From patchwork Fri Jul 20 01:28:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 142395 Delivered-To: patch@linaro.org Received: by 2002:a2e:9754:0:0:0:0:0 with SMTP id f20-v6csp2379441ljj; Thu, 19 Jul 2018 18:29:19 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfUPtpgxZUlsY0QiucVjVO1ZMdkTlWjt+91SLrvw2Kyt5VCYEtdm/ed7dlaxJMDuC1muRUC X-Received: by 2002:a17:902:7e06:: with SMTP id b6-v6mr47667plm.230.1532050159015; Thu, 19 Jul 2018 18:29:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532050159; cv=none; d=google.com; s=arc-20160816; b=jk6GAM+SdDXkAASSRwY4J+KWWlJ4VBxLSe6N9a8C7N0gcJAs+KWmyIZVwP6JuNpwMM lSQ5AxfZZGLd8eHyQMOyatfs1AxXRKGE/Y6RAhBIN/dlO7/0jjki/xFZvGK5kVq8/oUL rwKaT2UkuhlyRsn5xBuOWUw/nYlAzvreD77UeDdoEZOz5q/z3n5lt0SOEpaIrTDiwueq Vo+hBM6ROdlGFz4fREoif4XpMDtxG52GsnW+qk6xEWIoveijiuwRrbCgg1R54Y/ZhzaH Lfz69GRqcm5RNv3GIIHMYfLa9cfFv7nSJSCIDX6tC1rkdDZ/ic/aJBYcbos1FE5Uf4Dt 09BA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=APANcmPUTm2nAx84a6zGaL0+tCas/4g6ONyL++OfM1I=; b=vBPrRTjgfc4k7U3d+eC8vJpJKW9bZetY+qPwYuuyEWGS56dRtzFtRw8UIVxKBp+zBn M8Srk6qLf6f+N3cu4RdYLDidyhkhbTz/vq3y1QFxY4Qt8g0YOoAtqqZpP263pAQuPqEs Mtr4D3OrbSA4HG+mlEnFw7jTDUAFj6w9RnyyXlmWfVohYmSNSod2/lKR3AS8ROXARktW 3we2NFEkNJn7sRAoWi4Y5kT2Nqh4RVqJEbEMrjuwrwRtrqo2zDLw8OkM24isbpqhC+BS MzBJMskqVL3kQuQXfsS6UzJVcZ4oFcM+AjNEsi8xrapaUYyR+ZPX7slM+mDx17qd87Es Sjbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X601e6O+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r65-v6si641381pfe.298.2018.07.19.18.29.18; Thu, 19 Jul 2018 18:29:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=X601e6O+; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731054AbeGTCPD (ORCPT + 31 others); Thu, 19 Jul 2018 22:15:03 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:46871 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730691AbeGTCPB (ORCPT ); Thu, 19 Jul 2018 22:15:01 -0400 Received: by mail-pg1-f194.google.com with SMTP id p23-v6so5315005pgv.13 for ; Thu, 19 Jul 2018 18:29:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=APANcmPUTm2nAx84a6zGaL0+tCas/4g6ONyL++OfM1I=; b=X601e6O+36P4BYGyccJcPSHHM5zBiXgmNr0feTLAVOa6tsHX3swp2iT8mOJ6GxFnel LFNGDxQa0aCYenJxVNh+cQV1im3XqRfU1BR27l0p4IbRblCGa7iw6D1QPvnQp/cVf9YH /8nwZXAVtylkK5YDvEHTLfdXjUCcdqNrFeEGs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=APANcmPUTm2nAx84a6zGaL0+tCas/4g6ONyL++OfM1I=; b=Eg3LbMt75vrUkSNudVxcT3KJPcMKlwUzktQnWtwOHLdZ4nO+B0ju6Y74ZJfXMWm0Pz bY7B344yziEmSs3yGpfZNM3+ZMW/tXzaZQV+KSk5//oHHrf4GHgLbur4ALAaMsHwzkuD TdqMaA3teT6TCTlLbXNmuB9MXTmBZfnVGmxeD2y8bRVdyUheMaz8eSuous+8KahEPiSO 4f0kVVgVLVrjUASgmOXzGD+8dMo6TLIFHhJYD5ZN+fvF8tv53dlefdSUdg7jl+Ob43C8 rz+qxqrFN40HsuOJEUMyMNxN8RMvYRVzXTQ5iZ0W0DKD3o0ke5A6+eSwOy/3VKKCnWkv lq/Q== X-Gm-Message-State: AOUpUlFLyX4qFQF0jL8jYHaQQZ7rdoFF4TD8+OIEJFUyVFbtZ9uK6kZa uVMcP8tyeafyWOFWUNsigJdFZQ== X-Received: by 2002:a63:6441:: with SMTP id y62-v6mr51362pgb.240.1532050153889; Thu, 19 Jul 2018 18:29:13 -0700 (PDT) Received: from localhost.localdomain (fs76eedbeb.tkyc508.ap.nuro.jp. [118.238.219.235]) by smtp.gmail.com with ESMTPSA id u11-v6sm572058pfd.117.2018.07.19.18.29.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 19 Jul 2018 18:29:12 -0700 (PDT) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Brijesh Singh , Tom Lendacky Subject: [PATCH 1/1] x86/efi: Access EFI MMIO data as unencrypted when SEV is active Date: Fri, 20 Jul 2018 10:28:46 +0900 Message-Id: <20180720012846.23560-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180720012846.23560-1-ard.biesheuvel@linaro.org> References: <20180720012846.23560-1-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Brijesh Singh SEV guest fails to update the UEFI runtime variables stored in the flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted when SEV is active") unconditionally maps all the UEFI runtime data as 'encrypted' (C=1). When SEV is active the UEFI runtime data marked as EFI_MEMORY_MAPPED_IO should be mapped as 'unencrypted' so that both guest and hypervisor can access the data. Fixes: 1379edd59673 ("x86/efi: Access EFI data as encrypted ...") Cc: # 4.15.x Signed-off-by: Brijesh Singh Reviewed-by: Tom Lendacky Signed-off-by: Ard Biesheuvel --- arch/x86/platform/efi/efi_64.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.17.1 diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c index 77873ce700ae..5f2eb3231607 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c @@ -417,7 +417,7 @@ static void __init __map_region(efi_memory_desc_t *md, u64 va) if (!(md->attribute & EFI_MEMORY_WB)) flags |= _PAGE_PCD; - if (sev_active()) + if (sev_active() && md->type != EFI_MEMORY_MAPPED_IO) flags |= _PAGE_ENC; pfn = md->phys_addr >> PAGE_SHIFT;