[PATCH] x86/sev: Make early_set_memory_decrypted() calls page aligned

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Steve Rutherford <srutherford@google.com>
To: Borislav Petkov <bp@alien8.de>, Thomas Gleixner <tglx@linutronix.de>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Ingo Molnar <mingo@redhat.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org, "H . Peter Anvin" <hpa@zytor.com>,
	kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
	David.Kaplan@amd.com, jacobhxu@google.com,
	patelsvishal@google.com, bhillier@google.com,
	Steve Rutherford <srutherford@google.com>
Subject: [PATCH] x86/sev: Make early_set_memory_decrypted() calls page aligned
Date: Fri, 18 Aug 2023 16:34:51 -0700	[thread overview]
Message-ID: <20230818233451.3615464-1-srutherford@google.com> (raw)

early_set_memory_decrypted() assumes its parameters are page aligned.
Non-page aligned calls result in additional pages being marked as
decrypted via the encryption status hypercall, which results in
consistent corruption of pages during live migration. Live
migration requires accurate encryption status information to avoid
migrating pages from the wrong perspective.

Fixes: 4716276184ec ("X86/KVM: Decrypt shared per-cpu variables when SEV is active")
Signed-off-by: Steve Rutherford <srutherford@google.com>
---
 arch/x86/kernel/kvm.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
index 6a36db4f79fd..a0c072d3103c 100644
--- a/arch/x86/kernel/kvm.c
+++ b/arch/x86/kernel/kvm.c
@@ -419,7 +419,14 @@ static u64 kvm_steal_clock(int cpu)
 
 static inline void __set_percpu_decrypted(void *ptr, unsigned long size)
 {
-	early_set_memory_decrypted((unsigned long) ptr, size);
+	/*
+	 * early_set_memory_decrypted() requires page aligned parameters, but
+	 * this function needs to handle ptrs offset into a page.
+	 */
+	unsigned long start = PAGE_ALIGN_DOWN((unsigned long) ptr);
+	unsigned long end = (unsigned long) ptr + size;
+
+	early_set_memory_decrypted(start, end - start);
 }
 
 /*
@@ -438,6 +445,11 @@ static void __init sev_map_percpu_data(void)
 		return;
 
 	for_each_possible_cpu(cpu) {
+		/*
+		 * Calling __set_percpu_decrypted() for each per-cpu variable is
+		 * inefficent, since it may decrypt the same page multiple times.
+		 * That said, it avoids the need for more complicated logic.
+		 */
 		__set_percpu_decrypted(&per_cpu(apf_reason, cpu), sizeof(apf_reason));
 		__set_percpu_decrypted(&per_cpu(steal_time, cpu), sizeof(steal_time));
 		__set_percpu_decrypted(&per_cpu(kvm_apic_eoi, cpu), sizeof(kvm_apic_eoi));
-- 
2.42.0.rc1.204.g551eb34607-goog

next             reply	other threads:[~2023-08-18 23:36 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-18 23:34 Steve Rutherford [this message]
2023-08-21  6:44 ` [PATCH] x86/sev: Make early_set_memory_decrypted() calls page aligned Gupta, Pankaj
2023-08-21 13:10 ` Tom Lendacky
2023-08-21 18:15   ` Steve Rutherford
2023-08-21 18:53     ` Tom Lendacky
2023-08-21 19:25       ` Steve Rutherford
2023-08-21 20:24         ` Tom Lendacky
2023-08-21 22:53           ` Steve Rutherford
2023-09-15 11:59 ` Ingo Molnar
2023-09-15 18:44   ` Steve Rutherford
2023-09-16  9:19     ` Ingo Molnar

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:6a36db4f79f dfblob:a0c072d3103 )
 OR (
bs:"[PATCH] x86/sev: Make early_set_memory_decrypted() calls page aligned" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230818233451.3615464-1-srutherford@google.com \
    --to=srutherford@google.com \
    --cc=David.Kaplan@amd.com \
    --cc=bhillier@google.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=jacobhxu@google.com \
    --cc=kvm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=patelsvishal@google.com \
    --cc=pbonzini@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox