Re: [PATCH v8] x86/boot: Don't return encryption mask from __startup_64()
From: Huang, Kai
Date: Wed Jul 16 2025 - 07:33:30 EST
On Wed, 2025-07-16 at 09:11 +0000, Khalid Ali wrote:
> From: Khalid Ali <khaliidcaly@xxxxxxxxx>
>
> Avoid returning encryption mask to callers of __startup_64().
>
> The encryption mask is available to callers and canbe accessed
^
can be
> sme_get_me_mask() in C code and sme_me_mask symbol in assembly code.
>
> This change aligns the way the mask is retrieved in
> secondary_startup_64_no_verify().
>
> No functionality change intended, only consistency improvement, so the
> code becomes cleaner.
>
> On intel processors sme_me_mask is zero. So, it is safe to add mask only
> if CONFIG_AMD_MEM_ENCRYPT.
>
> Signed-off-by: Khalid Ali <khaliidcaly@xxxxxxxxx>
> Acked-by: Kai Huang <kai.huang@xxxxxxxxx>
> ---
>
> Changes in v8:
> * Improve commit message for clarity.
Apparently not jut commit message change, since ...
> /*
> * Perform pagetable fixups. Additionally, if SME is active, encrypt
> - * the kernel and retrieve the modifier (SME encryption mask if SME
> - * is active) to be added to the initial pgdir entry that will be
> - * programmed into CR3.
> - */
> + * the kernel.
> + */
... the indent of this comment is broken. Your v7 was fine.
And ...
> movq %r15, %rsi
> call __startup_64
>
> /* Form the CR3 value being sure to include the CR3 modifier */
> - leaq early_top_pgt(%rip), %rcx
> - addq %rcx, %rax
> + leaq early_top_pgt(%rip), %rax
>
> #ifdef CONFIG_AMD_MEM_ENCRYPT
> + /* Retrieve the modifier (SME encryption mask if SME
> + * is active) to be added to the initial pgdir entry that will be
> + * programmed into CR3.
> + */
... this comment style is broken too. Again, your v7 was fine:
+ /*
+ * Retrieve the modifier (SME encryption mask if SME
+ * is active) to be added to the initial pgdir entry that will be
+ * programmed into CR3.
+ */
I am not sure how you ended up with those random broken changes, because
they are quite unusual to me.
Could you please remove my Acked-by?