Re: [PATCH v7 RESEND 2/4] kexec: allocate unencrypted control pages for kdump in case SME is enabled

[Borislav Petkov]

On Fri, Sep 28, 2018 at 11:52:21AM +0800, lijiang wrote:
> There are two functions that are usually called in pairs, they are:
> arch_kexec_post_alloc_pages() and arch_kexec_pre_free_pages().
> 
> One marks the pages as decrypted, another one marks the pages as encrypted.
> 
> But for the crash control pages, no need to call arch_kexec_pre_free_pages(),
> there are three reasons:
> 1. Crash pages are reserved in memblock, these pages are only used by kdump,
>    no other people uses these pages;
> 
> 2. Whenever crash pages are allocated, these pages are always marked as
>    decrypted(when SME is active);
> 
> 3. If we plan to call the arch_kexe_pre_free_pages(), we have to store these
> pages to somewhere, which will have more code changes.

I don't think any of that answers the question *why* control pages do
not need to be marked encrypted again. And I think the reason is simple:
because you don't really need to, because once the crash kernel is done,
you reboot the box.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.