Received: by 10.223.185.116 with SMTP id b49csp2774247wrg; Mon, 5 Mar 2018 08:29:04 -0800 (PST) X-Google-Smtp-Source: AG47ELstHsglw25b3UCRotKntMUc0NIbLOIuzKFYQ+vbKYqgiDu+0RyMqe68kipFfWB/YbNi99b4 X-Received: by 10.99.154.81 with SMTP id e17mr7881066pgo.311.1520267344185; Mon, 05 Mar 2018 08:29:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520267344; cv=none; d=google.com; s=arc-20160816; b=L4AwHodI5ODxWF5Xp9bNPzpkxyzTdNRbtg22GqqthL38Lb7mcl0EBCbX+gJMCsrMht DtkH2qhWH+RgxphOglr+/vjqY7OcwKRsZgdEBKSKYWu8nqaiOooZNfK7obdhjY94NGWC 2qyJWrCOXopjavNnzn0kQMlpfna9IkzLBqOrei3BcG6nCNKyWYz1GWzWgRokGYd2dLi4 c8TJOQTv2uUUJJZBsh0O1PDTEU2eVvzJ7x2yGpBShQTiQXsW/oGD1L9Wbr/EYjfbLTwv cW0VA+8lmqALw787uzQ0lrXhnOZCliauq86wQJc5m9gvx0i15JZY/4BiHwHg+hClWXo3 +mxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=x/8ON1Hk2oStiWEY7naZS5RbfSeoA9JhttKF+iG5aRc=; b=vU2U71riyQ87fzBf4UhaVzIRCf/EuKA8Khbrn7b8UNRNLEhKZeXqpAdNx7fF9pcwOQ 9kifzrJKDARymJLj5zvuecTcBW1GOVcgSjGSDmwigA/xBjudVWEknN/gyu410wPp0871 uN6fkM1RzvuN3uBsVLyQXre7vwrqW8tS1qrMRjNSWPl5thst3lQ9MUTPrt4pLhoA7XeB Eeh3gxlxjjF+zlS4ZiAkTGJRigxSzcYHGIXr5fmviRHUW+Z+kkzXkSnm3HaYrNq7L8Wi pmMVm9DBNkDdvTUXU43BKAI7cRU7xTmeOrCvB4KGdK972pxrxbKTzZIN6DL3RodP1w9w Cwwg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n3si10373584pfi.302.2018.03.05.08.28.50; Mon, 05 Mar 2018 08:29:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752842AbeCEQ1a (ORCPT + 99 others); Mon, 5 Mar 2018 11:27:30 -0500 Received: from mga01.intel.com ([192.55.52.88]:49476 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752643AbeCEQ0a (ORCPT ); Mon, 5 Mar 2018 11:26:30 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Mar 2018 08:26:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,427,1515484800"; d="scan'208";a="22125145" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga008.fm.intel.com with ESMTP; 05 Mar 2018 08:26:27 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id E8F11A67; Mon, 5 Mar 2018 18:26:20 +0200 (EET) From: "Kirill A. Shutemov" To: Ingo Molnar , x86@kernel.org, Thomas Gleixner , "H. Peter Anvin" , Tom Lendacky Cc: Dave Hansen , Kai Huang , linux-kernel@vger.kernel.org, linux-mm@kvack.org, "Kirill A. Shutemov" Subject: [RFC, PATCH 22/22] x86: Introduce CONFIG_X86_INTEL_MKTME Date: Mon, 5 Mar 2018 19:26:10 +0300 Message-Id: <20180305162610.37510-23-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180305162610.37510-1-kirill.shutemov@linux.intel.com> References: <20180305162610.37510-1-kirill.shutemov@linux.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add new config option to enabled/disable Multi-Key Total Memory Encryption support. Signed-off-by: Kirill A. Shutemov --- arch/x86/Kconfig | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 99aecb2caed3..e1b377443899 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1540,6 +1540,23 @@ config ARCH_USE_MEMREMAP_PROT def_bool y depends on AMD_MEM_ENCRYPT +config X86_INTEL_MKTME + bool "Intel Multi-Key Total Memory Encryption" + select DYNAMIC_PHYSICAL_MASK + select ARCH_WANTS_GFP_ENCRYPT + depends on X86_64 && CPU_SUP_INTEL + ---help--- + Say yes to enable support for Multi-Key Total Memory Encryption. + This requires Intel processor that has support of the feature. + + Multikey Total Memory Encryption (MKTME) is a technology that allows + transparent memory encryption in upcoming Intel platforms. + + MKTME is built on top of TME. TME allows encryption of the entirety + of system memory using a single key. MKTME allows to have multiple + encryption domains, each having own key -- different memory pages can + be encrypted with different keys. + # Common NUMA Features config NUMA bool "Numa Memory Allocation and Scheduler Support" -- 2.16.1