On Tue, Nov 15, 2016 at 08:40:05AM -0600, Tom Lendacky wrote: > The feature may be present and enabled even if it is not currently > active. In other words, the SYS_CFG MSR bit could be set but we aren't > actually using encryption (sme_me_mask is 0). As long as the SYS_CFG > MSR bit is set we need to take into account the physical reduction in > address space. But later in the series I see sme_early_mem_enc() which tests exactly that mask. And in patch 12 you have: + /* + * If memory encryption is active, the trampoline area will need to + * be in un-encrypted memory in order to bring up other processors + * successfully. + */ + sme_early_mem_dec(__pa(base), size); + sme_set_mem_unenc(base, size); What's up? IOW, it all sounds to me like you want to have an sme_active() helper and use it everywhere. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply. -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html