From: Tom Lendacky <thomas.lendacky@amd.com>
To: Joerg Roedel <jroedel@suse.de>, Baoquan He <bhe@redhat.com>
Cc: Tao Liu <ltao@redhat.com>, Borislav Petkov <bp@alien8.de>,
tglx@linutronix.de, mingo@redhat.com,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
ardb@kernel.org, linux-kernel@vger.kernel.org, dyoung@redhat.com,
kexec@lists.infradead.org, linux-efi@vger.kernel.org,
michael.roth@amd.com
Subject: Re: [PATCH v2] x86/kexec: Add EFI config table identity mapping for kexec kernel
Date: Fri, 7 Jul 2023 10:46:59 -0500 [thread overview]
Message-ID: <3c7bc679-6366-ab7f-7001-7b5ab71fa364@amd.com> (raw)
In-Reply-To: <ZKfLYG_4DANc_i5r@suse.de>
On 7/7/23 03:22, Joerg Roedel wrote:
> On Fri, Jul 07, 2023 at 12:23:59PM +0800, Baoquan He wrote:
>> I am wondering why we don't detect the cpu type and return early inside
>> sev_enable() if it's Intel cpu.
>>
>> We can't rely on CONFIG_AMD_MEM_ENCRYPT to decide if the code need be
>> executed or not because we usually enable them all in distros.
>
> Looking at the code in head_64.S, by the time sev_enable() runs the SEV
> bit should already be set in sev_status. Maybe use that to detect
> whether SEV is enabled and bail out early?
I think that is only if you enter on the 32-bit path. If invoked from EFI
in 64-bit, efi64_stub_entry(), then I don't believe that sev_status will
be set yet.
Before it can be determined if it is a non-AMD platform, the EFI config
table has to be searched in order to find the CC blob table. Once that is
found (or not found), then the checks for the platform are performed and
sev_enable() will exit if not on an AMD platform.
I think it was an oversight to not add support for identity mapping the
EFI config tables for kexec. Any features in the future that need to
search for an EFI config table early like this will need the same.
Thanks,
Tom
>
> Regards,
>
next prev parent reply other threads:[~2023-07-07 15:47 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-01 7:20 [PATCH v2] x86/kexec: Add EFI config table identity mapping for kexec kernel Tao Liu
2023-06-01 8:13 ` Baoquan He
2023-06-01 8:25 ` Tao Liu
2023-06-08 7:13 ` Tao Liu
2023-06-16 12:24 ` Baoquan He
2023-07-05 17:33 ` Borislav Petkov
2023-07-07 2:47 ` Dave Young
2023-07-07 3:38 ` Tao Liu
2023-07-07 4:23 ` Baoquan He
2023-07-07 8:22 ` Joerg Roedel
2023-07-07 8:41 ` Baoquan He
2023-07-07 8:57 ` Borislav Petkov
2023-07-07 15:25 ` Michael Roth
2023-07-07 17:12 ` Borislav Petkov
2023-07-13 10:17 ` Ard Biesheuvel
2023-07-17 15:02 ` Tao Liu
2023-07-07 15:46 ` Tom Lendacky [this message]
2023-07-13 10:04 ` Borislav Petkov
2023-07-17 13:53 ` Tao Liu
2023-07-17 14:14 ` Borislav Petkov
2023-07-17 14:24 ` Tao Liu
2023-07-27 11:03 ` Tao Liu
2023-07-28 16:55 ` Borislav Petkov
2023-08-02 8:22 ` Tao Liu
2023-08-02 9:39 ` Borislav Petkov
2023-08-02 13:40 ` Tom Lendacky
2023-08-02 13:58 ` Borislav Petkov
2023-08-02 14:55 ` Ard Biesheuvel
2023-08-02 15:51 ` Borislav Petkov
2023-08-03 11:11 ` Ard Biesheuvel
2023-08-03 14:27 ` Ard Biesheuvel
2023-08-05 9:19 ` Borislav Petkov
2023-08-05 9:17 ` Borislav Petkov
2023-08-06 9:00 ` Ard Biesheuvel
2023-07-17 14:56 ` Ard Biesheuvel
2023-07-17 15:11 ` Tao Liu
2023-07-27 11:11 ` Tao Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3c7bc679-6366-ab7f-7001-7b5ab71fa364@amd.com \
--to=thomas.lendacky@amd.com \
--cc=ardb@kernel.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=jroedel@suse.de \
--cc=kexec@lists.infradead.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ltao@redhat.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox