Received: by 2002:ab2:3141:0:b0:1ed:23cc:44d1 with SMTP id i1csp2051946lqg; Mon, 4 Mar 2024 11:15:17 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVCHdXYQzLWdPGsCP3jDFrMhFrZrGod5ixQqPAYN3LXuM+wyblDS+PCo20SsCQ8p0MJyxplxWeDzfmZ6nTfJNfB+8Cfjloc3JV4l3hlHw== X-Google-Smtp-Source: AGHT+IG/ZL+9haWyG9/V7SDty6SXTYEK5NO9R+SklmKa78li5BPWNTx7TQyfyFKS7aL4zjVGwAxT X-Received: by 2002:a17:906:b28e:b0:a44:de79:4e3 with SMTP id q14-20020a170906b28e00b00a44de7904e3mr4569872ejz.60.1709579717498; Mon, 04 Mar 2024 11:15:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709579717; cv=pass; d=google.com; s=arc-20160816; b=i58yeVkZnYqsH6T3UNYfUB1ZtfZVEBpzChVEZDgUFh+YYsTlYYJP0UoHL9AhNOVU+z yb1iMbp1iXownxvdhMvwg9rUv+2oY55+P5W+KVAyij0tWILWiaq43ItquQrRmZCZlA1g Fm49/3N5tvx5plx5p1bLIPGBOCYk6BPxcrwDb2var0LQ5mHPGCyKSwU6cdz9jFvH/kw+ fo0s7BXeuueHmciYEyq9wkHYp2wQ/rvUvLsVYIo0Xw38F8ThORXMYybtcy5wLo3snZ9s p8SGxPYOVmKSacYZmaLEK7+fthmfsXtT9JV/jL1EJXRrDvXEYKXuvWSoiA8a/WiOvHBg NkLQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :dkim-signature; bh=ld9i8fau1/xw5rAEa95F8elDLyy3tqNVcnv6YewNW6E=; fh=jSxeoDiTCy8piF5ESceujGkBYdpgwR5lCEnwL/7TZa8=; b=PInp1VCyOCjN/r0rJ+IGts6ZOzFB7tGBFFLUy9hJXr/4YENdq//VIPodvZzpeJJRCu W3uVR/WynBhkOzLYP6Lq9Q6M4kPYTWGDV2fgFDZhq68K5jtLwFSFCM7b+U04Gk48Z7jg DTN0wTtHtGRwaM3V8MegW4FsZ6kXDMtK/vqIGM1188gxHrA2CDUBZjAo0s2J1aSeHqME Oq3Y/soNY9mdFN7GksmUwjdl5C2+5npJ6L8xNmU8WiVsjgX1LwXmSYBiFOKxh40GFvH5 m11C/F03KjBkK77+rwthvrVcna+nITlxf1UIxWgHY/Cpt5uBtmv3dHiEYplnf/1NV5BC vlUA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Xo6SCB1R; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-91163-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91163-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id d11-20020a1709067f0b00b00a4307efaeebsi4053158ejr.343.2024.03.04.11.15.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 11:15:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-91163-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Xo6SCB1R; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-91163-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-91163-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 3C8FA1F21EF0 for ; Mon, 4 Mar 2024 19:15:17 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BE5BA78B74; Mon, 4 Mar 2024 19:13:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Xo6SCB1R" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E864062171 for ; Mon, 4 Mar 2024 19:13:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709579612; cv=none; b=lvFxkMHB7a2zaBs5e86xgr9EHKCtZYjZld/kwbndWIv/YcxeUMDq/9fO4nuGLRsk4kvjn4yPqjTFVyHFBp5q1c9XIo+tqkUxcxTY1wvWe5kC5MXwAqBCbRIPNfxk4zbXHct3fmXC6j1Gyt7Y+bOydF/pp26fQ2x2dElvFTA1Arg= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709579612; c=relaxed/simple; bh=0/x7NIFE+8GjjhDfYzBdgxDC6ZAZU3x+lp4u97CB06E=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=PSwsgpvDrgIaDjLmta/TnWCSu2H4NT5iOouuYVHAWXYTWhB3Vlacq/Z5MmXdilTCKxsWbnM6qVsMd9Ie9ra7MQlQjTtcDIhGH7hJpeuDUVTj+eBR1rRmxjEl1r8wa1hyAl0XcVNn7P1fnYY/4qA7BEMGut1fKrbg/4xdu13jeo4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Xo6SCB1R; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6FB7DC433C7 for ; Mon, 4 Mar 2024 19:13:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709579611; bh=0/x7NIFE+8GjjhDfYzBdgxDC6ZAZU3x+lp4u97CB06E=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=Xo6SCB1RufD2pdgJsJkOIjT4MMzNVHTO4+/ccr2e4Pp+R3QkVUNty6VCL6joTcOjI 4TxwqTSiExtWnHXrVe0Q+y+6DpyLLkq9P08tRipvDzSMMffnnry4zdVDFPlVTRooYg 8bXXl0vC/CONiregcCpj7bJ9bKUuXgg41836rA0EmDwWXeVC28qmM4rEqPW0iWzAxs aVSddO8cZloE9NLiE8xRMP8enPu7WV0AXmSGcq+OyXiJVfGeCzgzT6z1bqm0Z63HI+ MrYVECROeN19q2N8hBtW8/6fUuZ3P24SYoMY84CgL7ad7KDH/A/JDix1LaYH+RpL86 ep2iSynC+51lA== Received: by mail-lj1-f179.google.com with SMTP id 38308e7fff4ca-2d24a727f78so59519191fa.0 for ; Mon, 04 Mar 2024 11:13:31 -0800 (PST) X-Forwarded-Encrypted: i=1; AJvYcCXnG0NFWj5IDV5yFciJLpZxRgCpx9qi4FR/3wylCELqSKzVrhtOG9meI3axq7iUmxgJMAaIeV0WpquUYV0mbiCNlvZ4mjQTiL4vQ0nO X-Gm-Message-State: AOJu0Yy1d3fYCcpml124ClqMRb2MCOxNFqpT3ki8wi51YZ3vTn85UO36 FC3arUCIqdamJipSTtbc488oPAwMSqEW425SvovOW6VHhkItVK3ddPq3XMoBw4UJctyG8U/vNfE Cu+36PSUkXWOPYeeCycLATU5tWQs= X-Received: by 2002:a05:6512:48c:b0:513:1cb0:174 with SMTP id v12-20020a056512048c00b005131cb00174mr6500426lfq.19.1709579609670; Mon, 04 Mar 2024 11:13:29 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240227151907.387873-11-ardb+git@google.com> <8b412f69-a08a-51cb-8223-ed1933031d5e@amd.com> In-Reply-To: <8b412f69-a08a-51cb-8223-ed1933031d5e@amd.com> From: Ard Biesheuvel Date: Mon, 4 Mar 2024 20:13:18 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v7 0/9] x86: Confine early 1:1 mapped startup code To: Tom Lendacky Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Kevin Loughlin , Dionna Glaze , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Andy Lutomirski , Brian Gerst Content-Type: text/plain; charset="UTF-8" On Mon, 4 Mar 2024 at 18:07, Tom Lendacky wrote: > > On 2/27/24 09:19, Ard Biesheuvel wrote: > > From: Ard Biesheuvel > > > > This is resend #2 of v5 [0] with some touchups applied. > > > > Changes since v6: > > - Drop flawed patch to move some SME/SEV related calls out of the early > > boot path to avoid the potential need for backporting patches #6/#7 > > to kernels where SEV support may not be crucial. This problem will be > > dealt with if/when it arises while doing those backports. > > > > Changes since v5: > > - drop patches that have been merged > > - rebase onto latest tip/x86/boot > > - fix comment regarding CR4.PGE wrt flushing of global TLB entries > > - avoid adding startup code to .noinstr.text as it triggers objtool > > warnings > > > > [0] https://lore.kernel.org/all/20240221113506.2565718-18-ardb+git@google.com/ > > > > Cc: Kevin Loughlin > > Cc: Tom Lendacky > > Cc: Dionna Glaze > > Cc: Thomas Gleixner > > Cc: Ingo Molnar > > Cc: Borislav Petkov > > Cc: Dave Hansen > > Cc: Andy Lutomirski > > Cc: Brian Gerst > > For the series, tested bare metal boots with mem_encrypt=on / > mem_encrypt=off and boots of SVM, SEV, SEV-ES and SEV-SNP guests. > > Tested-by: Tom Lendacky > Thanks a lot! I take it this was a kernel built with GCC?