From: Catalin Marinas <catalin.marinas@arm.com>
To: Gavin Shan <gshan@redhat.com>
Cc: Steven Price <steven.price@arm.com>,
kvm@vger.kernel.org, kvmarm@lists.linux.dev,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
James Morse <james.morse@arm.com>,
Oliver Upton <oliver.upton@linux.dev>,
Zenghui Yu <yuzenghui@huawei.com>,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, Joey Gouly <joey.gouly@arm.com>,
Alexandru Elisei <alexandru.elisei@arm.com>,
Christoffer Dall <christoffer.dall@arm.com>,
Fuad Tabba <tabba@google.com>,
linux-coco@lists.linux.dev,
Ganapatrao Kulkarni <gankulkarni@os.amperecomputing.com>,
Shanker Donthineni <sdonthineni@nvidia.com>,
Alper Gun <alpergun@google.com>,
"Aneesh Kumar K . V" <aneesh.kumar@kernel.org>
Subject: Re: [PATCH v6 05/11] arm64: rsi: Map unprotected MMIO as decrypted
Date: Fri, 11 Oct 2024 14:19:35 +0100 [thread overview]
Message-ID: <Zwkl51C3DFEQQ0Jb@arm.com> (raw)
In-Reply-To: <e21481a9-3e36-4a5d-9428-0f5ef8083676@redhat.com>
On Tue, Oct 08, 2024 at 10:31:06AM +1000, Gavin Shan wrote:
> On 10/5/24 12:43 AM, Steven Price wrote:
> > diff --git a/arch/arm64/kernel/rsi.c b/arch/arm64/kernel/rsi.c
> > index d7bba4cee627..f1add76f89ce 100644
> > --- a/arch/arm64/kernel/rsi.c
> > +++ b/arch/arm64/kernel/rsi.c
> > @@ -6,6 +6,8 @@
> > #include <linux/jump_label.h>
> > #include <linux/memblock.h>
> > #include <linux/psci.h>
> > +
> > +#include <asm/io.h>
> > #include <asm/rsi.h>
> > struct realm_config config;
> > @@ -92,6 +94,16 @@ bool arm64_is_protected_mmio(phys_addr_t base, size_t size)
> > }
> > EXPORT_SYMBOL(arm64_is_protected_mmio);
> > +static int realm_ioremap_hook(phys_addr_t phys, size_t size, pgprot_t *prot)
> > +{
> > + if (arm64_is_protected_mmio(phys, size))
> > + *prot = pgprot_encrypted(*prot);
> > + else
> > + *prot = pgprot_decrypted(*prot);
> > +
> > + return 0;
> > +}
> > +
>
> We probably need arm64_is_mmio_private() here, meaning arm64_is_protected_mmio() isn't
> sufficient to avoid invoking SMCCC call SMC_RSI_IPA_STATE_GET in a regular guest where
> realm capability isn't present.
I think we get away with this since the hook won't be registered in a
normal guest (done from arm64_rsi_init()). So the additional check in
arm64_is_mmio_private() is unnecessary.
--
Catalin
next prev parent reply other threads:[~2024-10-11 13:19 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-04 14:42 [PATCH v6 00/11] arm64: Support for running as a guest in Arm CCA Steven Price
2024-10-04 14:42 ` [PATCH v6 01/11] arm64: rsi: Add RSI definitions Steven Price
2024-10-07 23:08 ` Gavin Shan
2024-10-11 14:14 ` Steven Price
2024-10-04 14:42 ` [PATCH v6 02/11] arm64: Detect if in a realm and set RIPAS RAM Steven Price
2024-10-04 15:05 ` Steven Price
2024-10-11 13:12 ` Catalin Marinas
2024-10-07 23:31 ` Gavin Shan
2024-10-11 14:14 ` Steven Price
2024-10-04 14:42 ` [PATCH v6 03/11] arm64: realm: Query IPA size from the RMM Steven Price
2024-10-07 23:33 ` Gavin Shan
2024-10-15 3:55 ` Gavin Shan
2024-10-15 9:08 ` Steven Price
2024-10-04 14:42 ` [PATCH v6 04/11] arm64: rsi: Add support for checking whether an MMIO is protected Steven Price
2024-10-08 0:24 ` Gavin Shan
2024-10-11 14:14 ` Steven Price
2024-10-04 14:43 ` [PATCH v6 05/11] arm64: rsi: Map unprotected MMIO as decrypted Steven Price
2024-10-08 0:31 ` Gavin Shan
2024-10-11 13:19 ` Catalin Marinas [this message]
2024-10-12 5:22 ` Gavin Shan
2024-10-11 13:20 ` Catalin Marinas
2024-10-04 14:43 ` [PATCH v6 06/11] efi: arm64: Map Device with Prot Shared Steven Price
2024-10-08 0:31 ` Gavin Shan
2024-10-11 13:23 ` Catalin Marinas
2024-10-04 14:43 ` [PATCH v6 07/11] arm64: Enforce bounce buffers for realm DMA Steven Price
2024-10-08 2:51 ` Gavin Shan
2024-10-04 14:43 ` [PATCH v6 08/11] arm64: mm: Avoid TLBI when marking pages as valid Steven Price
2024-10-08 2:52 ` Gavin Shan
2024-10-15 9:50 ` Suzuki K Poulose
2024-10-04 14:43 ` [PATCH v6 09/11] arm64: Enable memory encrypt for Realms Steven Price
2024-10-08 2:56 ` Gavin Shan
2024-10-04 14:43 ` [PATCH v6 10/11] virt: arm-cca-guest: TSM_REPORT support for realms Steven Price
2024-10-05 15:42 ` kernel test robot
2024-10-08 4:12 ` Gavin Shan
2024-10-11 14:14 ` Steven Price
2024-10-11 16:22 ` Suzuki K Poulose
2024-10-12 6:06 ` Gavin Shan
2024-10-14 8:56 ` Suzuki K Poulose
2024-10-14 14:41 ` Steven Price
2024-10-14 14:46 ` Suzuki K Poulose
2024-10-15 0:01 ` Gavin Shan
2024-10-04 14:43 ` [PATCH v6 11/11] arm64: Document Arm Confidential Compute Steven Price
2024-10-08 4:17 ` Gavin Shan
2024-10-08 11:05 ` Jean-Philippe Brucker
2024-10-11 14:14 ` Steven Price
2024-10-15 9:55 ` Suzuki K Poulose
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zwkl51C3DFEQQ0Jb@arm.com \
--to=catalin.marinas@arm.com \
--cc=alexandru.elisei@arm.com \
--cc=alpergun@google.com \
--cc=aneesh.kumar@kernel.org \
--cc=christoffer.dall@arm.com \
--cc=gankulkarni@os.amperecomputing.com \
--cc=gshan@redhat.com \
--cc=james.morse@arm.com \
--cc=joey.gouly@arm.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sdonthineni@nvidia.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.