From: Davidlohr Bueso <dave@stgolabs.net>
To: Dave Jiang <dave.jiang@intel.com>
Cc: linux-cxl@vger.kernel.org, nvdimm@lists.linux.dev,
dan.j.williams@intel.com, bwidawsk@kernel.org,
ira.weiny@intel.com, vishal.l.verma@intel.com,
alison.schofield@intel.com, Jonathan.Cameron@huawei.com,
a.manzanares@samsung.com
Subject: Re: [PATCH RFC 10/15] x86: add an arch helper function to invalidate all cache for nvdimm
Date: Sun, 17 Jul 2022 22:30:39 -0700 [thread overview]
Message-ID: <20220718053039.5whjdcxynukildlo@offworld> (raw)
In-Reply-To: <165791937063.2491387.15277418618265930924.stgit@djiang5-desk3.ch.intel.com>
On Fri, 15 Jul 2022, Dave Jiang wrote:
>The original implementation to flush all cache after unlocking the nvdimm
>resides in drivers/acpi/nfit/intel.c. This is a temporary stop gap until
>nvdimm with security operations arrives on other archs. With support CXL
>pmem supporting security operations, specifically "unlock" dimm, the need
>for an arch supported helper function to invalidate all CPU cache for
>nvdimm has arrived. Remove original implementation from acpi/nfit and add
>cross arch support for this operation.
>
>Add CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE Kconfig and allow x86_64 to opt in
>and provide the support via wbinvd_on_all_cpus() call.
So the 8.2.9.5.5 bits will also need wbinvd - and I guess arm64 will need
its own semantics (iirc there was a flush all call in the past). Cc'ing
Jonathan as well.
Anyway, I think this call should not be defined in any place other than core
kernel headers, and not in pat/nvdimm. I was trying to make it fit in smp.h,
for example, but conviniently we might be able to hijack flush_cache_all()
for our purposes as of course neither x86-64 arm64 uses it :)
And I see this as safe (wrt not adding a big hammer on unaware drivers) as
the 32bit archs that define the call are mostly contained thin their arch/,
and the few in drivers/ are still specific to those archs.
Maybe something like the below.
Thanks,
Davidlohr
------8<----------------------------------------
Subject: [PATCH] arch/x86: define flush_cache_all as global wbinvd
With CXL security features, global CPU cache flushing nvdimm
requirements are no longer specific to that subsystem, even
beyond the scope of security_ops. CXL will need such semantics
for features not necessarily limited to persistent memory.
So use the flush_cache_all() for the wbinvd across all
CPUs on x86. arm64, which is another platform to have CXL
support can also define its own semantics here.
Signed-off-by: Davidlohr Bueso <dave@stgolabs.net>
---
arch/x86/Kconfig | 1 -
arch/x86/include/asm/cacheflush.h | 5 +++++
arch/x86/mm/pat/set_memory.c | 8 --------
drivers/acpi/nfit/intel.c | 11 ++++++-----
drivers/cxl/security.c | 5 +++--
include/linux/libnvdimm.h | 9 ---------
6 files changed, 14 insertions(+), 25 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 8dbe89eba639..be0b95e51df6 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -83,7 +83,6 @@ config X86
select ARCH_HAS_MEMBARRIER_SYNC_CORE
select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
select ARCH_HAS_PMEM_API if X86_64
- select ARCH_HAS_NVDIMM_INVAL_CACHE if X86_64
select ARCH_HAS_PTE_DEVMAP if X86_64
select ARCH_HAS_PTE_SPECIAL
select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
diff --git a/arch/x86/include/asm/cacheflush.h b/arch/x86/include/asm/cacheflush.h
index b192d917a6d0..05c79021665d 100644
--- a/arch/x86/include/asm/cacheflush.h
+++ b/arch/x86/include/asm/cacheflush.h
@@ -10,4 +10,9 @@
void clflush_cache_range(void *addr, unsigned int size);
+#define flush_cache_all() \
+do { \
+ wbinvd_on_all_cpus(); \
+} while (0)
+
#endif /* _ASM_X86_CACHEFLUSH_H */
diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
index e4cd1286deef..1abd5438f126 100644
--- a/arch/x86/mm/pat/set_memory.c
+++ b/arch/x86/mm/pat/set_memory.c
@@ -330,14 +330,6 @@ void arch_invalidate_pmem(void *addr, size_t size)
EXPORT_SYMBOL_GPL(arch_invalidate_pmem);
#endif
-#ifdef CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE
-void arch_invalidate_nvdimm_cache(void)
-{
- wbinvd_on_all_cpus();
-}
-EXPORT_SYMBOL_GPL(arch_invalidate_nvdimm_cache);
-#endif
-
static void __cpa_flush_all(void *arg)
{
unsigned long cache = (unsigned long)arg;
diff --git a/drivers/acpi/nfit/intel.c b/drivers/acpi/nfit/intel.c
index 242d2e9203e9..1b0ecb4d67e6 100644
--- a/drivers/acpi/nfit/intel.c
+++ b/drivers/acpi/nfit/intel.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0
/* Copyright(c) 2018 Intel Corporation. All rights reserved. */
#include <linux/libnvdimm.h>
+#include <linux/cacheflush.h>
#include <linux/ndctl.h>
#include <linux/acpi.h>
#include <asm/smp.h>
@@ -226,7 +227,7 @@ static int __maybe_unused intel_security_unlock(struct nvdimm *nvdimm,
}
/* DIMM unlocked, invalidate all CPU caches before we read it */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
return 0;
}
@@ -296,7 +297,7 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm,
return -ENOTTY;
/* flush all cache before we erase DIMM */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
memcpy(nd_cmd.cmd.passphrase, key->data,
sizeof(nd_cmd.cmd.passphrase));
rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL);
@@ -316,7 +317,7 @@ static int __maybe_unused intel_security_erase(struct nvdimm *nvdimm,
}
/* DIMM erased, invalidate all CPU caches before we read it */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
return 0;
}
@@ -353,7 +354,7 @@ static int __maybe_unused intel_security_query_overwrite(struct nvdimm *nvdimm)
}
/* flush all cache before we make the nvdimms available */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
return 0;
}
@@ -379,7 +380,7 @@ static int __maybe_unused intel_security_overwrite(struct nvdimm *nvdimm,
return -ENOTTY;
/* flush all cache before we erase DIMM */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
memcpy(nd_cmd.cmd.passphrase, nkey->data,
sizeof(nd_cmd.cmd.passphrase));
rc = nvdimm_ctl(nvdimm, ND_CMD_CALL, &nd_cmd, sizeof(nd_cmd), NULL);
diff --git a/drivers/cxl/security.c b/drivers/cxl/security.c
index 3dc04b50afaf..e2977872bf2f 100644
--- a/drivers/cxl/security.c
+++ b/drivers/cxl/security.c
@@ -6,6 +6,7 @@
#include <linux/ndctl.h>
#include <linux/async.h>
#include <linux/slab.h>
+#include <linux/cacheflush.h>
#include "cxlmem.h"
#include "cxl.h"
@@ -137,7 +138,7 @@ static int cxl_pmem_security_unlock(struct nvdimm *nvdimm,
return rc;
/* DIMM unlocked, invalidate all CPU caches before we read it */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
return 0;
}
@@ -165,7 +166,7 @@ static int cxl_pmem_security_passphrase_erase(struct nvdimm *nvdimm,
return rc;
/* DIMM erased, invalidate all CPU caches before we read it */
- arch_invalidate_nvdimm_cache();
+ flush_cache_all();
return 0;
}
diff --git a/include/linux/libnvdimm.h b/include/linux/libnvdimm.h
index 07e4e7572089..0769afb73380 100644
--- a/include/linux/libnvdimm.h
+++ b/include/linux/libnvdimm.h
@@ -309,13 +309,4 @@ static inline void arch_invalidate_pmem(void *addr, size_t size)
{
}
#endif
-
-#ifdef CONFIG_ARCH_HAS_NVDIMM_INVAL_CACHE
-void arch_invalidate_nvdimm_cache(void);
-#else
-static inline void arch_invalidate_nvdimm_cache(void)
-{
-}
-#endif
-
#endif /* __LIBNVDIMM_H__ */
--
2.36.1
next prev parent reply other threads:[~2022-07-18 5:36 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-15 21:08 [PATCH RFC 00/15] Introduce security commands for CXL pmem device Dave Jiang
2022-07-15 21:08 ` [PATCH RFC 01/15] cxl/pmem: Introduce nvdimm_security_ops with ->get_flags() operation Dave Jiang
2022-07-15 21:09 ` Davidlohr Bueso
2022-08-03 16:29 ` Jonathan Cameron
2022-07-18 5:34 ` [PATCH RFC 1/15] " Davidlohr Bueso
2022-07-15 21:08 ` [PATCH RFC 02/15] tools/testing/cxl: Create context for cxl mock device Dave Jiang
2022-07-18 6:29 ` [PATCH RFC 2/15] " Davidlohr Bueso
2022-08-03 16:36 ` [PATCH RFC 02/15] " Jonathan Cameron
2022-08-09 20:30 ` Dave Jiang
2022-07-15 21:08 ` [PATCH RFC 03/15] tools/testing/cxl: Add "Get Security State" opcode support Dave Jiang
2022-08-03 16:51 ` Jonathan Cameron
2022-07-15 21:08 ` [PATCH RFC 04/15] cxl/pmem: Add "Set Passphrase" security command support Dave Jiang
2022-07-18 6:36 ` [PATCH RFC 4/15] " Davidlohr Bueso
2022-07-19 18:55 ` Dave Jiang
2022-08-03 17:01 ` [PATCH RFC 04/15] " Jonathan Cameron
2022-07-15 21:09 ` [PATCH RFC 05/15] tools/testing/cxl: Add "Set Passphrase" opcode support Dave Jiang
2022-08-03 17:15 ` Jonathan Cameron
2022-07-15 21:09 ` [PATCH RFC 06/15] cxl/pmem: Add Disable Passphrase security command support Dave Jiang
2022-08-03 17:21 ` Jonathan Cameron
2022-07-15 21:09 ` [PATCH RFC 07/15] tools/testing/cxl: Add "Disable" security opcode support Dave Jiang
2022-08-03 17:23 ` Jonathan Cameron
2022-07-15 21:09 ` [PATCH RFC 08/15] cxl/pmem: Add "Freeze Security State" security command support Dave Jiang
2022-08-03 17:23 ` Jonathan Cameron
2022-07-15 21:09 ` [PATCH RFC 09/15] tools/testing/cxl: Add "Freeze Security State" security opcode support Dave Jiang
2022-07-15 21:09 ` [PATCH RFC 10/15] x86: add an arch helper function to invalidate all cache for nvdimm Dave Jiang
2022-07-18 5:30 ` Davidlohr Bueso [this message]
2022-07-19 19:07 ` Dave Jiang
2022-08-03 17:37 ` Jonathan Cameron
2022-08-09 21:47 ` Dave Jiang
2022-08-10 14:15 ` Mark Rutland
2022-08-10 14:31 ` Eliot Moss
2022-08-10 18:09 ` Mark Rutland
2022-08-10 18:11 ` Eliot Moss
2022-08-10 20:06 ` Dan Williams
2022-08-10 21:13 ` Davidlohr Bueso
2022-08-10 21:30 ` Dan Williams
2022-08-10 21:31 ` Davidlohr Bueso
2022-08-15 16:07 ` [PATCH] arch/cacheflush: Introduce flush_all_caches() Davidlohr Bueso
2022-08-16 9:01 ` Peter Zijlstra
2022-08-16 16:50 ` Dan Williams
2022-08-16 16:53 ` Davidlohr Bueso
2022-08-16 17:42 ` Dan Williams
2022-08-16 17:52 ` Davidlohr Bueso
2022-08-16 18:49 ` Dan Williams
2022-08-17 7:53 ` Peter Zijlstra
2022-08-17 7:49 ` Peter Zijlstra
2022-07-15 21:09 ` [PATCH RFC 11/15] cxl/pmem: Add "Unlock" security command support Dave Jiang
2022-08-04 13:19 ` Jonathan Cameron
2022-08-09 22:31 ` Dave Jiang
2022-07-15 21:09 ` [PATCH RFC 12/15] tools/testing/cxl: Add "Unlock" security opcode support Dave Jiang
2022-07-15 21:09 ` [PATCH RFC 13/15] cxl/pmem: Add "Passphrase Secure Erase" security command support Dave Jiang
2022-07-20 6:17 ` Davidlohr Bueso
2022-07-20 17:38 ` Dave Jiang
2022-07-20 18:02 ` Davidlohr Bueso
2022-07-15 21:09 ` [PATCH RFC 14/15] tools/testing/cxl: Add "passphrase secure erase" opcode support Dave Jiang
2022-07-15 21:10 ` [PATCH RFC 15/15] nvdimm/cxl/pmem: Add support for master passphrase disable security command Dave Jiang
2022-07-15 21:29 ` [PATCH RFC 00/15] Introduce security commands for CXL pmem device Davidlohr Bueso
2022-07-19 18:53 ` Dave Jiang
2022-08-03 17:03 ` Jonathan Cameron
2022-08-08 22:18 ` Dave Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220718053039.5whjdcxynukildlo@offworld \
--to=dave@stgolabs.net \
--cc=Jonathan.Cameron@huawei.com \
--cc=a.manzanares@samsung.com \
--cc=alison.schofield@intel.com \
--cc=bwidawsk@kernel.org \
--cc=dan.j.williams@intel.com \
--cc=dave.jiang@intel.com \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=nvdimm@lists.linux.dev \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox