|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v7 08/36] x86/mm: Add support to enable SME in early boot processing
On 6/20/2017 2:38 AM, Borislav Petkov wrote: On Fri, Jun 16, 2017 at 01:51:15PM -0500, Tom Lendacky wrote:Add support to the early boot code to use Secure Memory Encryption (SME). Since the kernel has been loaded into memory in a decrypted state, encrypt the kernel in place and update the early pagetables with the memory encryption mask so that new pagetable entries will use memory encryption. The routines to set the encryption mask and perform the encryption are stub routines for now with functionality to be added in a later patch. Because of the need to have the routines available to head_64.S, the mem_encrypt.c is always built and #ifdefs in mem_encrypt.c will provide functionality or stub routines depending on CONFIG_AMD_MEM_ENCRYPT. Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx> --- arch/x86/include/asm/mem_encrypt.h | 8 +++++++ arch/x86/kernel/head64.c | 33 +++++++++++++++++++++--------- arch/x86/kernel/head_64.S | 39 ++++++++++++++++++++++++++++++++++-- arch/x86/mm/Makefile | 4 +--- arch/x86/mm/mem_encrypt.c | 24 ++++++++++++++++++++++ 5 files changed, 93 insertions(+), 15 deletions(-)...diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index b99d469..9a78277 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -11,6 +11,9 @@ */#include <linux/linkage.h>+#include <linux/init.h> + +#ifdef CONFIG_AMD_MEM_ENCRYPT/* I have to re-spin for the kbuild test error. But given that this function will be filled in later it's probably not worth doing the space savings here. Thanks, Tom Reviewed-by: Borislav Petkov <bp@xxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |