From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: Re: [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption Date: Thu, 8 Sep 2016 08:26:27 -0500 Message-ID: References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> <20160822223646.29880.28794.stgit@tlendack-t1.amdoffice.net> <20160906093113.GA18319@pd.tnic> <20160907155535.i7wh46uxxa2bj3ik@pd.tnic> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20160907155535.i7wh46uxxa2bj3ik-fF5Pk5pvG8Y@public.gmane.org> Sender: linux-efi-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Borislav Petkov Cc: linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kasan-dev-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org, linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org, iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org, =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Konrad Rzeszutek Wilk , Andrey Ryabinin , Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Paolo Bonzini , Alexander Potapenko , Thomas Gleixner , Dm List-Id: linux-arch.vger.kernel.org On 09/07/2016 10:55 AM, Borislav Petkov wrote: > On Wed, Sep 07, 2016 at 09:30:54AM -0500, Tom Lendacky wrote: >> _PAGE_ENC is #defined as sme_me_mask and sme_me_mask has already been >> set (or not set) at this point - so it will be the mask if SME is >> active or 0 if SME is not active. > > Yeah, I remember :-) > >> sme_early_init() is merely propagating the mask to other structures. >> Since early_pmd_flags is mainly used in this file (one line in >> head_64.S is the other place) I felt it best to modify it here. But it >> can always be moved if you feel that is best. > > Hmm, so would it work then if you stick it in early_pmd_flags' > definition like you do with the other masks? I.e., > > pmdval_t early_pmd_flags = __PAGE_KERNEL_LARGE | _PAGE_ENC & ~(_PAGE_GLOBAL | _PAGE_NX); When does this value get initialized? Since _PAGE_ENC is #defined to sme_me_mask, which is not set until the boot process begins, I'm afraid we'd end up using the initial value of sme_me_mask, which is zero. Do I have that right? Thanks, Tom > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-dm3nam03on0048.outbound.protection.outlook.com ([104.47.41.48]:50576 "EHLO NAM03-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S933159AbcIHN0k (ORCPT ); Thu, 8 Sep 2016 09:26:40 -0400 Subject: Re: [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> <20160822223646.29880.28794.stgit@tlendack-t1.amdoffice.net> <20160906093113.GA18319@pd.tnic> <20160907155535.i7wh46uxxa2bj3ik@pd.tnic> From: Tom Lendacky Message-ID: Date: Thu, 8 Sep 2016 08:26:27 -0500 MIME-Version: 1.0 In-Reply-To: <20160907155535.i7wh46uxxa2bj3ik@pd.tnic> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: Borislav Petkov Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org, =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Konrad Rzeszutek Wilk , Andrey Ryabinin , Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Paolo Bonzini , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov Message-ID: <20160908132627.66B15o8gxvpJmnX0nntaIrheGyHkwlbjKlbiNYnEplk@z> On 09/07/2016 10:55 AM, Borislav Petkov wrote: > On Wed, Sep 07, 2016 at 09:30:54AM -0500, Tom Lendacky wrote: >> _PAGE_ENC is #defined as sme_me_mask and sme_me_mask has already been >> set (or not set) at this point - so it will be the mask if SME is >> active or 0 if SME is not active. > > Yeah, I remember :-) > >> sme_early_init() is merely propagating the mask to other structures. >> Since early_pmd_flags is mainly used in this file (one line in >> head_64.S is the other place) I felt it best to modify it here. But it >> can always be moved if you feel that is best. > > Hmm, so would it work then if you stick it in early_pmd_flags' > definition like you do with the other masks? I.e., > > pmdval_t early_pmd_flags = __PAGE_KERNEL_LARGE | _PAGE_ENC & ~(_PAGE_GLOBAL | _PAGE_NX); When does this value get initialized? Since _PAGE_ENC is #defined to sme_me_mask, which is not set until the boot process begins, I'm afraid we'd end up using the initial value of sme_me_mask, which is zero. Do I have that right? Thanks, Tom >