From patchwork Wed Sep 27 15:13:26 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Brijesh Singh <brijesh.singh@amd.com>
X-Patchwork-Id: 9974267
Return-Path: <kvm-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	539B160365 for <patchwork-kvm@patchwork.kernel.org>;
	Wed, 27 Sep 2017 15:17:16 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44F651FF13
	for <patchwork-kvm@patchwork.kernel.org>;
	Wed, 27 Sep 2017 15:17:16 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 394FB223A6; Wed, 27 Sep 2017 15:17:16 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B632A1FF13
	for <patchwork-kvm@patchwork.kernel.org>;
	Wed, 27 Sep 2017 15:17:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753526AbdI0PPv (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Wed, 27 Sep 2017 11:15:51 -0400
Received: from mail-by2nam03on0054.outbound.protection.outlook.com
	([104.47.42.54]:61520
	"EHLO NAM03-BY2-obe.outbound.protection.outlook.com"
	rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
	id S1753311AbdI0POS (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 27 Sep 2017 11:14:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=amdcloud.onmicrosoft.com; s=selector1-amd-com;
	h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
	bh=M863YgSC91UqaI0fBHCGIFrW1qY7hJyx/XFzSO5fEyg=;
	b=Arw+ma7I/ooK1AvRGpswhXJt7u0WO80CIlqAKK9iOsoTt6R+J5HA/N54Jbac8r9OjAwMFbh4CTuXSfHLpo6Q5+Wx0WecQ88OqxCFAU08jwiBWCA1mUKGurCZA4imESRf9Cw7Io/dD+8QdPLctJYfDltHOlv4BdqFrRii832DSAY=
Authentication-Results: spf=none (sender IP is )
	smtp.mailfrom=brijesh.singh@amd.com;
Received: from ubuntu-010236106000.amd.com (165.204.78.1) by
	CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) with
	Microsoft SMTP Server (version=TLS1_2,
	cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
	15.20.77.7; Wed, 27 Sep 2017 15:14:08 +0000
From: Brijesh Singh <brijesh.singh@amd.com>
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org
Cc: Brijesh Singh <brijesh.singh@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Borislav Petkov <bp@suse.de>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: [Part1 PATCH v5 14/17] x86: Add support for changing memory
	encryption attribute in early boot
Date: Wed, 27 Sep 2017 10:13:26 -0500
Message-Id: <20170927151329.70011-15-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.9.5
In-Reply-To: <20170927151329.70011-1-brijesh.singh@amd.com>
References: <20170927151329.70011-1-brijesh.singh@amd.com>
MIME-Version: 1.0
X-Originating-IP: [165.204.78.1]
X-ClientProxiedBy: BN6PR04CA0033.namprd04.prod.outlook.com (10.174.93.150) To
	CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: d7d32129-cddd-4d35-f0d3-08d505ba6704
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0;
	RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075);
	SRVR:CY1PR12MB0152;
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152;
	3:Rtl8betmEK7WiR7YWVsXo3gN8vi1/lYoVKZg3wpBgyq7LfGYs3YlNJKOAM0pl7t7o+XTDhgyJsGmwsBovKf6nWrycNNvtgaK1Izhe7jwQBR0aoGeM1uNURJZKJf5xZlel8LukYdemfGcy7RN/YL9679jUR3rg6Usld32wEfTLZi2QFUL+K12xyj/tAimxI8hk6m4QeG22MPyeV5IpUsgYFfiR/i5oarXbbzaoDQ0JRGyu5z53JNhcyXPcy6pOmsY;
	25:fK4h0l2xdPzJad8jr1e+6eRhsjyRdsYC+Rz7PO3hD3tJ9d2ji68d+4D5lge6K9TwS8TlxvUPMDDjDPxwSZlLATcUZc3qFr0qLLyS1QnjrzGN11wfPvIoTdI+RiZVxb8orCzKJkn/yFc2H8WWiyjazFSZnEjx30YZ4Un0k+h+OgGddnZPNex4ebNcbttsd0YraJ0b1EZY/UymrRu4GimAtaLGR2cdetYUXuaWkbTv+k2ynMdXAUvcbdlre3DYA2vqUpgquBLiJKA/OD4X1BrySJR4e7aULlqH9gYBmvvz9qA6YAguBmfoVj1XGH0TF8asvZIVDZxgX4dZLn8+xBHkjw==;
	31:6mIQhKHZsYmeR2xwkE2etqfQzPckN/NfyaDD8/qzB4lk13DLQ13RjS9/N8C9aT3LxsStqStEA5UglucZZNznT/N4IIpBZ8Qi0Msj7AKv+DUlQQp6ujbDTXFCS5JNlzFX0xdxVY1v4r2yBGzBFyPgEq6X58Yd4o8tO1STPeoT6tsSDKUrlWsvYWlwYo1qAGAHglDIm+5zuQe7na5IoP7y2nv7hpJRC6DqgJjjfKhHiv8=
X-MS-TrafficTypeDiagnostic: CY1PR12MB0152:
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152;
	20:6nvq0dEi5YAfOdtRjjzHjNUBygIl/1lTh4xD7ofc4iAFZ+JyJ4laM8nu8jP3Rh9dn51GsJbjGuKvbkuiu1EwjWQp/0RAdin5/oBMbKJ52FQ9ljwRGr7jov2WdUFN+wB5b+Lz2+4wPzzKaCUp3C8cZVxCM7ap9zdqTm+ilGICmmXiPZwIY8TjJvfyLkWegwemmsxOvefDLukHp/NrNnWZfSNn4ohb/Rtxz2Hauej/s/rLYBEclewSGvWgcSO7Yu/FF4ipaTjDBDgRm6Dy/J9+8IfGM9ifoUHoyrqfvVz8LObOA4vGTbLsWrHmjwd9GEPafIrT+W9ojh71NtWKuYMruPWlECTGcLKNNAF1z5wTarnd46hNEOJDnQePPlQkZ/5Qn+Awvk/hdPwJDe9LczWcyMsuJOnxWaeFC5RrLuoxPg2orrM4kp46qV/KF1Swe5bFzwCkX7GRa0k0QvttJUvCI4QmCgqvflHv3FbstSqrPbDTQNoaYMs25Crivd1EToiA;
	4:oYcJl6cL+hKU3CdqTiHrbSbuZ+Sqc4f7Ga9XCniVMy3jtLki2g/UdeZaR7DAPMK8VFxxfDDrsaM1KAdQxWnuuTOCt+y6FPkII359xaP1JeH/jAX3M8zf/tlBGg+Yg0mLx2IXZNZ8U4x19uHXkspkj9IWxtA10Da3bpDPlklI3MwcxYeEB1BptjPScR9x2e0bF5AbJvv4h6yDTwBWvjAeRJX1umOUEZR/54PgRxrXnXgaxRNshUrH5laLqwzFto5iQ7EwEZVx/tONl4k04oGfu7M4gM1Q1glvaqPkYWdR95Nqv3HgnO3SP0sl84XzZhtE
X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110);
X-Microsoft-Antispam-PRVS: 
 <CY1PR12MB01528F675C46B73762ACE5A8E5780@CY1PR12MB0152.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0;
	RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123555025)(20161123562025)(20161123564025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);
	SRVR:CY1PR12MB0152; BCL:0; PCL:0;
	RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);
	SRVR:CY1PR12MB0152;
X-Forefront-PRVS: 04433051BF
X-Forefront-Antispam-Report: SFV:NSPM;
	SFS:(10009020)(6009001)(346002)(376002)(39860400002)(199003)(189002)(3846002)(25786009)(6116002)(53416004)(106356001)(8936002)(4326008)(54906003)(1076002)(6486002)(50226002)(8676002)(305945005)(50466002)(5003940100001)(81156014)(48376002)(81166006)(6666003)(68736007)(36756003)(189998001)(7736002)(105586002)(97736004)(53936002)(2950100002)(101416001)(478600001)(16526017)(16586007)(76176999)(50986999)(316002)(47776003)(66066001)(86362001)(33646002)(5660300001)(2906002);
	DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0152;
	H:ubuntu-010236106000.amd.com; FPR:; SPF:None;
	PTR:InfoNoRecords; A:1; MX:1; LANG:en;
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0152;
	23:ZG4mo7x0gBfhpWgh9ZvXfeCKFr46w732yFbDzfNKa?=
	=?us-ascii?Q?+EvGhNK/E/XqySqDtAt8zuMM+QeAratrtAAi17aOCz3cSBhvgxi02k0ACmY6?=
	=?us-ascii?Q?Y73WEtgxVEiHpcC5qiGnAwg8+MHKQ0rfi5Bj3iobtA8GslOv+7CMGMY9XezM?=
	=?us-ascii?Q?xWr5dXpucs9Mob/k3gyk+nyT5XqGE3vFcpIIb33o8bmBrcEc/DAjI635lb1M?=
	=?us-ascii?Q?ldRuLnvM3kYjF59C6eWC70hwMjhr7RZ1U/BHIeDyFJj57FhH7exdwLUGg5bJ?=
	=?us-ascii?Q?R98xhi75eo9CsJG6YdSQ3ABYSc2V+wWJ0IRja/nCeTq2IqRyIGis/v7FDc6R?=
	=?us-ascii?Q?+ArvGgyK5kaTUcKjePohX0VGsH6WeZLOLlSIaFedo5LpyJMUbp6orbtOJawI?=
	=?us-ascii?Q?Oqqx5ocC8S23968e/UGuHnqxcnLoaOeJ7OlqwjtW0YjsqOadlRrn/a/ZDWMJ?=
	=?us-ascii?Q?Ent5CKVcQzlnrD8pjM2I7mzKGehiq4TqTEkbB06nvX3EcqghetCBONQ+0/CK?=
	=?us-ascii?Q?zOI/WlR9BB33BkrIMAEjOCjTpFCzaSxjr6+2PHCVTiQuhVmiM8QqIERGxgpf?=
	=?us-ascii?Q?9uFZmv3pjvN6jLWVpahlAJuO8Fo/DMgo0JNWFHk3egjUAuDLOfv3HCZPr/nx?=
	=?us-ascii?Q?lbFeB/3O0xuGGrXy7CfT8KLPjmfByq2EW8v5PWLst8ihNmJmS9VtNHvDh5Cf?=
	=?us-ascii?Q?QTVC4E/2uMwXfCMCM8n1z/Apv/XLz0bJpP/CJ5h9eRMBx1tukyjY+MCEZO/p?=
	=?us-ascii?Q?Ze/nXjVN0pxFda4VHvyePPIFdID0hJ8slStp993ooLiOaKlGw6jB70GmJ0ru?=
	=?us-ascii?Q?rGUfVXSm5WSnqFaAZEpvmefF41i0o3t6W2D/k5mbLzw1P88FA5cDCZjVAZPr?=
	=?us-ascii?Q?Kw+O7S7xQGjvXCK/dAJE0Rdaa7Xvv1WDUtPXjEl6kzW6g1mapAG/nk8qmYVg?=
	=?us-ascii?Q?JgsyCl3L6YuZyGpgWlLothGwEgdLfaQ8EVi+QgBqDIcc7ROiAP7yvVZhwnyN?=
	=?us-ascii?Q?7ieXRW1R76A0RW4XzGPVa3RBboAvBQig8YVI6tWGkeo1wOQO0LEPHlswsgOm?=
	=?us-ascii?Q?o7zj1EwNEnqm/u+/De8hZjCwgmFSChMR/NImhIevm1mB1AYng=3D=3D?=
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152;
	6:cIwxv/w1E5waxRPHGeTe2MUpHd9O3C1CUrTGb8uOttsR1tE6h74WD9OJLPkYqdJl+OgYXniIe8o3FBQvoc129z8pCY+SRQ47PAV6u0qRWS1C0eLcDcRtTgNDazdhUjV0pJaleCBv8iHriUdIznMsEs6xv+l0ko5Tq5SHU1xMIOoV6p7kDaLrxl4927ImMu6BroVp+FPtu0QhtQ7LH31AQw9979NSU/6zdHv5Bet5h4bmRahNI1eIDZJ4ErJ94bjtif6lzoLIJWSzE5qKbH3TgOv9yfQ7j43pXwNs81L6jTMEaLXVRpiGb+ZDYFwi/xIS2Pvj8tBBkW9hmSr+EsGr8Q==;
	5:EbEjqlqu/z49rYe5sOUNyj01sHVL4zKS5ogCFRDKUjDsMmWx1Jc9Vja5aKMihEv3CCBGZxEJRWZ5AHm96Oyz/k+NjCIeDMCxoshtFfWqCb+Bwm/stHQWGnEk+BCejp+ame+RnBRAzwvOZAlyMHbwRQ==;
	24:7+7J481aqA2W2VIeSWf+4WhFL5C9IasZE/dwzWztzVS6ak6jTvJzm3bWy6ugjF2MINaf4OCEZnOTFn4tC7k7KDanKIEWcHHBduORHVKQLQY=;
	7:j26nhpH1L9yDvZkUcbWVgplpz7xdVPv287QwtxnPaHZ0/GjcgYH3PFRkVHUGx8UDZT/OgX26yoRYqVndIULlO2IptsqD1QdDSDky/hkB9AVvkMJbTWDJXIRHUnV9Vk5Ro7WBh+gzvvp+2tDx+dp5hI/hN8TqtC/48VdxYuI5TbdqAWLlZsFwkMAZZO2I9gP+2q+aKzMZIEDLH3yLIWrMgcZhlPay17PwNP0Avyfex98=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152;
	20:4YBeWP4/EufK4ZVikSaOYK91ZDVBH13gxXm2Lgi6SVtVa8ceF5fjLnNinBxJy9Q3Ed3pDFmRtycib1XzlUkQ87zfhNWpSNWc7boHqy8xj9S3i0ROD8v0uRAPuowV/2jXVbLhbXIqAEAKXIP3PHcQqBWu4Bt8dt5GCwOCBxE5+bVlSu5Da0/m+tROj8CBVr3qVf+NRTV3gGtXHdUxxEZ8XEHUyhRVg2zhgi14dvlgRntCbKqcCloMkWwirF8nviVh
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Sep 2017 15:14:08.3225
	(UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0152
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Some KVM-specific custom MSRs share the guest physical address with the
hypervisor in early boot. When SEV is active, the shared physical address
must be mapped with memory encryption attribute cleared so that both
hypervisor and guest can access the data.

Add APIs to change the memory encryption attribute in early boot code.

Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: x86@kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
---
 arch/x86/include/asm/mem_encrypt.h |   8 +++
 arch/x86/mm/mem_encrypt.c          | 121 +++++++++++++++++++++++++++++++++++++
 2 files changed, 129 insertions(+)

diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h
index 2b024741bce9..3ba68c92be1b 100644
--- a/arch/x86/include/asm/mem_encrypt.h
+++ b/arch/x86/include/asm/mem_encrypt.h
@@ -42,6 +42,9 @@ void __init sme_early_init(void);
 void __init sme_encrypt_kernel(void);
 void __init sme_enable(struct boot_params *bp);
 
+int __init early_set_memory_decrypted(resource_size_t paddr, unsigned long size);
+int __init early_set_memory_encrypted(resource_size_t paddr, unsigned long size);
+
 /* Architecture __weak replacement functions */
 void __init mem_encrypt_init(void);
 
@@ -70,6 +73,11 @@ static inline void __init sme_enable(struct boot_params *bp) { }
 static inline bool sme_active(void) { return false; }
 static inline bool sev_active(void) { return false; }
 
+static inline int __init
+early_set_memory_decrypted(resource_size_t paddr, unsigned long size) { return 0; }
+static inline int __init
+early_set_memory_encrypted(resource_size_t paddr, unsigned long size) { return 0; }
+
 #endif	/* CONFIG_AMD_MEM_ENCRYPT */
 
 /*
diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
index 05c3cb9fb442..2a1142150372 100644
--- a/arch/x86/mm/mem_encrypt.c
+++ b/arch/x86/mm/mem_encrypt.c
@@ -28,6 +28,8 @@
 #include <asm/msr.h>
 #include <asm/cmdline.h>
 
+#include "mm_internal.h"
+
 static char sme_cmdline_arg[] __initdata = "mem_encrypt";
 static char sme_cmdline_on[]  __initdata = "on";
 static char sme_cmdline_off[] __initdata = "off";
@@ -258,6 +260,125 @@ static void sev_free(struct device *dev, size_t size, void *vaddr,
 	swiotlb_free_coherent(dev, size, vaddr, dma_handle);
 }
 
+static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc)
+{
+	pgprot_t old_prot, new_prot;
+	unsigned long pfn;
+	pte_t new_pte;
+
+	switch (level) {
+	case PG_LEVEL_4K:
+		pfn = pte_pfn(*kpte);
+		old_prot = pte_pgprot(*kpte);
+		break;
+	case PG_LEVEL_2M:
+		pfn = pmd_pfn(*(pmd_t *)kpte);
+		old_prot = pmd_pgprot(*(pmd_t *)kpte);
+		break;
+	case PG_LEVEL_1G:
+		pfn = pud_pfn(*(pud_t *)kpte);
+		old_prot = pud_pgprot(*(pud_t *)kpte);
+		break;
+	default:
+		return;
+	}
+
+	new_prot = old_prot;
+	if (enc)
+		pgprot_val(new_prot) |= _PAGE_ENC;
+	else
+		pgprot_val(new_prot) &= ~_PAGE_ENC;
+
+	/* if prot is same then do nothing */
+	if (pgprot_val(old_prot) == pgprot_val(new_prot))
+		return;
+
+	new_pte = pfn_pte(pfn, new_prot);
+	set_pte_atomic(kpte, new_pte);
+}
+
+static int __init early_set_memory_enc_dec(resource_size_t paddr,
+					   unsigned long size, bool enc)
+{
+	unsigned long vaddr, vaddr_end, vaddr_next;
+	unsigned long psize, pmask;
+	int split_page_size_mask;
+	pte_t *kpte;
+	int level, ret;
+
+	vaddr = (unsigned long)__va(paddr);
+	vaddr_next = vaddr;
+	vaddr_end = vaddr + size;
+
+	/*
+	 * We are going to change the physical page attribute from C=1 to C=0
+	 * or vice versa. Flush the caches to ensure that data is written into
+	 * memory with correct C-bit before we change attribute.
+	 */
+	clflush_cache_range(__va(paddr), size);
+
+	for (; vaddr < vaddr_end; vaddr = vaddr_next) {
+		kpte = lookup_address(vaddr, &level);
+		if (!kpte || pte_none(*kpte)) {
+			ret = 1;
+			goto out;
+		}
+
+		if (level == PG_LEVEL_4K) {
+			__set_clr_pte_enc(kpte, level, enc);
+			vaddr_next = (vaddr & PAGE_MASK) + PAGE_SIZE;
+			continue;
+		}
+
+		psize = page_level_size(level);
+		pmask = page_level_mask(level);
+
+		/*
+		 * Check, whether we can change the large page in one go.
+		 * We request a split, when the address is not aligned and
+		 * the number of pages to set/clear encryption bit is smaller
+		 * than the number of pages in the large page.
+		 */
+		if (vaddr == (vaddr & pmask) &&
+			((vaddr_end - vaddr) >= psize)) {
+			__set_clr_pte_enc(kpte, level, enc);
+			vaddr_next = (vaddr & pmask) + psize;
+			continue;
+		}
+
+		/*
+		 * virtual address is part of large page, create the page table
+		 * mapping to use smaller pages (4K or 2M). If virtual address
+		 * is part of 2M page the we request spliting the large page
+		 * into 4K, similarly 1GB large page is requested to split into
+		 * 2M pages.
+		 */
+		if (level == PG_LEVEL_2M)
+			split_page_size_mask = 0;
+		else
+			split_page_size_mask = 1 << PG_LEVEL_2M;
+
+		kernel_physical_mapping_init(__pa(vaddr & pmask),
+					     __pa((vaddr_end & pmask) + psize),
+					     split_page_size_mask);
+	}
+
+	ret = 0;
+out:
+	__flush_tlb_all();
+	return ret;
+}
+
+int __init early_set_memory_decrypted(resource_size_t paddr, unsigned long size)
+{
+	return early_set_memory_enc_dec(paddr, size, false);
+}
+
+int __init early_set_memory_encrypted(resource_size_t paddr, unsigned long size)
+{
+	return early_set_memory_enc_dec(paddr, size, true);
+}
+
 /*
  * SME and SEV are very similar but they are not the same, so there are
  * times that the kernel will need to distinguish between SME and SEV. The