Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751704AbdGZOpg (ORCPT ); Wed, 26 Jul 2017 10:45:36 -0400 Received: from mx2.suse.de ([195.135.220.15]:48806 "EHLO mx1.suse.de" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750783AbdGZOpe (ORCPT ); Wed, 26 Jul 2017 10:45:34 -0400 Date: Wed, 26 Jul 2017 16:44:50 +0200 From: Borislav Petkov To: Brijesh Singh Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-efi@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm@vger.kernel.org, Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Andy Lutomirski , Tony Luck , Piotr Luc , Tom Lendacky , Fenghua Yu , Lu Baolu , Reza Arbab , David Howells , Matt Fleming , "Kirill A . Shutemov" , Laura Abbott , Ard Biesheuvel , Andrew Morton , Eric Biederman , Benjamin Herrenschmidt , Paul Mackerras , Konrad Rzeszutek Wilk , Jonathan Corbet , Dave Airlie , Kees Cook , Paolo Bonzini , Radim =?utf-8?B?S3LEjW3DocWZ?= , Arnd Bergmann , Tejun Heo , Christoph Lameter Subject: Re: [RFC Part1 PATCH v3 04/17] x86/mm: Don't attempt to encrypt initrd under SEV Message-ID: <20170726144450.GD30471@nazgul.tnic> References: <20170724190757.11278-1-brijesh.singh@amd.com> <20170724190757.11278-5-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20170724190757.11278-5-brijesh.singh@amd.com> User-Agent: Mutt/1.6.0 (2016-04-01) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1292 Lines: 32 On Mon, Jul 24, 2017 at 02:07:44PM -0500, Brijesh Singh wrote: > From: Tom Lendacky > > When SEV is active the initrd/initramfs will already have already been > placed in memory encyrpted so do not try to encrypt it. > > Signed-off-by: Tom Lendacky > Signed-off-by: Brijesh Singh > --- > arch/x86/kernel/setup.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c > index 0bfe0c1..01d56a1 100644 > --- a/arch/x86/kernel/setup.c > +++ b/arch/x86/kernel/setup.c > @@ -379,9 +379,11 @@ static void __init reserve_initrd(void) > * If SME is active, this memory will be marked encrypted by the > * kernel when it is accessed (including relocation). However, the > * ramdisk image was loaded decrypted by the bootloader, so make > - * sure that it is encrypted before accessing it. > + * sure that it is encrypted before accessing it. For SEV the > + * ramdisk will already be encyrpted, so only do this for SME. ^^^^^^^^^ Please introduce a spellchecker into your patch creation workflow. -- Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) --