3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yoshihiro Shimoda
commit 6490865c67825277b29638e839850882600b48ec upstream.
This patch adds a code to surely disable TX IRQ of the pipe before
starting TX
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dan Streetman
commit da6ccaaa79caca4f38b540b651238f87215217a2 upstream.
Make the "Attempted send on closed socket" error messages generated in
nbd_request_handler() ratelimited.
When the nbd
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yoshihiro Shimoda
commit 6490865c67825277b29638e839850882600b48ec upstream.
This patch adds a code to surely disable TX IRQ of the pipe before
starting TX DMAC transfer. Otherwise, a lot of
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bjorn Helgaas
commit b894157145e4ac7598d7062bc93320898a5e059e upstream.
The Home Agent and PCU PCI devices in Broadwell-EP have a non-BAR register
where a BAR should be. We don't know what
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yuki Shibuya
commit 321c5658c5e9192dea0d58ab67cf1791e45b2b26 upstream.
Non maskable interrupts (NMI) are preferred to interrupts in current
implementation. If a NMI is pending and NMI is
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Maurizio Lombardi
commit 84bd64993f916bcf86270c67686ecf4cea7b8933 upstream.
In beiscsi_setup_boot_info(), the boot_kset pointer should be set to
NULL in case of failure otherwise an invalid
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Arnd Bergmann
commit baefd7015cdb304ce6c94f9679d0486c71954766 upstream.
The implementation of QP paravirtualization back in linux-3.7 included
some code that looks very
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Josh Boyer
commit 4ec0ef3a82125efc36173062a50624550a900ae0 upstream.
The iowarrior driver expects at least one valid endpoint. If given
malicious descriptors that
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bjorn Helgaas
commit b84106b4e2290c081cdab521fa832596cdfea246 upstream.
The PCI config header (first 64 bytes of each device's config space) is
defined by the PCI spec so
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Guenter Roeck
commit 968ce1b1f45a7d76b5471b19bd035dbecc72f32d upstream.
The old web page for the hwmon subsystem is no longer operational,
and the mailing list has become
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Arnd Bergmann
commit baefd7015cdb304ce6c94f9679d0486c71954766 upstream.
The implementation of QP paravirtualization back in linux-3.7 included
some code that looks very dubious, and gcc-6 has
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Josh Boyer
commit 4ec0ef3a82125efc36173062a50624550a900ae0 upstream.
The iowarrior driver expects at least one valid endpoint. If given
malicious descriptors that specify 0 for the number of
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bjorn Helgaas
commit b84106b4e2290c081cdab521fa832596cdfea246 upstream.
The PCI config header (first 64 bytes of each device's config space) is
defined by the PCI spec so generic software can
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Guenter Roeck
commit 968ce1b1f45a7d76b5471b19bd035dbecc72f32d upstream.
The old web page for the hwmon subsystem is no longer operational,
and the mailing list has become unreliable. Move both
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Hector Marco-Gisbert
commit 8b8addf891de8a00e4d39fc32f93f7c5eb8feceb upstream.
Currently on i386 and on X86_64 when emulating X86_32 in legacy mode, only
the stack and the
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Oliver Neukum
commit 8835ba4a39cf53f705417b3b3a94eb067673f2c9 upstream.
An attack has become available which pretends to be a quirky
device circumventing normal sanity checks
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Hector Marco-Gisbert
commit 8b8addf891de8a00e4d39fc32f93f7c5eb8feceb upstream.
Currently on i386 and on X86_64 when emulating X86_32 in legacy mode, only
the stack and the executable are
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Oliver Neukum
commit 8835ba4a39cf53f705417b3b3a94eb067673f2c9 upstream.
An attack has become available which pretends to be a quirky
device circumventing normal sanity checks and crashes the
On Tue, 26 Apr 2016 09:21:10 -0700 Thomas Garnier wrote:
> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the
> SLAB freelist. The list is randomized during initialization of a new set
> of pages. The order on different freelist sizes is pre-computed at
On Tue, 26 Apr 2016 09:21:10 -0700 Thomas Garnier wrote:
> Provides an optional config (CONFIG_FREELIST_RANDOM) to randomize the
> SLAB freelist. The list is randomized during initialization of a new set
> of pages. The order on different freelist sizes is pre-computed at boot
> for performance.
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Maurizio Lombardi
commit 84bd64993f916bcf86270c67686ecf4cea7b8933 upstream.
In beiscsi_setup_boot_info(), the boot_kset pointer should be set to
NULL in case of failure
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nate Dailey
commit ccfc7bf1f09d6190ef86693ddc761d5fe3fa47cb upstream.
If raid1d is handling a mix of read and write errors, handle_read_error's
call to freeze_array
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Florian Westphal
[ Upstream commit 55285bf09427c5abf43ee1d54e892f352092b1f1 ]
Dmitry reports memleak with syskaller program.
Problem is that connector bumps skb usecount but
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Geert Uytterhoeven
commit a25f4a95ec3cded34c1250364eba704c5e4fdac4 upstream.
drivers/rtc/rtc-vr41xx.c:229: warning: ‘vr41xx_rtc_alarm_irq_enable’ defined
but not used
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Geert Uytterhoeven
commit a25f4a95ec3cded34c1250364eba704c5e4fdac4 upstream.
drivers/rtc/rtc-vr41xx.c:229: warning: ‘vr41xx_rtc_alarm_irq_enable’ defined
but not used
Apparently the
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Maurizio Lombardi
commit 84bd64993f916bcf86270c67686ecf4cea7b8933 upstream.
In beiscsi_setup_boot_info(), the boot_kset pointer should be set to
NULL in case of failure otherwise an invalid
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Nate Dailey
commit ccfc7bf1f09d6190ef86693ddc761d5fe3fa47cb upstream.
If raid1d is handling a mix of read and write errors, handle_read_error's
call to freeze_array can get stuck.
This can
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Florian Westphal
[ Upstream commit 55285bf09427c5abf43ee1d54e892f352092b1f1 ]
Dmitry reports memleak with syskaller program.
Problem is that connector bumps skb usecount but might not invoke
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Tiffany Lin
commit 7df5ab8774aa383c6d2bff00688d004585d96dfd upstream.
In v4l2-compliance utility, test QUERYBUF required correct length
value to go through each
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Tiffany Lin
commit 7df5ab8774aa383c6d2bff00688d004585d96dfd upstream.
In v4l2-compliance utility, test QUERYBUF required correct length
value to go through each planar to check planar's
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Benjamin Tissoires
commit 9578f41aeaee5010384f4f8484da1566e2ce4901 upstream.
This allows the transport layer (I have in mind hid-logitech-dj and uhid)
to set
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "subas...@codeaurora.org"
[ Upstream commit 071d36bf21bcc837be00cea55bcef8d129e7f609 ]
A crash is observed when a decrypted packet is processed in receive
path.
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Vittorio Gambaletta (VittGam)"
commit 4061db03dd71d195b9973ee466f6ed32f6a3fc16 upstream.
The clock measurement on the AC'97 audio card found in the IBM ThinkPad X41
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bjørn Mork
[ Upstream commit 48906f62c96cc2cd35753e59310cb70eb08cc6a5 ]
Some devices will silently fail setup unless they are reset first.
This is necessary even if the data
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Arnd Bergmann
commit ba4bc32eaa39ba7687f0958ae90eec94da613b46 upstream.
An older patch to convert the API in the s3c i2s driver
ended up passing a const pointer into a function
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Tom Lendacky
commit 952bce9792e6bf36fda09c2e5718abb5d9327369 upstream.
Commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
added a check to prevent
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Vittorio Gambaletta (VittGam)"
commit 4061db03dd71d195b9973ee466f6ed32f6a3fc16 upstream.
The clock measurement on the AC'97 audio card found in the IBM ThinkPad X41
will often fail, so add a
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: Bjørn Mork
[ Upstream commit 48906f62c96cc2cd35753e59310cb70eb08cc6a5 ]
Some devices will silently fail setup unless they are reset first.
This is necessary even if the data interface is
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Arnd Bergmann
commit ba4bc32eaa39ba7687f0958ae90eec94da613b46 upstream.
An older patch to convert the API in the s3c i2s driver
ended up passing a const pointer into a function that takes
a
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Tom Lendacky
commit 952bce9792e6bf36fda09c2e5718abb5d9327369 upstream.
Commit 8996eafdcbad ("crypto: ahash - ensure statesize is non-zero")
added a check to prevent ahash algorithms from
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Benjamin Tissoires
commit 9578f41aeaee5010384f4f8484da1566e2ce4901 upstream.
This allows the transport layer (I have in mind hid-logitech-dj and uhid)
to set the group before it is added to
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "subas...@codeaurora.org"
[ Upstream commit 071d36bf21bcc837be00cea55bcef8d129e7f609 ]
A crash is observed when a decrypted packet is processed in receive
path. get_rps_cpus() tries to
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Hans de Goede
commit 55ff8cfbc4e12a7d2187df523938cc671fbebdd1 upstream.
The uas driver can never queue more then MAX_CMNDS (- 1) tags and tags
are shared between luns, so
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Dmitry V. Levin"
commit 5f8d498d4364f544fee17125787a47553db02afa upstream.
Explicitly check show_devname method return code and bail out in case
of an error. This fixes
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Hans de Goede
commit 55ff8cfbc4e12a7d2187df523938cc671fbebdd1 upstream.
The uas driver can never queue more then MAX_CMNDS (- 1) tags and tags
are shared between luns, so there is no need to
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: "Dmitry V. Levin"
commit 5f8d498d4364f544fee17125787a47553db02afa upstream.
Explicitly check show_devname method return code and bail out in case
of an error. This fixes regression
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yuki Shibuya
commit 321c5658c5e9192dea0d58ab67cf1791e45b2b26 upstream.
Non maskable interrupts (NMI) are preferred to interrupts in current
implementation. If a NMI
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Yuki Shibuya
commit 321c5658c5e9192dea0d58ab67cf1791e45b2b26 upstream.
Non maskable interrupts (NMI) are preferred to interrupts in current
implementation. If a NMI is pending and NMI is
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: "J. Bruce Fields"
commit 2f6fc056e899bd0144a08da5cacaecbe8997cd74 upstream.
nfsd_lookup_dentry exits with the parent filehandle locked. fh_put also
unlocks if necessary
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Ming Lei
commit fafcde3ac1a418688a734365203a12483b83907a upstream.
Inside multipath_make_request(), multipath maps the incoming
bio into low level device's bio, but it
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dave Jones
commit 7834c10313fb823e538f2772be78edcdeed2e6e3 upstream.
Since 4.4, I've been able to trigger this occasionally:
===
[ INFO:
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Grygorii Strashko
commit adf9a3ab90eb44e57f9dbf757acd897838b5ec21 upstream.
The Keystone 2 supports DT-boot only, as result dma_mask will be
always configured
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: "J. Bruce Fields"
commit 2f6fc056e899bd0144a08da5cacaecbe8997cd74 upstream.
nfsd_lookup_dentry exits with the parent filehandle locked. fh_put also
unlocks if necessary (nfsd filehandle
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Ming Lei
commit fafcde3ac1a418688a734365203a12483b83907a upstream.
Inside multipath_make_request(), multipath maps the incoming
bio into low level device's bio, but it is totally wrong to
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Dave Jones
commit 7834c10313fb823e538f2772be78edcdeed2e6e3 upstream.
Since 4.4, I've been able to trigger this occasionally:
===
[ INFO: suspicious RCU usage. ]
3.16.35-rc1 review patch. If anyone has any objections, please let me know.
--
From: Grygorii Strashko
commit adf9a3ab90eb44e57f9dbf757acd897838b5ec21 upstream.
The Keystone 2 supports DT-boot only, as result dma_mask will be
always configured properly from DT -
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "J. Bruce Fields"
commit 4aed9c46afb80164401143aa0fdcfe3798baa9d5 upstream.
A number of spots in the xdr decoding follow a pattern like
n = be32_to_cpup(p++);
3.2.80-rc1 review patch. If anyone has any objections, please let me know.
--
From: "J. Bruce Fields"
commit 4aed9c46afb80164401143aa0fdcfe3798baa9d5 upstream.
A number of spots in the xdr decoding follow a pattern like
n = be32_to_cpup(p++);
READ_BUF(n + 4);
Update the cpu features to include identifying and reporting on the
Secure Memory Encryption feature.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/cpufeature.h |1 +
arch/x86/include/asm/cpufeatures.h |5 -
arch/x86/kernel/cpu/scattered.c|1
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/common.c |2 ++
1 file changed, 2 insertions(+)
diff --git
Update the cpu features to include identifying and reporting on the
Secure Memory Encryption feature.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/cpufeature.h |1 +
arch/x86/include/asm/cpufeatures.h |5 -
arch/x86/kernel/cpu/scattered.c|1 +
3 files changed, 6
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/common.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/common.c
On Fri, Apr 08, 2016 at 11:21:05AM -0400, Alan Stern wrote:
> On Fri, 8 Apr 2016, Greg Kroah-Hartman wrote:
>
> > On Fri, Apr 08, 2016 at 05:08:03PM +0800, Chunfeng Yun wrote:
> > > NULL pointer dereferrence will happen when class driver
> > > wants to allocate zero length buffer and pool_max[0]
On Fri, Apr 08, 2016 at 11:21:05AM -0400, Alan Stern wrote:
> On Fri, 8 Apr 2016, Greg Kroah-Hartman wrote:
>
> > On Fri, Apr 08, 2016 at 05:08:03PM +0800, Chunfeng Yun wrote:
> > > NULL pointer dereferrence will happen when class driver
> > > wants to allocate zero length buffer and pool_max[0]
On Tue, Apr 26, 2016 at 01:56:11PM +0200, Michal Hocko wrote:
> From: Michal Hocko
>
> GFP_NOFS context is used for the following 4 reasons currently
> - to prevent from deadlocks when the lock held by the allocation
> context would be needed during the memory
On Tue, Apr 26, 2016 at 01:56:11PM +0200, Michal Hocko wrote:
> From: Michal Hocko
>
> GFP_NOFS context is used for the following 4 reasons currently
> - to prevent from deadlocks when the lock held by the allocation
> context would be needed during the memory reclaim
> - to
Update the cpu features to include identifying and reporting on the
Secure Memory Encryption feature.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/cpufeature.h |1 +
arch/x86/include/asm/cpufeatures.h |5 -
arch/x86/kernel/cpu/scattered.c|1
Add to the early_memmap support to be able to specify encrypted and
un-encrypted mappings with and without write-protection. The use of
write-protection is necessary when encrypting data "in place". The
write-protect attribute is considered cacheable for loads, but not
stores. This implies that
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/common.c |2 ++
1 file changed, 2 insertions(+)
diff --git
Update the cpu features to include identifying and reporting on the
Secure Memory Encryption feature.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/cpufeature.h |1 +
arch/x86/include/asm/cpufeatures.h |5 -
arch/x86/kernel/cpu/scattered.c|1 +
3 files changed, 6
Add to the early_memmap support to be able to specify encrypted and
un-encrypted mappings with and without write-protection. The use of
write-protection is necessary when encrypting data "in place". The
write-protect attribute is considered cacheable for loads, but not
stores. This implies that
When System Memory Encryption (SME) is enabled, the physical address
space is reduced. Adjust the x86_phys_bits value to reflect this
reduction.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/cpu/common.c |2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/cpu/common.c
Adding general kernel support for memory encryption includes:
- Modify and create some page table macros to include the Secure Memory
Encryption (SME) memory encryption mask
- Update kernel boot support to call an SME routine that checks for and
sets the SME capability (the SME routine will
Adding general kernel support for memory encryption includes:
- Modify and create some page table macros to include the Secure Memory
Encryption (SME) memory encryption mask
- Update kernel boot support to call an SME routine that checks for and
sets the SME capability (the SME routine will
For AMD processors that support PAT, set the write-protect cache mode
(_PAGE_CACHE_MODE_WP) entry to the actual write-protect value (x05).
Signed-off-by: Tom Lendacky
---
arch/x86/mm/pat.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git
On Tue, Apr 26, 2016 at 01:56:12PM +0200, Michal Hocko wrote:
> From: Michal Hocko
>
> THIS PATCH IS FOR TESTING ONLY AND NOT MEANT TO HIT LINUS TREE
>
> It is desirable to reduce the direct GFP_NO{FS,IO} usage at minimum and
> prefer scope usage defined by
For AMD processors that support PAT, set the write-protect cache mode
(_PAGE_CACHE_MODE_WP) entry to the actual write-protect value (x05).
Signed-off-by: Tom Lendacky
---
arch/x86/mm/pat.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/arch/x86/mm/pat.c
On Tue, Apr 26, 2016 at 01:56:12PM +0200, Michal Hocko wrote:
> From: Michal Hocko
>
> THIS PATCH IS FOR TESTING ONLY AND NOT MEANT TO HIT LINUS TREE
>
> It is desirable to reduce the direct GFP_NO{FS,IO} usage at minimum and
> prefer scope usage defined by memalloc_no{fs,io}_{save,restore}
This RFC patch series provides support for AMD's new Secure Memory
Encryption (SME) feature.
SME can be used to mark individual pages of memory as encrypted through the
page tables. A page of memory that is marked encrypted will be automatically
decrypted when read from DRAM and will be
This patch adds the support to check for and enable SME when available
on the processor and when the mem_encrypt=on command line option is set.
This consists of setting the encryption mask, calculating the number of
physical bits of addressing lost and encrypting the kernel "in place."
This adds support to be able to either encrypt or decrypt data during
the early stages of booting the kernel. This does not change the memory
encryption attribute - it is used for ensuring that data present in
either an encrypted or un-encrypted memory area is in the proper state
(for example the
This RFC patch series provides support for AMD's new Secure Memory
Encryption (SME) feature.
SME can be used to mark individual pages of memory as encrypted through the
page tables. A page of memory that is marked encrypted will be automatically
decrypted when read from DRAM and will be
This patch adds the support to check for and enable SME when available
on the processor and when the mem_encrypt=on command line option is set.
This consists of setting the encryption mask, calculating the number of
physical bits of addressing lost and encrypting the kernel "in place."
This adds support to be able to either encrypt or decrypt data during
the early stages of booting the kernel. This does not change the memory
encryption attribute - it is used for ensuring that data present in
either an encrypted or un-encrypted memory area is in the proper state
(for example the
Provide the Kconfig support to build the SME support in the kernel.
Signed-off-by: Tom Lendacky
---
arch/x86/Kconfig |9 +
1 file changed, 9 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 7bb1574..13249b5 100644
--- a/arch/x86/Kconfig
Provide the Kconfig support to build the SME support in the kernel.
Signed-off-by: Tom Lendacky
---
arch/x86/Kconfig |9 +
1 file changed, 9 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 7bb1574..13249b5 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@
Encrypt memory areas in place when possible (e.g. zero page, etc.) so
that special handling isn't needed afterwards.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/head64.c | 90 +++---
arch/x86/kernel/setup.c |8
2
Since DMA addresses will effectively look like 48-bit addresses when the
memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
device performing the DMA does not support 48-bits. SWIOTLB will be
initialized to create un-encrypted bounce buffers for use by these devices.
The EFI tables are not encrypted and need to be accessed as such. Be sure
to memmap them without the encryption attribute set. For EFI support that
lives outside of the arch/x86 tree, create a routine that uses the __weak
attribute so that it can be overridden by an architecture specific routine.
Add support to set the memory encryption enable flag on the APs during
realmode initialization. When an AP is started it checks this flag, and
if set, enables memory encryption on its core.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/msr-index.h |2 ++
Add support to the AMD IOMMU driver to set the memory encryption mask if
memory encryption is enabled.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/mem_encrypt.h |2 ++
arch/x86/mm/mem_encrypt.c |5 +
drivers/iommu/amd_iommu.c |
Encrypt memory areas in place when possible (e.g. zero page, etc.) so
that special handling isn't needed afterwards.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/head64.c | 90 +++---
arch/x86/kernel/setup.c |8
2 files changed, 93
Since DMA addresses will effectively look like 48-bit addresses when the
memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
device performing the DMA does not support 48-bits. SWIOTLB will be
initialized to create un-encrypted bounce buffers for use by these devices.
The EFI tables are not encrypted and need to be accessed as such. Be sure
to memmap them without the encryption attribute set. For EFI support that
lives outside of the arch/x86 tree, create a routine that uses the __weak
attribute so that it can be overridden by an architecture specific routine.
Add support to set the memory encryption enable flag on the APs during
realmode initialization. When an AP is started it checks this flag, and
if set, enables memory encryption on its core.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/msr-index.h |2 ++
Add support to the AMD IOMMU driver to set the memory encryption mask if
memory encryption is enabled.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/mem_encrypt.h |2 ++
arch/x86/mm/mem_encrypt.c |5 +
drivers/iommu/amd_iommu.c | 10 ++
3 files
This adds support to be able to either encrypt or decrypt data during
the early stages of booting the kernel. This does not change the memory
encryption attribute - it is used for ensuring that data present in
either an encrypted or un-encrypted memory area is in the proper state
(for example the
Update the KVM support to include the memory encryption mask when creating
and using nested page tables.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/kvm_host.h |2 +-
arch/x86/kvm/mmu.c |7 +--
arch/x86/kvm/vmx.c |2 +-
Since the VGA memory needs to be accessed unencrypted be sure that the
memory encryption mask is not set for the VGA range being mapped.
Signed-off-by: Tom Lendacky
---
arch/x86/include/asm/vga.h | 13 +
1 file changed, 13 insertions(+)
diff --git
The device tree is not encrypted and needs to be accessed as such. Be sure
to memmap it without the encryption mask set.
Signed-off-by: Tom Lendacky
---
arch/x86/kernel/devicetree.c |6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git
901 - 1000 of 3200 matches
Mail list logo