From: Borislav Petkov <bp@suse.de>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, "Tom Lendacky" <thomas.lendacky@amd.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Radim Krčmář" <rkrcmar@redhat.com>
Subject: Re: [PATCH v6 3/5] x86/mm: add .data..decrypted section to hold shared variables
Date: Mon, 10 Sep 2018 13:54:43 +0200 [thread overview]
Message-ID: <20180910115443.GC21815@zn.tnic> (raw)
In-Reply-To: <1536343050-18532-4-git-send-email-brijesh.singh@amd.com>
On Fri, Sep 07, 2018 at 12:57:28PM -0500, Brijesh Singh wrote:
> kvmclock defines few static variables which are shared with the
> hypervisor during the kvmclock initialization.
>
> When SEV is active, memory is encrypted with a guest-specific key, and
> if guest OS wants to share the memory region with hypervisor then it must
"... if *the* guest OS ... with *the* hypervisor ..."
> clear the C-bit before sharing it.
<---- newline here.
> Currently, we use
> kernel_physical_mapping_init() to split large pages before clearing the
> C-bit on shared pages. But it fails when called from the kvmclock
> initialization (mainly because memblock allocator is not ready that early
... because *the* memblock allocator...
hmm, those definite articles are kinda all lost... :)
> during boot).
>
> Add a __decrypted section attribute which can be used when defining
> such shared variable. The so-defined variables will be placed in the
> .data..decrypted section. This section is mapped with C=0 early
> during boot, we also ensure that the initialized values are updated
> to match with C=0 (i.e perform an in-place decryption). The
> .data..decrypted section is PMD-aligned and sized so that we avoid
> the need to split the large pages when mapping the section.
>
> The sme_encrypt_kernel() was used to perform the in-place encryption
Here, of all things, you don't need a definite article :)
"sme_encrypt_kernel() performs the in-place encryption...
> of the Linux kernel and initrd when SME is active. The routine has been
> enhanced to decrypt the .data..decrypted section for both SME and SEV
> cases.
Otherwise, that's a much better commit message!
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: kvm@vger.kernel.org
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Borislav Petkov <bp@suse.de>
> Cc: "H. Peter Anvin" <hpa@zytor.com>
> Cc: linux-kernel@vger.kernel.org
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Sean Christopherson <sean.j.christopherson@intel.com>
> Cc: kvm@vger.kernel.org
> Cc: "Radim Krčmář" <rkrcmar@redhat.com>
> ---
> arch/x86/include/asm/mem_encrypt.h | 6 +++
> arch/x86/kernel/head64.c | 11 +++++
> arch/x86/kernel/vmlinux.lds.S | 17 +++++++
> arch/x86/mm/mem_encrypt_identity.c | 94 ++++++++++++++++++++++++++++++++------
> 4 files changed, 113 insertions(+), 15 deletions(-)
...
> diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
> index 8bde0a4..4cb1064 100644
> --- a/arch/x86/kernel/vmlinux.lds.S
> +++ b/arch/x86/kernel/vmlinux.lds.S
> @@ -65,6 +65,21 @@ jiffies_64 = jiffies;
> #define ALIGN_ENTRY_TEXT_BEGIN . = ALIGN(PMD_SIZE);
> #define ALIGN_ENTRY_TEXT_END . = ALIGN(PMD_SIZE);
>
> +/*
> + * This section contains data which will be mapped as decrypted. Memory
> + * encryption operates on a page basis. Make this section PMD-aligned
> + * to avoid spliting the pages while mapping the section early.
"splitting" - damn, that spell checker of yours is still not working... ;-\
> + *
> + * Note: We use a separate section so that only this section gets
> + * decrypted to avoid exposing more than we wish.
> + */
> +#define DATA_DECRYPTED \
> + . = ALIGN(PMD_SIZE); \
> + __start_data_decrypted = .; \
> + *(.data..decrypted); \
> + . = ALIGN(PMD_SIZE); \
> + __end_data_decrypted = .; \
> +
> #else
>
> #define X86_ALIGN_RODATA_BEGIN
...
> @@ -487,28 +510,69 @@ static void __init teardown_workarea_map(struct sme_workarea_data *wa,
> native_write_cr3(__native_read_cr3());
> }
>
> +static void __init decrypt_shared_data(struct sme_workarea_data *wa,
> + struct sme_populate_pgd_data *ppd)
> +{
> + unsigned long decrypted_start, decrypted_end, decrypted_len;
> +
> + /* Physical addresses of decrypted data section */
> + decrypted_start = __pa_symbol(__start_data_decrypted);
> + decrypted_end = ALIGN(__pa_symbol(__end_data_decrypted), PMD_PAGE_SIZE);
Why?
You have:
+ . = ALIGN(PMD_SIZE); \
+ __end_data_decrypted = .; \
It is already aligned by definition?!?
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
--
next prev parent reply other threads:[~2018-09-10 11:54 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-07 17:57 [PATCH v6 0/5] x86: Fix SEV guest regression Brijesh Singh
2018-09-07 17:57 ` [PATCH v6 1/5] x86/mm: Restructure sme_encrypt_kernel() Brijesh Singh
2018-09-10 11:32 ` Borislav Petkov
2018-09-07 17:57 ` [PATCH v6 2/5] x86/mm: fix sme_populate_pgd() to update page flags Brijesh Singh
2018-09-10 11:36 ` Borislav Petkov
2018-09-10 12:28 ` Brijesh Singh
2018-09-10 12:32 ` Borislav Petkov
2018-09-07 17:57 ` [PATCH v6 3/5] x86/mm: add .data..decrypted section to hold shared variables Brijesh Singh
2018-09-10 11:54 ` Borislav Petkov [this message]
2018-09-10 12:33 ` Brijesh Singh
2018-09-07 17:57 ` [PATCH v6 4/5] x86/kvm: use __decrypted attribute in " Brijesh Singh
2018-09-10 12:04 ` Borislav Petkov
2018-09-10 13:15 ` Sean Christopherson
2018-09-10 13:29 ` Thomas Gleixner
2018-09-10 15:34 ` Borislav Petkov
2018-09-10 12:29 ` Paolo Bonzini
2018-09-10 12:33 ` Borislav Petkov
2018-09-10 12:46 ` Paolo Bonzini
2018-09-07 17:57 ` [PATCH v6 5/5] x86/kvm: Avoid dynamic allocation of pvclock data when SEV is active Brijesh Singh
2018-09-10 12:27 ` Borislav Petkov
2018-09-10 13:15 ` Brijesh Singh
2018-09-10 13:29 ` Sean Christopherson
2018-09-10 15:10 ` Brijesh Singh
2018-09-10 15:28 ` Sean Christopherson
2018-09-10 15:30 ` Brijesh Singh
2018-09-10 16:48 ` Borislav Petkov
2018-09-11 9:26 ` Paolo Bonzini
2018-09-11 10:01 ` Borislav Petkov
2018-09-11 10:19 ` Paolo Bonzini
2018-09-11 10:25 ` Borislav Petkov
2018-09-11 11:07 ` Paolo Bonzini
2018-09-11 13:55 ` Borislav Petkov
2018-09-11 14:00 ` Paolo Bonzini
2018-09-10 15:53 ` Borislav Petkov
2018-09-10 16:13 ` Sean Christopherson
2018-09-10 16:14 ` Brijesh Singh
2018-09-10 12:28 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180910115443.GC21815@zn.tnic \
--to=bp@suse.de \
--cc=brijesh.singh@amd.com \
--cc=hpa@zytor.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.