From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Ingo Molnar <mingo@redhat.com>,
x86@kernel.org, Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Cc: Dave Hansen <dave.hansen@intel.com>,
Kai Huang <kai.huang@linux.intel.com>,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [RFC, PATCH 06/22] x86/mm: Decouple dynamic __PHYSICAL_MASK from AMD SME
Date: Mon, 5 Mar 2018 19:25:54 +0300 [thread overview]
Message-ID: <20180305162610.37510-7-kirill.shutemov@linux.intel.com> (raw)
In-Reply-To: <20180305162610.37510-1-kirill.shutemov@linux.intel.com>
AMD SME claims one bit from physical address to indicate whether the
page is encrypted or not. To achieve that we clear out the bit from
__PHYSICAL_MASK.
The capability to adjust __PHYSICAL_MASK is required beyond AMD SME.
For instance for upcoming Intel Multi-Key Total Memory Encryption.
Let's factor it out into separate feature with own Kconfig handle.
It also helps with overhead of AMD SME. It saves more than 3k in .text
on defconfig + AMD_MEM_ENCRYPT:
add/remove: 3/2 grow/shrink: 5/110 up/down: 189/-3753 (-3564)
We would need to return to this once we have infrastructure to patch
constants in code. That's good candidate for it.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
arch/x86/Kconfig | 4 ++++
arch/x86/boot/compressed/kaslr_64.c | 3 +++
arch/x86/include/asm/page_types.h | 8 +++++++-
arch/x86/mm/mem_encrypt_identity.c | 3 +++
arch/x86/mm/pgtable.c | 5 +++++
5 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index bdfd503065d3..99aecb2caed3 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -332,6 +332,9 @@ config ARCH_SUPPORTS_UPROBES
config FIX_EARLYCON_MEM
def_bool y
+config DYNAMIC_PHYSICAL_MASK
+ bool
+
config PGTABLE_LEVELS
int
default 5 if X86_5LEVEL
@@ -1513,6 +1516,7 @@ config ARCH_HAS_MEM_ENCRYPT
config AMD_MEM_ENCRYPT
bool "AMD Secure Memory Encryption (SME) support"
depends on X86_64 && CPU_SUP_AMD
+ select DYNAMIC_PHYSICAL_MASK
---help---
Say yes to enable support for the encryption of system memory.
This requires an AMD processor that supports Secure Memory
diff --git a/arch/x86/boot/compressed/kaslr_64.c b/arch/x86/boot/compressed/kaslr_64.c
index b5e5e02f8cde..4318ac0af815 100644
--- a/arch/x86/boot/compressed/kaslr_64.c
+++ b/arch/x86/boot/compressed/kaslr_64.c
@@ -16,6 +16,9 @@
#define __pa(x) ((unsigned long)(x))
#define __va(x) ((void *)((unsigned long)(x)))
+/* No need in adjustable __PHYSICAL_MASK during decompresssion phase */
+#undef CONFIG_DYNAMIC_PHYSICAL_MASK
+
/*
* The pgtable.h and mm/ident_map.c includes make use of the SME related
* information which is not used in the compressed image support. Un-define
diff --git a/arch/x86/include/asm/page_types.h b/arch/x86/include/asm/page_types.h
index 1e53560a84bb..c85e15010f48 100644
--- a/arch/x86/include/asm/page_types.h
+++ b/arch/x86/include/asm/page_types.h
@@ -17,7 +17,6 @@
#define PUD_PAGE_SIZE (_AC(1, UL) << PUD_SHIFT)
#define PUD_PAGE_MASK (~(PUD_PAGE_SIZE-1))
-#define __PHYSICAL_MASK ((phys_addr_t)(__sme_clr((1ULL << __PHYSICAL_MASK_SHIFT) - 1)))
#define __VIRTUAL_MASK ((1UL << __VIRTUAL_MASK_SHIFT) - 1)
/* Cast *PAGE_MASK to a signed type so that it is sign-extended if
@@ -55,6 +54,13 @@
#ifndef __ASSEMBLY__
+#ifdef CONFIG_DYNAMIC_PHYSICAL_MASK
+extern phys_addr_t physical_mask;
+#define __PHYSICAL_MASK physical_mask
+#else
+#define __PHYSICAL_MASK ((phys_addr_t)((1ULL << __PHYSICAL_MASK_SHIFT) - 1))
+#endif
+
extern int devmem_is_allowed(unsigned long pagenr);
extern unsigned long max_low_pfn_mapped;
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c
index 1b2197d13832..7ae36868aed2 100644
--- a/arch/x86/mm/mem_encrypt_identity.c
+++ b/arch/x86/mm/mem_encrypt_identity.c
@@ -527,6 +527,7 @@ void __init sme_enable(struct boot_params *bp)
/* SEV state cannot be controlled by a command line option */
sme_me_mask = me_mask;
sev_enabled = true;
+ physical_mask &= ~sme_me_mask;
return;
}
@@ -561,4 +562,6 @@ void __init sme_enable(struct boot_params *bp)
sme_me_mask = 0;
else
sme_me_mask = active_by_default ? me_mask : 0;
+
+ physical_mask &= ~sme_me_mask;
}
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
index 004abf9ebf12..a4dfe85f2fd8 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
@@ -7,6 +7,11 @@
#include <asm/fixmap.h>
#include <asm/mtrr.h>
+#ifdef CONFIG_DYNAMIC_PHYSICAL_MASK
+phys_addr_t physical_mask __ro_after_init = (1ULL << __PHYSICAL_MASK_SHIFT) - 1;
+EXPORT_SYMBOL(physical_mask);
+#endif
+
#define PGALLOC_GFP (GFP_KERNEL_ACCOUNT | __GFP_ZERO)
#ifdef CONFIG_HIGHPTE
--
2.16.1
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2018-03-05 16:26 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-05 16:25 [RFC, PATCH 00/22] Partial MKTME enabling Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 01/22] x86/cpufeatures: Add Intel Total Memory Encryption cpufeature Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 02/22] x86/tme: Detect if TME and MKTME is activated by BIOS Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 03/22] x86/cpufeatures: Add Intel PCONFIG cpufeature Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 04/22] x86/pconfig: Detect PCONFIG targets Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 05/22] x86/pconfig: Provide defines and helper to run MKTME_KEY_PROG leaf Kirill A. Shutemov
2018-03-05 16:25 ` Kirill A. Shutemov [this message]
2018-03-05 16:25 ` [RFC, PATCH 07/22] x86/mm: Mask out KeyID bits from page table entry pfn Kirill A. Shutemov
2018-03-22 15:55 ` Punit Agrawal
2018-03-05 16:25 ` [RFC, PATCH 08/22] mm: Introduce __GFP_ENCRYPT Kirill A. Shutemov
2018-03-22 16:02 ` Punit Agrawal
2018-03-05 16:25 ` [RFC, PATCH 09/22] mm, rmap: Add arch-specific field into anon_vma Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 10/22] mm/shmem: Zero out unused vma fields in shmem_pseudo_vma_init() Kirill A. Shutemov
2018-03-05 16:25 ` [RFC, PATCH 11/22] mm: Use __GFP_ENCRYPT for pages in encrypted VMAs Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 12/22] mm: Do no merge vma with different encryption KeyIDs Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 13/22] mm, rmap: Free encrypted pages once mapcount drops to zero Kirill A. Shutemov
2018-03-05 19:12 ` Dave Hansen
2018-03-06 8:18 ` Kirill A. Shutemov
2018-03-05 19:13 ` Dave Hansen
2018-03-06 8:27 ` Kirill A. Shutemov
2018-03-06 14:59 ` Dave Hansen
2018-03-06 15:00 ` Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 14/22] mm, khugepaged: Do not collapse pages in encrypted VMAs Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 15/22] x86/mm: Introduce variables to store number, shift and mask of KeyIDs Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 16/22] x86/mm: Preserve KeyID on pte_modify() and pgprot_modify() Kirill A. Shutemov
2018-03-05 19:09 ` Dave Hansen
2018-03-06 8:30 ` Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 17/22] x86/mm: Implement vma_is_encrypted() and vma_keyid() Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 18/22] x86/mm: Handle allocation of encrypted pages Kirill A. Shutemov
2018-03-05 19:03 ` Dave Hansen
2018-03-06 8:34 ` Kirill A. Shutemov
2018-03-05 19:07 ` Dave Hansen
2018-03-06 8:36 ` Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 19/22] x86/mm: Implement free_encrypt_page() Kirill A. Shutemov
2018-03-05 19:00 ` Dave Hansen
2018-03-06 8:38 ` Kirill A. Shutemov
2018-03-05 19:07 ` Dave Hansen
2018-03-06 8:54 ` Kirill A. Shutemov
2018-03-06 13:52 ` Dave Hansen
2018-03-06 14:09 ` Kirill A. Shutemov
2018-03-20 12:50 ` Kirill A. Shutemov
2018-03-27 14:44 ` Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 20/22] x86/mm: Implement anon_vma_encrypted() and anon_vma_keyid() Kirill A. Shutemov
2018-03-05 16:26 ` [RFC, PATCH 21/22] x86/mm: Introduce page_keyid() and page_encrypted() Kirill A. Shutemov
2018-03-05 17:08 ` Dave Hansen
2018-03-06 8:57 ` Kirill A. Shutemov
2018-03-06 14:56 ` Dave Hansen
2018-03-06 14:58 ` Kirill A. Shutemov
2018-03-06 15:04 ` Dave Hansen
2018-03-05 16:26 ` [RFC, PATCH 22/22] x86: Introduce CONFIG_X86_INTEL_MKTME Kirill A. Shutemov
2018-03-05 18:30 ` [RFC, PATCH 00/22] Partial MKTME enabling Christoph Hellwig
2018-03-05 19:05 ` Matthew Wilcox
2018-03-06 8:58 ` Kirill A. Shutemov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180305162610.37510-7-kirill.shutemov@linux.intel.com \
--to=kirill.shutemov@linux.intel.com \
--cc=dave.hansen@intel.com \
--cc=hpa@zytor.com \
--cc=kai.huang@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).