Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp527109ybh; Tue, 10 Mar 2020 03:25:32 -0700 (PDT) X-Google-Smtp-Source: ADFU+vua+C1aJJ1O+mkADaq6yeeOm+UO/luyM0bHsml9YstT8eHjRLhDOvzIrEnyzjhY1QlFftYS X-Received: by 2002:a9d:77c3:: with SMTP id w3mr15489257otl.245.1583835932470; Tue, 10 Mar 2020 03:25:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583835932; cv=none; d=google.com; s=arc-20160816; b=aWCHD6C48JfazqScJrpSLVZ7kupdHMcSNSdPHyUoD/WewI0SxCbWoYqhuHxhW4Of67 8w+Ltwd2K/UfqZo/pyR8/lZZtBr7ftOGFUuKr5Sz2QeoFIeXh3Zdn0St5u1G56mm1QtO X1oRbyjJ6dz26ymmVs53Lwejkb7D/IH8VPz70gUYHCX2gpK5VOt2hLJ9seiw1mJgaMUi 0BJ09TAFfrt4lN7loVYbjfFEn3C8xyiAGUwuEVzLZVx45zDSYhOnUyOpOfzQM9q9Xan3 wM5vpYkp9I3XkyLeOqoiIiaCSsc7iN2xbHRodZP4tYCrgAPwViDTr2rro5mgJN2Y5e/E 68Rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=PXYKfAN2hR9f9S8XFc2Q65enTdW+ozCV25QgsYITOkI=; b=oDo4RePw9PVteRrr1Q2mxX/MMc/9OVJdzoVppu3b2tiBkKg+o7mYa5Qcm8H6AGAych m7L6J5VQmarHk6SfVwr4IhOfj4ezHkT9JUSH8lquyJxUvSoXFtawgalvxWx/GZ8IZ1kw db7yxmhJuhFv2uaTJdYQxY2WlFITg1v0MafXnSiOfUtMQbq3HuXT51VqUMVLaFVphl5G dPycedHOa1Cp6BYuZTvXoAQwUwEJvR9pNbRHVQGpaJg0FQOPzrk2oe/2G9oFAbJJi+h6 FMVALjkMRPZR8DA+RLRMwstHXCxtoY4UpBDJGfNDJJsdTHnwJdgKoZPFNC3E6TJWl2LO fFRA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x2si5145735oie.56.2020.03.10.03.25.20; Tue, 10 Mar 2020 03:25:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726265AbgCJKZF (ORCPT + 99 others); Tue, 10 Mar 2020 06:25:05 -0400 Received: from mx2.suse.de ([195.135.220.15]:49108 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726202AbgCJKZF (ORCPT ); Tue, 10 Mar 2020 06:25:05 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 0D528B012; Tue, 10 Mar 2020 10:25:03 +0000 (UTC) Date: Tue, 10 Mar 2020 11:25:00 +0100 From: Joerg Roedel To: Tom Lendacky Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Bruce Rogers Subject: Re: [PATCH] x86/ioremap: Map EFI runtime services data as encrypted for SEV Message-ID: <20200310102500.GG7028@suse.de> References: <2d9e16eb5b53dc82665c95c6764b7407719df7a0.1582645327.git.thomas.lendacky@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2d9e16eb5b53dc82665c95c6764b7407719df7a0.1582645327.git.thomas.lendacky@amd.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Tom, On Tue, Feb 25, 2020 at 09:42:07AM -0600, Tom Lendacky wrote: > diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c > index 44e4beb4239f..382b6ca66820 100644 > --- a/arch/x86/mm/ioremap.c > +++ b/arch/x86/mm/ioremap.c > @@ -135,6 +135,13 @@ static void __ioremap_check_mem(resource_size_t addr, unsigned long size, > memset(desc, 0, sizeof(struct ioremap_desc)); > > walk_mem_res(start, end, desc, __ioremap_collect_map_flags); > + > + /* > + * The EFI runtime services data area is not covered by walk_mem_res(), > + * but must be mapped encrypted when SEV is active. > + */ > + if (sev_active() && efi_mem_type(addr) == EFI_RUNTIME_SERVICES_DATA) > + desc->flags |= IORES_MAP_ENCRYPTED; > } I can confirm that this fixes dmi-decode on my SEV guest. While reviewing I looked into using walk_system_ram_range(), but since this is only for the EFI_RUNTIME_SERVICES_DATA, it is not needed, so: Reviewed-by: Joerg Roedel Tested-by: Joerg Roedel