Re: [PATCH v8 1/2] x86/mm: add .bss..decrypted section to hold shared variables

From: Borislav Petkov
Date: Fri Sep 14 2018 - 10:45:29 EST


On Fri, Sep 14, 2018 at 09:27:09AM -0500, Brijesh Singh wrote:
> The above code will never get executed for the SEV case.
>
> See if (!sme_active()) check in the start of function.
>
> If we decide to go on this patch, then we have to do something like
> this:
>
> sme_encrypt_kernel(...)
> {
> if (!mem_encrypt_active())
> return;
>
> if (sev_active())
> goto out;
>
> /* Do kernel and initrd in-place encrypts for SME only case */
> .....
> .....
>
> out:
> /* Clear the C-bit from .bss..decrypted section */
> ...
> ...

Or above do:

if (sev_active()) {
sev_map_bss_decrypted();
return;
}

which is a separate function you call.

So that you not have a label at the end of the function. Whatever tglx
prefers.

--
Regards/Gruss,
Boris.

SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--