* Re: [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted
[not found] <20260522225853.878411-1-tjmercier@google.com>
@ 2026-05-25 6:21 ` Christoph Hellwig
2026-05-27 16:07 ` Jason Gunthorpe
0 siblings, 1 reply; 4+ messages in thread
From: Christoph Hellwig @ 2026-05-25 6:21 UTC (permalink / raw)
To: T.J. Mercier
Cc: maddy, mpe, npiggin, chleroy, linuxppc-dev, mripard, sumit.semwal,
lkp, linux-kernel, iommu, linux-mm, agordeev, gerald.schaefer,
linux-s390, Dan Williams, Tom Lendacky, x86
On Fri, May 22, 2026 at 03:58:53PM -0700, T.J. Mercier wrote:
> After commit fd55edff8a0a ("dma-buf: heaps: system: Turn the heap into a
> module") the system dma-buf heaps can be built as a module. The
> system_cc_shared heap uses set_memory_encrypted and set_memory_decrypted
> but those functions are not exported on powerpc. This can result in a
> build error like:
I'd much rather revert the above commit. Yes, x86 has exported these
since 2017, but that's a really bad idea, and we should fix it instead
of spreading the export.
Setting memory decrypted is a dangerous operations and should only
be available to core code. We should have various allocators for
decrypted code, but not export the functionality to random code.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted
2026-05-25 6:21 ` [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted Christoph Hellwig
@ 2026-05-27 16:07 ` Jason Gunthorpe
2026-05-27 18:15 ` Borislav Petkov
0 siblings, 1 reply; 4+ messages in thread
From: Jason Gunthorpe @ 2026-05-27 16:07 UTC (permalink / raw)
To: Christoph Hellwig
Cc: T.J. Mercier, maddy, mpe, npiggin, chleroy, linuxppc-dev, mripard,
sumit.semwal, lkp, linux-kernel, iommu, linux-mm, agordeev,
gerald.schaefer, linux-s390, Dan Williams, Tom Lendacky, x86
On Sun, May 24, 2026 at 11:21:33PM -0700, Christoph Hellwig wrote:
> On Fri, May 22, 2026 at 03:58:53PM -0700, T.J. Mercier wrote:
> > After commit fd55edff8a0a ("dma-buf: heaps: system: Turn the heap into a
> > module") the system dma-buf heaps can be built as a module. The
> > system_cc_shared heap uses set_memory_encrypted and set_memory_decrypted
> > but those functions are not exported on powerpc. This can result in a
> > build error like:
>
> I'd much rather revert the above commit. Yes, x86 has exported these
> since 2017, but that's a really bad idea, and we should fix it instead
> of spreading the export.
>
> Setting memory decrypted is a dangerous operations and should only
> be available to core code. We should have various allocators for
> decrypted code, but not export the functionality to random code.
At the very least an EXPORT_SYMBOL_NS.
Looks like there are about 3 modules using it already..
Jason
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted
2026-05-27 16:07 ` Jason Gunthorpe
@ 2026-05-27 18:15 ` Borislav Petkov
2026-05-28 8:53 ` Christoph Hellwig
0 siblings, 1 reply; 4+ messages in thread
From: Borislav Petkov @ 2026-05-27 18:15 UTC (permalink / raw)
To: Jason Gunthorpe
Cc: Christoph Hellwig, T.J. Mercier, maddy, mpe, npiggin, chleroy,
linuxppc-dev, mripard, sumit.semwal, lkp, linux-kernel, iommu,
linux-mm, agordeev, gerald.schaefer, linux-s390, Dan Williams,
Tom Lendacky, x86
On Wed, May 27, 2026 at 01:07:16PM -0300, Jason Gunthorpe wrote:
> > Setting memory decrypted is a dangerous operations and should only
> > be available to core code. We should have various allocators for
> > decrypted code, but not export the functionality to random code.
>
> At the very least an EXPORT_SYMBOL_NS.
>
> Looks like there are about 3 modules using it already..
Looks like more to me...
In any case, we exported them back then for some framebuffer things:
95cf9264d5f3 ("x86, drm, fbdev: Do not specify encrypted memory for video mappings")
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted
2026-05-27 18:15 ` Borislav Petkov
@ 2026-05-28 8:53 ` Christoph Hellwig
0 siblings, 0 replies; 4+ messages in thread
From: Christoph Hellwig @ 2026-05-28 8:53 UTC (permalink / raw)
To: Borislav Petkov
Cc: Jason Gunthorpe, Christoph Hellwig, T.J. Mercier, maddy, mpe,
npiggin, chleroy, linuxppc-dev, mripard, sumit.semwal, lkp,
linux-kernel, iommu, linux-mm, agordeev, gerald.schaefer,
linux-s390, Dan Williams, Tom Lendacky, x86
On Wed, May 27, 2026 at 11:15:49AM -0700, Borislav Petkov wrote:
> On Wed, May 27, 2026 at 01:07:16PM -0300, Jason Gunthorpe wrote:
> > > Setting memory decrypted is a dangerous operations and should only
> > > be available to core code. We should have various allocators for
> > > decrypted code, but not export the functionality to random code.
> >
> > At the very least an EXPORT_SYMBOL_NS.
> >
> > Looks like there are about 3 modules using it already..
>
> Looks like more to me...
>
> In any case, we exported them back then for some framebuffer things:
>
> 95cf9264d5f3 ("x86, drm, fbdev: Do not specify encrypted memory for video mappings")
Which is exactly one of these things that should not happen - mapping
random I/O memory without the proper helpers..
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-05-28 8:53 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20260522225853.878411-1-tjmercier@google.com>
2026-05-25 6:21 ` [PATCH] powerpc: Export set_memory_encrypted and set_memory_decrypted Christoph Hellwig
2026-05-27 16:07 ` Jason Gunthorpe
2026-05-27 18:15 ` Borislav Petkov
2026-05-28 8:53 ` Christoph Hellwig
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox