Received: by 10.223.176.46 with SMTP id f43csp1181133wra; Fri, 19 Jan 2018 08:00:53 -0800 (PST) X-Google-Smtp-Source: ACJfBouwKNtsGtDrU82fg2oPLO1g0F7rvn8HmyVeGuE12jXt3rDsELSfvxzqaJuep45Y2qVhAFJ3 X-Received: by 10.98.105.199 with SMTP id e190mr2317458pfc.233.1516377653308; Fri, 19 Jan 2018 08:00:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516377653; cv=none; d=google.com; s=arc-20160816; b=SlfZF80ipUW8dSR0xUlBKkjbwvmWTTCErnVrHfl3p3GNNiyfCcz+/GQJNxZZPX8G0P LBmB89HmfcAWE+e7ctv1LPQVbANB0pJUi1kisd5yqO7om/QhoBLmciywJP1L4QC8n806 YQK08dKwzC+5hBUUGfy5uxMgz6ysjfkLUDTlPNKBshWe7NLlbS+8WR3lZqFqVtMMC5aJ qInJEoWu+ON+Lw5Gw5XzuUEBWU+o1WDAO+tESblUYVOWmC04Rfl9uksD8SzaVutWV2na hN1wA2jFRHJ91Avrq+zjtkqqVLzVhZD2C/HxlfL6bBvp1pEw1J9lCEDqobWLgkHhz/3f F6Jw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:spamdiagnosticmetadata :spamdiagnosticoutput:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature:arc-authentication-results; bh=JVaBE1sTMbX/MBgwqzhyY2EGLimugubCyoUwE+/eoq4=; b=RdaWSZbYhPkDUeI29pF4wnfACIzA4Y8ruSW5EKJlOdHQwywMuJ9KuV1gXQGbKkhNfj 31hCZ4sLMBJ4/I3zwhgiJ7A12D1Kdc7DYHVuLQjw1QQ8WWaQbJmx0pE8H19ZgQTryq/U Q5h0gvV6QM1Szb6BheWspFRxcWiFXMLg2kdv0kbDL/ItjMCBRUw/rViuvpAXih/X418y 5wEvhHiAZxG4knZ849mPCRRPjEBf8x6b1W9UHuJp+10FH+LGZaKmh4oxXZn+vfUFEGgn H3Nmyho0JmRWDaVH9qTxXpDRPPP/3U0/tL2M42jzBqhS0QtW44yE2vMP5T5tfFQpSMfJ 5w/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector1-amd-com header.b=yVVnACTk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p11si9506821pfl.272.2018.01.19.08.00.12; Fri, 19 Jan 2018 08:00:53 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector1-amd-com header.b=yVVnACTk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755965AbeASP5y (ORCPT + 99 others); Fri, 19 Jan 2018 10:57:54 -0500 Received: from mail-sn1nam01on0060.outbound.protection.outlook.com ([104.47.32.60]:15904 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932226AbeASP4q (ORCPT ); Fri, 19 Jan 2018 10:56:46 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=JVaBE1sTMbX/MBgwqzhyY2EGLimugubCyoUwE+/eoq4=; b=yVVnACTknNYomwQJSZCncVFGTzBVlNqYgDExgbunvohxhDl27ixUoQHW/wgv4DEav0Nyv1N/LDTzWjQ/8VX6E7+3CN8XGDlRK2rGWMrusYGu8AnUVro2XcUzASyYZPkFodx2pkLjAnKqqi+gvoiy94MI6ZK4eRUrka3nvGgCTMM= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from [10.236.65.116] (165.204.78.1) by BN6PR12MB1138.namprd12.prod.outlook.com (10.168.226.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.428.17; Fri, 19 Jan 2018 15:56:42 +0000 Subject: Re: [PATCH v3 0/5] x86: SME: BSP/SME microcode update fix To: Greg Kroah-Hartman Cc: Gabriel C , Borislav Petkov , x86@kernel.org, Brijesh Singh , linux-kernel@vger.kernel.org, Ingo Molnar , "H. Peter Anvin" , Thomas Gleixner References: <20180110192544.6026.17285.stgit@tlendack-t1.amdoffice.net> <20180111183313.7ub2t3xkeko5yb3z@pd.tnic> <68544677-2cbc-b41e-2db0-5799ef84d592@gmail.com> <20180119151150.GB9033@kroah.com> <47ab23e7-c3e8-0edd-a7ac-019bd0e47a02@amd.com> <20180119153524.GB1214@kroah.com> From: Tom Lendacky Message-ID: <3f7c5d6e-3c22-4a7f-c38f-b34b7cd1b451@amd.com> Date: Fri, 19 Jan 2018 09:56:37 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: <20180119153524.GB1214@kroah.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM5PR21CA0032.namprd21.prod.outlook.com (10.172.92.146) To BN6PR12MB1138.namprd12.prod.outlook.com (10.168.226.140) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: fdb0077d-a445-4ffa-e4ba-08d55f553c4f X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(5600026)(4604075)(48565401081)(2017052603307)(7153060)(7193020);SRVR:BN6PR12MB1138; X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1138;3:z0IYa9uD+eUN7HV8xrtyXoX8e5ekTx/oDvHldXPr6pVTJz4AI8OcMXZqaYP3X0iVOGPWaRn76E9XLJNEN1qKdo/ryr2YCW2BHL7uE6z3O1QNLLGVBkoGfT357wDHOmhmK3DckC5WjQp7w0EuOWhRD4K0iTyoKKfxG9uE9DxpYo5EMxi0LrgYeObXzSyaW1lkEEX1k4K+ORacSWMjYynZBz2lkizkeJV6ZDl/LZjHDHHi94RfYd0CVWOg1zlFtDGG;25:LQ6udoJNtGpNBgO9gjqjjBEqbrov/GtivVmqpIUfZbEIKOkteuReFMKqCis3PwudBotNGLEpMjP4NGGgw+0CraoDdsBYeyz3m8UaU792VgwwKeQIF6Bk505EPiZ2wqZFSnI68+5P68/a/izzt0J/1UKKr8LkmQP5A8byjgQ/hR5lFWy+420HYnUAtsMAokAuGqiuz1rIvomu1SS6AqQ4RSMkSw2UMf7QMMBHUMiH9shOyxoXiTDg6DM2OyNycWzxFq5wT0RecRNv+B+vGSs6trqKgxrAhZ9XrTvlj492S+Drd1lRhl6xMYU3cfSGjx/5ZHRn9U0y6FCqsnh/qqDXzw==;31:QEM0o0/hGgKKKaPmw2Y0uM/VwpI9T4a2jYEEi30ZMg8LiOh9W36CfCwTmz3gQKVliREyXdwnjb7F7CpkusKrEgjHoGCprlU1/wnypHYe/lIz/AjKDLIZi4bh8mwRPUtwH3ZrEH+TsFxM1IzEcUaHSFO52FZPDYELFqLOVryczRKBMxoEMgraK4Ta6wHi2oRYVIvtF1wRYwIwVQ7giE++mrhzWqUbhl1V1RjbyeaKh60= X-MS-TrafficTypeDiagnostic: BN6PR12MB1138: X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1138;20:P0LdTdAwRBovn59G54ZJRsdsyCVu6+xjU+nHn9TaIeUm0FYCuS3lFQwCxMNzLZj4CmpphA4oxz1U2UlsC4Yx/DowC0+dJhBSFr1c/NmDg3U2X9XPrLOZvzcwlQP8iGEhD0DXmmo1nXXARUuExPkYBVNueoWBTc06ks9hOp8Clns+/NufES2UNbZgOoi6sSWGDsd4M7zjWaM4YvZ02zLjG/6LiWJ5G+RkD9+7SpaZ5NltpGYiBVU1ktdOq5Th9t4ULurZs3KCoCxVVvC/7ao8Ayu/Amj+oaUUz5PLG8p5eejqXAJULYTRrfjEKjQ/LKbS3Vioy6NdrspPzLUUzJvENYp9menbouW6KvAkqu9zhsNRWoT3Lh1b+Lm20dKe+uOJU/LfPR/4TVB8gDTfGEPvN+UcsXRocFEbuhuOOWXVlFmlrWu8zWT/crDhCdYykOl+eVlR5uJ3+WXHtTdGw4Vu1vyMGa1tMYkUgA1nAJ8HTTrvxcFQXKqAGJAQSLOVDygE;4:imgHVKcOwI9SBYB1iufsk5IPBm026bSsS+HfQdhiHjLlcojDriwdukuko52uTXhu40H04lyv93J1LDL3RNxJpXeVgiSXIQ7GFAFPeEOG6Q8K2LI0KudVMT40fjKGW6gklmpojaKPJ9YDgDdkeG2cA2PROzOk2yX8vB+/eInXy5x5KNC/5TlrAzqD/ZB3Z0YMsR2KsXpPbblQdhjA/58Chz/r1W+VPAm3FjtXDpSsGWrB8BAqGb42c27GhlDZl1NSxZlWrDxSC3SgEPw0vfkMAg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231023)(2400079)(944501161)(6055026)(6041268)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:BN6PR12MB1138;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:BN6PR12MB1138; X-Forefront-PRVS: 0557CBAD84 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6049001)(39380400002)(396003)(366004)(346002)(376002)(39860400002)(189003)(199004)(478600001)(65826007)(15650500001)(386003)(53936002)(229853002)(2906002)(86362001)(305945005)(31686004)(2870700001)(31696002)(7736002)(6666003)(6486002)(6916009)(5660300001)(93886005)(2950100002)(52116002)(53546011)(72206003)(76176011)(52146003)(59450400001)(23676004)(81166006)(6116002)(2486003)(77096007)(26005)(81156014)(90366009)(3846002)(8936002)(8676002)(68736007)(4326008)(36756003)(16526018)(58126008)(54906003)(16576012)(25786009)(39060400002)(3260700006)(65806001)(47776003)(66066001)(65956001)(106356001)(97736004)(6246003)(64126003)(105586002)(50466002)(83506002)(316002);DIR:OUT;SFP:1101;SCL:1;SRVR:BN6PR12MB1138;H:[10.236.65.116];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjZQUjEyTUIxMTM4OzIzOjBuVHAya1pVMEs3U2hCZmpxRkpGQ2xvRnZs?= =?utf-8?B?M3BzZHB5RDlXSGU1dk44Wkx5b3kveTNGQVFWQTUyWmM0R00rVUlvSjZKVlVR?= =?utf-8?B?ODNJUnRKeGZOblZ5SWpZMUV5YVEvd3VkVEFVRDJJRVF2L2JSajhmWHJaZ0hS?= =?utf-8?B?ODcxaWI0TEJsRlFQeFFGQm5hV0FFQWZuMDU4WmRGbUt1UVBTbzRocER1MTlw?= =?utf-8?B?ZEdPd2JtcFVDWUErNDUvcEdQWHZxaUxHZlVweDdQbGpWUExQYnFPQW5TbGFM?= =?utf-8?B?TWZnNWc2YzB2QXl3a2JlVUk2M2lHVGh0cU1YQ0N4TDNOcFZvTUJFVCtLcm56?= =?utf-8?B?TTFZNW5nMGF6TDdCSVZLb1NmaU9hSUpFTjNWK1VQaVlUR0FWNlk4cEJQRzFy?= =?utf-8?B?QkozeG5oVERLVzlNeUswaWVLbkJxOW83OURxUWFQQWl6bTV6UUUxc3k2SjVO?= =?utf-8?B?TDV3RzJSSTVnZmFWMERLQjE2T1hkSWRHL2owTkdBOFJuYnFuZG9EenJvblBV?= =?utf-8?B?TG8wY0UvTUV6cGNEa0JyQmxzK3JzUStzNFRCYmpMdGlWQVMvVStxZzJzaG9W?= =?utf-8?B?UVVVb3JidWdwMkdpZXZ0aW9Cazd5UFdXdUNyaTIyS0c5N2hQbUhSdjBheVdM?= =?utf-8?B?bkdEQU9rSjYrekFuQmZvSXNOWkIyR01IWWpuWlNpZG13dzNHT05zeU5DeGZu?= =?utf-8?B?TEg3Zm0vUUh0Z0I2bUVIcVlZbXJQUGxFWDlzOEFmSWdRMHg4bzRtOUpFck5U?= =?utf-8?B?OTNZZFlsV2RXQ2ErdGFxMDNDckdvRXdxMnkxVlUrSUpTQVEwMDV6WFgwSXRR?= =?utf-8?B?eitlZmttOElZZW1pRHhjbTZabWgzb1lhVksxM3Q4VEZHUnNoYmNGZE9GRVhF?= =?utf-8?B?MEJnazZRNnZSVkpRclo1YU91SjE3dUc4UVBmWGpyQi9XTEwwNUh0dElTcXp3?= =?utf-8?B?OXQ4NzVBWGVSbWdJajl2ZmVLOVFOcG9SOVgrSXRKaDh4MkJlWlFYbVplSS9I?= =?utf-8?B?cysxZWRDOVU0bEo5ZkxPWDBvV0NWTHB1ci85Z1Z6bVpBTTJ3TjFJZVgxUDJk?= =?utf-8?B?UXQ1VlE4Mmo2Njg2ZWZTLzBnN1g2MmJ5WER6Yk5HVlU1YlBoSUo2TjNWQ01o?= =?utf-8?B?QVJrV1N3ck80M1h0Z3BaQnhkamRQdlpqb0lXb0JVUXFzRTlsVzZyN0E3Wkth?= =?utf-8?B?aXBDeU1vM2Z1bVB2aStnczJqYW9RRUEyM1gvU1AxMFpVWDZVRXZzanVmMTN1?= =?utf-8?B?K1Jla0p0Z29WeUNNQmJuM0VDNWpKVENOTWNGblpFcG1PaVpsaHlHSkdQc1k2?= =?utf-8?B?MVI3WlF2SkVFUlBzeEdONDRMWlk3V0tGM3lhL21SQzd0Vk43ZUtoOWFSZmN1?= =?utf-8?B?RDlicFNodHMrOG5rK3FyNEdKRjdKYWRZK0xBUkpMWXN6UUsvOHBodHQxK3JB?= =?utf-8?B?TnBrSW5PMU1SZzY0Z0JPbDRkVTNLL3d0R1pZOW1TL204UGZCUFN6U0ZSbFdx?= =?utf-8?B?eG1GYkV5UDJCcjlCdjlVZFBnSmFaTFk4TG1NRHh1a3gzOGlDSlk4WUYxU0tG?= =?utf-8?B?cDZob1BkNkpwWXh3QXpsRDlrYkt1Qmk1VDc4QVZSZDE2ckZxZDVIVGxyU2dz?= =?utf-8?B?NlQ0Y3N0cGFzRzFBRVkvOFZ1MkVtUEgwbVg1ZDlZdUwyMi9CMlFsMlEvODdQ?= =?utf-8?B?WTh0cVNRWjh6OTUza2VWMGlMdm9NdVFPMVpBaTdhWmtmZFF4V0dKZ05PRDFm?= =?utf-8?B?Zm5NaFRPb1M3ajhNTHUrVkhmaWJDSmxTRk1QUVpoY3ppbUEweC9PcGtsa0pQ?= =?utf-8?B?YnEvZ1M1WEpCMHk2QStld1JJS1JkQnZUQzZRWjBvUzBhNEpBWGR2ZFh0Wm5l?= =?utf-8?B?aFZoQUY1bU5PVnJiL2pKdU9wNkNxNHNzekgvL2JrMm9SV0E2cnl3ZkVSeUpZ?= =?utf-8?B?U1luYW1FRlZaVlVUelNRZnpwUE1reE9kcnlrVkhpME5TK2d4Nks2cy9SZXg0?= =?utf-8?B?SkZvQ2Z5NjdXOVdoVzBubmlUbms2RE5wcHNIWDB6NFRaeDQ1N2tmdDJJNmFn?= =?utf-8?Q?wn8bhfiWxIWCUGjTNQjcymumG?= X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1138;6:FeC5Su1sxo6PcEdNXnFDDEc22hm+B73Hzqs7C9bjq+M608pwGXFIcPEXZyk+61004QQIJJTDzCFMeXuLXFSpIR91f+gz3Qx4/bj7VK+XUrLk4m4RnvB1d7f3TShuE7lHjq1X3ucNx5YwuVd1VEYSH2XEQKPKpnp5TwNmkLe/0N6Hqr5vQ2YdwFmgBOwk8NjGRTi/E2iP+6N+0gvihQgXg9Q/BIZ7JSvrLTdVKU8kVK/WEWtGdl+7ZXr2NqacPhBOSqeRLCsC6+o46mRm2+VwVU4oYIe2vXeSnFDyc1B8nzZNQN2FOXjFbE2CuCqLro2AENZzN7tgeOK+AuFTCrAiHgTU3xftYTC8uQObKjhZEuk=;5:S053vemjHSCdf+wfR8RDYrQKKpAQazFu6MmBtzUZLBxxhw7gAB6sH2clD4YjnEmNFrOlWXlwtxY9rwRi1MCT9+uGLENpCAoP6iSm1Fh39lJJfndzDPhGAoQH4MDRoyjbkGKGKpMY4fkde1kYQ2T7lGK3VCuITsezluscKpsig00=;24:36RpExhZD3sWpOi4et41FouXUJuxilEJXx7L1AX0Jf3HQoG/Tv7iGTSAKLb3HooiS9FTtmpT2ehaZJK5HnYEjaxF6flONo63olr6BaodUDE=;7:nvHZi0s7O11PCrWaifguwkZ1ICPE9IMLJau5PvZ5YoIXYGYmrMuipoE5lXqMEfN3pYHmLH+PRu2XQp7J3x3xKtteeAx4UXDGx1+ppdOXoZNFwtukoF8OA12yn19o+t9Mn7+8pUsjLNTOUmYxKcAlSWEMkOYu+7OdpFpXJmwkj3VcfsMj1/CSyKUmKJklxi0Ib+muOl/QEYKGtuLLMTrQnpoIHNHp2C791GJiIrs/dRFjNeu4yGf9EfdsAvqD2gJd SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1138;20:3ZXzcd9V6Id48CSZKcvHyqLzGHw0sK6PWBkznBqOa8VAMDlXr+YmobYjSdZxZ+LNoriRjvMGwPHHVr+/bMPOdup1YjClKSJwPA0aiHZ/O8RJguMHfGgoUVys9qYh+sS74l5RlY1bD8sQAwGT0NAqC4vZ2LvQ4dGPr9wMwe6zdpb/N2I7/QMSUm0CkkA1oXOp1YmT5Sj+k1MfDVWDKo2rxLtjSjuIey4QG0CaOR5I/pn3monKJdy3MpLNB9lZqP7l X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jan 2018 15:56:42.0427 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fdb0077d-a445-4ffa-e4ba-08d55f553c4f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1138 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/19/2018 9:35 AM, Greg Kroah-Hartman wrote: > On Fri, Jan 19, 2018 at 09:27:47AM -0600, Tom Lendacky wrote: >> On 1/19/2018 9:11 AM, Greg Kroah-Hartman wrote: >>> On Fri, Jan 19, 2018 at 09:03:52AM -0600, Tom Lendacky wrote: >>>> On 1/15/2018 4:47 PM, Gabriel C wrote: >>>>> On 11.01.2018 19:33, Borislav Petkov wrote: >>>>>> On Wed, Jan 10, 2018 at 01:25:45PM -0600, Tom Lendacky wrote: >>>>>>> This patch series addresses an issue when SME is active and the BSP >>>>>>> is attempting to check for and load microcode during load_ucode_bsp(). >>>>>>> Since the initrd has not been decrypted (yet) and the virtual address >>>>>>> of the initrd treats the memory as encrypted, the CPIO archive parsing >>>>>>> fails to locate the microcode. >>>>>>> >>>>>>> This series moves the encryption of the initrd into the early boot code >>>>>>> and encrypts it at the same time that the kernel is encrypted.  Since >>>>>>> the initrd is now encrypted, the CPIO archive parsing succeeds in >>>>>>> properly locating the microcode. >>>>>>> >>>>>>> The following patches are included in this fix: >>>>>>> - Cleanup register saving in arch/x86/mm/mem_encrypt_boot.S >>>>>>> - Reduce parameters and complexity for creating the SME PGD mappings >>>>>>> - Centralize the use of the PMD flags used in sme_encrypt_kernel() in >>>>>>>    preparation for using PTE flags also. >>>>>>> - Prepare sme_encrypt_kernel() to handle PAGE aligned encryption, not >>>>>>>    just 2MB large page aligned encryption. >>>>>>> - Encrypt the initrd in sme_encrypt_kernel() when the kernel is being >>>>>>>    encrypted. >>>>>>> >>>>>>> This patch series is based on tip/master. >>>>>>> >>>>>>> --- >>>>>>> >>>>>>> Changes from v2: >>>>>>> - General code cleanup based on feedback. >>>>>>> >>>>>>> Changes from v1: >>>>>>> - Additional patch to cleanup the register saving performed in >>>>>>>    arch/x86/mm/mem_encrypt_boot.S in prep for changes made in the >>>>>>>    remainder of the patchset. >>>>>>> - Additional patch to reduce parameters and complexity for creating the >>>>>>>    SME PGD mappings by introducing and using a structure for referencing >>>>>>>    the PGD to populate, the pagetable allocation area, the >>>>>>> virtual/physical >>>>>>>    addresses being mapped and the pagetable flags to be used. >>>>>>> - Consolidate PMD/PTE mapping code to reduce duplication. >>>>>>> >>>>>>> Tom Lendacky (5): >>>>>>>        x86/mm: Cleanup register saving in mem_encrypt_boot.S >>>>>>>        x86/mm: Use a struct to reduce parameters for SME PGD mapping >>>>>>>        x86/mm: Centralize PMD flags in sme_encrypt_kernel() >>>>>>>        x86/mm: Prepare sme_encrypt_kernel() for PAGE aligned encryption >>>>>>>        x86/mm: Encrypt the initrd earlier for BSP microcode update >>>>>>> >>>>>>> >>>>>>>   arch/x86/include/asm/mem_encrypt.h |    4 >>>>>>>   arch/x86/kernel/head64.c           |    4 >>>>>>>   arch/x86/kernel/setup.c            |   10 - >>>>>>>   arch/x86/mm/mem_encrypt.c          |  356 >>>>>>> ++++++++++++++++++++++++++---------- >>>>>>>   arch/x86/mm/mem_encrypt_boot.S     |   80 ++++---- >>>>>>>   5 files changed, 308 insertions(+), 146 deletions(-) >>>>>> >>>>>> All 5: >>>>>> >>>>>> Reviewed-by: Borislav Petkov >>>>>> >>>>> >>>>> Guys , are these patches going to be part of 4.15 ? >>>>> >>>>> With mem_encrypt=on without these patches microcode loading doesn't >>>>> work right. Also @stable 4.14 would need the fixes too. >>>> >>>> It looks like these patches have been pulled into 4.15. I did forget >>>> to cc stable, so I'll follow-up with a separate email to have these >>>> back-ported to the 4.14 stable tree. >>> >>> What are the git commit ids? That's all I need :) >> >> Hi Greg, >> >> Here are the commit ids: >> 1303880179e6 (“x86/mm: Clean up register saving in the __enc_copy() assembly code”) >> bacf6b499e11 (“x86/mm: Use a struct to reduce parameters for SME PGD mapping”) >> 2b5d00b6c2cd (“x86/mm: Centralize PMD flags in sme_encrypt_kernel()”) >> cc5f01e28d6c (“x86/mm: Prepare sme_encrypt_kernel() for PAGE aligned encryption”) >> 107cd2532181 (“x86/mm: Encrypt the initrd earlier for BSP microcode update”) >> >> The last commit won't apply cleanly on 4.14. There was a change in >> arch/x86/kernel/setup.c for SEV support. The actual patch to that file >> is very small it just removes the call to sme_early_encrypt() and the >> associated comment. I can submit a new version of that patch if you >> want, just let me know. > > A backported version of that would be great, thanks. Ok, I'll send that out as soon as possible. Since it is a changed patch I was planning to remove the Tested-by, Signed-off-by (except for my sign off), etc. or would you prefer I leave them in this case? > > And are any of these needed in older kernels like 4.4 and 4.9? Nope, SME was new in 4.14. Thanks, Tom > > thanks, > > greg k-h >