Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933999AbcKPTWw (ORCPT ); Wed, 16 Nov 2016 14:22:52 -0500 Received: from mail-cys01nam02on0075.outbound.protection.outlook.com ([104.47.37.75]:4976 "EHLO NAM02-CY1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753187AbcKPTWs (ORCPT ); Wed, 16 Nov 2016 14:22:48 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: [RFC PATCH v3 08/20] x86: Add support for early encryption/decryption of memory To: Borislav Petkov References: <20161110003426.3280.2999.stgit@tlendack-t1.amdoffice.net> <20161110003610.3280.22043.stgit@tlendack-t1.amdoffice.net> <20161116104656.qz5wp33zzyja373r@pd.tnic> CC: , , , , , , , , , Rik van Riel , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Larry Woodman , Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov From: Tom Lendacky Message-ID: <3a9e093a-9e80-8d2b-2615-56675cf6f147@amd.com> Date: Wed, 16 Nov 2016 13:22:36 -0600 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <20161116104656.qz5wp33zzyja373r@pd.tnic> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR12CA0008.namprd12.prod.outlook.com (10.162.96.146) To MWHPR12MB1152.namprd12.prod.outlook.com (10.169.204.16) X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;2:s/Qjgw3v4OPeUUOtSXkn4r46A7+2mGvMsbNV0g3c4Q/Fn+utoU2PpUecBxMyDrcYj/8olmNVCCDc/20OpGHkrR5OvnIDLSG/YI9VLPEJGtnbR3PZgHSFeAceOgDtIVB3o1GHZCNa/3Iu2bTkdmjwd/81qt6kbh4DqNhw+EmuEao=;3:M7x/Fd6ghvak87EXcFqW0mytwAYYFOGfvWp/F4wkt3Xgzkof0iCmvS21cJOOMk0Fi+c+xvOuwjCrLoae7QGNu2e1PbJPJQEEShmcF2QjQfH8IFAy3vddNxtfRz8V/oIuZ2Fw/h7OSqNER66Zpj8J2S9zkvxIxDGd9bjyC/nEQK0=;25:dwyEApWoWcs3cDSlOEwNNq7+BC7BZbfEt+Jm7wGXfnRyk5FkW4XncmqSPmN7Q3eZ0DJX//g4K2QqaRcPLbZfdPDiq+1ylWNxVndHQITVCmziCaJAxnyP7SAQQL0UxyJx9ZI53CUSE3HZO6w93jvMa35kq0VhgBswKnWCMNb7zpT+uwKf0GGYbYSm7iar35+W8Ud4IWP8pTmGkmrvzvHSSsv0yk0Y8BcNbLnlstwqh1HbqiMlfHxI86Wg8cCuV9f/HweAPJfcjZJyenRpKPFyaVw/+8MvJFegXWkh2odSEpC8XX40T3O/5QDAqFgmB79tJa9ZUUIDrwLw09daUOd9tMsnNsv+K/ihGtOuCWjPgGP9OLeWG8KlkJT6fpSdFMPAtZli4K2CbUfbXKi3OeXPGpqX0dWuAjrXWIsumI18GmGdUTeBe4TLINYIwWLSel/KbOBbm6kM47umHuMyz9S83w== X-MS-Office365-Filtering-Correlation-Id: 5c566b8b-e4aa-40cd-476f-08d40e55f04e X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:MWHPR12MB1152; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;31:0h+ciTExo6zC9pbX0TQ+c6wB19fEvhgE6Bv27uBPhgee6YhfZvHgKlOvFfiEKhhKH24pZZsV1nw8wg7bam+Yy16XdpoMtgsg9FVvbz2pImQMPEXAJtoo6W18WKSjnhOBFaju/BqJUzVZ6Zke+eQMCFoBedAzRZeOlguyfsM9zyP/8oBxLXVQ9/jYf2tD1FTXvcyKZmAAKJL8ja1tJM/EikpPcay5HGOYqNuE0J+lc5FUjDNmYfqGRBkSA1l4cpRMr99S+/OIb7k08aVhkc2xhmZwiRtk2jkFWnsgicPYm7w=;20:LEZWuBvcPHKVaVwvm7t0jmjOM+6rnv8W60zI5FRv2Sz01WxOT//QomRxjJDDACC2ThcRm8xsU4PH0VgbIDQx1rgnAoaPer7oBlZqGfL5ocrNEEzmnhASk+GRc37hnOCsrXRWj+ETnTqXDiLsekeSTXM18LgcHIZHBzOPCtO2B06mMzUQAaYftnrUDyLwUjfcSmgzz9H1hceVQx9/5Hn+2qpWX5/3d1ixKAMrumCbvSBNA2W8FSeNBZrkoz4FNfkqAlEjwu96JK3QFR7uY9wsaPJTuoPpNJKRRil4q2e9bRaAJSX4sz3+bffxDJvAmx+DfFo2rbx1cBlODT3J6cMnLBZLiEcXR3wZO38DNs2y+qrOQj2G7ys4IBvTya3O3TeU33w9TA2FwaTRk+zhCHMBT2BZGJdOicxLLHs0aWyxbrfITsGk+qQHw2eYch2Z3XvfDgAvUphHIxGrOOg6OKTpR5BHak1bWp/HmSo+YsPkVmPHP13sHT5DK/Bejor09LTX X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6060326)(6040281)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041223)(6061324);SRVR:MWHPR12MB1152;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1152; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;4:NoAfmP1UxEdp6Pysd77Kzgb31WN9LlTyC4/XNkVn5cP1llTCQHOg3VdzdgDP9Q3odQfkCYcSLrIMNtAeHkLQJOfZtVilBUvd1ev6c29ct1E1Y0YvwDhNhMmDosQOWY5R6raggb+5r8I9hTBinmNSPuCjF3V5pjBK1vFWPXlbAQW+3pUvIUmMhJsrpLUl7Xd2JUbA5lJaRBVxBu+PZHJqbK2gn4XxQK5D+0vmnq8aHTivMC/agSGo3tzC8vgGM/X3y6zhddgFCDepzXD3s+M4CmyTF1V7Wx9URdc8AdqUOaBBXelJA1YZMOtn9t60eezxh1x15gwepb3N0CV4WLuWyOlO/JOgXsj4jDM2/54eDUiaZLgqppR8wwKUIrkqqR/aodZ7GHaisDbv51GPpzoXLYaNEQNMJSNcOj5bejXp8N1p4CFySefOli3je/zyn1nOKnqHn0o3smRvjWKbp6q0mMfrdcLKcRPKiERNBzUrQmW2NiAe48wLY7KWdWHqNKv8+G+gfJvCKnwfpg3yHbFuJA== X-Forefront-PRVS: 01283822F8 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(377454003)(199003)(24454002)(189002)(105586002)(23676002)(47776003)(31686004)(42186005)(229853002)(50986999)(54356999)(101416001)(81166006)(81156014)(65826007)(33646002)(31696002)(50466002)(86362001)(77096005)(6916009)(106356001)(36756003)(68736007)(76176999)(64126003)(92566002)(230700001)(110136003)(2906002)(4326007)(5660300001)(97736004)(7416002)(7846002)(8676002)(6666003)(2950100002)(6116002)(3846002)(65806001)(305945005)(66066001)(65956001)(4001350100001)(7736002)(83506001)(189998001)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1152;H:[10.236.64.222];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUyOzIzOlltcTJvclY0ODFFZkR4RWxwLytsT0NBNUFH?= =?utf-8?B?WTFBcjV0dWY4YlBDb3diTmJtMEdLWDJOdkVSMXMxUmtQMld0Z2xWN1ZHSlM4?= =?utf-8?B?b21IRFZ3aHhuY25pOEJ4MnowY0o2RE0wdUFrbnlEQlFWdEhWSnYwUzJXVG9n?= =?utf-8?B?azFjUFJ2VDVJTEVleFhjZWw5WmordUlZM055ellGbC9qdjZyL0ZLWUdnVlh1?= =?utf-8?B?djVqcU9QTTVkbWMrcnBRNWxUV2ZNb2RNVW1BcGZtY0hSczBKa2pSZU5pWUZu?= =?utf-8?B?NVdPMzJBVmtJOWJBRHgxb1RyeDU5VmRCY2ZkekgxdFlEMXFFUVp2ZHc4WmhT?= =?utf-8?B?b01NeW9SVkFwaG4zZW9VVGU4ZjNNSk9XSzBiZ2U1SUY2OE1Wc2d2RjNDb3M5?= =?utf-8?B?UFM2QUFGWXAwYVc4RmdvSmk4T2F4T080by81TUlYR3JpOFJCR0huOFJKVmF6?= =?utf-8?B?QjFZRFFtU3ZmRFl5dkF4SWN1TTd3QXZUZGdTdnNtOUdieEVMV2lhQkpsaUN2?= =?utf-8?B?cUFQZWppYVowMXFiS3c2OEZBSzVvbHNQSmVRRlJBZE5XaTJjODdlME80dDV5?= =?utf-8?B?bjk3Q0FMUmh3SDZsSzd1bHhqV1ZWREJ2YkRUa1pMSGdMQkgyMnVHdzZ5d0dN?= =?utf-8?B?Zm1scHk0VzZvRmxDSmUvWTgyYnJNOTlySW1uZzQ5N0wveEhiMzYyeG9qWUdp?= =?utf-8?B?SkNFRnpvOGdpcXJ3VXdNcS9ORFQzRC9xMDBlTHJQYW1zcmFSVEZmb3JhZ052?= =?utf-8?B?dUZhMmREcmpVazJwTGV6cnhBUU12ajF3dHFpTHRMNElSRER5MXpqcE5ZUXRr?= =?utf-8?B?NzVBWFhvK1lPNUZFNjZZZGtaSmlwTmFjOC9HNDgzNWEyNzE4NXNxcjNsZmNG?= =?utf-8?B?M3lUbC9lNUtkeXJ5YmFrTmxxU0NnZjM2M2xISk9PbTB5MnkxRW9GaGtTSHN5?= =?utf-8?B?aGoreWptVUFTWWtlV1dsOGRsTzNUZC9KMjNKMGNteUN2ZHNkNktDR0l5Vm16?= =?utf-8?B?RUN5SWpwcXVKR1BjL0pPTXQzY3N3OEtoditGRTJrT25vaFZEdW9VRDlrYzFM?= =?utf-8?B?WldvaXRLdnpTeERWNTF1QTBIQ2VZaEozbS8wQWlBYk10WnU3U3dNY1NEOXQ1?= =?utf-8?B?QmMva1Y4VUg3ajlqRmw3SE5ydUdjVjZWczZRUDRTejhDcVNqRExIL0J5OWts?= =?utf-8?B?dXNleVJoOEg1ZjZNZnkxbFBDREx1M3k3ZlYrd0dSUHBvcGl1OWRYTHhvUXQw?= =?utf-8?B?N0hXdnp6TFB3K3JBNWhpWDJGZmNuVzRKT3oyREFlMlZNOU9qc3hwSHRyK0Ni?= =?utf-8?B?cEg2dVpISlFjdmk1VTRtN2dUQkl6K1VpM2dQLzJ4VmJPQ3lELysxQ3lyMENR?= =?utf-8?B?U2ZKRVRLeHByT2U3K2szaTBsU0xnTHVSM1BGV3AwaklmWUk3TXJlSGYyQ2hM?= =?utf-8?B?L2VTbGdLVHRwWEQ1ZUNNSTlHb0htQlFiNk4xdDY5amNIajFtT0VRRUIyR3Jk?= =?utf-8?B?eFI0MWxQNVJBS3gvOHVJWG5IQXBCYjJkcjNQY3RFYStJeThXQThVRmI2N0Q5?= =?utf-8?B?QzhsNy9IZThDL1VXTmtiTHQyaXVFRXdjODFTc1ZxUHFOY0JtSDZTaDhVemxh?= =?utf-8?B?YWdGZG9UcTRHcGc2Y0dZRUhNR2tTR2t2TEhZUjh3Z1BxZHpTWGdhZzhOVC9q?= =?utf-8?B?MlVJQ0ZSUUFnVzdPcjJOMVQ3NGpZM2ZsM0dlWU9oR1FPN2hBaHpGaS90VmV0?= =?utf-8?Q?Zd+6tgwS+VWZTdxFjmcrGXF/BtCQ2gYeo5Rk8=3D?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;6:PoXImw6Neae35HCeginC7qLku5j/a1LM28WKk2SE+zH+K4MGmehZhaXo9KWzbBIHF7OZP49oNws/pQXkS75sjHHrqP2vZC2TiB81V9HAuTv0tLG1aTgfjuRyD/47EDeziAf+zIInVg/RuTzl7htCI2GIHduRnNP+qvIoUWknJlYooQ6W/evuhfFlnJRyNSklhbdl+aQ4pFIinwuBsd02lNuE8kEXizIK3c+6vkVfWaEM1nko1z3fux94osNHuq/gS6Ur2imFanrAgaVDUauCiOJGalTYQr1qDMgLxs632eLxum1CLZLV39C5RdiQYdqKOd5RxJ82YNhr5pJR7OBvDCLp06jzl8HYqslZI2uw1TljcCVIrq2Zm0GbE/kkPFMD;5:42MYgbchhl1jehZQTLuLraYAFzajMGF91nWlATBRyIU4yCYK5gdLTD3frETpGssfLufvu/AwOOSjD2mFdHcOZV0J4p7/LqVBw4//ATJdokh6DuomxQATgNHCtko4g7v61qmInhICZC9m3TC/fOI44g==;24:TvqCbT4HTGyn3wP7vqt7yh16cUeOyMigKkP7GnvzjeoZ5rrSQ6RcWNz9r9W9nASyCquuYbmtst5Ohs/rF9K9/vFBssurGweeDr34LTA6oNk= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;7:ezOzfqfpxvMBcqeSaZYTl18IxrAuP9LyvEHSTAlmHxoKiUF1OBD50kKBt6WKATUgmDak162Ia7MDbCX/LDi6gXLFT2jQtxhp309BYqPVna8BDxXwFdlQFYdv7anpBagevlMpragOF2BTBwMdT15vmi7hrpgNNx/cTVy7uGI0csQXj9mBa6BGUV+QVrgG+0jWQ6TuYp5crwvsYwxhXsNukfmhVwDcEyteUPADQE4r4omxsUvHo2crPG0XPXOkZXy4iKbNlFfY48GLVusviLB88eQbZ7G7AG+g+HgByMKCqbxJRJVaTRGTcemW7PaJvhbIF7bUurObR941Ofu+dUGQxy3IvOabf5sGlyva48ME6AE=;20:LSFaJ0NOjlMtK6aGN2sq6avaaqB1HLv943tZlwW2UUUrg/szdGeZy8V6Cdd7ve3A3Q02JJK4QYZePYh4HBK8ioU1dtUHegUYEFupHOCTk8Kpdh0K4Pz3k6Xx+t9Yy03fohepBMAA+D015s5C7dBq3sKu9NPfLC+H0tRKgNqMKv4qXg89UdFL66VMTIVnGGvaSdahsnInqxsePt0ol++2kQT4YmsghIp3e1n4nNcnI5mKVj7zK8NpiWAgvlWbS4Tu X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Nov 2016 19:22:41.2146 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1152 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 7094 Lines: 214 On 11/16/2016 4:46 AM, Borislav Petkov wrote: > Btw, for your next submission, this patch can be split in two exactly > like the commit message paragraphs are: I think I originally had it that way, I don't know why I combined them. I'll split them out. > > On Wed, Nov 09, 2016 at 06:36:10PM -0600, Tom Lendacky wrote: >> Add support to be able to either encrypt or decrypt data in place during >> the early stages of booting the kernel. This does not change the memory >> encryption attribute - it is used for ensuring that data present in either >> an encrypted or un-encrypted memory area is in the proper state (for >> example the initrd will have been loaded by the boot loader and will not be >> encrypted, but the memory that it resides in is marked as encrypted). > > Patch 2: users of the new memmap change > >> The early_memmap support is enhanced to specify encrypted and un-encrypted >> mappings with and without write-protection. The use of write-protection is >> necessary when encrypting data "in place". The write-protect attribute is >> considered cacheable for loads, but not stores. This implies that the >> hardware will never give the core a dirty line with this memtype. > > Patch 1: change memmap > > This makes this aspect of the patchset much clearer and is better for > bisection. > >> Signed-off-by: Tom Lendacky >> --- >> arch/x86/include/asm/fixmap.h | 9 +++ >> arch/x86/include/asm/mem_encrypt.h | 15 +++++ >> arch/x86/include/asm/pgtable_types.h | 8 +++ >> arch/x86/mm/ioremap.c | 28 +++++++++ >> arch/x86/mm/mem_encrypt.c | 102 ++++++++++++++++++++++++++++++++++ >> include/asm-generic/early_ioremap.h | 2 + >> mm/early_ioremap.c | 15 +++++ >> 7 files changed, 179 insertions(+) > > ... > >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index d642cc5..06235b4 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -14,6 +14,9 @@ >> #include >> #include >> >> +#include >> +#include >> + >> extern pmdval_t early_pmd_flags; >> >> /* >> @@ -24,6 +27,105 @@ extern pmdval_t early_pmd_flags; >> unsigned long sme_me_mask __section(.data) = 0; >> EXPORT_SYMBOL_GPL(sme_me_mask); >> >> +/* Buffer used for early in-place encryption by BSP, no locking needed */ >> +static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); >> + >> +/* >> + * This routine does not change the underlying encryption setting of the >> + * page(s) that map this memory. It assumes that eventually the memory is >> + * meant to be accessed as encrypted but the contents are currently not >> + * encrypted. >> + */ >> +void __init sme_early_mem_enc(resource_size_t paddr, unsigned long size) >> +{ >> + void *src, *dst; >> + size_t len; >> + >> + if (!sme_me_mask) >> + return; >> + >> + local_flush_tlb(); >> + wbinvd(); >> + >> + /* >> + * There are limited number of early mapping slots, so map (at most) >> + * one page at time. >> + */ >> + while (size) { >> + len = min_t(size_t, sizeof(sme_early_buffer), size); >> + >> + /* Create a mapping for non-encrypted write-protected memory */ >> + src = early_memremap_dec_wp(paddr, len); >> + >> + /* Create a mapping for encrypted memory */ >> + dst = early_memremap_enc(paddr, len); >> + >> + /* >> + * If a mapping can't be obtained to perform the encryption, >> + * then encrypted access to that area will end up causing >> + * a crash. >> + */ >> + BUG_ON(!src || !dst); >> + >> + memcpy(sme_early_buffer, src, len); >> + memcpy(dst, sme_early_buffer, len); > > I still am missing the short explanation why we need the temporary buffer. Ok, I'll add that. > > > Oh, and we can save us the code duplication a little. Diff ontop of yours: Yup, makes sense. I'll incorporate this. Thanks, Tom > > --- > diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c > index 06235b477d7c..50e2c4fc7338 100644 > --- a/arch/x86/mm/mem_encrypt.c > +++ b/arch/x86/mm/mem_encrypt.c > @@ -36,7 +36,8 @@ static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); > * meant to be accessed as encrypted but the contents are currently not > * encrypted. > */ > -void __init sme_early_mem_enc(resource_size_t paddr, unsigned long size) > +static void __init noinline > +__mem_enc_dec(resource_size_t paddr, unsigned long size, bool enc) > { > void *src, *dst; > size_t len; > @@ -54,15 +55,15 @@ void __init sme_early_mem_enc(resource_size_t paddr, unsigned long size) > while (size) { > len = min_t(size_t, sizeof(sme_early_buffer), size); > > - /* Create a mapping for non-encrypted write-protected memory */ > - src = early_memremap_dec_wp(paddr, len); > + src = (enc ? early_memremap_dec_wp(paddr, len) > + : early_memremap_enc_wp(paddr, len)); > > - /* Create a mapping for encrypted memory */ > - dst = early_memremap_enc(paddr, len); > + dst = (enc ? early_memremap_enc(paddr, len) > + : early_memremap_dec(paddr, len)); > > /* > - * If a mapping can't be obtained to perform the encryption, > - * then encrypted access to that area will end up causing > + * If a mapping can't be obtained to perform the dec/encryption, > + * then (un-)encrypted access to that area will end up causing > * a crash. > */ > BUG_ON(!src || !dst); > @@ -78,52 +79,14 @@ void __init sme_early_mem_enc(resource_size_t paddr, unsigned long size) > } > } > > -/* > - * This routine does not change the underlying encryption setting of the > - * page(s) that map this memory. It assumes that eventually the memory is > - * meant to be accessed as not encrypted but the contents are currently > - * encrypted. > - */ > -void __init sme_early_mem_dec(resource_size_t paddr, unsigned long size) > +void __init sme_early_mem_enc(resource_size_t paddr, unsigned long size) > { > - void *src, *dst; > - size_t len; > - > - if (!sme_me_mask) > - return; > - > - local_flush_tlb(); > - wbinvd(); > - > - /* > - * There are limited number of early mapping slots, so map (at most) > - * one page at time. > - */ > - while (size) { > - len = min_t(size_t, sizeof(sme_early_buffer), size); > - > - /* Create a mapping for encrypted write-protected memory */ > - src = early_memremap_enc_wp(paddr, len); > - > - /* Create a mapping for non-encrypted memory */ > - dst = early_memremap_dec(paddr, len); > - > - /* > - * If a mapping can't be obtained to perform the decryption, > - * then un-encrypted access to that area will end up causing > - * a crash. > - */ > - BUG_ON(!src || !dst); > - > - memcpy(sme_early_buffer, src, len); > - memcpy(dst, sme_early_buffer, len); > - > - early_memunmap(dst, len); > - early_memunmap(src, len); > + return __mem_enc_dec(paddr, size, true); > +} > > - paddr += len; > - size -= len; > - } > +void __init sme_early_mem_dec(resource_size_t paddr, unsigned long size) > +{ > + return __mem_enc_dec(paddr, size, false); > } > > void __init sme_early_init(void) >