Re: [Part1 PATCH v6.1 14/17] x86: Add support for changing memory encryption attribute in early boot
From: Borislav Petkov
Date: Mon Oct 16 2017 - 17:25:57 EST
On Mon, Oct 16, 2017 at 02:56:08PM -0500, Brijesh Singh wrote:
> Some KVM-specific custom MSRs share the guest physical address with the
> hypervisor in early boot. When SEV is active, the shared physical address
> must be mapped with memory encryption attribute cleared so that both
> hypervisor and guest can access the data.
>
> Add APIs to change the memory encryption attribute in early boot code.
>
> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
> Cc: "H. Peter Anvin" <hpa@xxxxxxxxx>
> Cc: Borislav Petkov <bp@xxxxxxx>
> Cc: x86@xxxxxxxxxx
> Cc: linux-kernel@xxxxxxxxxxxxxxx
> Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
> Improvements-by: Borislav Petkov <bp@xxxxxxx>
> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
> ---
>
> Changes since v6:
> * applied the improvements from Boris
>
> arch/x86/include/asm/mem_encrypt.h | 8 +++
> arch/x86/mm/mem_encrypt.c | 131 +++++++++++++++++++++++++++++++++++++
> 2 files changed, 139 insertions(+)
Reviewed-by: Borislav Petkov <bp@xxxxxxx>
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.