From: "Kani, Toshimitsu" <toshi.kani@hpe.com> To: "kvm@vger.kernel.org" <kvm@vger.kernel.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "linux-mm@kvack.org" <linux-mm@kvack.org>, "kasan-dev@googlegroups.com" <kasan-dev@googlegroups.com>, "x86@kernel.org" <x86@kernel.org>, "iommu@lists.linux-foundation.org" <iommu@lists.linux-foundation.org>, "linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>, "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>, "linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>, "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org> Cc: "matt@codeblueprint.co.uk" <matt@codeblueprint.co.uk>, "corbet@lwn.net" <corbet@lwn.net>, "tglx@linutronix.de" <tglx@linutronix.de>, "konrad.wilk@oracle.com" <konrad.wilk@oracle.com>, "joro@8bytes.org" <joro@8bytes.org>, "dvyukov@google.com" <dvyukov@google.com>, "aryabinin@virtuozzo.com" <aryabinin@virtuozzo.com>, "riel@redhat.com" <riel@redhat.com>, "lwoodman@redhat.com" <lwoodman@redhat.com>, "mingo@redhat.com" <mingo@redhat.com>, "hpa@zytor.com" <hpa@zytor.com>, "luto@kernel.org" <luto@kernel.org>, "pbonzini@redhat.com" <pbonzini@redhat.com>, "bp@alien8.de" <bp@alien8.de>, "glider@google.com" <glider@google.com>, "rkrcmar@redhat.com" <rkrcmar@redhat.com>, "arnd@arndb.de" <arnd@arndb.de> Subject: Re: [RFC PATCH v3 10/20] Add support to access boot related data in the clear Date: Fri, 11 Nov 2016 16:17:36 +0000 [thread overview] Message-ID: <1478880929.20881.148.camel@hpe.com> (raw) In-Reply-To: <20161110003631.3280.73292.stgit@tlendack-t1.amdoffice.net> On Wed, 2016-11-09 at 18:36 -0600, Tom Lendacky wrote: > Boot data (such as EFI related data) is not encrypted when the system > is booted and needs to be accessed unencrypted. Add support to apply > the proper attributes to the EFI page tables and to the > early_memremap and memremap APIs to identify the type of data being > accessed so that the proper encryption attribute can be applied. : > +static bool memremap_apply_encryption(resource_size_t phys_addr, > + unsigned long size) > +{ > + /* SME is not active, just return true */ > + if (!sme_me_mask) > + return true; > + > + /* Check if the address is part of the setup data */ > + if (memremap_setup_data(phys_addr, size)) > + return false; > + > + /* Check if the address is part of EFI boot/runtime data */ > + switch (efi_mem_type(phys_addr)) { > + case EFI_BOOT_SERVICES_DATA: > + case EFI_RUNTIME_SERVICES_DATA: > + return false; > + } > + > + /* Check if the address is outside kernel usable area */ > + switch (e820_get_entry_type(phys_addr, phys_addr + size - > 1)) { > + case E820_RESERVED: > + case E820_ACPI: > + case E820_NVS: > + case E820_UNUSABLE: > + return false; > + } > + > + return true; > +} Are you supporting encryption for E820_PMEM ranges? If so, this encryption will persist across a reboot and does not need to be encrypted again, right? Also, how do you keep a same key across a reboot? Thanks, -Toshi
WARNING: multiple messages have this Message-ID (diff)
From: "Kani, Toshimitsu" <toshi.kani@hpe.com> To: "kvm@vger.kernel.org" <kvm@vger.kernel.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "linux-mm@kvack.org" <linux-mm@kvack.org>, "kasan-dev@googlegroups.com" <kasan-dev@googlegroups.com>, "x86@kernel.org" <x86@kernel.org>, "iommu@lists.linux-foundation.org" <iommu@lists.linux-foundation.org>, "linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>, "thomas.lendacky@amd.com" <thomas.lendacky@amd.com>, "linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>, "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org> Cc: "matt@codeblueprint.co.uk" <matt@codeblueprint.co.uk>, "corbet@lwn.net" <corbet@lwn.net>, "tglx@linutronix.de" <tglx@linutronix.de>, "konrad.wilk@oracle.com" <konrad.wilk@oracle.com>, "joro@8bytes.org" <joro@8bytes.org>, "dvyukov@google.com" <dvyukov@google.com>, "aryabinin@virtuozzo.com" <aryabinin@virtuozzo.com>, "riel@redhat.com" <riel@redhat.com>, "lwoodman@redhat.com" <lwoodman@redhat.com>, "mingo@redhat.com" <mingo@redhat.com>, "hpa@zytor.com" <hpa@zytor.com>, "luto@kernel.org" <luto@kernel.org>, "pbonzini@redhat.com" <pbonzini@redhat.com>, "bp@alien8.de" <bp@alien8.de>, "glider@google.com" <glider@google.com>, "rkrcmar@redhat.com" <rkrcmar@redhat.com>, "arnd@arndb.de" <arnd@arndb.de> Subject: Re: [RFC PATCH v3 10/20] Add support to access boot related data in the clear Date: Fri, 11 Nov 2016 16:17:36 +0000 [thread overview] Message-ID: <1478880929.20881.148.camel@hpe.com> (raw) In-Reply-To: <20161110003631.3280.73292.stgit@tlendack-t1.amdoffice.net> [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #1: Type: text/plain; charset="utf-8", Size: 1563 bytes --] On Wed, 2016-11-09 at 18:36 -0600, Tom Lendacky wrote: > Boot data (such as EFI related data) is not encrypted when the system > is booted and needs to be accessed unencrypted.  Add support to apply > the proper attributes to the EFI page tables and to the > early_memremap and memremap APIs to identify the type of data being > accessed so that the proper encryption attribute can be applied.  : > +static bool memremap_apply_encryption(resource_size_t phys_addr, > +       unsigned long size) > +{ > + /* SME is not active, just return true */ > + if (!sme_me_mask) > + return true; > + > + /* Check if the address is part of the setup data */ > + if (memremap_setup_data(phys_addr, size)) > + return false; > + > + /* Check if the address is part of EFI boot/runtime data */ > + switch (efi_mem_type(phys_addr)) { > + case EFI_BOOT_SERVICES_DATA: > + case EFI_RUNTIME_SERVICES_DATA: > + return false; > + } > + > + /* Check if the address is outside kernel usable area */ > + switch (e820_get_entry_type(phys_addr, phys_addr + size - > 1)) { > + case E820_RESERVED: > + case E820_ACPI: > + case E820_NVS: > + case E820_UNUSABLE: > + return false; > + } > + > + return true; > +} Are you supporting encryption for E820_PMEM ranges?  If so, this encryption will persist across a reboot and does not need to be encrypted again, right?  Also, how do you keep a same key across a reboot? Thanks, -ToshiN§²æìr¸zǧu©²Æ {\béì¹»\x1c®&Þ)îÆi¢Ø^nr¶Ý¢j$½§$¢¸\x05¢¹¨è§~'.)îÄÃ,yèm¶ÿÃ\f%{±j+ðèצj)Z·
next prev parent reply other threads:[~2016-11-11 16:17 UTC|newest] Thread overview: 244+ messages / expand[flat|nested] mbox.gz Atom feed top 2016-11-10 0:34 [RFC PATCH v3 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 10:51 ` Borislav Petkov 2016-11-10 10:51 ` Borislav Petkov 2016-11-14 17:15 ` Tom Lendacky 2016-11-14 17:15 ` Tom Lendacky 2016-11-14 17:15 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 13:14 ` Borislav Petkov 2016-11-10 13:14 ` Borislav Petkov 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-11 1:26 ` Kani, Toshimitsu 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-14 16:51 ` Tom Lendacky 2016-11-10 0:34 ` [RFC PATCH v3 03/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-10 0:34 ` Tom Lendacky 2016-11-11 11:53 ` Borislav Petkov 2016-11-11 11:53 ` Borislav Petkov 2016-11-10 0:35 ` [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:10 ` Joerg Roedel 2016-11-15 12:14 ` Borislav Petkov 2016-11-15 12:14 ` Borislav Petkov 2016-11-15 14:40 ` Tom Lendacky 2016-11-15 14:40 ` Tom Lendacky 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 15:33 ` Borislav Petkov 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:06 ` Tom Lendacky 2016-11-15 16:33 ` Borislav Petkov 2016-11-15 16:33 ` Borislav Petkov 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 17:08 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:22 ` Tom Lendacky 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 21:33 ` Borislav Petkov 2016-11-15 22:01 ` Tom Lendacky 2016-11-15 22:01 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-15 14:32 ` Tom Lendacky 2016-11-10 0:35 ` [RFC PATCH v3 05/20] x86: Add Secure Memory Encryption (SME) support Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` [RFC PATCH v3 06/20] x86: Add support to enable SME during early boot processing Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-14 17:29 ` Borislav Petkov 2016-11-14 17:29 ` Borislav Petkov 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 18:18 ` Tom Lendacky 2016-11-14 20:01 ` Borislav Petkov 2016-11-14 20:01 ` Borislav Petkov 2016-11-10 0:35 ` [RFC PATCH v3 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:35 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 08/20] x86: Add support for early encryption/decryption of memory Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-16 10:46 ` Borislav Petkov 2016-11-16 10:46 ` Borislav Petkov 2016-11-16 19:22 ` Tom Lendacky 2016-11-16 19:22 ` Tom Lendacky 2016-11-16 19:22 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 09/20] x86: Insure that boot memory areas are mapped properly Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-17 12:20 ` Borislav Petkov 2016-11-17 12:20 ` Borislav Petkov 2016-11-19 18:12 ` Tom Lendacky 2016-11-19 18:12 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 10/20] Add support to access boot related data in the clear Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-11 16:17 ` Kani, Toshimitsu [this message] 2016-11-11 16:17 ` Kani, Toshimitsu 2016-11-14 16:24 ` Tom Lendacky 2016-11-14 16:24 ` Tom Lendacky 2016-11-14 16:24 ` Tom Lendacky 2016-11-17 15:55 ` Borislav Petkov 2016-11-17 15:55 ` Borislav Petkov 2016-11-19 18:33 ` Tom Lendacky 2016-11-19 18:33 ` Tom Lendacky 2016-11-19 18:33 ` Tom Lendacky 2016-11-20 23:04 ` Borislav Petkov 2016-11-20 23:04 ` Borislav Petkov 2016-12-07 13:19 ` Matt Fleming 2016-12-07 13:19 ` Matt Fleming 2016-12-07 13:19 ` Matt Fleming 2016-12-09 14:26 ` Tom Lendacky 2016-12-09 14:26 ` Tom Lendacky 2016-12-09 14:26 ` Tom Lendacky 2016-11-10 0:36 ` [RFC PATCH v3 11/20] x86: Add support for changing memory encryption attribute Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-10 0:36 ` Tom Lendacky 2016-11-17 17:39 ` Borislav Petkov 2016-11-17 17:39 ` Borislav Petkov 2016-11-19 18:48 ` Tom Lendacky 2016-11-19 18:48 ` Tom Lendacky 2016-11-21 8:27 ` Borislav Petkov 2016-11-21 8:27 ` Borislav Petkov 2016-11-10 0:37 ` [RFC PATCH v3 12/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-17 18:09 ` Borislav Petkov 2016-11-17 18:09 ` Borislav Petkov 2016-11-19 18:50 ` Tom Lendacky 2016-11-19 18:50 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 13/20] x86: DMA support for memory encryption Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 14:39 ` Radim Krčmář 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 17:02 ` Tom Lendacky 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 18:17 ` Radim Krčmář 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 20:33 ` Tom Lendacky 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 15:16 ` Michael S. Tsirkin 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 18:29 ` Tom Lendacky 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-15 19:16 ` Michael S. Tsirkin 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 11:38 ` Borislav Petkov 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:22 ` Michael S. Tsirkin 2016-11-22 15:41 ` Borislav Petkov 2016-11-22 15:41 ` Borislav Petkov 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-22 20:41 ` Michael S. Tsirkin 2016-11-10 0:37 ` [RFC PATCH v3 14/20] iommu/amd: Disable AMD IOMMU if memory encryption is active Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:32 ` Joerg Roedel 2016-11-14 16:48 ` Tom Lendacky 2016-11-14 16:48 ` Tom Lendacky 2016-11-14 16:48 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 15/20] x86: Check for memory encryption on the APs Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-22 19:25 ` Borislav Petkov 2016-11-22 19:25 ` Borislav Petkov 2016-11-29 18:00 ` Tom Lendacky 2016-11-29 18:00 ` Tom Lendacky 2016-11-29 18:00 ` Tom Lendacky 2016-11-10 0:37 ` [RFC PATCH v3 16/20] x86: Do not specify encrypted memory for video mappings Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:37 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 17/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 18/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 19/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-24 12:50 ` Borislav Petkov 2016-11-24 12:50 ` Borislav Petkov 2016-11-24 12:50 ` Borislav Petkov 2016-11-29 18:40 ` Tom Lendacky 2016-11-29 18:40 ` Tom Lendacky 2016-11-10 0:38 ` [RFC PATCH v3 20/20] " Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-10 0:38 ` Tom Lendacky 2016-11-22 18:58 ` Borislav Petkov 2016-11-22 18:58 ` Borislav Petkov 2016-11-22 18:58 ` Borislav Petkov 2016-11-26 20:47 ` Borislav Petkov 2016-11-26 20:47 ` Borislav Petkov 2016-11-29 18:48 ` Tom Lendacky 2016-11-29 18:48 ` Tom Lendacky 2016-11-29 19:56 ` Borislav Petkov 2016-11-29 19:56 ` Borislav Petkov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1478880929.20881.148.camel@hpe.com \ --to=toshi.kani@hpe.com \ --cc=arnd@arndb.de \ --cc=aryabinin@virtuozzo.com \ --cc=bp@alien8.de \ --cc=corbet@lwn.net \ --cc=dvyukov@google.com \ --cc=glider@google.com \ --cc=hpa@zytor.com \ --cc=iommu@lists.linux-foundation.org \ --cc=joro@8bytes.org \ --cc=kasan-dev@googlegroups.com \ --cc=konrad.wilk@oracle.com \ --cc=kvm@vger.kernel.org \ --cc=linux-arch@vger.kernel.org \ --cc=linux-doc@vger.kernel.org \ --cc=linux-efi@vger.kernel.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=luto@kernel.org \ --cc=lwoodman@redhat.com \ --cc=matt@codeblueprint.co.uk \ --cc=mingo@redhat.com \ --cc=pbonzini@redhat.com \ --cc=riel@redhat.com \ --cc=rkrcmar@redhat.com \ --cc=tglx@linutronix.de \ --cc=thomas.lendacky@amd.com \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.