diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-11-01 15:16:52 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-11-01 15:16:52 -0700 |
| commit | 6e5772c8d9cf0a77ba4d6fd34fd4126fb66c9983 (patch) | |
| tree | ee9df6325322262966f31285fa91d3990faa894a /arch/x86/mm/mem_encrypt_identity.c | |
| parent | 57f45de79184bb914c7f1b4ce83085bc198ea7fb (diff) | |
| parent | e9d1d2bb75b2d5d4b426769c5aae0ce8cef3558f (diff) | |
| download | linux-6e5772c8d9cf0a77ba4d6fd34fd4126fb66c9983.tar.gz linux-6e5772c8d9cf0a77ba4d6fd34fd4126fb66c9983.tar.bz2 linux-6e5772c8d9cf0a77ba4d6fd34fd4126fb66c9983.zip | |
Merge tag 'x86_cc_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull generic confidential computing updates from Borislav Petkov:
"Add an interface called cc_platform_has() which is supposed to be used
by confidential computing solutions to query different aspects of the
system.
The intent behind it is to unify testing of such aspects instead of
having each confidential computing solution add its own set of tests
to code paths in the kernel, leading to an unwieldy mess"
* tag 'x86_cc_for_v5.16_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
treewide: Replace the use of mem_encrypt_active() with cc_platform_has()
x86/sev: Replace occurrences of sev_es_active() with cc_platform_has()
x86/sev: Replace occurrences of sev_active() with cc_platform_has()
x86/sme: Replace occurrences of sme_active() with cc_platform_has()
powerpc/pseries/svm: Add a powerpc version of cc_platform_has()
x86/sev: Add an x86 version of cc_platform_has()
arch/cc: Introduce a function to check for confidential computing features
x86/ioremap: Selectively build arch override encryption functions
Diffstat (limited to 'arch/x86/mm/mem_encrypt_identity.c')
| -rw-r--r-- | arch/x86/mm/mem_encrypt_identity.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 470b20208430..f8c612902038 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -30,6 +30,7 @@ #include <linux/kernel.h> #include <linux/mm.h> #include <linux/mem_encrypt.h> +#include <linux/cc_platform.h> #include <asm/setup.h> #include <asm/sections.h> @@ -287,7 +288,13 @@ void __init sme_encrypt_kernel(struct boot_params *bp) unsigned long pgtable_area_len; unsigned long decrypted_base; - if (!sme_active()) + /* + * This is early code, use an open coded check for SME instead of + * using cc_platform_has(). This eliminates worries about removing + * instrumentation or checking boot_cpu_data in the cc_platform_has() + * function. + */ + if (!sme_get_me_mask() || sev_status & MSR_AMD64_SEV_ENABLED) return; /* |