| Message ID | 20170724190757.11278-6-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Subject: x86/realmode: ... On Mon, Jul 24, 2017 at 02:07:45PM -0500, Brijesh Singh wrote: > From: Tom Lendacky <thomas.lendacky@amd.com> > > When SEV is active the trampoline area will need to be in encrypted > memory so only mark the area decrypted if SME is active. > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> > --- > arch/x86/realmode/init.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c > index 1f71980..c7eeca7 100644 > --- a/arch/x86/realmode/init.c > +++ b/arch/x86/realmode/init.c > @@ -63,9 +63,11 @@ static void __init setup_real_mode(void) > /* > * If SME is active, the trampoline area will need to be in > * decrypted memory in order to bring up other processors > - * successfully. > + * successfully. For SEV the trampoline area needs to be in > + * encrypted memory, so only do this for SME. Or simply say: "It is not needed for SEV."
On 7/26/2017 11:03 AM, Borislav Petkov wrote: > Subject: x86/realmode: ... Done. > > On Mon, Jul 24, 2017 at 02:07:45PM -0500, Brijesh Singh wrote: >> From: Tom Lendacky <thomas.lendacky@amd.com> >> >> When SEV is active the trampoline area will need to be in encrypted >> memory so only mark the area decrypted if SME is active. >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> >> --- >> arch/x86/realmode/init.c | 6 ++++-- >> 1 file changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c >> index 1f71980..c7eeca7 100644 >> --- a/arch/x86/realmode/init.c >> +++ b/arch/x86/realmode/init.c >> @@ -63,9 +63,11 @@ static void __init setup_real_mode(void) >> /* >> * If SME is active, the trampoline area will need to be in >> * decrypted memory in order to bring up other processors >> - * successfully. >> + * successfully. For SEV the trampoline area needs to be in >> + * encrypted memory, so only do this for SME. > > Or simply say: > > "It is not needed for SEV." Will do. Thanks, Tom >
diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index 1f71980..c7eeca7 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -63,9 +63,11 @@ static void __init setup_real_mode(void) /* * If SME is active, the trampoline area will need to be in * decrypted memory in order to bring up other processors - * successfully. + * successfully. For SEV the trampoline area needs to be in + * encrypted memory, so only do this for SME. */ - set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT); + if (sme_active()) + set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT); memcpy(base, real_mode_blob, size);