From patchwork Sat Sep 16 12:34:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9954265 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4654D603D7 for ; Sat, 16 Sep 2017 12:38:16 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 331B229316 for ; Sat, 16 Sep 2017 12:38:16 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 247FB29349; Sat, 16 Sep 2017 12:38:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 919F929333 for ; Sat, 16 Sep 2017 12:38:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751427AbdIPMex (ORCPT ); Sat, 16 Sep 2017 08:34:53 -0400 Received: from mail-dm3nam03on0057.outbound.protection.outlook.com ([104.47.41.57]:43351 "EHLO NAM03-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751342AbdIPMet (ORCPT ); Sat, 16 Sep 2017 08:34:49 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Uxq0+WhM88barApKc28pP4Gcm30fSJUl36ndh5FX1WU=; b=w37p7I0pmYLkEOEBen1JbMmTNep2iICfHQ0VgU+5XDPopGx7+E0ZjCM7mujRYkua+HKvHb3cA/yiguR2E9Of6+vBmw9YmE3HX//ZNgIchn63j/IbD58CMSweFvsbhouwdmcUfedWaInWNwCzNxtfXoXS9R7/aFs1SJM1f95BRLA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from ubuntu-010236106000.amd.com (165.204.78.1) by CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.56.11; Sat, 16 Sep 2017 12:34:43 +0000 From: Brijesh Singh To: linux-kernel@vger.kernel.org, x86@kernel.org, kvm@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tom Lendacky , Brijesh Singh Subject: [Part1 PATCH v4 03/17] x86/mm: Don't attempt to encrypt initrd under SEV Date: Sat, 16 Sep 2017 07:34:04 -0500 Message-Id: <20170916123418.37807-4-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20170916123418.37807-1-brijesh.singh@amd.com> References: <20170916123418.37807-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM3PR12CA0051.namprd12.prod.outlook.com (10.161.151.19) To CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2ae4542a-1a0d-482e-6495-08d4fcff4ed7 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603199)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CY1PR12MB0152; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 3:k/04G3khZTPSWtjsYlSvhg4ARiAEu2GOGPi8Lmuyz5ivyXam+mma+Jldta+tutg6NbIKkaBEhhBOdgQfPbTTaEEnf96Soyk4GKSD2owPnjC/2tx0mdVIcM9uW8wYzh4GvW5MeSenwwAtwFY6nQL3Ezd8lZg9dS8rZHvM74MXGLaOfA0UyT7DFNHD9IkXDdJN3flJxl5WZh2w+6L3r7dZPGHawmIqo7hRrFBIACHkKTuJlm1lPWZR5VrW0yNTnNf+; 25:HMn+bQ/6mmwkunr+qaJalr2YWAjXH2hAGWPcXbiDQSxh+k6bRqjGwSelkv9JSdJRZGeFAiz/+00Lk3Fzfz2nwUIoOluxMHtJNOLG0XNwxfB0N5RY1FWTDzhGco2zHyRpYqLpRo4z8ggwcE9oMfZL7MfyELXPVD4301YHGTmRXHkzwe0lMVUQsvk51T2njwUuKW6h4/Hkg1zQhyQgCFUYLJEGx+10Mm0s0gFV6b7B44DDDNATpYDCJgxNQtiAadypCNBYPzVMFT/W640PV1hSYMwj+z3T7hoDuwCfDavZXhP7RDj4kTNqnavqC/qRi7fF12snYXDVFCdPWkmv3y0mRg==; 31:+SwxUl4kiICGtvpHP4mV6qJhLG6JxtncCAdVpsn8Dl3co+e7C85HUWbgVX1aEN+rmBbnIrL/IZbjM4BqQsllpyNXev4CeaAhTA6iJwzdIMptq3Z5B+2t4xpbeeVASQ8uXYdSNS3DV+fntrl98aA3diErT52hRcsYaACi7qQ3w2+yyOHKkg7W1Uq79rHtCeTFsMc/acs5q7gkjZhsqtidQ9I0LbPdNhI62QMcdmL2GAk= X-MS-TrafficTypeDiagnostic: CY1PR12MB0152: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:uBdnI/qsQrTwM2DGOD8POXQOmdKqt6lgP+Qel5b7emCkaDvjKjAlXOlLJ1SjL4rf5HsGRN9svx8y24wRNmG+AML9rZBpFETczzXN2wb7URW8quvwjnY4zvqlSo1WTps7dQ+FddXACGijSFzUupmFRBJi221poBDOroBzX3pyoQNXNrHbp6fKBYgPO5hDG9ffxGq0uw4qQvQsSbt9kZ6uthwOTT+TNIXPHg5cFlvJSxgg+A/6EqmeKhg2FKmccpf/C2FDTX9FtPPxRidiNxkzZ86NJrlkwwd/9h3xtY7qs42Ut/fqpZ5CePbqcLPT5jH0m2jcnn2jYGzpSx5zyjYqwlIeSs8r9KHRymI8jSp6XmRVEnZ7t2nIsuWBvKCpDixvNXuFnGi+q14Su3xmAlKcMjLVcSpINLWENwKchkXBL2Rt6vbwy4PrNfivtWfo0j2loM5Ic1RnPKLq1/u9M6hd9oF9d8xmm5tiN80pggzk7Upd/DYfAokKsNbijYlulJUo; 4:wSho8wfUf66RTK2JMGUO6+l5neXSzod82Yf/xeore4RwVRMQpm5dyrSTEIR9ySwPhA6hobx1zuIjCb+9gvb1t+p/J+UISFRN7lrI4hI3tOzV7GWGvuG41uVt38DyJXFx9SDa64peRaDg2a1USE3xhGaMABQBv0xqGssSSv4eGuapHP8aSPgLX96nSvHEjxIcViXW1KIhZN4Ng0zLFO6u2pyjlx60yagkc9uOyz0Zeg9aVY2hx6blLcBWcwOmUovpURvMNUca95wyQENrklrGTOnrggAxdE6PSeZYmqrT/vF8keI7pTmKZ42d8t9mNXduLGNZpgdiD8LCjZDquxMQ+A== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123562025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY1PR12MB0152; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY1PR12MB0152; X-Forefront-PRVS: 0432A04947 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(346002)(376002)(199003)(189002)(6486002)(53416004)(81156014)(48376002)(81166006)(50466002)(6666003)(5003940100001)(7736002)(54906002)(316002)(16586007)(8676002)(97736004)(2906002)(305945005)(575784001)(53936002)(5660300001)(86362001)(478600001)(16526017)(1076002)(106356001)(110136004)(3846002)(4326008)(50226002)(68736007)(25786009)(6116002)(33646002)(105586002)(101416001)(50986999)(47776003)(2950100002)(8936002)(66066001)(36756003)(189998001)(76176999); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0152; H:ubuntu-010236106000.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0152; 23:ABgeic9aTlizwVONYw0KeyAJ9gU21E+YQcP1OTQ/T?= =?us-ascii?Q?v+6U7lcvnb7Nyo6MCRkDf14F/PsiFLnNfV46nLWrDgTAXVDGnTUdTe0c87YA?= =?us-ascii?Q?B2MgttRI7bPX6eLGVVcPkJZ0sA6urLZekfViMu/KeIRLUTthAj0R8hYndtVv?= =?us-ascii?Q?Uvpt6Z20KejYiTFoVn0Y/WBtFX5PkoX0O8Oi2P6BhX2fd0eZQgcGImrc7E+I?= =?us-ascii?Q?lK4OTX8DLTFSScq4t+z2eTTnhnzGvHcEzvJbEuGPMsgjNrKPa4iOwK0x32QZ?= =?us-ascii?Q?UiHIqFX92s34jdXKppwKDyYudHZ6jvN664/jDBVCrIS3xbKjGXi15PqNzupB?= =?us-ascii?Q?KS3miG0m39688X6wbIXBqAx4cFwG4bRgB6Z6/s4C5oGetxoMzAlvsbYv5E6h?= =?us-ascii?Q?jtquuGHFKKugDlRG9FiAi0ofSpVxcJQOCfgkHB7C5FucDLy4UeGLFMH62nJE?= =?us-ascii?Q?1hTdvrzGzEjf9z6LwuRMPz3hoVoYyAcfq34SjElIy54nwwif8pSUMf3ahZrg?= =?us-ascii?Q?TgabZ79c0WtSnsXBJHTP+zVzkNaQllU/jUjNsRVRVSKXsRY49HicyBFaeUS9?= =?us-ascii?Q?XRBLafX5k7IvjVnIitu0bu6/x1FhR7I4hN+U4BvcP+cljSo458rT0p1CtaBm?= =?us-ascii?Q?ewFiMKfqZvxeEFEGKXFFjose7/u501rjc04/8YYhjiAwELZn7ZyaXMH9DypM?= =?us-ascii?Q?avKxQtW3nuYYUzuOQAU1jY+8qA0G1/IzEOd5NCXFbEWjCjD+5nT7LDTvVTUv?= =?us-ascii?Q?Mtm5EqJutnSfpBEY6qToagV3Ilo1N5PBri0yA5f8/aklhn3TJ7nBAnhNgms/?= =?us-ascii?Q?/fUaF4JFP59zIJAcUdCBcmxl6N7orL93Qkt40oSYeMoTz/zXgsOO5d6U9SjP?= =?us-ascii?Q?jvYG3q9cBk07sFXi196NjYliJ0PV+pJJm1UIWPx5oJUh9QYvMnVCtu1ull51?= =?us-ascii?Q?buIBZ0ZlAB83/wplokQos/SX44YwhrL1gOBDhGqcHIdEos7orkE6UH0AVjqW?= =?us-ascii?Q?BHwtIvW5IUJD97m8spIKgqKTUfYugjaQaI1ApLfO1iCVAQNgAHh6uhf1v49J?= =?us-ascii?Q?eAyOClHsM3VNklLjK2XkDOJE+vTs6X2lm7tX7GOMR3XOFHWt0QFYQeNy84My?= =?us-ascii?Q?t/gRjjiJSc=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 6:2UpeZnMyqyfPsROn0Y192anoCdoMExIheHK5IoCTxVhQjF2WgbZZnqx96+MknOkYC6k7QdgYZvN6g1Qx4B3WwrfIx+qO05N32Ct38vx+NFPJGAv3awZ4vJA5ph9snnfdKKt30jGLqZaz1QNi0BDhKZpHZw4HdwvlDJiGXkGZ3gNNyGYAXRUHbjukMZtLIM9sJ4kmaUXcKceLmWOIv5lvcutGKDmVh9Mgpo4PFOaY/A1vvTvMen5yvAj/ZMyMcXR76D5m0VpRn3q0Ub1Q2vmzCf+ocxE/3FPPzPEq1hU96LMf9r5ixVaep2ep5XsiPQ/Sv23wmtWqpTU89jJaddaCgw==; 5:rg6wdzcNuPzUyYK9fFej823y5LjlU5kuVx7uRzF1xaPEisIaD5yze3ZEeFTE1Qpg01jkblsfStHKsM6s3yBKV6PL7+wINvpPthWJd7ma4x/1Q2cTF75m2Ueu3WGVUP1QGvqnnn4w3pyWbjLRL3ELwg==; 24:DACDK0K3OejJEfvrdTop7+uT4QWp8uGr4RMk3SIKcFQGF1P6YIXhCIKAhm5nMhMnjEj4JewIYFWmo8dAn9kz2Hz6fli0Xs5I5KwfbmEVgQI=; 7:cHKMkrU0LQKdqEvaYXgbopn7XVWlFPBxwQWhRCdrpcgsfN34pglT9kLtM/1ahzI/r3dFa8E3xwQ837nBtobd82lQxZ97VwQ9jiOwZ5LGU3dyu2vfYdHyVXCJ/Nzi34lQ94oaXYRWHuoV+s8tED+CBU1/wdRz77SXO488cODYdy2GoxagTb2ozcgrwF/kx34aROnaNYoe9lqeDsneJwWi+mhXppZmJTZV++47ph1CBzc= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:BBMA38UHQbKRbiq3zIzThPHAMvQXTBjSGh2WOviEgwmwB+Z8eiaqwcNghg5h8BYu9bbGKyjyyv/uFP5CNGl+bNccLCuHuhgusBfgf5PbGcAgBFh3Z0FpQ+ARy/WykHqODLXqrnGIaAK+LgC5ZaVSYQIQmbnzC9xI3jU+DcWRkQNcykbuJpYGQ/sJlxOA2U3FgNTDnIT27Tlco8SHfaXVCQ/mCDE4iQX+wjpSwFc7wnBXC/Alpk1/gi+Luyc2jLUM X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2017 12:34:43.0837 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0152 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Tom Lendacky When SEV is active the initrd/initramfs will already have already been placed in memory encrypted so do not try to encrypt it. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Borislav Petkov Cc: Andy Lutomirski Cc: linux-kernel@vger.kernel.org Cc: x86@kernel.org Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- arch/x86/kernel/setup.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index 82559867e0a9..967155e63afe 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -368,9 +368,11 @@ static void __init reserve_initrd(void) * If SME is active, this memory will be marked encrypted by the * kernel when it is accessed (including relocation). However, the * ramdisk image was loaded decrypted by the bootloader, so make - * sure that it is encrypted before accessing it. + * sure that it is encrypted before accessing it. For SEV the + * ramdisk will already be encrypted, so only do this for SME. */ - sme_early_encrypt(ramdisk_image, ramdisk_end - ramdisk_image); + if (sme_active()) + sme_early_encrypt(ramdisk_image, ramdisk_end - ramdisk_image); initrd_start = 0;