diff options
Diffstat (limited to 'meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch')
-rw-r--r-- | meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch new file mode 100644 index 00000000..326fb11c --- /dev/null +++ b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0056-percpu-Introduce-DEFINE_PER_CPU_DECRYPTED.patch @@ -0,0 +1,99 @@ +From eb07f7d793db030645abf9bad60dc9d1f40870a7 Mon Sep 17 00:00:00 2001 +From: Brijesh Singh <brijesh.singh@amd.com> +Date: Fri, 20 Oct 2017 09:30:57 -0500 +Subject: [PATCH 56/95] percpu: Introduce DEFINE_PER_CPU_DECRYPTED + +KVM guest defines three per-CPU variables (steal-time, apf_reason, and +kvm_pic_eoi) which are shared between a guest and a hypervisor. + +When SEV is active, memory is encrypted with a guest-specific key, and if +the guest OS wants to share the memory region with the hypervisor then it +must clear the C-bit (i.e set decrypted) before sharing it. + +DEFINE_PER_CPU_DECRYPTED can be used to define the per-CPU variables +which will be shared between a guest and a hypervisor. + +Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> +Signed-off-by: Thomas Gleixner <tglx@linutronix.de> +Tested-by: Borislav Petkov <bp@suse.de> +Acked-by: Tejun Heo <tj@kernel.org> +Reviewed-by: Borislav Petkov <bp@suse.de> +Cc: linux-arch@vger.kernel.org +Cc: Tom Lendacky <thomas.lendacky@amd.com> +Cc: kvm@vger.kernel.org +Cc: Arnd Bergmann <arnd@arndb.de> +Cc: Borislav Petkov <bp@alien8.de> +Cc: Christoph Lameter <cl@linux.com> +Link: https://lkml.kernel.org/r/20171020143059.3291-16-brijesh.singh@amd.com +Signed-off-by: Sudheesh Mavila <sudheesh.mavila@amd.com> +--- + include/asm-generic/vmlinux.lds.h | 19 +++++++++++++++++++ + include/linux/percpu-defs.h | 15 +++++++++++++++ + 2 files changed, 34 insertions(+) + +diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h +index fcec26d..873d2e70 100644 +--- a/include/asm-generic/vmlinux.lds.h ++++ b/include/asm-generic/vmlinux.lds.h +@@ -779,6 +779,24 @@ + #endif + + /* ++ * Memory encryption operates on a page basis. Since we need to clear ++ * the memory encryption mask for this section, it needs to be aligned ++ * on a page boundary and be a page-size multiple in length. ++ * ++ * Note: We use a separate section so that only this section gets ++ * decrypted to avoid exposing more than we wish. ++ */ ++#ifdef CONFIG_AMD_MEM_ENCRYPT ++#define PERCPU_DECRYPTED_SECTION \ ++ . = ALIGN(PAGE_SIZE); \ ++ *(.data..percpu..decrypted) \ ++ . = ALIGN(PAGE_SIZE); ++#else ++#define PERCPU_DECRYPTED_SECTION ++#endif ++ ++ ++/* + * Default discarded sections. + * + * Some archs want to discard exit text/data at runtime rather than +@@ -816,6 +834,7 @@ + . = ALIGN(cacheline); \ + *(.data..percpu) \ + *(.data..percpu..shared_aligned) \ ++ PERCPU_DECRYPTED_SECTION \ + VMLINUX_SYMBOL(__per_cpu_end) = .; + + /** +diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h +index 8f16299..2d2096b 100644 +--- a/include/linux/percpu-defs.h ++++ b/include/linux/percpu-defs.h +@@ -173,6 +173,21 @@ + DEFINE_PER_CPU_SECTION(type, name, "..read_mostly") + + /* ++ * Declaration/definition used for per-CPU variables that should be accessed ++ * as decrypted when memory encryption is enabled in the guest. ++ */ ++#if defined(CONFIG_VIRTUALIZATION) && defined(CONFIG_AMD_MEM_ENCRYPT) ++ ++#define DECLARE_PER_CPU_DECRYPTED(type, name) \ ++ DECLARE_PER_CPU_SECTION(type, name, "..decrypted") ++ ++#define DEFINE_PER_CPU_DECRYPTED(type, name) \ ++ DEFINE_PER_CPU_SECTION(type, name, "..decrypted") ++#else ++#define DEFINE_PER_CPU_DECRYPTED(type, name) DEFINE_PER_CPU(type, name) ++#endif ++ ++/* + * Intermodule exports for per-CPU variables. sparse forgets about + * address space across EXPORT_SYMBOL(), change EXPORT_SYMBOL() to + * noop if __CHECKER__. +-- +2.7.4 + |