aboutsummaryrefslogtreecommitdiffstats
path: root/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch')
-rw-r--r--meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch99
1 files changed, 99 insertions, 0 deletions
diff --git a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch
new file mode 100644
index 00000000..326fb11c
--- /dev/null
+++ b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch
@@ -0,0 +1,99 @@
+From eb07f7d793db030645abf9bad60dc9d1f40870a7 Mon Sep 17 00:00:00 2001
+From: Brijesh Singh <brijesh.singh@amd.com>
+Date: Fri, 20 Oct 2017 09:30:57 -0500
+Subject: [PATCH 56/95] percpu: Introduce DEFINE_PER_CPU_DECRYPTED
+
+KVM guest defines three per-CPU variables (steal-time, apf_reason, and
+kvm_pic_eoi) which are shared between a guest and a hypervisor.
+
+When SEV is active, memory is encrypted with a guest-specific key, and if
+the guest OS wants to share the memory region with the hypervisor then it
+must clear the C-bit (i.e set decrypted) before sharing it.
+
+DEFINE_PER_CPU_DECRYPTED can be used to define the per-CPU variables
+which will be shared between a guest and a hypervisor.
+
+Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
+Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
+Tested-by: Borislav Petkov <bp@suse.de>
+Acked-by: Tejun Heo <tj@kernel.org>
+Reviewed-by: Borislav Petkov <bp@suse.de>
+Cc: linux-arch@vger.kernel.org
+Cc: Tom Lendacky <thomas.lendacky@amd.com>
+Cc: kvm@vger.kernel.org
+Cc: Arnd Bergmann <arnd@arndb.de>
+Cc: Borislav Petkov <bp@alien8.de>
+Cc: Christoph Lameter <cl@linux.com>
+Link: https://lkml.kernel.org/r/20171020143059.3291-16-brijesh.singh@amd.com
+Signed-off-by: Sudheesh Mavila <sudheesh.mavila@amd.com>
+---
+ include/asm-generic/vmlinux.lds.h | 19 +++++++++++++++++++
+ include/linux/percpu-defs.h | 15 +++++++++++++++
+ 2 files changed, 34 insertions(+)
+
+diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
+index fcec26d..873d2e70 100644
+--- a/include/asm-generic/vmlinux.lds.h
++++ b/include/asm-generic/vmlinux.lds.h
+@@ -779,6 +779,24 @@
+ #endif
+
+ /*
++ * Memory encryption operates on a page basis. Since we need to clear
++ * the memory encryption mask for this section, it needs to be aligned
++ * on a page boundary and be a page-size multiple in length.
++ *
++ * Note: We use a separate section so that only this section gets
++ * decrypted to avoid exposing more than we wish.
++ */
++#ifdef CONFIG_AMD_MEM_ENCRYPT
++#define PERCPU_DECRYPTED_SECTION \
++ . = ALIGN(PAGE_SIZE); \
++ *(.data..percpu..decrypted) \
++ . = ALIGN(PAGE_SIZE);
++#else
++#define PERCPU_DECRYPTED_SECTION
++#endif
++
++
++/*
+ * Default discarded sections.
+ *
+ * Some archs want to discard exit text/data at runtime rather than
+@@ -816,6 +834,7 @@
+ . = ALIGN(cacheline); \
+ *(.data..percpu) \
+ *(.data..percpu..shared_aligned) \
++ PERCPU_DECRYPTED_SECTION \
+ VMLINUX_SYMBOL(__per_cpu_end) = .;
+
+ /**
+diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h
+index 8f16299..2d2096b 100644
+--- a/include/linux/percpu-defs.h
++++ b/include/linux/percpu-defs.h
+@@ -173,6 +173,21 @@
+ DEFINE_PER_CPU_SECTION(type, name, "..read_mostly")
+
+ /*
++ * Declaration/definition used for per-CPU variables that should be accessed
++ * as decrypted when memory encryption is enabled in the guest.
++ */
++#if defined(CONFIG_VIRTUALIZATION) && defined(CONFIG_AMD_MEM_ENCRYPT)
++
++#define DECLARE_PER_CPU_DECRYPTED(type, name) \
++ DECLARE_PER_CPU_SECTION(type, name, "..decrypted")
++
++#define DEFINE_PER_CPU_DECRYPTED(type, name) \
++ DEFINE_PER_CPU_SECTION(type, name, "..decrypted")
++#else
++#define DEFINE_PER_CPU_DECRYPTED(type, name) DEFINE_PER_CPU(type, name)
++#endif
++
++/*
+ * Intermodule exports for per-CPU variables. sparse forgets about
+ * address space across EXPORT_SYMBOL(), change EXPORT_SYMBOL() to
+ * noop if __CHECKER__.
+--
+2.7.4
+