[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v7 18/36] x86/efi: Update EFI pagetable creation to work with SME

To: Tom Lendacky <thomas.lendacky@xxxxxxx>
From: Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 22 Jun 2017 11:58:30 +0100
Cc: linux-efi@xxxxxxxxxxxxxxx, Brijesh Singh <brijesh.singh@xxxxxxx>, Toshimitsu Kani <toshi.kani@xxxxxxx>, linux-doc@xxxxxxxxxxxxxxx, x86@xxxxxxxxxx, linux-mm@xxxxxxxxx, Radim Krčmář <rkrcmar@xxxxxxxxxx>, Alexander Potapenko <glider@xxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Larry Woodman <lwoodman@xxxxxxxxxx>, linux-arch@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, Jonathan Corbet <corbet@xxxxxxx>, Joerg Roedel <joro@xxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, kasan-dev@xxxxxxxxxxxxxxxx, Ingo Molnar <mingo@xxxxxxxxxx>, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>, Dave Young <dyoung@xxxxxxxxxx>, Rik van Riel <riel@xxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Dmitry Vyukov <dvyukov@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, kexec@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx, iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>
Delivery-date: Thu, 22 Jun 2017 10:58:36 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, 16 Jun, at 01:53:17PM, Tom Lendacky wrote:
> When SME is active, pagetable entries created for EFI need to have the
> encryption mask set as necessary.
> 
> When the new pagetable pages are allocated they are mapped encrypted. So,
> update the efi_pgt value that will be used in cr3 to include the encryption
> mask so that the PGD table can be read successfully. The pagetable mapping
> as well as the kernel are also added to the pagetable mapping as encrypted.
> All other EFI mappings are mapped decrypted (tables, etc.).
> 
> Reviewed-by: Borislav Petkov <bp@xxxxxxx>
> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
> ---
>  arch/x86/platform/efi/efi_64.c |   15 +++++++++++----
>  1 file changed, 11 insertions(+), 4 deletions(-)
 
Reviewed-by: Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v7 00/36] x86: Secure Memory Encryption (AMD)
  - From: Tom Lendacky
- [Xen-devel] [PATCH v7 18/36] x86/efi: Update EFI pagetable creation to work with SME
  - From: Tom Lendacky

Prev by Date: Re: [Xen-devel] [PATCH v7 16/36] efi: Add an EFI table address match function
Next by Date: Re: [Xen-devel] [PATCH] passthrough: give XEN_DOMCTL_test_assign_device more sane semantics
Previous by thread: [Xen-devel] [PATCH v7 18/36] x86/efi: Update EFI pagetable creation to work with SME
Next by thread: [Xen-devel] [PATCH v7 19/36] x86/mm: Add support to access boot related data in the clear
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.