From: Juergen Gross <jgross@suse.com> To: Tom Lendacky <thomas.lendacky@amd.com>, Borislav Petkov <bp@alien8.de> Cc: linux-kernel@vger.kernel.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, linux-hyperv@vger.kernel.org, virtualization@lists.linux-foundation.org, Arnd Bergmann <arnd@arndb.de>, Heiko Carstens <hca@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, Alexander Gordeev <agordeev@linux.ibm.com>, Christian Borntraeger <borntraeger@linux.ibm.com>, Sven Schnelle <svens@linux.ibm.com>, Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Dave Hansen <dave.hansen@linux.intel.com>, "H. Peter Anvin" <hpa@zytor.com>, "K. Y. Srinivasan" <kys@microsoft.com>, Haiyang Zhang <haiyangz@microsoft.com>, Stephen Hemminger <sthemmin@microsoft.com>, Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>, Andy Lutomirski <luto@kernel.org>, Peter Zijlstra <peterz@infradead.org>, "Michael S. Tsirkin" <mst@redhat.com>, Jason Wang <jasowang@redhat.com>, Christoph Hellwig <hch@infradead.org>, Oleksandr Tyshchenko <olekstysh@gmail.com> Subject: Re: [PATCH 2/2] virtio: replace arch_has_restricted_virtio_memory_access() Date: Wed, 27 Apr 2022 16:14:14 +0200 [thread overview] Message-ID: <f1fa517f-a59d-df48-b5c5-f38ce210d999@suse.com> (raw) In-Reply-To: <c959d3ea-1187-3e88-287b-27e75f0225e8@amd.com> [-- Attachment #1.1.1: Type: text/plain, Size: 2398 bytes --] On 27.04.22 16:09, Tom Lendacky wrote: > On 4/27/22 07:37, Juergen Gross wrote: >> On 27.04.22 14:28, Borislav Petkov wrote: >>> On Wed, Apr 27, 2022 at 08:37:31AM +0200, Juergen Gross wrote: >>>> On 26.04.22 19:35, Borislav Petkov wrote: >>>>> On Tue, Apr 26, 2022 at 03:40:21PM +0200, Juergen Gross wrote: >>>>>> /* protected virtualization */ >>>>>> static void pv_init(void) >>>>>> { >>>>>> if (!is_prot_virt_guest()) >>>>>> return; >>>>>> + platform_set_feature(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS); >>>>> >>>>> Kinda long-ish for my taste. I'll probably call it: >>>>> >>>>> platform_set() >>>>> >>>>> as it is implicit that it sets a feature bit. >>>> >>>> Okay, fine with me. >>>> >>>>> >>>>>> diff --git a/arch/x86/mm/mem_encrypt_identity.c >>>>>> b/arch/x86/mm/mem_encrypt_identity.c >>>>>> index b43bc24d2bb6..6043ba6cd17d 100644 >>>>>> --- a/arch/x86/mm/mem_encrypt_identity.c >>>>>> +++ b/arch/x86/mm/mem_encrypt_identity.c >>>>>> @@ -40,6 +40,7 @@ >>>>>> #include <linux/mm.h> >>>>>> #include <linux/mem_encrypt.h> >>>>>> #include <linux/cc_platform.h> >>>>>> +#include <linux/platform-feature.h> >>>>>> #include <asm/setup.h> >>>>>> #include <asm/sections.h> >>>>>> @@ -566,6 +567,10 @@ void __init sme_enable(struct boot_params *bp) >>>>>> } else { >>>>>> /* SEV state cannot be controlled by a command line option */ >>>>>> sme_me_mask = me_mask; >>>>>> + >>>>>> + /* Set restricted memory access for virtio. */ >>>>>> + platform_set_feature(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS); > > This is way early in the boot, but it appears that marking the platform feature > bitmap as __read_mostly puts this in the .data section, so avoids the issue of > bss being cleared. In V2 (not yet posted) I have moved the call to sev_setup_arch(). > > TDX support also uses the arch_has_restricted_virtio_memory_access() function > and will need to be updated. Yes. > Seems like a lot of changes, I just wonder if the the arch_has...() function > couldn't be updated to also include a Xen check? This was not seen to be a nice solution. And TBH, I think this series is making the code much cleaner. Look at the diffstat of this patch. Juergen [-- Attachment #1.1.2: OpenPGP public key --] [-- Type: application/pgp-keys, Size: 3149 bytes --] [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 495 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: Juergen Gross via Virtualization <virtualization@lists.linux-foundation.org> To: Tom Lendacky <thomas.lendacky@amd.com>, Borislav Petkov <bp@alien8.de> Cc: linux-hyperv@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>, Peter Zijlstra <peterz@infradead.org>, Dave Hansen <dave.hansen@linux.intel.com>, virtualization@lists.linux-foundation.org, "H. Peter Anvin" <hpa@zytor.com>, Alexander Gordeev <agordeev@linux.ibm.com>, linux-arch@vger.kernel.org, linux-s390@vger.kernel.org, Wei Liu <wei.liu@kernel.org>, Stephen Hemminger <sthemmin@microsoft.com>, Arnd Bergmann <arnd@arndb.de>, x86@kernel.org, Dexuan Cui <decui@microsoft.com>, Christoph Hellwig <hch@infradead.org>, Ingo Molnar <mingo@redhat.com>, Haiyang Zhang <haiyangz@microsoft.com>, Vasily Gorbik <gor@linux.ibm.com>, Heiko Carstens <hca@linux.ibm.com>, Andy Lutomirski <luto@kernel.org>, Thomas Gleixner <tglx@linutronix.de>, linux-kernel@vger.kernel.org, Oleksandr Tyshchenko <olekstysh@gmail.com>, Sven Schnelle <svens@linux.ibm.com> Subject: Re: [PATCH 2/2] virtio: replace arch_has_restricted_virtio_memory_access() Date: Wed, 27 Apr 2022 16:14:14 +0200 [thread overview] Message-ID: <f1fa517f-a59d-df48-b5c5-f38ce210d999@suse.com> (raw) In-Reply-To: <c959d3ea-1187-3e88-287b-27e75f0225e8@amd.com> [-- Attachment #1.1.1.1: Type: text/plain, Size: 2398 bytes --] On 27.04.22 16:09, Tom Lendacky wrote: > On 4/27/22 07:37, Juergen Gross wrote: >> On 27.04.22 14:28, Borislav Petkov wrote: >>> On Wed, Apr 27, 2022 at 08:37:31AM +0200, Juergen Gross wrote: >>>> On 26.04.22 19:35, Borislav Petkov wrote: >>>>> On Tue, Apr 26, 2022 at 03:40:21PM +0200, Juergen Gross wrote: >>>>>> /* protected virtualization */ >>>>>> static void pv_init(void) >>>>>> { >>>>>> if (!is_prot_virt_guest()) >>>>>> return; >>>>>> + platform_set_feature(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS); >>>>> >>>>> Kinda long-ish for my taste. I'll probably call it: >>>>> >>>>> platform_set() >>>>> >>>>> as it is implicit that it sets a feature bit. >>>> >>>> Okay, fine with me. >>>> >>>>> >>>>>> diff --git a/arch/x86/mm/mem_encrypt_identity.c >>>>>> b/arch/x86/mm/mem_encrypt_identity.c >>>>>> index b43bc24d2bb6..6043ba6cd17d 100644 >>>>>> --- a/arch/x86/mm/mem_encrypt_identity.c >>>>>> +++ b/arch/x86/mm/mem_encrypt_identity.c >>>>>> @@ -40,6 +40,7 @@ >>>>>> #include <linux/mm.h> >>>>>> #include <linux/mem_encrypt.h> >>>>>> #include <linux/cc_platform.h> >>>>>> +#include <linux/platform-feature.h> >>>>>> #include <asm/setup.h> >>>>>> #include <asm/sections.h> >>>>>> @@ -566,6 +567,10 @@ void __init sme_enable(struct boot_params *bp) >>>>>> } else { >>>>>> /* SEV state cannot be controlled by a command line option */ >>>>>> sme_me_mask = me_mask; >>>>>> + >>>>>> + /* Set restricted memory access for virtio. */ >>>>>> + platform_set_feature(PLATFORM_VIRTIO_RESTRICTED_MEM_ACCESS); > > This is way early in the boot, but it appears that marking the platform feature > bitmap as __read_mostly puts this in the .data section, so avoids the issue of > bss being cleared. In V2 (not yet posted) I have moved the call to sev_setup_arch(). > > TDX support also uses the arch_has_restricted_virtio_memory_access() function > and will need to be updated. Yes. > Seems like a lot of changes, I just wonder if the the arch_has...() function > couldn't be updated to also include a Xen check? This was not seen to be a nice solution. And TBH, I think this series is making the code much cleaner. Look at the diffstat of this patch. Juergen [-- Attachment #1.1.1.2: OpenPGP public key --] [-- Type: application/pgp-keys, Size: 3149 bytes --] [-- Attachment #1.2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 495 bytes --] [-- Attachment #2: Type: text/plain, Size: 183 bytes --] _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization
next prev parent reply other threads:[~2022-04-27 14:14 UTC|newest] Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-04-26 13:40 [PATCH 0/2] kernel: add new infrastructure for platform_has() support Juergen Gross 2022-04-26 13:40 ` Juergen Gross via Virtualization 2022-04-26 13:40 ` [PATCH 1/2] kernel: add platform_has() infrastructure Juergen Gross 2022-04-26 13:40 ` Juergen Gross via Virtualization 2022-04-26 17:31 ` Borislav Petkov 2022-04-26 17:31 ` Borislav Petkov 2022-04-26 19:53 ` Heiko Carstens 2022-04-26 20:09 ` Borislav Petkov 2022-04-26 20:09 ` Borislav Petkov 2022-04-27 6:20 ` Juergen Gross 2022-04-27 6:20 ` Juergen Gross via Virtualization 2022-04-26 13:40 ` [PATCH 2/2] virtio: replace arch_has_restricted_virtio_memory_access() Juergen Gross 2022-04-26 13:40 ` Juergen Gross via Virtualization 2022-04-26 17:35 ` Borislav Petkov 2022-04-26 17:35 ` Borislav Petkov 2022-04-26 19:51 ` Heiko Carstens 2022-04-27 6:40 ` Juergen Gross 2022-04-27 6:40 ` Juergen Gross via Virtualization 2022-04-27 12:26 ` Borislav Petkov 2022-04-27 12:26 ` Borislav Petkov 2022-04-27 12:45 ` Juergen Gross 2022-04-27 12:45 ` Juergen Gross via Virtualization 2022-04-27 6:37 ` Juergen Gross 2022-04-27 6:37 ` Juergen Gross via Virtualization 2022-04-27 12:28 ` Borislav Petkov 2022-04-27 12:28 ` Borislav Petkov 2022-04-27 12:37 ` Juergen Gross 2022-04-27 12:37 ` Juergen Gross via Virtualization 2022-04-27 14:09 ` Tom Lendacky 2022-04-27 14:09 ` Tom Lendacky via Virtualization 2022-04-27 14:14 ` Juergen Gross [this message] 2022-04-27 14:14 ` Juergen Gross via Virtualization 2022-04-27 7:48 ` [PATCH 0/2] kernel: add new infrastructure for platform_has() support Oleksandr
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=f1fa517f-a59d-df48-b5c5-f38ce210d999@suse.com \ --to=jgross@suse.com \ --cc=agordeev@linux.ibm.com \ --cc=arnd@arndb.de \ --cc=borntraeger@linux.ibm.com \ --cc=bp@alien8.de \ --cc=dave.hansen@linux.intel.com \ --cc=decui@microsoft.com \ --cc=gor@linux.ibm.com \ --cc=haiyangz@microsoft.com \ --cc=hca@linux.ibm.com \ --cc=hch@infradead.org \ --cc=hpa@zytor.com \ --cc=jasowang@redhat.com \ --cc=kys@microsoft.com \ --cc=linux-arch@vger.kernel.org \ --cc=linux-hyperv@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-s390@vger.kernel.org \ --cc=luto@kernel.org \ --cc=mingo@redhat.com \ --cc=mst@redhat.com \ --cc=olekstysh@gmail.com \ --cc=peterz@infradead.org \ --cc=sthemmin@microsoft.com \ --cc=svens@linux.ibm.com \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=virtualization@lists.linux-foundation.org \ --cc=wei.liu@kernel.org \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.