From: Borislav Petkov <bp@alien8.de>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Joerg Roedel" <joro@8bytes.org>,
linux-arch@vger.kernel.org, linux-efi@vger.kernel.org,
kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
linux-mm@kvack.org, iommu@lists.linux-foundation.org,
"Rik van Riel" <riel@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Jonathan Corbet" <corbet@lwn.net>,
"Matt Fleming" <matt@codeblueprint.co.uk>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Larry Woodman" <lwoodman@redhat.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Andy Lutomirski" <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"Alexander Potapenko" <glider@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Dmitry Vyukov" <dvyukov@google.com>
Subject: Re: [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME
Date: Tue, 15 Nov 2016 17:33:50 +0100 [thread overview]
Message-ID: <20161115163350.jal7sd6ghbmk5sqc@pd.tnic> (raw)
In-Reply-To: <bb47e943-f5b6-0d73-cf9a-fea002a5c70e@amd.com>
On Tue, Nov 15, 2016 at 10:06:16AM -0600, Tom Lendacky wrote:
> Yes, but that doesn't relate to the physical address space reduction.
>
> Once the SYS_CFG MSR bit for SME is set, even if the encryption bit is
> never used, there is a physical reduction of the address space. So when
> checking whether to adjust the physical address bits I can't rely on the
> sme_me_mask, I have to look at the MSR.
>
> But when I'm looking to decide whether to encrypt or decrypt something,
> I use the sme_me_mask to decide if that is needed. If the sme_me_mask
> is not set then the encrypt/decrypt op shouldn't be performed.
>
> I might not be grasping the point you're trying to make...
Ok, let me try to summarize how I see it. There are a couple of states:
* CPUID bit in 0x8000001f - that's SME supported
* Reduction of address space - MSR bit. That could be called "SME
BIOS-eenabled".
* SME active. That's both of the above and is sme_me_mask != 0.
Right?
So you said previously "The feature may be present and enabled even if
it is not currently active."
But then you say "active" below
> > And in patch 12 you have:
> >
> > + /*
> > + * If memory encryption is active, the trampoline area will need to
> > + * be in un-encrypted memory in order to bring up other processors
> > + * successfully.
> > + */
> > + sme_early_mem_dec(__pa(base), size);
> > + sme_set_mem_unenc(base, size);
and test sme_me_mask. Which makes sense now after having explained which
hw setting controls what.
So can we agree on the nomenclature for all the different SME states
first and use those throughout the code? And hold those states down in
Documentation/x86/amd-memory-encryption.txt so that it is perfectly
clear to people looking at the code.
Also, if we need to check those states more than once, we should add
inline helpers:
sme_supported()
sme_bios_enabled()
sme_active()
How does that sound?
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp@alien8.de>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Joerg Roedel" <joro@8bytes.org>,
linux-arch@vger.kernel.org, linux-efi@vger.kernel.org,
kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
linux-mm@kvack.org, iommu@lists.linux-foundation.org,
"Rik van Riel" <riel@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Jonathan Corbet" <corbet@lwn.net>,
"Matt Fleming" <matt@codeblueprint.co.uk>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Larry Woodman" <lwoodman@redhat.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Andy Lutomirski" <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"Alexander Potapenko" <glider@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Dmitry Vyukov" <dvyukov@google.com>
Subject: Re: [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME
Date: Tue, 15 Nov 2016 17:33:50 +0100 [thread overview]
Message-ID: <20161115163350.jal7sd6ghbmk5sqc@pd.tnic> (raw)
In-Reply-To: <bb47e943-f5b6-0d73-cf9a-fea002a5c70e@amd.com>
On Tue, Nov 15, 2016 at 10:06:16AM -0600, Tom Lendacky wrote:
> Yes, but that doesn't relate to the physical address space reduction.
>
> Once the SYS_CFG MSR bit for SME is set, even if the encryption bit is
> never used, there is a physical reduction of the address space. So when
> checking whether to adjust the physical address bits I can't rely on the
> sme_me_mask, I have to look at the MSR.
>
> But when I'm looking to decide whether to encrypt or decrypt something,
> I use the sme_me_mask to decide if that is needed. If the sme_me_mask
> is not set then the encrypt/decrypt op shouldn't be performed.
>
> I might not be grasping the point you're trying to make...
Ok, let me try to summarize how I see it. There are a couple of states:
* CPUID bit in 0x8000001f - that's SME supported
* Reduction of address space - MSR bit. That could be called "SME
BIOS-eenabled".
* SME active. That's both of the above and is sme_me_mask != 0.
Right?
So you said previously "The feature may be present and enabled even if
it is not currently active."
But then you say "active" below
> > And in patch 12 you have:
> >
> > + /*
> > + * If memory encryption is active, the trampoline area will need to
> > + * be in un-encrypted memory in order to bring up other processors
> > + * successfully.
> > + */
> > + sme_early_mem_dec(__pa(base), size);
> > + sme_set_mem_unenc(base, size);
and test sme_me_mask. Which makes sense now after having explained which
hw setting controls what.
So can we agree on the nomenclature for all the different SME states
first and use those throughout the code? And hold those states down in
Documentation/x86/amd-memory-encryption.txt so that it is perfectly
clear to people looking at the code.
Also, if we need to check those states more than once, we should add
inline helpers:
sme_supported()
sme_bios_enabled()
sme_active()
How does that sound?
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-11-15 16:33 UTC|newest]
Thread overview: 244+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-10 0:34 [RFC PATCH v3 00/20] x86: Secure Memory Encryption (AMD) Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` [RFC PATCH v3 01/20] x86: Documentation for AMD Secure Memory Encryption (SME) Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 10:51 ` Borislav Petkov
2016-11-10 10:51 ` Borislav Petkov
2016-11-14 17:15 ` Tom Lendacky
2016-11-14 17:15 ` Tom Lendacky
2016-11-14 17:15 ` Tom Lendacky
2016-11-10 0:34 ` [RFC PATCH v3 02/20] x86: Set the write-protect cache mode for full PAT support Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 13:14 ` Borislav Petkov
2016-11-10 13:14 ` Borislav Petkov
2016-11-11 1:26 ` Kani, Toshimitsu
2016-11-11 1:26 ` Kani, Toshimitsu
2016-11-11 1:26 ` Kani, Toshimitsu
2016-11-14 16:51 ` Tom Lendacky
2016-11-14 16:51 ` Tom Lendacky
2016-11-14 16:51 ` Tom Lendacky
2016-11-14 16:51 ` Tom Lendacky
2016-11-10 0:34 ` [RFC PATCH v3 03/20] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-10 0:34 ` Tom Lendacky
2016-11-11 11:53 ` Borislav Petkov
2016-11-11 11:53 ` Borislav Petkov
2016-11-10 0:35 ` [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-15 12:10 ` Joerg Roedel
2016-11-15 12:10 ` Joerg Roedel
2016-11-15 12:10 ` Joerg Roedel
2016-11-15 12:14 ` Borislav Petkov
2016-11-15 12:14 ` Borislav Petkov
2016-11-15 14:40 ` Tom Lendacky
2016-11-15 14:40 ` Tom Lendacky
2016-11-15 15:33 ` Borislav Petkov
2016-11-15 15:33 ` Borislav Petkov
2016-11-15 15:33 ` Borislav Petkov
2016-11-15 16:06 ` Tom Lendacky
2016-11-15 16:06 ` Tom Lendacky
2016-11-15 16:06 ` Tom Lendacky
2016-11-15 16:33 ` Borislav Petkov [this message]
2016-11-15 16:33 ` Borislav Petkov
2016-11-15 17:08 ` Tom Lendacky
2016-11-15 17:08 ` Tom Lendacky
2016-11-15 17:08 ` Tom Lendacky
2016-11-15 21:22 ` Tom Lendacky
2016-11-15 21:22 ` Tom Lendacky
2016-11-15 21:22 ` Tom Lendacky
2016-11-15 21:33 ` Borislav Petkov
2016-11-15 21:33 ` Borislav Petkov
2016-11-15 21:33 ` Borislav Petkov
2016-11-15 22:01 ` Tom Lendacky
2016-11-15 22:01 ` Tom Lendacky
2016-11-15 14:32 ` Tom Lendacky
2016-11-15 14:32 ` Tom Lendacky
2016-11-15 14:32 ` Tom Lendacky
2016-11-10 0:35 ` [RFC PATCH v3 05/20] x86: Add Secure Memory Encryption (SME) support Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` [RFC PATCH v3 06/20] x86: Add support to enable SME during early boot processing Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-14 17:29 ` Borislav Petkov
2016-11-14 17:29 ` Borislav Petkov
2016-11-14 18:18 ` Tom Lendacky
2016-11-14 18:18 ` Tom Lendacky
2016-11-14 18:18 ` Tom Lendacky
2016-11-14 20:01 ` Borislav Petkov
2016-11-14 20:01 ` Borislav Petkov
2016-11-10 0:35 ` [RFC PATCH v3 07/20] x86: Provide general kernel support for memory encryption Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:35 ` Tom Lendacky
2016-11-10 0:36 ` [RFC PATCH v3 08/20] x86: Add support for early encryption/decryption of memory Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-16 10:46 ` Borislav Petkov
2016-11-16 10:46 ` Borislav Petkov
2016-11-16 19:22 ` Tom Lendacky
2016-11-16 19:22 ` Tom Lendacky
2016-11-16 19:22 ` Tom Lendacky
2016-11-10 0:36 ` [RFC PATCH v3 09/20] x86: Insure that boot memory areas are mapped properly Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-17 12:20 ` Borislav Petkov
2016-11-17 12:20 ` Borislav Petkov
2016-11-19 18:12 ` Tom Lendacky
2016-11-19 18:12 ` Tom Lendacky
2016-11-10 0:36 ` [RFC PATCH v3 10/20] Add support to access boot related data in the clear Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-11 16:17 ` Kani, Toshimitsu
2016-11-11 16:17 ` Kani, Toshimitsu
2016-11-14 16:24 ` Tom Lendacky
2016-11-14 16:24 ` Tom Lendacky
2016-11-14 16:24 ` Tom Lendacky
2016-11-17 15:55 ` Borislav Petkov
2016-11-17 15:55 ` Borislav Petkov
2016-11-19 18:33 ` Tom Lendacky
2016-11-19 18:33 ` Tom Lendacky
2016-11-19 18:33 ` Tom Lendacky
2016-11-20 23:04 ` Borislav Petkov
2016-11-20 23:04 ` Borislav Petkov
2016-12-07 13:19 ` Matt Fleming
2016-12-07 13:19 ` Matt Fleming
2016-12-07 13:19 ` Matt Fleming
2016-12-09 14:26 ` Tom Lendacky
2016-12-09 14:26 ` Tom Lendacky
2016-12-09 14:26 ` Tom Lendacky
2016-11-10 0:36 ` [RFC PATCH v3 11/20] x86: Add support for changing memory encryption attribute Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-10 0:36 ` Tom Lendacky
2016-11-17 17:39 ` Borislav Petkov
2016-11-17 17:39 ` Borislav Petkov
2016-11-19 18:48 ` Tom Lendacky
2016-11-19 18:48 ` Tom Lendacky
2016-11-21 8:27 ` Borislav Petkov
2016-11-21 8:27 ` Borislav Petkov
2016-11-10 0:37 ` [RFC PATCH v3 12/20] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-17 18:09 ` Borislav Petkov
2016-11-17 18:09 ` Borislav Petkov
2016-11-19 18:50 ` Tom Lendacky
2016-11-19 18:50 ` Tom Lendacky
2016-11-10 0:37 ` [RFC PATCH v3 13/20] x86: DMA support for memory encryption Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-15 14:39 ` Radim Krčmář
2016-11-15 14:39 ` Radim Krčmář
2016-11-15 14:39 ` Radim Krčmář
2016-11-15 17:02 ` Tom Lendacky
2016-11-15 17:02 ` Tom Lendacky
2016-11-15 17:02 ` Tom Lendacky
2016-11-15 17:02 ` Tom Lendacky
2016-11-15 18:17 ` Radim Krčmář
2016-11-15 18:17 ` Radim Krčmář
2016-11-15 18:17 ` Radim Krčmář
2016-11-15 18:17 ` Radim Krčmář
2016-11-15 20:33 ` Tom Lendacky
2016-11-15 20:33 ` Tom Lendacky
2016-11-15 20:33 ` Tom Lendacky
2016-11-15 20:33 ` Tom Lendacky
2016-11-15 15:16 ` Michael S. Tsirkin
2016-11-15 15:16 ` Michael S. Tsirkin
2016-11-15 15:16 ` Michael S. Tsirkin
2016-11-15 18:29 ` Tom Lendacky
2016-11-15 18:29 ` Tom Lendacky
2016-11-15 18:29 ` Tom Lendacky
2016-11-15 19:16 ` Michael S. Tsirkin
2016-11-15 19:16 ` Michael S. Tsirkin
2016-11-15 19:16 ` Michael S. Tsirkin
2016-11-22 11:38 ` Borislav Petkov
2016-11-22 11:38 ` Borislav Petkov
2016-11-22 11:38 ` Borislav Petkov
2016-11-22 15:22 ` Michael S. Tsirkin
2016-11-22 15:22 ` Michael S. Tsirkin
2016-11-22 15:22 ` Michael S. Tsirkin
2016-11-22 15:41 ` Borislav Petkov
2016-11-22 15:41 ` Borislav Petkov
2016-11-22 20:41 ` Michael S. Tsirkin
2016-11-22 20:41 ` Michael S. Tsirkin
2016-11-22 20:41 ` Michael S. Tsirkin
2016-11-10 0:37 ` [RFC PATCH v3 14/20] iommu/amd: Disable AMD IOMMU if memory encryption is active Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-14 16:32 ` Joerg Roedel
2016-11-14 16:32 ` Joerg Roedel
2016-11-14 16:32 ` Joerg Roedel
2016-11-14 16:48 ` Tom Lendacky
2016-11-14 16:48 ` Tom Lendacky
2016-11-14 16:48 ` Tom Lendacky
2016-11-10 0:37 ` [RFC PATCH v3 15/20] x86: Check for memory encryption on the APs Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-22 19:25 ` Borislav Petkov
2016-11-22 19:25 ` Borislav Petkov
2016-11-29 18:00 ` Tom Lendacky
2016-11-29 18:00 ` Tom Lendacky
2016-11-29 18:00 ` Tom Lendacky
2016-11-10 0:37 ` [RFC PATCH v3 16/20] x86: Do not specify encrypted memory for video mappings Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:37 ` Tom Lendacky
2016-11-10 0:38 ` [RFC PATCH v3 17/20] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` [RFC PATCH v3 18/20] x86: Access the setup data through debugfs un-encrypted Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` [RFC PATCH v3 19/20] x86: Add support to make use of Secure Memory Encryption Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-24 12:50 ` Borislav Petkov
2016-11-24 12:50 ` Borislav Petkov
2016-11-24 12:50 ` Borislav Petkov
2016-11-29 18:40 ` Tom Lendacky
2016-11-29 18:40 ` Tom Lendacky
2016-11-10 0:38 ` [RFC PATCH v3 20/20] " Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-10 0:38 ` Tom Lendacky
2016-11-22 18:58 ` Borislav Petkov
2016-11-22 18:58 ` Borislav Petkov
2016-11-22 18:58 ` Borislav Petkov
2016-11-26 20:47 ` Borislav Petkov
2016-11-26 20:47 ` Borislav Petkov
2016-11-29 18:48 ` Tom Lendacky
2016-11-29 18:48 ` Tom Lendacky
2016-11-29 19:56 ` Borislav Petkov
2016-11-29 19:56 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161115163350.jal7sd6ghbmk5sqc@pd.tnic \
--to=bp@alien8.de \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=kasan-dev@googlegroups.com \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=lwoodman@redhat.com \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=riel@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.