Re: [PATCH v3 0/5] x86: SME: BSP/SME microcode update fix

[Gabriel C]

On 10.01.2018 22:26, Tom Lendacky wrote:
> On 1/10/2018 3:14 PM, Gabriel C wrote:
> > On 10.01.2018 20:25, Tom Lendacky wrote:
> >
> > Hi Tom ,
> >
> > > This patch series addresses an issue when SME is active and the BSP
> > > is attempting to check for and load microcode during load_ucode_bsp().
> > > Since the initrd has not been decrypted (yet) and the virtual address
> > > of the initrd treats the memory as encrypted, the CPIO archive parsing
> > > fails to locate the microcode.
> > >
> > > This series moves the encryption of the initrd into the early boot code
> > > and encrypts it at the same time that the kernel is encrypted. Since
> > > the initrd is now encrypted, the CPIO archive parsing succeeds in
> > > properly locating the microcode.
> > >
> > > The following patches are included in this fix:
> > > - Cleanup register saving in arch/x86/mm/mem_encrypt_boot.S
> > > - Reduce parameters and complexity for creating the SME PGD mappings
> > > - Centralize the use of the PMD flags used in sme_encrypt_kernel() in
> > >  ÂÂ preparation for using PTE flags also.
> > > - Prepare sme_encrypt_kernel() to handle PAGE aligned encryption, not
> > >  ÂÂ just 2MB large page aligned encryption.
> > > - Encrypt the initrd in sme_encrypt_kernel() when the kernel is being
> > >  ÂÂ encrypted.
> > >
> > > This patch series is based on tip/master.
> >
> > Is something in tip/master the patch serie need ?
>
> That's just how I have to submit the patches.  You could try applying them
> onto whatever tree you like, I don't imagine any conflicts would be too
> difficult to resolve if you encounter any.


I've tested your patches on current linus/master and all is working fine for me.

With mem_encrypt=on microcode gets updated on all CPUs now.

You can add my  Tested-by: if you wish.

Tested-by: Gabriel Craciunescu <nix.or.die@xxxxxxxxx>


Regards,

Gabriel C