Re: [PATCH] x86/mm: Create an SME workarea in the kernel for early encryption

From: Lendacky, Thomas
Date: Thu Jun 13 2019 - 15:03:01 EST

Next message: Song Liu: "Re: [PATCH 3/9] x86/bpf: Move epilogue generation to a dedicated function"
Previous message: Saiyam Doshi: "[PATCH] gsmi: replace printk with relevant dev_<level>"
In reply to: Dave Hansen: "Re: [PATCH] x86/mm: Create an SME workarea in the kernel for early encryption"
Next in thread: Baoquan He: "Re: [PATCH] x86/mm: Create an SME workarea in the kernel for early encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/13/19 1:06 PM, Dave Hansen wrote:
> On 6/13/19 10:59 AM, Lendacky, Thomas wrote:
>>> After I say all that... Why can't you just stick your data in a normal,
>>> vanilla __init variable? Wouldn't that be a lot less subtle?
>> The area needs to be outside of the kernel proper as the kernel is
>> encrypted "in place." So an __init variable won't work here.
>
> Ahh, that makes sense. Also sounds like good changelog fodder.
>
> FWIW, you *could* use an __init area, but I think you'd have to work
> around it in sme_encrypt_kernel(), right? Basically in the
> kernel_start/end logic you'd need to skip over it. That's probably more
> fragile than what you have here, though.

Yes, I think having the workarea outside the kernel is best.

I'll send a V2 with the pre-patch and suggested changes.

Thanks,
Tom

>

Next message: Song Liu: "Re: [PATCH 3/9] x86/bpf: Move epilogue generation to a dedicated function"
Previous message: Saiyam Doshi: "[PATCH] gsmi: replace printk with relevant dev_<level>"
In reply to: Dave Hansen: "Re: [PATCH] x86/mm: Create an SME workarea in the kernel for early encryption"
Next in thread: Baoquan He: "Re: [PATCH] x86/mm: Create an SME workarea in the kernel for early encryption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]