projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 39336f4) | patch
x86/sev-es: Check required CPU features for SEV-ES
authorMartin Radev <martin.b.radev@gmail.com>
Mon, 7 Sep 2020 13:16:13 +0000 (15:16 +0200)
committerBorislav Petkov <bp@suse.de>
Thu, 10 Sep 2020 19:49:25 +0000 (21:49 +0200)
commitf5ed777586e08e09c4b6f1e87161a145ee1431cf
tree91064c42050caa1d751b7f3ee76b8bf3f909b4aatree | snapshot
parent39336f4ffb2478ad384075cf4ba7ef2e5db2bbd7commit | diff
x86/sev-es: Check required CPU features for SEV-ES

Make sure the machine supports RDRAND, otherwise there is no trusted
source of randomness in the system.

To also check this in the pre-decompression stage, make has_cpuflag()
not depend on CONFIG_RANDOMIZE_BASE anymore.

Signed-off-by: Martin Radev <martin.b.radev@gmail.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/20200907131613.12703-73-joro@8bytes.org
arch/x86/boot/compressed/cpuflags.c diff | blob | history
arch/x86/boot/compressed/misc.h diff | blob | history
arch/x86/boot/compressed/sev-es.c diff | blob | history
arch/x86/kernel/sev-es-shared.c diff | blob | history
arch/x86/kernel/sev-es.c diff | blob | history