Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753780AbeAJTZ5 (ORCPT <rfc822;ralf@linux-mips.org> + 1 other);
        Wed, 10 Jan 2018 14:25:57 -0500
Received: from mail-dm3nam03on0080.outbound.protection.outlook.com ([104.47.41.80]:44499
        "EHLO NAM03-DM3-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1753661AbeAJTZy (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 10 Jan 2018 14:25:54 -0500
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Thomas.Lendacky@amd.com; 
From: Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v3 0/5] x86: SME: BSP/SME microcode update fix
To: x86@kernel.org
Cc: Brijesh Singh <brijesh.singh@amd.com>,
        linux-kernel@vger.kernel.org, Ingo Molnar <mingo@redhat.com>,
        Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Thomas Gleixner <tglx@linutronix.de>
Date: Wed, 10 Jan 2018 13:25:45 -0600
Message-ID: <20180110192544.6026.17285.stgit@tlendack-t1.amdoffice.net>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: MWHPR13CA0018.namprd13.prod.outlook.com (10.169.208.28) To
 DM5PR12MB1147.namprd12.prod.outlook.com (10.168.236.142)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: db9b36a7-6e5d-44bc-c55f-08d5585ff5b3
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020);SRVR:DM5PR12MB1147;
X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;3:1aTSnbeVGzocDb6FW5/mXvwD7Xlpnqzo54WMpQ2oyiLcqERQANr3S+Kpe/wIik5gLl0Fyykh6JDV7LB0tEMCss6FsKfd/oDiZ57XDmsUGHxJPRVj4IzhHr9IftzOgHtDKW8af5/Xp6PqptVWR7Owzo8Lov2Ldr39RiR9t9xfCJgi+Y6zmBtdKkApD4tYwihpINyqjAsiGfbAFSSgzt0EPwIcsK5I/mltrxqxVtsVVd2PCNSVCYLqwd2KgkzwvpIL;25:lFuT/lqe/b8Kbms0mRfyxTKbg7M8HeEdclqwioJZECbZQyA30b/z6Rbkx1OW7HktmvYdxxEABlR8UGuOVHZT9B13BKqoAey3I4T5Sw/+w7/MiQNbZF/yOtsQ28f91JG5NSD5fgSAzYyG48agI0Fq55HiHg5p8Ab8I2dRPGAmTURN/n9q7aKupGEi7g1xNFh0fTz/5fkxLxtt7H1SkzmZMdGY9PeDCrbQ/2OtV89hQEiycrDTKauX34wIeebScOa6+qD+tOmJe0Sb9z8K2dq8GYH+aQWxMz6jRAVH8qq651FL4Y5kS7CJv1LqnUYLZmmr1rPJRyEr4wt30Wtx79xk1Q==;31:2UmsbjPTLlt4+c7Uq83BBbv7bupqLUVbaRauLI+dn2kdSVw+CCBHhAZ0UdJqndAe6k23R9UlLOdocF7c6cf4sacdoW+ITvpoTj7XsferA2fgKjkmqr/mUoXaw/JPFFVgqOH4cvJfIM5QlV4kJySqwUYFUkWb06FhLYIG5KAItD6jLO4Hcpzn2sf4wRJ17qViMhSFOXbc7ssZL4sWHlLt0qyOhRk1W/qde3JBY7nmBRM=
X-MS-TrafficTypeDiagnostic: DM5PR12MB1147:
X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;20:aItkTlcfwzNTODqbqEHC21oxzb7mZ///GG9drpigAAy6XFmwSn8pU4N8T6FVcUPNzcikiPOv49d4/UN44wilKCbDgzaOvL/p9k9Ar1IczdcOzMGSgRzdkejZZJR0XEJEjv/cvP9ewhrG1jONsz7cKjhEFlixSwSarh0id7S53zyGHf3FCl5cpieWnwrEZ0STSo9r3F0gd/YiEYpsIEU2xqeZwW5lkkj4rOCo/ZgFNfwP1TF6l493GO8QSqxYrzjmjWk6CMjr/We7VwRoiwgARofaymTcbQCQfOTnbHiKL7BWiF6/fyt04NlDcN6wcV4hX+xqbPGD4GLHeMRTl6gd1EszM3xRNSZYjBDjbzVWx6g+907/eNbjHGt9r1Hho9kTZ88zL2sQwbHwEyqSiQzSmPQ5rz17n5+U0WUnMR1NCxAHa5CP9/VYQsRJraVz0mnGOHh2oDLO8ZSswJzpV2xO2AFmOX8uqgvXyQ1Pln/YmD/oFnQBbJMd3dEKizvuGxup;4:xz4y7i+xQnjdPhW/jNo4sR3rKQ5Ww9ZnTgU3DM/lv5DVMhdELCqVONr2BOtt/e7AGtli36OmTDlWxnJIFqdHsMVgGb/lbYMNZ1TxvzlfYkMt7V978rX+tLK2gI7eOWy9PHbNsNYoNwkIGwCBYtVhpwQ5UqrGNF6pMqlZihp+/kYK+jI/iXNQUyI8nN5CIakRB6EzxBxTJpXlSeFO7SZZKf9XahNLprOwaCTiC7CPyEoeksQHEvOJ1x8Jvz9hH2ahTaUZmV3NPa0ThTeMT5Yngw==
X-Microsoft-Antispam-PRVS: <DM5PR12MB11474FAE3E8A8B897C1082B9EC110@DM5PR12MB1147.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231023)(944501121)(3002001)(10201501046)(6055026)(6041268)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011);SRVR:DM5PR12MB1147;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:DM5PR12MB1147;
X-Forefront-PRVS: 0548586081
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(346002)(366004)(396003)(39860400002)(39380400002)(376002)(199004)(189003)(25786009)(54906003)(8676002)(69596002)(8936002)(81166006)(72206003)(68736007)(2906002)(66066001)(105586002)(2361001)(47776003)(2351001)(58126008)(4326008)(83506002)(16526018)(106356001)(81156014)(478600001)(1076002)(5660300001)(6506007)(55016002)(50466002)(53416004)(386003)(59450400001)(6916009)(316002)(7696005)(3846002)(6116002)(230700001)(7736002)(305945005)(97746001)(86362001)(53936002)(52116002)(6666003)(15650500001)(2486003)(23676004)(9686003)(97736004)(103116003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1147;H:tlendack-t1.amdoffice.net;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ3OzIzOjd3dHRLZ0M0OUdMcFkwengwcnBqYkpSUDdn?=
 =?utf-8?B?d0JoSUFOMlkvblBLUVhvMmpyZFFXZTZocDFoY09KMWJoYkt3MjYxOEZ5R1lL?=
 =?utf-8?B?ME1XZDEySTlCcVY1Y0c5UGIrUjRJNTJrYUY3aForL3FpeTluZTczRC96Uzk3?=
 =?utf-8?B?d2NjSlZOdVh3NXdBeGcwUkRZSGVZQVZCTlZhZjRPK2RIcXR6ZmJ5NDBweExq?=
 =?utf-8?B?V0psRWlDVU55eWdGb1Uvc2tsOWlOb05YU1EwY1FuRmk4eFpuSjVQUHN2bHNL?=
 =?utf-8?B?d3p3aGpVVWFxVFdnR0hTYlNSa3NZbDRCUzM5WTMxQ2V3QXhLSnhjYXNackVP?=
 =?utf-8?B?YkN4UTFjTjZscVdBTU1rcFJibFdxQmdiR0VIMm9oVWRDclphSHYrM0xYQ1JB?=
 =?utf-8?B?V3hJSmNZZk5iaVRmZ29GM3dOYmQwMGQ4enhDWnlYcm1OOERoak84aUkyeWUr?=
 =?utf-8?B?cEJBdG13NmdFMkp5L3dYbHpXZWt4THE3S1ZXeWF3RlJSMEJ3ODFtV09wN1JE?=
 =?utf-8?B?VmV0bzA4MklOb1RoVmJsZDJXQmNFVFc1alVTQ1F3TDFMMXYrZURod1hGZmtv?=
 =?utf-8?B?M1l3bnRBdWcwUU9uUVl6eHJFVThIRXRiRkFqWEZoQkh2ZDhZaHB1dVdnZGJP?=
 =?utf-8?B?V1puR3d3MWpIZnlGVkUyeGJYU2hLd3B2dzR4d0IveUdWZ1pFdkhuK1JKTWJV?=
 =?utf-8?B?YUpyWERBVWo1dE0zZ1FTM2VSRlZVandYZUxhZmgyaS9YeTNmazV1aVg1SW1j?=
 =?utf-8?B?OExSVTRaNm0zOXAra3E1NmZ5ZEVzV3ZZOC96bDRBZWdqdm9pUkpTQzBxYWc0?=
 =?utf-8?B?M1R3N1ZMakNPamdCTzVVU1BnVHVwNkhJTWFyV3BTd08zNFZCQk1MeURqMnor?=
 =?utf-8?B?b2g1MTVHTktCWk41cFJJRzU5VmNvRERPRThTMjJoWXUvZXhzOUFsMGVISVd6?=
 =?utf-8?B?Y2xoOW96YmY1YVYxWXFicGVSN0hZbkVoUFAwdC9oSUd3UWlDeHkwQjJpbVl6?=
 =?utf-8?B?N0d0Mzg2RmdmUE5VQnM0RUx4cGlhNlk1ekNSa0lJanlYWGRqVXRTV1VxZWgw?=
 =?utf-8?B?OEVzbVR0V2FGbzZ1UURwU2FIOHl6ajZEdk1pVndzZW9lUUtnR21VV1VSamNr?=
 =?utf-8?B?eDVaMml3enZRVSt6N3ZoWnhEa3l3Ry9jMDl5TUc3Ykl6ZDAza1BOalprcG9U?=
 =?utf-8?B?dHkvTnVzMU5iVTlEZk5RdHlYSldOM0M1TUhFQU9udE01dGpoU2N4UEFYbmhT?=
 =?utf-8?B?YXJGRFhyYnNWQVhXQSthd2xIVVczaWFjMmFVZVVzeWtmMEZKOHc5d3hIanU3?=
 =?utf-8?B?WTdWYVVGR216RDhERDZpREpEdmErdnBsL3dGYmgwOHBqOWl4eGhzNG9yZXcz?=
 =?utf-8?B?aFFkWWZIby9zR25EYnNNcU5IMlZCZWRFL01OSkk2V3NlWHZvVUtLL3JXZk9h?=
 =?utf-8?B?QmozWmY2SWFCa0liN2g5c2xtQTB1WFdPNnhvQWtVV2lIaWZUandwYU5ZVUpG?=
 =?utf-8?B?akdXbDBLK0djOStpUFdGUXhoOTJLK0dCM0ZmZDFaV05zV1BnYjQzYmEzbmRW?=
 =?utf-8?B?M28vM0c3M0h5TG94MTlqM0gxVksxd2V0YWZoaHgxb3lBeXZxcjFBemdESjlS?=
 =?utf-8?B?V2dLYmtqZWJJMTJEMy9DbVgxV0ZYOFN3ZE9leGxzZm4yRFdCc0MveWRwNjI4?=
 =?utf-8?B?YjYrbXcwTk1zRkdhVmJNU2taRWZ1aTh2eTQzc09zOXlDRzJ2Y0J1QkhLUzli?=
 =?utf-8?B?MmxraGN4UDdiNzl4Z1o3Zz09?=
X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;6:oTTEIfUbP6QK9Tn5XVungDNt8aK3hayRGlEDyp3PqppX/TWuN+xqSzKa5q0Jsbu66DhUCdVH9jeTPuoQhQHXg/ez63v4sbwbxRwIE1pu8cl6KT9IZecAMIOoGfybDNELjFGsg45Dqc0+fx4Ftzr1YIM0czhhb6RH6SV777+/1zxpcdP1KGxRzCW6Gbt6xSHTA0h/Uy0Sz//15elTikQqy/fhbMSRkA1s1T202DdNmifAnck9Mp9nkm/QJq7ggpv4OfO8Rb5GSnHzFUhsTAVNORXMPauDywC4rZ0kI9bu9zBhQPJY6hfzl1BEXIAFTVHCls/oMu3T3md5io9DdkoWdFwXJ+YeG4ADWlxpu3dirLg=;5:g92hhfW3n3raMmVqadV2h3lpnxtV6kHfSl8f+uhaY3vmwV/hNLca8NdsO3oQ+PunGH31ygTIFL7JG/Eub/mwKx5TFPQQcRseeQLq15uaiJkO4iM2IdKT+caBMx7C9tJVC+SlF/kr9m5LTo7RPL82pbQKIIM47yaMZZGLMWV8D8o=;24:CMEQVlSv2j2mCAMFrVVQOmVFyd/sviANsWQstqkqhI5DaeIN5gI+YOeGKiUplQRfUDqcb4239zeo9FjpyOu74OBzaNr7lnoVakEgWWCRrtA=;7:lyHnzFQuHMgTPKsrEXVNW1ik0v8/RmloF9qGnFG6JvGLTAv9BXV2td/gXnD0XP4TqbW9vFc+Ym+MmFJd+g56Qu7uvf7iZgzoh0aJMPiF4mQ2dfmCgOBRaJldpgqO/Vand4Khgozz0AzpMfU65v/W380Y5i38306dHgpmZ5aSDlfXyK/8I/y98U39cXFyGEmYp8bzS6dy1ZTqCA11XAxdJtkWWPR4FwCOB/YtyRLkhqrxADGZNVSiS8YpW1f5Ataj
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;20:BQBg6HcevSHaq324k+XWp8YOrg6R/0U8RMlSKbbtQMPBS8GNK4E8JmJ96awZh4SnUkP+nVcMZy/hCO2FnYQ/aTGcIAEmQ5RSJTx89madzGHEhFOOfZLsCjDXlpiHLcsLAA5hnKz7hmnlF8H5v4miUTKX+xvevgeJ425bpNUScQ7GCQgfYd0pke//irJQQ4FO5yafXDyWx27WdI0RRQx3VInnhZ388JoB5YsWlVx6dTXJ6ZTlTrmxLLDOj7Dlzlwr
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Jan 2018 19:25:49.9817 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: db9b36a7-6e5d-44bc-c55f-08d5585ff5b3
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1147
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>

This patch series addresses an issue when SME is active and the BSP
is attempting to check for and load microcode during load_ucode_bsp().
Since the initrd has not been decrypted (yet) and the virtual address
of the initrd treats the memory as encrypted, the CPIO archive parsing
fails to locate the microcode.

This series moves the encryption of the initrd into the early boot code
and encrypts it at the same time that the kernel is encrypted.  Since
the initrd is now encrypted, the CPIO archive parsing succeeds in
properly locating the microcode.

The following patches are included in this fix:
- Cleanup register saving in arch/x86/mm/mem_encrypt_boot.S
- Reduce parameters and complexity for creating the SME PGD mappings
- Centralize the use of the PMD flags used in sme_encrypt_kernel() in
  preparation for using PTE flags also.
- Prepare sme_encrypt_kernel() to handle PAGE aligned encryption, not
  just 2MB large page aligned encryption.
- Encrypt the initrd in sme_encrypt_kernel() when the kernel is being
  encrypted.

This patch series is based on tip/master.

---

Changes from v2:
- General code cleanup based on feedback.

Changes from v1:
- Additional patch to cleanup the register saving performed in
  arch/x86/mm/mem_encrypt_boot.S in prep for changes made in the
  remainder of the patchset.
- Additional patch to reduce parameters and complexity for creating the
  SME PGD mappings by introducing and using a structure for referencing
  the PGD to populate, the pagetable allocation area, the virtual/physical
  addresses being mapped and the pagetable flags to be used.
- Consolidate PMD/PTE mapping code to reduce duplication.

Tom Lendacky (5):
      x86/mm: Cleanup register saving in mem_encrypt_boot.S
      x86/mm: Use a struct to reduce parameters for SME PGD mapping
      x86/mm: Centralize PMD flags in sme_encrypt_kernel()
      x86/mm: Prepare sme_encrypt_kernel() for PAGE aligned encryption
      x86/mm: Encrypt the initrd earlier for BSP microcode update


 arch/x86/include/asm/mem_encrypt.h |    4 
 arch/x86/kernel/head64.c           |    4 
 arch/x86/kernel/setup.c            |   10 -
 arch/x86/mm/mem_encrypt.c          |  356 ++++++++++++++++++++++++++----------
 arch/x86/mm/mem_encrypt_boot.S     |   80 ++++----
 5 files changed, 308 insertions(+), 146 deletions(-)

-- 
Tom Lendacky