|
|
@@ -327,7 +327,7 @@ virt_to_phys_or_null_size(void *va, unsigned long size)
|
|
|
|
|
|
int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
|
|
|
{
|
|
|
- unsigned long pfn, text;
|
|
|
+ unsigned long pfn, text, pf;
|
|
|
struct page *page;
|
|
|
unsigned npages;
|
|
|
pgd_t *pgd;
|
|
|
@@ -335,7 +335,12 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
|
|
|
if (efi_enabled(EFI_OLD_MEMMAP))
|
|
|
return 0;
|
|
|
|
|
|
- efi_scratch.efi_pgt = (pgd_t *)__pa(efi_pgd);
|
|
|
+ /*
|
|
|
+ * Since the PGD is encrypted, set the encryption mask so that when
|
|
|
+ * this value is loaded into cr3 the PGD will be decrypted during
|
|
|
+ * the pagetable walk.
|
|
|
+ */
|
|
|
+ efi_scratch.efi_pgt = (pgd_t *)__sme_pa(efi_pgd);
|
|
|
pgd = efi_pgd;
|
|
|
|
|
|
/*
|
|
|
@@ -345,7 +350,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
|
|
|
* phys_efi_set_virtual_address_map().
|
|
|
*/
|
|
|
pfn = pa_memmap >> PAGE_SHIFT;
|
|
|
- if (kernel_map_pages_in_pgd(pgd, pfn, pa_memmap, num_pages, _PAGE_NX | _PAGE_RW)) {
|
|
|
+ pf = _PAGE_NX | _PAGE_RW | _PAGE_ENC;
|
|
|
+ if (kernel_map_pages_in_pgd(pgd, pfn, pa_memmap, num_pages, pf)) {
|
|
|
pr_err("Error ident-mapping new memmap (0x%lx)!\n", pa_memmap);
|
|
|
return 1;
|
|
|
}
|
|
|
@@ -388,7 +394,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
|
|
|
text = __pa(_text);
|
|
|
pfn = text >> PAGE_SHIFT;
|
|
|
|
|
|
- if (kernel_map_pages_in_pgd(pgd, pfn, text, npages, _PAGE_RW)) {
|
|
|
+ pf = _PAGE_RW | _PAGE_ENC;
|
|
|
+ if (kernel_map_pages_in_pgd(pgd, pfn, text, npages, pf)) {
|
|
|
pr_err("Failed to map kernel text 1:1\n");
|
|
|
return 1;
|
|
|
}
|
Tom Lendacky