percpu: Separate decrypted varaibles anytime encryption can be enabled

CONFIG_VIRTUALIZATION may not be enabled for memory encrypted guests.  If
disabled, decrypted per-CPU variables may end up sharing the same page
with variables that should be left encrypted.

Always separate per-CPU variables that should be decrypted into their own
page anytime memory encryption can be enabled in the guest rather than
rely on any other config option that may not be enabled.

Fixes: ac26963a1175 ("percpu: Introduce DEFINE_PER_CPU_DECRYPTED")
Cc: [email protected] # 4.15+
Signed-off-by: Erdem Aktas <[email protected]>
Signed-off-by: David Rientjes <[email protected]>
Signed-off-by: Dennis Zhou <[email protected]>

diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h
index a6fabd865211f0f00b4c7431d6eced41fdde1fda..176bfbd52d97557ea754709f3b0bd2bb370a7852 100644 (file)
--- a/include/linux/percpu-defs.h
+++ b/include/linux/percpu-defs.h
@@ -175,8 +175,7 @@
  * Declaration/definition used for per-CPU variables that should be accessed
  * as decrypted when memory encryption is enabled in the guest.
  */
-#if defined(CONFIG_VIRTUALIZATION) && defined(CONFIG_AMD_MEM_ENCRYPT)
-
+#ifdef CONFIG_AMD_MEM_ENCRYPT
 #define DECLARE_PER_CPU_DECRYPTED(type, name)                          \
        DECLARE_PER_CPU_SECTION(type, name, "..decrypted")