Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753198AbcD0PRt (ORCPT ); Wed, 27 Apr 2016 11:17:49 -0400 Received: from mail-bn1bon0073.outbound.protection.outlook.com ([157.56.111.73]:6848 "EHLO na01-bn1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752661AbcD0PRq (ORCPT ); Wed, 27 Apr 2016 11:17:46 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Subject: Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement To: Pavel Machek References: <20160426225553.13567.19459.stgit@tlendack-t1.amdoffice.net> <20160426225614.13567.47487.stgit@tlendack-t1.amdoffice.net> <20160322130150.GB16528@xo-6d-61-c0.localdomain> CC: , , , , , , , , , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov From: Tom Lendacky Message-ID: <5720D810.9060602@amd.com> Date: Wed, 27 Apr 2016 10:17:36 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160322130150.GB16528@xo-6d-61-c0.localdomain> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BY1PR15CA0012.namprd15.prod.outlook.com (10.162.17.150) To CY1PR1201MB1116.namprd12.prod.outlook.com (10.169.19.20) X-MS-Office365-Filtering-Correlation-Id: 4288f3ab-4c5b-4ce3-0da5-08d36eaf1442 X-Microsoft-Exchange-Diagnostics: 1;CY1PR1201MB1116;2:OjMvW6rZ/cn1qmXviFX1AjKzKfmDyJqfG7mAaybAKJvyRzUhPqZcEeYO/L6Et86Gbi/OSzbwYfvrkfyhMrw6NCgHWQy7Wjt/9E6N6wx5k8LsA6IMFF71iRRm/I3xeNOG5fzU3VD9tDbZthDhT6xQvBfzj4kgjUznLV/m1dH7jeuiq5wLHYwz6zoKH4RjN2qt;3:7MlwFS2m/Xfd7EcP1r8uLHYZFv1RiGmS48HRt+o2atLnDjnE5K0JmDPIdugu7dYs5SPkP7XxQOtnSI4ykHzmy5pLjQ5vXELXu1Gt5jaliJVhY0zC8w8qrBoZDTvt5jxg;25:7q7IZ60Y06VzrqhhgAOlxPt+ha6/y8aYR2BkgHi/QOvtJtlg1Bufc1kJhoyKsR8Ih9uKQxyHD0L9faZGLomfD9ci895oAko856KgqtnW4LAc1LXKpccYzqJjEXraJv30DfigFE/tL6GvfyIcgrEztBWBGOZH/wnPxICIBTvOPygNTKxLZvhar4ivBfZiQhWmd6/bXLc0zYJtE9xIpSagSw2KegiRi5Fu7ibGDY1PK+K7281C1x1rudHw0/FeN69xaUn23kOdtsucqSbtagjMSg75PZwn/k4PPPDx3tslC4MO8Yzz+j7jKouiQVkFjMqSA5MSYyY2kUijkw8qYpT6Fg== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR1201MB1116; X-Microsoft-Exchange-Diagnostics: 1;CY1PR1201MB1116;20:3KpPgrSKIm17KWUn1USQnYKpk0JURCWd7J4DoQgCoYuN8I4Pf+1D45uPPuuiM6AScvZP1JWFENBvHX55iJYUKyia+1xtfo6692jNMxxTTggLLrYHnh5gt6XhckbntWaZjjAddSKMZHJoKFeLf9y2x8AEqRzreSCazYDhqIwsxU9BfHhjvlvWqLlql++y/vWe64Fnyf7utZyOud6zG155EV8lf9nC3Z5E5V43Z3iaFPZuKHyI9vj2iyxdX67T3cUx5sjxF8pXF6LugXhuUcLzSvkST5TI5nCgToiduKA5Z0yxjcAYklwxZSZq9n/0zIAth8LL9GXR3KxqxP1xYcXIZcG8kQEkbe3DF6WNFNUYBlhQhO0dCmVpBmB2D5iWj8ETkVsHbD0155O5nnII6/SVQKwlpnqbEByEgv38EFb8xDjzDIg7nBuiHYkls9qBSyzcwbw79e4t5hVYbOPHTQlnk5bkgLACiaxlqfCbW62JGY5KPPDy+ShXobLwNL/wmMoE;4:0roijoxyVUQD0+jQ2R7S9BzSOX/yk4p3JT9ICtM2gHA2x+qpsBjPO/ag5k1G7uMS4j1O+rhPu3TcFfwvfKGnWCagtQ04kn2M2Yyt/6QlZAzz3If2kqpBesrFN9iFGI/YyD9PVx0SWQPoBsiPLpDYKn0KMxTirUaGkyeR3/zxwG4T8lkPUeUTxTIhvTQvJPfGJgIvOwS1KUlFfgWXYKDcjSqw3A6y4+UU47INE6jJbGXVLGsEbR56PYTPLqKEo4tnONtd/VdRk4/V2jab3TJfStbuD4AMMt9BHsTDGEaGbZKjp5aIOdd68AskdPGtMA7Pznaaz8oUygUcF8A31QWqzY7shdC/zKYvwz2ndaaEe4s42B3oN6u1uM7uCmkiMvxabysG4zWXF2UcrwKXaMLPPS60sUDelqj0dtruFy2JPPI= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(9101521072)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026);SRVR:CY1PR1201MB1116;BCL:0;PCL:0;RULEID:;SRVR:CY1PR1201MB1116; X-Forefront-PRVS: 0925081676 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(377424004)(377454003)(24454002)(5004730100002)(83506001)(59896002)(189998001)(2950100001)(36756003)(80316001)(19580405001)(64126003)(6116002)(81166005)(50986999)(3846002)(86362001)(5008740100001)(19580395003)(87266999)(54356999)(77096005)(4001350100001)(50466002)(65816999)(586003)(110136002)(65806001)(42186005)(66066001)(65956001)(4326007)(76176999)(1096002)(230700001)(23746002)(47776003)(2906002)(33656002)(92566002)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR1201MB1116;H:[10.236.18.82];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;CY1PR1201MB1116;23:MVSfzEsXkY3y77UV+61yvWo3gRVU5dWgb4G?= =?Windows-1252?Q?ADt4lwCbc5d/4vXGiaSKOv9dkvW3m5K2acc09qMk/7VpezOiKE3RqMbL?= =?Windows-1252?Q?grHhpiM3QVx/mSBvXwgUwGE7OXWuxU4B1qX+1wky6L3hoINEtELjKzGG?= =?Windows-1252?Q?wXMzFOTUfoZt1qgTJeQb7mkvhy/wJzQ2lNyywgeX5f5/9K9qpymLGyPU?= =?Windows-1252?Q?jltjCjyhYrrOH5969gVS3G5tv0zb0EYeg0JJC2Ov2mpzKfCv1z1h3abo?= =?Windows-1252?Q?ixCfZ/eLfadXn7FGnG7L0iairkfmt+h31mSwjy2HxDFwy99Q/IH+n/2Y?= =?Windows-1252?Q?37ydBBo6JdYRv6xlH/vEQBpkEjVY/JY2vRMDQmKfvXCx9OW72pBphAt5?= =?Windows-1252?Q?Q/sUmxfJfs8FkiefMkerj1YS3eKmLU3m3Rgf8rT9LYGSRLNUmoY4RYD7?= =?Windows-1252?Q?CT31UwoDmz8z9Z5vFlM/doDoo1s11SX42U0cYbEAAG8C28ktWObfJoQj?= =?Windows-1252?Q?HGbCbg4+xEa1HVLW63R2tcZlqyKxas99sDeTT71ERCmb1wbSJ5eT8HYa?= =?Windows-1252?Q?MOOu6eq4SmwmPJMKqcWS743G5b4oTdixe3nYNMnjGxFhIyFfv4i4Lf2W?= =?Windows-1252?Q?ds/6/qt6P3cki619VRl09NEe1wh4oz7993ipzfIjuYjcuxBkO2e9yzR3?= =?Windows-1252?Q?9+esOQ5PUsaa2FCbJpG2O+1q/UtH35TZ+3u2mt9+PEwBMbCR/pT4qSA9?= =?Windows-1252?Q?jbCOJtx7fVizfE42OST6r71My4hnBsy3rCELWKAeSlL1ILThOZ39vdXh?= =?Windows-1252?Q?rjOKS0rd/u92KCZAHCc4E2kvdbSrsZFZ01zOQ15g2leChypIGtbOb24o?= =?Windows-1252?Q?mh/4VQqZzN/bGYpnQrkylL70kA+HnQ3up/tD+ytLlqs5gDvK0ye1zUfH?= =?Windows-1252?Q?lAeoHx/5CHspOAZuHxX5tqPIdzMMF6Iv1eNa90n6P9tqrWD5fLE6jErY?= =?Windows-1252?Q?vz7T5CjPW3T4JPNbTZiBsxevOIWHYizQJpvMpA/zZJFvjDa+OZwtQ6zo?= =?Windows-1252?Q?m826f64tpXJ/JzimcyR2+nQCqc175xy4jMrlq1g3A+gUvZ0s6O/qKRot?= =?Windows-1252?Q?ZrXa17oUrdzOkP3Ipw39i7FwxKCuxEsBzUgBHkXA/5zSiVauTBz6zU/g?= =?Windows-1252?Q?/KO3wHpLABO0Pmb4z/6GoRKwEy5aBytmBLzWUczoVoYo3YUfyAqGjDwA?= =?Windows-1252?Q?XqGx9mf/oFj+MpF7vKw=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR1201MB1116;5:VvJ0TOTj+hNsRWU/2jK7ACxReJYuaHXLOLWI+ESAVVRQ63OYR+6zeSEjPSGnPcOfuvw/GHEqQfpjw+Lbv7cBVFwPyyD92Wea7PNILJoaH6tZ7sgDahCA7247ur/NUvsJU9sNVD2SMt1nMQZFfgL/5A==;24:T17+ERTlI8unoWG7G/ntWMhLDYDZQA6m37a5oe2WN9xFUXSAsQZ5hQNYkP7PPdVxDjyvLhg32FyGAScfBtjYvjjUfKCj3mk/NPIC+1CSYF0=;7:lHrG1rL5vphs6q4WjFH5SgxKBeOPL+Hin2xLjYCfDakvW08MfdLsPyvxKDWnsSR9EEqmukrhgU972UsmJwOed1BZ6njPFwfkYq1x06h2Hhh0Udq4D1pugvLhKmkICu23xkkr5HLCMwRzu7nIo+sAZPdrIxJqa5AwTS1kSAiLfd7YJTWTQM0l2tp/BNKcC/KB;20:tjctB/kmzxSg/YcPPBv/qj1li7lrluVnK+gtSHy2P/hksi3Q+AU5TwFWyV4EswyQfAyhe5tMYQFmvZ8Jrb+Tu9DXLlKtJBVIrt8AfVVh9JCwbbvyg/tzluwSOWEqZ+HwnRwN/g4jJv18iz3FAPSOUDwkg8zhuBbC4BaV0yV/hluFWyEMZuWNs8Wxy+d3EBLIpAH25+mMqNkvu5GC0t0dBuklHVdTSQ6+teC9+2qJ99XW0S283LQGwl9S2nPr8fhb SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2016 15:17:40.6482 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR1201MB1116 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1372 Lines: 42 On 03/22/2016 08:01 AM, Pavel Machek wrote: > On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: >> Provide the Kconfig support to build the SME support in the kernel. > > > Probably should go last in the series? Yeah, I've seen arguments both ways for this. Doing it early allows compiling and testing with it enabled and doing it late doesn't enable anything until it's all there. I just chose the former. Thanks, Tom > >> Signed-off-by: Tom Lendacky >> --- >> arch/x86/Kconfig | 9 +++++++++ >> 1 file changed, 9 insertions(+) >> >> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig >> index 7bb1574..13249b5 100644 >> --- a/arch/x86/Kconfig >> +++ b/arch/x86/Kconfig >> @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES >> supports them), so don't confuse the user by printing >> that we have them enabled. >> >> +config AMD_MEM_ENCRYPT >> + bool "Secure Memory Encryption support for AMD" >> + depends on X86_64 && CPU_SUP_AMD >> + ---help--- >> + Say yes to enable the encryption of system memory. This requires >> + an AMD processor that supports Secure Memory Encryption (SME). >> + The encryption of system memory is disabled by default but can be >> + enabled with the mem_encrypt=on command line option. >> + >> # Common NUMA Features >> config NUMA >> bool "Numa Memory Allocation and Scheduler Support" >