From: Catalin Marinas <catalin.marinas@arm.com>
To: Will Deacon <will@kernel.org>
Cc: Steven Price <steven.price@arm.com>,
"Aneesh Kumar K . V" <aneesh.kumar@kernel.org>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Marc Zyngier <maz@kernel.org>, James Morse <james.morse@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Joey Gouly <joey.gouly@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>,
Fuad Tabba <tabba@google.com>,
linux-coco@lists.linux.dev,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Gavin Shan <gshan@redhat.com>,
Shanker Donthineni <sdonthineni@nvidia.com>,
Alper Gun <alpergun@google.com>,
kvmarm@lists.linux.dev, kvm@vger.kernel.org
Subject: Re: [PATCH v7 09/11] arm64: Enable memory encrypt for Realms
Date: Thu, 27 Feb 2025 10:55:00 +0000 [thread overview]
Message-ID: <Z8BEhK8P7FXgG11f@arm.com> (raw)
In-Reply-To: <20250227002330.GA24899@willie-the-truck>
On Thu, Feb 27, 2025 at 12:23:31AM +0000, Will Deacon wrote:
> On Wed, Feb 26, 2025 at 07:03:01PM +0000, Catalin Marinas wrote:
> > On Wed, Feb 19, 2025 at 02:30:28PM +0000, Steven Price wrote:
> > > > @@ -23,14 +25,16 @@ bool rodata_full __ro_after_init = IS_ENABLED(CONFIG_RODATA_FULL_DEFAULT_ENABLED
> > > > bool can_set_direct_map(void)
> > > > {
> > > > /*
> > > > - * rodata_full and DEBUG_PAGEALLOC require linear map to be
> > > > - * mapped at page granularity, so that it is possible to
> > > > + * rodata_full, DEBUG_PAGEALLOC and a Realm guest all require linear
> > > > + * map to be mapped at page granularity, so that it is possible to
> > > > * protect/unprotect single pages.
> > > > *
> > > > * KFENCE pool requires page-granular mapping if initialized late.
> > > > + *
> > > > + * Realms need to make pages shared/protected at page granularity.
> > > > */
> > > > return rodata_full || debug_pagealloc_enabled() ||
> > > > - arm64_kfence_can_set_direct_map();
> > > > + arm64_kfence_can_set_direct_map() || is_realm_world();
> > > > }
> > >
> > > Aneesh pointed out that this call to is_realm_world() is now too early
> > > since the decision to delay the RSI detection. The upshot is that a
> > > realm guest which doesn't have page granularity forced for other reasons
> > > will fail to share pages with the host.
> > >
> > > At the moment I can think of a couple of options:
> > >
> > > (1) Make rodata_full a requirement for realm guests.
> > > CONFIG_RODATA_FULL_DEFAULT_ENABLED is already "default y" so this
> > > isn't a big ask.
> > >
> > > (2) Revisit the idea of detecting when running as a realm guest early.
> > > This has the advantage of also "fixing" earlycon (no need to
> > > manually specify the shared-alias of an unprotected UART).
> > >
> > > I'm currently leaning towards (1) because it's the default anyway. But
> > > if we're going to need to fix earlycon (or indeed find other similar
> > > issues) then (2) would obviously make sense.
> >
> > I'd go with (1) since the end result is the same even if we implemented
> > (2) - i.e. we still avoid block mappings in realms.
>
> Is it, though? The config option is about the default behaviour but there's
> still an "rodata=" option on the command-line.
Yeah, that's why I suggested the pr_err() to only state that it cannot
set the direct map and consider rodata=full rather than a config option.
We already force CONFIG_STRICT_KERNEL_RWX.
But we can also revisit the decision not to probe the RSI early.
--
Catalin
next prev parent reply other threads:[~2025-02-27 10:55 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-17 13:14 [PATCH v7 00/11] arm64: Support for running as a guest in Arm CCA Steven Price
2024-10-17 13:14 ` [PATCH v7 01/11] arm64: rsi: Add RSI definitions Steven Price
2024-10-17 13:14 ` [PATCH v7 02/11] arm64: Detect if in a realm and set RIPAS RAM Steven Price
2024-10-17 13:14 ` [PATCH v7 03/11] arm64: realm: Query IPA size from the RMM Steven Price
2024-10-17 13:14 ` [PATCH v7 04/11] arm64: rsi: Add support for checking whether an MMIO is protected Steven Price
2024-10-17 13:14 ` [PATCH v7 05/11] arm64: rsi: Map unprotected MMIO as decrypted Steven Price
2024-10-17 13:14 ` [PATCH v7 06/11] efi: arm64: Map Device with Prot Shared Steven Price
2024-10-17 13:14 ` [PATCH v7 07/11] arm64: Enforce bounce buffers for realm DMA Steven Price
2024-10-17 13:14 ` [PATCH v7 08/11] arm64: mm: Avoid TLBI when marking pages as valid Steven Price
2024-10-17 13:14 ` [PATCH v7 09/11] arm64: Enable memory encrypt for Realms Steven Price
2025-02-19 14:30 ` Steven Price
2025-02-26 19:03 ` Catalin Marinas
2025-02-27 0:23 ` Will Deacon
2025-02-27 10:45 ` Steven Price
2025-02-27 10:55 ` Catalin Marinas [this message]
2025-02-27 17:22 ` Will Deacon
2025-02-27 21:21 ` Catalin Marinas
2024-10-17 13:14 ` [PATCH v7 10/11] virt: arm-cca-guest: TSM_REPORT support for realms Steven Price
2024-10-22 11:06 ` Catalin Marinas
2024-10-23 3:33 ` Gavin Shan
2024-10-23 3:29 ` Gavin Shan
2024-12-04 21:16 ` Dan Williams
2024-12-05 11:51 ` Catalin Marinas
2024-10-17 13:14 ` [PATCH v7 11/11] arm64: Document Arm Confidential Compute Steven Price
2024-10-23 10:02 ` [PATCH v7 00/11] arm64: Support for running as a guest in Arm CCA Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z8BEhK8P7FXgG11f@arm.com \
--to=catalin.marinas@arm.com \
--cc=alexandru.elisei@arm.com \
--cc=alpergun@google.com \
--cc=aneesh.kumar@kernel.org \
--cc=christoffer.dall@arm.com \
--cc=gankulkarni@os.amperecomputing.com \
--cc=gshan@redhat.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sdonthineni@nvidia.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.