This series addresses an issue related to kexec/kdump when SME is active.
The SME support uses a workarea located after the end of the kernel to
perform "in-place" encryption of the kernel. When kexec/kdump is used, it
is possible that some other data used by kexec/kdump could be in this area
of memory which would cause the kexec/kdump of the kernel to fail.
Create a section for SME in vmlinux.lds.S that is positioned after "_end",
so that the memory it occupies will be reclaimed after its use during
boot. Since it is part of the kernel image, there is no worry now that
kexec/kdump will place data in the SME workarea when installing the kexec/
kdump kernel. As part of this fix, clarify what occupied kernel memory is
reserved and what parts of the kernel memory are discarded.
The following patches are included:
- Identify and document what parts of the kernel image are reserved (saved)
and what is discarded.
- Create a new SME workarea section that will be reclaimed after its use
during boot, thus allow
This patch series is based on tip/master.
---
Tom Lendacky (2):
x86/mm: Identify the end of the kernel area to be reserved
x86/mm: Create an SME workarea in the kernel for early encryption
arch/x86/include/asm/sections.h | 2 ++
arch/x86/kernel/setup.c | 8 +++++++-
arch/x86/kernel/vmlinux.lds.S | 33 +++++++++++++++++++++++++++++-
arch/x86/mm/mem_encrypt_identity.c | 22 ++++++++++++++++++--
4 files changed, 61 insertions(+), 4 deletions(-)
--
2.17.1