lVT0JEUVpvTlVIbnhLMDJtMEo0THUxQjZyL3VDTTB1?= =?utf-8?B?Q1dFMDBsdENLVytkcWxFQi9lNHR5SVVsOFJROWF4Y2xZMDNrVXpJV1hGZVRm?= =?utf-8?B?YzNCeWN3U3RWY2I3Nm9ENVNheXdiM25WV054Z29GMW52Z1BuNG42UkJDdGJo?= =?utf-8?B?TXRrcnpxLzRIMnhpd2JSWXZVRVV6QUFCNmRWNGhMRmgxeEZCeDhrNGlCRmp4?= =?utf-8?B?VlppcVppa2tsSWpFalpOekEvaklNWEhNa2RxRGNnMjFpSk9LRWtoSzk3NFRa?= =?utf-8?B?Zm5hQ1VZQ2dxbytCaE0rTTV6MWVrcENyZFlqck9qZXNVUU1KTFVhZ0ExWXdo?= =?utf-8?B?aEZVK2N5VWlzd3A0c3V5dXFKZjluVnkzK3VPc0lNdjJ6andaNUJxcCtGOFlL?= =?utf-8?B?MVJQcWY3SHZwOEFCY1U1RWNpVW1VL0VFTUFyWFRlSmlwK3pmWWZTbng0Q2E3?= =?utf-8?B?eEQrYmVLaDFMMVhNYkNPYmtndDcwdzNlUm5melpUNzVYK3FoY0F1MjRHWkJt?= =?utf-8?B?eXBNTW80MVBYV0ZEaTdOQjNMNDI2ZWl0WWdwUmc1Z2dyVktjek5RYmpNMWtB?= =?utf-8?B?emtQQXZ3WTZacmlTaGpvUVpmdlBoL1Y4M2FrcEFuTGJqcUk0WlpsaG0vcE54?= =?utf-8?B?U0lhWmhUanRFelV5UjlpdkNSdWFaSVowWnQwU0t6b2NGRE1xV29Za1p1M1pj?= =?utf-8?B?T1JDaGJsRElDeUk0dWNNWlgrRU1zYWdYbGUzS2IwdTBlRFdVSXRNaC85cXdw?= =?utf-8?B?Sk5hUHRjb2ozZXRocTJCNmZlWkE3Q0wvWUpFQzYwb1NYZmFSVVRib2tRMENG?= =?utf-8?B?MGNPaDUvQ09qMnloN21mRFZnV200cVlNeVM3cVJad3A5RGtiaFYrTEt1NkxK?= =?utf-8?B?M1BVRzVNdVV5NXNWT2RYUEY5UW5tOU0rZllBRnBDUWlaMkVlOGRiYlZjWmEw?= =?utf-8?B?Z0VtRldreTFlT2hua1VWQUtJVFhNTjVsZjVTY0ROWExYS1ljQ1FTRTd0MzRP?= =?utf-8?B?bnZrMUk4Y0FqYm1xSmFEZzRHSWdCVmRZcGdvdE5OYXZNTS9tVlByOGZRMHFh?= =?utf-8?B?MTlrOFpLcVZxWFRzRmxUZWJ2QnNPSUk5a3MvNEg0WkV5bkE4SjZsdURvUXd1?= =?utf-8?B?Ykdrb0UvUEljUzk0K2w2bGZFcGcxR3lwdWpkRG9Cd3B1QTNEaUxMOXVmS0ph?= =?utf-8?B?MWRvTTBQQytKa1pDaWpRNVJGSms1b0RSYzVyZndNSThWRVNsTHk4VXVkUjBO?= =?utf-8?B?V3NhVkd2eUg4YWE1U3Y0eWgyeWx3U0FUUGkxTG5uaTltTmFxNVh4YWc2amgw?= =?utf-8?B?cUgyMzVQQUJ4VW9LM2lLMkRNU1hDWU9Hc3J4LzBsVldEOFdBejJybE1GbnFN?= =?utf-8?B?RTk0S3g2QU4zZGhHdEV1S3JiWHZnYnlYcFJEUGZ6Zi9GekljbmF2YVJSTWRU?= =?utf-8?B?R2hTbXBqb0U2cGZnaVlzMndOQmhGVU5vd2NTa05OUEt4V3FuTDVvbWxvOTZm?= =?utf-8?B?djU5NTRhNmNzWXFzdy9sZmlHOUs4MERqZGExWngwOGMzcm8reUZ4UmFIL0Rr?= =?utf-8?B?N2NlZ3J2VnBIRTNpZVdLNVd3aGFyK29qa05LYmE1YVQyQWVwYXhnUEYvbjRL?= =?utf-8?Q?Vrpa8eETALV8aoZH1Okxv8xi5BGcDoBgQJIzM=3D?= X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB1148; 6:5MhaH9AGLaArjoaJFuVJpnXOwwbxHgTrECxalZdIkXndXflMdpqQ8491T1LvMut6yJ+sjXMkFLgycwoJvqLMStvY70X+9oKagC8GajQ7lYEgBW9qVOUQM3qCzQyOCTjBXO66uB9rxJ8kFwCRIYTdV2LLinLLN6jd0s27NrZ+VyXh5WwhQaCNwI8YMQE8prYQH4agOqsdOpulq0hXOeFT1nb3pi56JwOtemAtlFgLZiHgVpu3VfrVxK0en6jUsehrZ26Wg7hcorltT6mZGON1LpbonYL/AWNdcmST0dt00nNbxxvgMXIfg7Voe5p1dY/EgQm6dhMMzL0Lu+VgS0wQ8g==; 5:kZ0cqqlAy6p4z4DAJxsAuMsQy4XOW/SJEAiDrxql4IXng5ZZ9YAjkAuY1OfWrcPnWTshU0R3UClQAR/llLdm35tFhBuoMzuWUTIT3a85tTW3iU4KpaPpiOoexuwKznY7HKIKkH0VCB/hMxn+c+XnQw==; 24:XisZa8PiL3dRQQX/gm3lMafyzJ5AL5rgCOkQCrkSvEUh537sIvOEfUvP882w730negIQsDNuig5+INR0JViAPBX8YzzEgY8LHwwwW2FuIOg=; 7:LGyzjUE06Bryd8Je4zhJw9YxKh2QG3kikendNamJhk+CRh84TMXCX5Edl8g5z7YGzFzIGDFZCFAG4qEmlKGmrP/OEiPDC5WGyZEkzVii9O2B3LIo3cF+C/uoeh2YmF35dYpHcg63F9fgcq0q7l3LHSCAOvs7Rh+nR7E00jQz+e4Ax8yGkxlHZANesPbAeR0mmvJeWv73k2sJiHwAqjoPtPt2P2g/jqXLXiwZBwq5UXZuiwyjJ3PjEdfv0PxKtfut SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM5PR12MB1148; 20:zahUp7TOZGzBao5KKP1jOZuvqx2sMAPJ1sLOCIaIkY/+JQzsqPT9Djb1rgEXLoyH5tfSaG89rGV3T/AhuXjz1WO5QXouej4aR1DkVilodizI4nhGK5jvNUnUpRgCu0CWDedZDeUgCnewMA8yoUoGzQRiCLI+sP7jJGAZnE2JmkGcTsaK6yJRyOqFtq8G77pwz0HS/yQKcZPh3oQO0f45TwhElfVK4h4E0aW/BxuJPFTUULDyKOcQ18UbnaOHG9Vh X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Aug 2016 22:38:01.6280 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1148 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP When Secure Memory Encryption is enabled, the trampoline area must not be encrypted. A cpu running in real mode will not be able to decrypt memory that has been encrypted because it will not be able to use addresses with the memory encryption mask. Signed-off-by: Tom Lendacky --- arch/x86/realmode/init.c | 9 +++++++++ 1 file changed, 9 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index 5db706f1..f74925f 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -6,6 +6,7 @@ #include #include #include +#include struct real_mode_header *real_mode_header; u32 *trampoline_cr4_features; @@ -130,6 +131,14 @@ static void __init set_real_mode_permissions(void) unsigned long text_start = (unsigned long) __va(real_mode_header->text_start); + /* + * If memory encryption is active, the trampoline area will need to + * be in non-encrypted memory in order to bring up other processors + * successfully. + */ + sme_early_mem_dec(__pa(base), size); + sme_set_mem_dec(base, size); + set_memory_nx((unsigned long) base, size >> PAGE_SHIFT); set_memory_ro((unsigned long) base, ro_size >> PAGE_SHIFT); set_memory_x((unsigned long) text_start, text_size >> PAGE_SHIFT);