Commit a5d0c3ff authored by Erdem Aktas's avatar Erdem Aktas Committed by Greg Kroah-Hartman

percpu: Separate decrypted varaibles anytime encryption can be enabled

commit 264b0d2b upstream.

CONFIG_VIRTUALIZATION may not be enabled for memory encrypted guests.  If
disabled, decrypted per-CPU variables may end up sharing the same page
with variables that should be left encrypted.

Always separate per-CPU variables that should be decrypted into their own
page anytime memory encryption can be enabled in the guest rather than
rely on any other config option that may not be enabled.

Fixes: ac26963a ("percpu: Introduce DEFINE_PER_CPU_DECRYPTED")
Cc: stable@vger.kernel.org # 4.15+
Signed-off-by: default avatarErdem Aktas <erdemaktas@google.com>
Signed-off-by: default avatarDavid Rientjes <rientjes@google.com>
Signed-off-by: default avatarDennis Zhou <dennis@kernel.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent abc51506
...@@ -176,8 +176,7 @@ ...@@ -176,8 +176,7 @@
* Declaration/definition used for per-CPU variables that should be accessed * Declaration/definition used for per-CPU variables that should be accessed
* as decrypted when memory encryption is enabled in the guest. * as decrypted when memory encryption is enabled in the guest.
*/ */
#if defined(CONFIG_VIRTUALIZATION) && defined(CONFIG_AMD_MEM_ENCRYPT) #ifdef CONFIG_AMD_MEM_ENCRYPT
#define DECLARE_PER_CPU_DECRYPTED(type, name) \ #define DECLARE_PER_CPU_DECRYPTED(type, name) \
DECLARE_PER_CPU_SECTION(type, name, "..decrypted") DECLARE_PER_CPU_SECTION(type, name, "..decrypted")
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment