From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0086.outbound.protection.outlook.com [104.47.32.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 3xGW9q14dmzDrJx for ; Tue, 25 Jul 2017 05:08:30 +1000 (AEST) From: Brijesh Singh To: linux-kernel@vger.kernel.org, x86@kernel.org, linux-efi@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm@vger.kernel.org Cc: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tony Luck , Piotr Luc , Tom Lendacky , Fenghua Yu , Lu Baolu , Reza Arbab , David Howells , Matt Fleming , "Kirill A . Shutemov" , Laura Abbott , Ard Biesheuvel , Andrew Morton , Eric Biederman , Benjamin Herrenschmidt , Paul Mackerras , Konrad Rzeszutek Wilk , Jonathan Corbet , Dave Airlie , Kees Cook , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Arnd Bergmann , Tejun Heo , Christoph Lameter , Brijesh Singh Subject: [RFC Part1 PATCH v3 03/17] x86/mm: Secure Encrypted Virtualization (SEV) support Date: Mon, 24 Jul 2017 14:07:43 -0500 Message-Id: <20170724190757.11278-4-brijesh.singh@amd.com> In-Reply-To: <20170724190757.11278-1-brijesh.singh@amd.com> References: <20170724190757.11278-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Tom Lendacky Provide support for Secure Encyrpted Virtualization (SEV). This initial support defines a flag that is used by the kernel to determine if it is running with SEV active. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh --- arch/x86/include/asm/mem_encrypt.h | 2 ++ arch/x86/mm/mem_encrypt.c | 3 +++ include/linux/mem_encrypt.h | 8 +++++++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 8e618fc..9274ec7 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -22,6 +22,7 @@ #ifdef CONFIG_AMD_MEM_ENCRYPT extern unsigned long sme_me_mask; +extern unsigned int sev_enabled; void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr, unsigned long decrypted_kernel_vaddr, @@ -50,6 +51,7 @@ void swiotlb_set_mem_attributes(void *vaddr, unsigned long size); #else /* !CONFIG_AMD_MEM_ENCRYPT */ #define sme_me_mask 0UL +#define sev_enabled 0 static inline void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) { } diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 0fbd092..1e4643e 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -40,6 +40,9 @@ static char sme_cmdline_off[] __initdata = "off"; unsigned long sme_me_mask __section(.data) = 0; EXPORT_SYMBOL_GPL(sme_me_mask); +unsigned int sev_enabled __section(.data) = 0; +EXPORT_SYMBOL_GPL(sev_enabled); + /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h index 1255f09..ea0831a 100644 --- a/include/linux/mem_encrypt.h +++ b/include/linux/mem_encrypt.h @@ -22,12 +22,18 @@ #else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ #define sme_me_mask 0UL +#define sev_enabled 0 #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ static inline bool sme_active(void) { - return !!sme_me_mask; + return (sme_me_mask && !sev_enabled); +} + +static inline bool sev_active(void) +{ + return (sme_me_mask && sev_enabled); } static inline unsigned long sme_get_me_mask(void) -- 2.9.4