Commit 4cab62c0 authored by Kiryl Shutsemau's avatar Kiryl Shutsemau Committed by Borislav Petkov (AMD)
Browse files

x86/mm: Fix memory encryption features advertisement 



When memory encryption is enabled, the kernel prints the encryption
flavor that the system supports.

The check assumes that everything is AMD SME/SEV if it doesn't have
the TDX CPU feature set.

Hyper-V vTOM sets cc_vendor to CC_VENDOR_INTEL when it runs as L2 guest
on top of TDX, but not X86_FEATURE_TDX_GUEST. Hyper-V only needs memory
encryption enabled for I/O without the rest of CoCo enabling.

To avoid confusion, check the cc_vendor directly.

  [ bp: Massage commit message. ]

Signed-off-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: default avatarBorislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: default avatarJeremi Piotrowski <jpiotrowski@linux.microsoft.com>
Reviewed-by: default avatarKuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Acked-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Acked-by: default avatarKai Huang <kai.huang@intel.com>
Link: https://lore.kernel.org/r/20240124140217.533748-1-kirill.shutemov@linux.intel.com
parent e3ef461a

arch/x86/mm/mem_encrypt.c

+30 −26
Original line number Diff line number Diff line
@@ -44,11 +44,11 @@ static void print_mem_encrypt_feature_info(void) 
{

	pr_info("Memory Encryption Features active: ");



	if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) {

	switch (cc_vendor) {

	case CC_VENDOR_INTEL:

		pr_cont("Intel TDX\n");

		return;

	}



		break;

	case CC_VENDOR_AMD:

		pr_cont("AMD");



		/* Secure Memory Encryption */
@@ -74,6 +74,10 @@ static void print_mem_encrypt_feature_info(void) 
			pr_cont(" SEV-SNP");



		pr_cont("\n");

		break;

	default:

		pr_cont("Unknown\n");

	}

}



/* Architecture __weak replacement functions */