From mboxrd@z Thu Jan 1 00:00:00 1970 From: Borislav Petkov Subject: Re: [Part1 PATCH v4 07/17] x86/efi: Access EFI data as encrypted when SEV is active Date: Sun, 17 Sep 2017 16:05:17 +0200 Message-ID: <20170917140517.GF4733@nazgul.tnic> References: <20170916123418.37807-1-brijesh.singh@amd.com> <20170916123418.37807-8-brijesh.singh@amd.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Content-Disposition: inline In-Reply-To: <20170916123418.37807-8-brijesh.singh@amd.com> Sender: linux-kernel-owner@vger.kernel.org To: Brijesh Singh Cc: linux-kernel@vger.kernel.org, x86@kernel.org, kvm@vger.kernel.org, Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Andy Lutomirski , Tom Lendacky , Matt Fleming , Ard Biesheuvel , linux-efi@vger.kernel.org List-Id: linux-efi@vger.kernel.org On Sat, Sep 16, 2017 at 07:34:08AM -0500, Brijesh Singh wrote: > From: Tom Lendacky > > EFI data is encrypted when the kernel is run under SEV. Update the > page table references to be sure the EFI memory areas are accessed > encrypted. > > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: "H. Peter Anvin" > Cc: Borislav Petkov > Cc: Andy Lutomirski > Cc: Matt Fleming > Cc: Ard Biesheuvel > Cc: linux-efi@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Cc: x86@kernel.org > Signed-off-by: Tom Lendacky > Signed-off-by: Brijesh Singh > --- > arch/x86/platform/efi/efi_64.c | 16 +++++++++++++++- > 1 file changed, 15 insertions(+), 1 deletion(-) Reviewed-by: Borislav Petkov -- Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) --