From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Peter Zijlstra <peterz@infradead.org>,
Andy Lutomirski <luto@kernel.org>,
Bjorn Helgaas <bhelgaas@google.com>,
Richard Henderson <rth@twiddle.net>,
Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
James E J Bottomley <James.Bottomley@HansenPartnership.com>,
Helge Deller <deller@gmx.de>,
"David S . Miller" <davem@davemloft.net>,
Arnd Bergmann <arnd@arndb.de>, Jonathan Corbet <corbet@lwn.net>,
"Michael S . Tsirkin" <mst@redhat.com>
Cc: Peter H Anvin <hpa@zytor.com>,
Dave Hansen <dave.hansen@intel.com>,
Tony Luck <tony.luck@intel.com>,
Dan Williams <dan.j.williams@intel.com>,
Andi Kleen <ak@linux.intel.com>,
Kirill Shutemov <kirill.shutemov@linux.intel.com>,
Sean Christopherson <seanjc@google.com>,
Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
x86@kernel.org, linux-kernel@vger.kernel.org,
linux-pci@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
linux-doc@vger.kernel.org,
virtualization@lists.linux-foundation.org
Subject: [PATCH v4 03/15] x86/tdx: Make pages shared in ioremap()
Date: Wed, 4 Aug 2021 17:52:06 -0700 [thread overview]
Message-ID: <20210805005218.2912076-4-sathyanarayanan.kuppuswamy@linux.intel.com> (raw)
In-Reply-To: <20210805005218.2912076-1-sathyanarayanan.kuppuswamy@linux.intel.com>
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
All ioremap()ed pages that are not backed by normal memory (NONE or
RESERVED) have to be mapped as shared.
Reuse the infrastructure from AMD SEV code.
Note that DMA code doesn't use ioremap() to convert memory to shared as
DMA buffers backed by normal memory. DMA code make buffer shared with
set_memory_decrypted().
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
---
Changes since v3:
* Rebased on top of Tom Lendacky's protected guest
changes (https://lore.kernel.org/patchwork/cover/1468760/)
Changes since v1:
* Fixed format issues in commit log.
arch/x86/include/asm/pgtable.h | 4 ++++
arch/x86/mm/ioremap.c | 8 ++++++--
include/linux/protected_guest.h | 1 +
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
index 448cd01eb3ec..2d4d518651d2 100644
--- a/arch/x86/include/asm/pgtable.h
+++ b/arch/x86/include/asm/pgtable.h
@@ -21,6 +21,10 @@
#define pgprot_encrypted(prot) __pgprot(__sme_set(pgprot_val(prot)))
#define pgprot_decrypted(prot) __pgprot(__sme_clr(pgprot_val(prot)))
+/* Make the page accesable by VMM for protected guests */
+#define pgprot_protected_guest(prot) __pgprot(pgprot_val(prot) | \
+ tdg_shared_mask())
+
#ifndef __ASSEMBLY__
#include <asm/x86_init.h>
#include <asm/pkru.h>
diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
index 60ade7dd71bd..69a60f240124 100644
--- a/arch/x86/mm/ioremap.c
+++ b/arch/x86/mm/ioremap.c
@@ -17,6 +17,7 @@
#include <linux/mem_encrypt.h>
#include <linux/efi.h>
#include <linux/pgtable.h>
+#include <linux/protected_guest.h>
#include <asm/set_memory.h>
#include <asm/e820/api.h>
@@ -26,6 +27,7 @@
#include <asm/pgalloc.h>
#include <asm/memtype.h>
#include <asm/setup.h>
+#include <asm/tdx.h>
#include "physaddr.h"
@@ -87,8 +89,8 @@ static unsigned int __ioremap_check_ram(struct resource *res)
}
/*
- * In a SEV guest, NONE and RESERVED should not be mapped encrypted because
- * there the whole memory is already encrypted.
+ * In a SEV or TDX guest, NONE and RESERVED should not be mapped encrypted (or
+ * private in TDX case) because there the whole memory is already encrypted.
*/
static unsigned int __ioremap_check_encrypted(struct resource *res)
{
@@ -246,6 +248,8 @@ __ioremap_caller(resource_size_t phys_addr, unsigned long size,
prot = PAGE_KERNEL_IO;
if ((io_desc.flags & IORES_MAP_ENCRYPTED) || encrypted)
prot = pgprot_encrypted(prot);
+ else if (prot_guest_has(PATTR_GUEST_SHARED_MAPPING_INIT))
+ prot = pgprot_protected_guest(prot);
switch (pcm) {
case _PAGE_CACHE_MODE_UC:
diff --git a/include/linux/protected_guest.h b/include/linux/protected_guest.h
index 1a350c3fcfe2..14255f801100 100644
--- a/include/linux/protected_guest.h
+++ b/include/linux/protected_guest.h
@@ -17,6 +17,7 @@
#define PATTR_GUEST_MEM_ENCRYPT 2 /* Guest encrypted memory */
#define PATTR_GUEST_PROT_STATE 3 /* Guest encrypted state */
#define PATTR_GUEST_UNROLL_STRING_IO 4 /* Unrolled string IO */
+#define PATTR_GUEST_SHARED_MAPPING_INIT 5 /* Late shared mapping init*/
/* 0x800 - 0x8ff reserved for AMD */
#define PATTR_SME 0x800
--
2.25.1
next prev parent reply other threads:[~2021-08-05 0:53 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-05 0:52 [PATCH v4 00/15] Add TDX Guest Support (shared-mm support) Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 01/15] x86/mm: Move force_dma_unencrypted() to common code Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 02/15] x86/tdx: Exclude Shared bit from physical_mask Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` Kuppuswamy Sathyanarayanan [this message]
2021-08-05 0:52 ` [PATCH v4 04/15] x86/tdx: Add helper to do MapGPA hypercall Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 05/15] x86/tdx: Make DMA pages shared Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 06/15] x86/kvm: Use bounce buffers for TD guest Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 07/15] x86/tdx: ioapic: Add shared bit for IOAPIC base address Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 08/15] x86/tdx: Enable shared memory protected guest flags for TDX guest Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 09/15] pci: Consolidate pci_iomap* and pci_iomap*wc Kuppuswamy Sathyanarayanan
2021-08-12 19:43 ` Bjorn Helgaas
2021-08-12 22:11 ` Andi Kleen
2021-08-12 22:29 ` Kuppuswamy, Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 10/15] asm/io.h: Add ioremap_shared fallback Kuppuswamy Sathyanarayanan
2021-08-12 19:46 ` Bjorn Helgaas
2021-08-13 7:58 ` Christoph Hellwig
2021-08-05 0:52 ` [PATCH v4 11/15] pci: Add pci_iomap_shared{,_range} Kuppuswamy Sathyanarayanan
2021-08-13 8:02 ` Christoph Hellwig
2021-08-23 23:56 ` Michael S. Tsirkin
2021-08-24 0:30 ` Kuppuswamy, Sathyanarayanan
2021-08-24 1:04 ` Dan Williams
2021-08-24 2:14 ` Andi Kleen
2021-08-24 9:47 ` Michael S. Tsirkin
2021-08-24 17:20 ` Andi Kleen
2021-08-24 18:55 ` Bjorn Helgaas
2021-08-24 20:14 ` Andi Kleen
2021-08-24 20:31 ` Bjorn Helgaas
2021-08-24 20:50 ` Andi Kleen
2021-08-24 21:05 ` Dan Williams
2021-08-25 14:52 ` Bjorn Helgaas
2021-08-24 21:55 ` Rajat Jain
2021-08-29 15:27 ` Michael S. Tsirkin
2021-08-29 16:17 ` Andi Kleen
2021-08-29 22:26 ` Michael S. Tsirkin
2021-08-30 5:11 ` Andi Kleen
2021-08-30 20:59 ` Michael S. Tsirkin
2021-08-31 0:23 ` Andi Kleen
2021-09-10 9:54 ` Michael S. Tsirkin
2021-09-10 16:34 ` Andi Kleen
2021-09-11 23:54 ` Michael S. Tsirkin
2021-09-13 5:53 ` Michael S. Tsirkin
2021-09-24 22:43 ` Andi Kleen
2021-09-27 9:07 ` Michael S. Tsirkin
2021-08-24 21:56 ` Rajat Jain
2021-08-24 21:59 ` Dan Williams
2021-08-24 7:07 ` Christoph Hellwig
2021-08-24 17:04 ` Andi Kleen
2021-08-29 15:34 ` Michael S. Tsirkin
2021-08-29 16:43 ` Andi Kleen
2021-08-24 9:12 ` Michael S. Tsirkin
2021-08-05 0:52 ` [PATCH v4 12/15] pci: Mark MSI data shared Kuppuswamy Sathyanarayanan
2021-08-13 8:07 ` Christoph Hellwig
2021-08-05 0:52 ` [PATCH v4 13/15] virtio: Use shared mappings for virtio PCI devices Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 14/15] x86/tdx: Implement ioremap_shared for x86 Kuppuswamy Sathyanarayanan
2021-08-05 0:52 ` [PATCH v4 15/15] x86/tdx: Add cmdline option to force use of ioremap_shared Kuppuswamy Sathyanarayanan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210805005218.2912076-4-sathyanarayanan.kuppuswamy@linux.intel.com \
--to=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=ak@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=davem@davemloft.net \
--cc=deller@gmx.de \
--cc=hpa@zytor.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=knsathya@kernel.org \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@vger.kernel.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=peterz@infradead.org \
--cc=rth@twiddle.net \
--cc=seanjc@google.com \
--cc=sparclinux@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=tsbogend@alpha.franken.de \
--cc=virtualization@lists.linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).