lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Aug 2018 15:13:31 +0200 From: Borislav Petkov <bp@...e.de> To: Brijesh Singh <brijesh.singh@....com> Cc: x86@...nel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org, stable@...r.kernel.org, Tom Lendacky <thomas.lendacky@....com>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Paolo Bonzini <pbonzini@...hat.com>, Sean Christopherson <sean.j.christopherson@...el.com>, Radim Krčmář <rkrcmar@...hat.com> Subject: Re: [PATCH v2 1/3] x86/mm: Restructure sme_encrypt_kernel() On Tue, Aug 28, 2018 at 05:12:55PM -0500, Brijesh Singh wrote: > Re-arrange the sme_encrypt_kernel() by moving the workarea map/unmap > logic in a separate static function. There are no logical changes in this > patch. The restructuring will allow us to expand the sme_encrypt_kernel > in future. > > Signed-off-by: Brijesh Singh <brijesh.singh@....com> > Cc: stable@...r.kernel.org This patch is going to be a prerequisite for the actual fix so you probably should write here: Cc: stable@...r.kernel.org # prerequisite for <patch name> or better yet do a separate backport/submission to stable@ once those have been upstreamed. ... > +void __init sme_encrypt_kernel(struct boot_params *bp) > +{ > + struct sme_populate_pgd_data ppd; > + struct sme_workarea_data wa; > + > + if (!sme_active()) > + return; > + > + build_workarea_map(bp, &wa, &ppd); > + > + /* When SEV is active, encrypt kernel and initrd */ > + sme_encrypt_execute(wa.kernel_start, > + wa.kernel_start + wa.decrypted_base, > + wa.kernel_len, wa.workarea_start, > + (unsigned long)ppd.pgd); > + > + if (wa.initrd_len) > + sme_encrypt_execute(wa.initrd_start, > + wa.initrd_start + wa.decrypted_base, > + wa.initrd_len, wa.workarea_start, > + (unsigned long)ppd.pgd); > + > + remove_workarea_map(&wa, &ppd); teardown_workarea_map() is a better naming counterpart to build_workarea_map(). -- Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) --
Powered by blists - more mailing lists