x86/mm: Encrypt the initrd earlier for BSP microcode update
authorTom Lendacky <thomas.lendacky@amd.com>
Wed, 10 Jan 2018 19:26:34 +0000 (13:26 -0600)
committerIngo Molnar <mingo@kernel.org>
Tue, 16 Jan 2018 00:50:59 +0000 (01:50 +0100)
commit107cd2532181b96c549e8f224cdcca8631c3076b
tree35ab5cd0d8522e363a21738ed69042aa85a6a8cc
parentcc5f01e28d6c60f274fd1e33b245f679f79f543c
x86/mm: Encrypt the initrd earlier for BSP microcode update

Currently the BSP microcode update code examines the initrd very early
in the boot process.  If SME is active, the initrd is treated as being
encrypted but it has not been encrypted (in place) yet.  Update the
early boot code that encrypts the kernel to also encrypt the initrd so
that early BSP microcode updates work.

Tested-by: Gabriel Craciunescu <nix.or.die@gmail.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20180110192634.6026.10452.stgit@tlendack-t1.amdoffice.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
arch/x86/include/asm/mem_encrypt.h
arch/x86/kernel/head64.c
arch/x86/kernel/setup.c
arch/x86/mm/mem_encrypt.c
arch/x86/mm/mem_encrypt_boot.S