Re: [PATCH 6/7] x86/boot/compressed/64: Check SEV encryption in 32-bit boot-path
From: Dave Hansen
Date: Wed Feb 10 2021 - 11:48:43 EST
On 2/10/21 2:21 AM, Joerg Roedel wrote:
> + /* Store to memory and keep it in the registers */
> + movl %eax, rva(sev_check_data)(%ebp)
> + movl %ebx, rva(sev_check_data+4)(%ebp)
> +
> + /* Enable paging to see if encryption is active */
> + movl %cr0, %edx /* Backup %cr0 in %edx */
> + movl $(X86_CR0_PG | X86_CR0_PE), %ecx /* Enable Paging and Protected mode */
> + movl %ecx, %cr0
> +
> + cmpl %eax, rva(sev_check_data)(%ebp)
> + jne 3f
> + cmpl %ebx, rva(sev_check_data+4)(%ebp)
> + jne 3f
Also, I know that turning paging on is a *BIG* barrier. But, I didn't
think it has any effect on the caches.
I would expect that the underlying physical address of 'sev_check_data'
would change when paging gets enabled because paging sets the C bit.
So, how does the write of 'sev_check_data' get out of the caches and
into memory where it can be read back with the new physical address?
I think there's some bit of the SEV architecture that I'm missing.