• Tom Lendacky's avatar
    kvm/x86/svm: Support Secure Memory Encryption within KVM · d0ec49d4
    Tom Lendacky authored
    Update the KVM support to work with SME. The VMCB has a number of fields
    where physical addresses are used and these addresses must contain the
    memory encryption mask in order to properly access the encrypted memory.
    Also, use the memory encryption mask when creating and using the nested
    page tables.
    Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Reviewed-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Reviewed-by: default avatarBorislav Petkov <bp@suse.de>
    Cc: Alexander Potapenko <glider@google.com>
    Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
    Cc: Andy Lutomirski <luto@kernel.org>
    Cc: Arnd Bergmann <arnd@arndb.de>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Brijesh Singh <brijesh.singh@amd.com>
    Cc: Dave Young <dyoung@redhat.com>
    Cc: Dmitry Vyukov <dvyukov@google.com>
    Cc: Jonathan Corbet <corbet@lwn.net>
    Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
    Cc: Larry Woodman <lwoodman@redhat.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Matt Fleming <matt@codeblueprint.co.uk>
    Cc: Michael S. Tsirkin <mst@redhat.com>
    Cc: Paolo Bonzini <pbonzini@redhat.com>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Radim Krčmář <rkrcmar@redhat.com>
    Cc: Rik van Riel <riel@redhat.com>
    Cc: Toshimitsu Kani <toshi.kani@hpe.com>
    Cc: kasan-dev@googlegroups.com
    Cc: kvm@vger.kernel.org
    Cc: linux-arch@vger.kernel.org
    Cc: linux-doc@vger.kernel.org
    Cc: linux-efi@vger.kernel.org
    Cc: linux-mm@kvack.org
    Link: http://lkml.kernel.org/r/89146eccfa50334409801ff20acd52a90fb5efcf.1500319216.git.thomas.lendacky@amd.comSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    d0ec49d4
svm.c 141 KB