[RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
Provide the Kconfig support to build the SME support in the kernel. Signed-off-by: Tom Lendacky --- arch/x86/Kconfig |9 + 1 file changed, 9 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 7bb1574..13249b5 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES supports them), so don't confuse the user by printing that we have them enabled. +config AMD_MEM_ENCRYPT + bool "Secure Memory Encryption support for AMD" + depends on X86_64 && CPU_SUP_AMD + ---help--- + Say yes to enable the encryption of system memory. This requires + an AMD processor that supports Secure Memory Encryption (SME). + The encryption of system memory is disabled by default but can be + enabled with the mem_encrypt=on command line option. + # Common NUMA Features config NUMA bool "Numa Memory Allocation and Scheduler Support" -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
Provide the Kconfig support to build the SME support in the kernel. Signed-off-by: Tom Lendacky --- arch/x86/Kconfig |9 + 1 file changed, 9 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 7bb1574..13249b5 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES supports them), so don't confuse the user by printing that we have them enabled. +config AMD_MEM_ENCRYPT + bool "Secure Memory Encryption support for AMD" + depends on X86_64 && CPU_SUP_AMD + ---help--- + Say yes to enable the encryption of system memory. This requires + an AMD processor that supports Secure Memory Encryption (SME). + The encryption of system memory is disabled by default but can be + enabled with the mem_encrypt=on command line option. + # Common NUMA Features config NUMA bool "Numa Memory Allocation and Scheduler Support" -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: > Provide the Kconfig support to build the SME support in the kernel. Probably should go last in the series? > Signed-off-by: Tom Lendacky > --- > arch/x86/Kconfig |9 + > 1 file changed, 9 insertions(+) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 7bb1574..13249b5 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES > supports them), so don't confuse the user by printing > that we have them enabled. > > +config AMD_MEM_ENCRYPT > + bool "Secure Memory Encryption support for AMD" > + depends on X86_64 && CPU_SUP_AMD > + ---help--- > + Say yes to enable the encryption of system memory. This requires > + an AMD processor that supports Secure Memory Encryption (SME). > + The encryption of system memory is disabled by default but can be > + enabled with the mem_encrypt=on command line option. > + > # Common NUMA Features > config NUMA > bool "Numa Memory Allocation and Scheduler Support" -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On 03/22/2016 08:01 AM, Pavel Machek wrote: > On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: >> Provide the Kconfig support to build the SME support in the kernel. > > > Probably should go last in the series? Yeah, I've seen arguments both ways for this. Doing it early allows compiling and testing with it enabled and doing it late doesn't enable anything until it's all there. I just chose the former. Thanks, Tom > >> Signed-off-by: Tom Lendacky >> --- >> arch/x86/Kconfig |9 + >> 1 file changed, 9 insertions(+) >> >> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig >> index 7bb1574..13249b5 100644 >> --- a/arch/x86/Kconfig >> +++ b/arch/x86/Kconfig >> @@ -1356,6 +1356,15 @@ config X86_DIRECT_GBPAGES >>supports them), so don't confuse the user by printing >>that we have them enabled. >> >> +config AMD_MEM_ENCRYPT >> +bool "Secure Memory Encryption support for AMD" >> +depends on X86_64 && CPU_SUP_AMD >> +---help--- >> + Say yes to enable the encryption of system memory. This requires >> + an AMD processor that supports Secure Memory Encryption (SME). >> + The encryption of system memory is disabled by default but can be >> + enabled with the mem_encrypt=on command line option. >> + >> # Common NUMA Features >> config NUMA >> bool "Numa Memory Allocation and Scheduler Support" > -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On Wed 2016-04-27 10:17:36, Tom Lendacky wrote: > On 03/22/2016 08:01 AM, Pavel Machek wrote: > > On Tue 2016-04-26 17:56:14, Tom Lendacky wrote: > >> Provide the Kconfig support to build the SME support in the kernel. > > > > > > Probably should go last in the series? > > Yeah, I've seen arguments both ways for this. Doing it early > allows compiling and testing with it enabled and doing it late > doesn't enable anything until it's all there. I just chose the > former. Doing it early will break bisect, right? Pavel > >> +config AMD_MEM_ENCRYPT > >> + bool "Secure Memory Encryption support for AMD" > >> + depends on X86_64 && CPU_SUP_AMD > >> + ---help--- > >> +Say yes to enable the encryption of system memory. This requires > >> +an AMD processor that supports Secure Memory Encryption (SME). > >> +The encryption of system memory is disabled by default but can be > >> +enabled with the mem_encrypt=on command line option. > >> + > >> # Common NUMA Features > >> config NUMA > >>bool "Numa Memory Allocation and Scheduler Support" > > -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote: > Doing it early will break bisect, right? How exactly? Please do tell. -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On Wed 2016-04-27 17:41:40, Borislav Petkov wrote: > On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote: > > Doing it early will break bisect, right? > > How exactly? Please do tell. Hey look, SME slowed down 30% since being initially merged into kernel! Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On 27/04/16 17:41, Pavel Machek wrote: On Wed 2016-04-27 17:41:40, Borislav Petkov wrote: On Wed, Apr 27, 2016 at 05:30:10PM +0200, Pavel Machek wrote: Doing it early will break bisect, right? How exactly? Please do tell. Hey look, SME slowed down 30% since being initially merged into kernel! As opposed to "well, bisection shows these n+1 complicated changes are all fine and the crash is down to this Kconfig patch", presumably. I'm sure we all love spending a whole afternoon only to find that, right? :P Robin. Pavel -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement
On Wed, Apr 27, 2016 at 06:41:37PM +0200, Pavel Machek wrote: > Hey look, SME slowed down 30% since being initially merged into > kernel! How is that breaking bisection? -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
