[tip:x86/asm] x86/realmode: Don't decrypt trampoline area under SEV
From: tip-bot for Tom Lendacky
Date: Tue Nov 07 2017 - 09:47:32 EST
Commit-ID: fcdcd6cdd98ff4d0cf876f863024a2fb0b491d41
Gitweb: https://git.kernel.org/tip/fcdcd6cdd98ff4d0cf876f863024a2fb0b491d41
Author: Tom Lendacky <thomas.lendacky@xxxxxxx>
AuthorDate: Fri, 20 Oct 2017 09:30:46 -0500
Committer: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
CommitDate: Tue, 7 Nov 2017 15:35:55 +0100
x86/realmode: Don't decrypt trampoline area under SEV
When SEV is active the trampoline area will need to be in encrypted
memory so only mark the area decrypted if SME is active.
Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Reviewed-by: Borislav Petkov <bp@xxxxxxx>
Tested-by: Borislav Petkov <bp@xxxxxxx>
Cc: Laura Abbott <labbott@xxxxxxxxxx>
Cc: kvm@xxxxxxxxxxxxxxx
Cc: Borislav Petkov <bp@xxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>
Link: https://lkml.kernel.org/r/20171020143059.3291-5-brijesh.singh@xxxxxxx
---
arch/x86/realmode/init.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c
index ed84d39..d101058 100644
--- a/arch/x86/realmode/init.c
+++ b/arch/x86/realmode/init.c
@@ -64,9 +64,10 @@ static void __init setup_real_mode(void)
/*
* If SME is active, the trampoline area will need to be in
* decrypted memory in order to bring up other processors
- * successfully.
+ * successfully. This is not needed for SEV.
*/
- set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT);
+ if (sme_active())
+ set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT);
memcpy(base, real_mode_blob, size);