Re: [PATCH 3/5] x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path

From: Joerg Roedel
Date: Tue Oct 20 2020 - 05:41:14 EST

Next message: Viresh Kumar: "Re: [PATCH V2 1/2] opp: Allow dev_pm_opp_get_opp_table() to return -EPROBE_DEFER"
Previous message: Andy Shevchenko: "Re: [RFC PATCH v3 9/9] ipu3-cio2: Add functionality allowing software_node connections to sensors on platforms designed for Windows"
In reply to: Arvind Sankar: "Re: [PATCH 3/5] x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path"
Next in thread: Joerg Roedel: "[PATCH 5/5] x86/sev-es: Do not support MMIO to/from encrypted memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 19, 2020 at 05:22:47PM -0400, Arvind Sankar wrote:
> The boot cpu also enables CR4.PGE -- that code is shared between boot
> and secondary cpus. The boot cpu jumps to the first "1" label below,
> just before the call to sev_verify_cbit you're adding.

You are right, in the real kernel image PGE gets enabled early. I added
code to save and restore CR4 in sev_verify_cbit() and disable PGE during
the test.

Thanks,

Joerg

Next message: Viresh Kumar: "Re: [PATCH V2 1/2] opp: Allow dev_pm_opp_get_opp_table() to return -EPROBE_DEFER"
Previous message: Andy Shevchenko: "Re: [RFC PATCH v3 9/9] ipu3-cio2: Add functionality allowing software_node connections to sensors on platforms designed for Windows"
In reply to: Arvind Sankar: "Re: [PATCH 3/5] x86/boot/compressed/64: Check SEV encryption in 64-bit boot-path"
Next in thread: Joerg Roedel: "[PATCH 5/5] x86/sev-es: Do not support MMIO to/from encrypted memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]