summaryrefslogtreecommitdiffstats
path: root/Documentation/x86/amd-memory-encryption.rst
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 10:15:33 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 10:15:33 +0000
commita097cf30108c0151cb2684afd962bd2678ff97d7 (patch)
treede1ac8afc7248eec4b2fb60496b8e9273452d9f7 /Documentation/x86/amd-memory-encryption.rst
parentAdding upstream version 6.1.82. (diff)
downloadlinux-a097cf30108c0151cb2684afd962bd2678ff97d7.tar.xz
linux-a097cf30108c0151cb2684afd962bd2678ff97d7.zip
Adding upstream version 6.1.85.upstream/6.1.85
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'Documentation/x86/amd-memory-encryption.rst')
-rw-r--r--Documentation/x86/amd-memory-encryption.rst16
1 files changed, 8 insertions, 8 deletions
diff --git a/Documentation/x86/amd-memory-encryption.rst b/Documentation/x86/amd-memory-encryption.rst
index 934310ce7..bace87cc9 100644
--- a/Documentation/x86/amd-memory-encryption.rst
+++ b/Documentation/x86/amd-memory-encryption.rst
@@ -87,14 +87,14 @@ The state of SME in the Linux kernel can be documented as follows:
kernel is non-zero).
SME can also be enabled and activated in the BIOS. If SME is enabled and
-activated in the BIOS, then all memory accesses will be encrypted and it will
-not be necessary to activate the Linux memory encryption support. If the BIOS
-merely enables SME (sets bit 23 of the MSR_AMD64_SYSCFG), then Linux can activate
-memory encryption by default (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) or
-by supplying mem_encrypt=on on the kernel command line. However, if BIOS does
-not enable SME, then Linux will not be able to activate memory encryption, even
-if configured to do so by default or the mem_encrypt=on command line parameter
-is specified.
+activated in the BIOS, then all memory accesses will be encrypted and it
+will not be necessary to activate the Linux memory encryption support.
+
+If the BIOS merely enables SME (sets bit 23 of the MSR_AMD64_SYSCFG),
+then memory encryption can be enabled by supplying mem_encrypt=on on the
+kernel command line. However, if BIOS does not enable SME, then Linux
+will not be able to activate memory encryption, even if configured to do
+so by default or the mem_encrypt=on command line parameter is specified.
Secure Nested Paging (SNP)
==========================