From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932558AbdBPPng (ORCPT ); Thu, 16 Feb 2017 10:43:36 -0500 Received: from mail-by2nam03on0080.outbound.protection.outlook.com ([104.47.42.80]:39712 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932277AbdBPPn3 (ORCPT ); Thu, 16 Feb 2017 10:43:29 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; From: Tom Lendacky Subject: [RFC PATCH v4 06/28] x86: Add support to enable SME during early boot processing To: , , , , , , , , CC: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov Date: Thu, 16 Feb 2017 09:43:19 -0600 Message-ID: <20170216154319.19244.7863.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CY4PR13CA0007.namprd13.prod.outlook.com (10.168.161.145) To DM5PR12MB1146.namprd12.prod.outlook.com (10.168.236.141) X-MS-Office365-Filtering-Correlation-Id: 8e65b6e7-3c97-45f4-3670-08d456828acf X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081);SRVR:DM5PR12MB1146; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1146;3:gy+pGQhZKLGT4SBOM9W9FgVbz+RXFVBTS1r4g4TpRdKfk4i2vQPsYXP1XrcvFE6TB/B/SUleJp2q0FvRuyf+HkUnfO/6AdRemKVyu6Af6e/kH4QbYJgEu5iABQQ66omcOJAOo3kUIH4hKaKOs4FgDHZCnJSImb6jUhe8iHle8+hmdAgS99U9D4HByzxz2/2wOqbB9aNX0y80f2BAEfJcjjzUaFGqfNehT5azGs5+Q77s/7u5rSJA28qVS11zml7g5pRjrqo5L2i8DNGPkA6LpwtgE3C49V4uJMJCrDlJ/kU=;25:KEHWjlmoDbhKbQ+tI3auV8bzy/jyXOebBoBtAQk4ovic4/IhWWKOQaJ6DY2H4uNXgRQ1vChvmSjhUv68Xc7jsoquwoDcmkbz0myTnlf73SaaYYCgRuhgQJsk9pGU9Bg1nOWrTDDeEQyNHnnRUr4zXeatFNfbOvXxVALDjXMzWA+97mwE0YMrwYiGNb6VRzInQVZUDNIl5JTX1Ak5t/3Zz2Q4VnWFdjD0rW45HkphqGtwg2qAi6jXviP/b01hoiOH+P3wS1rLPrhh/VUx75D3uP5ArO9OQh7knT/ivb9lJzaMPMDAGLRt5uCTzxSwngaxZjaGMuaWtuHjQi/SY1kVWevGpk838g4lGSZz3PaWMAf/ouDEzM343ZjazML1EirGMi1Zh6et6r5IXK4/h5ZY+4lmAC3KAx6rjdTrYnZWshleIkRIEi5ODkGQTp0ejZbi0+0Q1GFC07w1/uZ0pJ8d+Q== X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1146;31:FqBaWdB9K804DxKIckA4x7vekMPLaKXJv3K3wCVti6VStvK+lVEUjLDA8T4yERxcEJKpQYLuqiE/CjXvvDJIChDXE3ziqU5Eb7DEXxizUmoCGVp1rr6UdaAF+Cy/xXqjzvnsR76+uT4GSSjX/d2IcrZMXLbiaHydUB3MLKsVJMRXur29v+GWIsQgnqZrNB1OjZPjWHDtlEiqm90SLVNEmV5sKP3Z1tcvKBjfO7Mx+b0=;20:+4JZMKX6e1ZWaE5lTkH18TMefsqXx/JnCCLDPclcOVErtza7k7dMKCwqQdp0fJd1vjoLr6wU512G8JGDZhEjHo58WYbTheYHVJxKGYW1BHx2ct95WowBxBMC62u+JDvrolpX/McRjJ6pSanJWIm7KTKqEBQV+t06RQMTzTzywjjDPzM3vlm1kFLScuOUUnRYf/yjWoIJGufeRfBP/Pye1xNmY/nD6wElq5jX6UMpzZFVo4V6FASOavsqoUqpMaRqc8qXnAFm1zG5TccOohjCAh8py4FTUMrObGFnYJUsZwJtduMalxw8nxIj4TNCgNMooyrJX6ypcEAmvSkAWjPuVTS/y6cL+tv2e6JJCE1zxw9lcOl5UGHHe8n+4ysUwNthrUbYr5BUYOPXkVOOHIcYeOM009m3wlluu/3EIuK6mCOL2HxFIO2y4uMiGduh5VBbJMhEwSjTeXbZl1e5O5pHUHtZ3U4HIOA0JsTe1cjlLmbClzixFDZ37Q3QVnM8Pgdf X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123558025)(20161123562025)(20161123560025)(20161123555025)(20161123564025)(6072148);SRVR:DM5PR12MB1146;BCL:0;PCL:0;RULEID:;SRVR:DM5PR12MB1146; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1146;4:P6cQj3YYHLBuqcg0EOlU0WgLJ1ij+Ok33/ODLShR4L8CBKnjj24uxneul7GTlD2kRRs575sv485/AeKzSq606hBU6uoilG9rwgQzGhKrrWZcL63wRCDp6mo/TbNnUIvYizmwp7AyDJVTNEBWefH21f5I0ERO9qVJJkG60unGCCx4WOSuQztBtzxcFoYBlyhh7KYLAC9Z2x94afL47o73ILSNSqvjUWBnHNo9+4S9eJOsOdSsHKKSjxgsG2WBN9fJWLjf0aDJqPfqaubObZrtaZoVRQTZwBj6o4hZ7IL+bgP/4WGRJOACMm6jUCyz8rFBtGdLGkAco4snY9ombchOJXjqRDEOzWB9yGIEo840oMnp8lW21DTMVTDeUy7gHSxMly+QagI805QvMsj0/olAreJEs9lgsii33lNnEniUg7SVFNBikMW6tYRebVRH5A486cmlZxCgr+IXm2HYXNTGeYFOv+OOAGCExO2wxWqF7TP1ARtuGp0PFAV0Ko3QEYCTIZVeTrnYuDZCm8StA+IKI5xZYGXlmI5U6z0KRu4Lrbf8NYVNS6Jh+dY/8VQOMBXCBSdcQPVjSGJaMIptXiV5jM/S2EuJ3cahhwwZLXZI06L1Qu2y4m2i8RSv/75pIbCDuvAPmFfIDbNZfzLxvPIqROJrsNgkJ4r1nRn29vz61zc= X-Forefront-PRVS: 0220D4B98D X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(7916002)(39860400002)(39450400003)(39840400002)(39410400002)(39850400002)(199003)(189002)(2906002)(76176999)(101416001)(50986999)(47776003)(54356999)(6116002)(1076002)(3846002)(6666003)(33646002)(4326007)(2950100002)(389900003)(55016002)(9686003)(54906002)(92566002)(53936002)(5660300001)(25786008)(6506006)(68736007)(305945005)(230700001)(7736002)(81156014)(2201001)(4001350100001)(83506001)(106356001)(66066001)(97736004)(38730400002)(105586002)(189998001)(81166006)(8676002)(42186005)(7416002)(103116003)(86362001)(50466002)(97746001)(69596002)(53416004)(23676002)(71626007)(2004002)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1146;H:tlendack-t1.amdoffice.net;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ2OzIzOjJKa3RtdVRyTXNIMks3SUpjc3U3YXpnVFFK?= =?utf-8?B?akVhN0tpM25uSjdEQ1B4N2ZqMDNYUDNHbTZEaStxazVRY1V6NllnTHdtSW1D?= =?utf-8?B?d0hNVWMwOGxscXl5WEJkSmcvalpQTjZxT25VcWdJUkJORU1RSlhsSVRPUXB3?= =?utf-8?B?cXJZcjJpZEFaZllOV0p5dzc0ejVmREt4b2xzaXdIZG9nME9sanVQNEh1VGdN?= =?utf-8?B?YjFhYmhPUFl6cGU3azI3U2syYzB4bEFScEVPZ1ZUNW9TY1dCTnNIaG5Pbmpx?= =?utf-8?B?MTRBS3NIaUd1UjN5RzhRU3VGNnNhTHliY1REM2xXQzE1eEY1Vk4yR1JJOUZI?= =?utf-8?B?b2lvaEYvK1dPN1FNUVlyVnZiSVFGNnBEWDNkQWh6RnZreXVvWXRtWnBKY2NE?= =?utf-8?B?QnRrTmJhd1ZQSDYrTCtvZy94cHUxUkxZdUNBRGtrbTMxRzJmMmkyd1Y1dWpr?= =?utf-8?B?TG5IbmNFWWZ3TGs3Nmx2bkpCSXJSMHQvcnBDRm9WTjlrV2phbldmZGZ4SDd3?= =?utf-8?B?SXVhR2lRdGxoSUEzMStsZm1KVjExWDExTnpqWjAyeUZSaFNxY2duM2VZOGJv?= =?utf-8?B?ek1Ba3hkSUJoTjhUcTBTTUsvQTlvV3pmb3hYaTQvK1QxdHRnbkJvcDNzdWFm?= =?utf-8?B?T2w4dXFCMHpLVElVZFJvZEpBVThJYTIzOWE1RWVGNnFtYXF6MVErM0ZZM0dh?= =?utf-8?B?MEFCVFdBSzVtS0UrZWI0QVFqZkRrLzhvS0t1SWJnMDNCSys2SXdDSWx1M2dP?= =?utf-8?B?SGJUbzlKdkZTNXp5ZWNKNzJzM0M2UWdpZ2p4bnhqaDM3LzB2ZmFyVnpsdExq?= =?utf-8?B?bldGRS9zUnJSOHZLZGZlZlM0cERnd0hDd01NQ0pjRDl0aERNUVZUbG8yUmpV?= =?utf-8?B?Q2Fyak1XVVg1dkdBaEF2NnpaWTZVdmpjOXVsSGU4OEZRYm5lMFM4Nnlpc2RP?= =?utf-8?B?amVTcmp1UHVwS0dndTY0bldRSi9aZDhnekc4QmNNNmRVeUN0elVxTG5TYjd1?= =?utf-8?B?Y2tJRHdwdFQ2a3ljV1F6Y3NqZVFIUjJpNy9HRGRFK3kzU0thZFhDTG91UHEw?= =?utf-8?B?dVpWNHF0NHVxUTZPVW5nRSsvYzB1QS9pd2RJV0ppUkhVOEgzTjI5Z3VOQnZ1?= =?utf-8?B?cExMQm5sYXpJb1Mwc2lOLzJDbFN3T1NNWTlUQmwxUlMvQlU0cnhvZUhpSS8x?= =?utf-8?B?U1llRFlwOWEwRDFRa2pFSkREYWo5OWVJTFBMNWlsTTUrdFU5WndLUE1RTE1D?= =?utf-8?B?Rko5SFM5Q0NuQVpaR1dFUmhBdEN6bGhtc0xySnc5RUMvbGpPaFZoRWZsK0pN?= =?utf-8?B?aU5VMEo4YWIzSkw1ekZDcEViNndMdGpXMGlRcnZZWTdnazB0Yzloa2crTXVW?= =?utf-8?B?VjVON3FodXdoaHBiMGU2VmkvUWdSNFIxMmdQSWg5QmdCY2R4Yy94dDlWVkt0?= =?utf-8?B?WUo3SnZKemd5QU5Od3VwTFJPOUpwaE9zdG03cFRzME9CVFlhVkNyTTFiVHA4?= =?utf-8?B?bit2Ly9RY2NJTXlUVk1JYmpXdHpEUENCMEVSUHI0NHA0S1pNNHoybTlYYWEx?= =?utf-8?B?VUFZYWdYMHVaNXgvcVIxa2tPRko0eHNNU3RwT1N0VllnN3U1cmFWOVREdFI5?= =?utf-8?B?Zm5LWElTR2psSVNhMU1QbU5PNDA0OXJINE9SaWQ3V0ZnZHZKTHd5cFgxcDhN?= =?utf-8?B?cldYd3YzMGF4dmlXN1RNQ3BKWGFtNmNEYllXNXUvVEg2NjBoNjBpYWczZHhD?= =?utf-8?B?NENzMWpESDRFSEdkWXZYYmRQSFZHUytqeVZseG9uRDhtS01lNGxodHFiQkl5?= =?utf-8?B?ZDFIMnVoRFVUQ2tkS0NxTS9NSStwbC9LSmYzd21oUEZ6cUNwQTIwbjVvditM?= =?utf-8?B?b1B5U0J3Y0xYRzJKcXoyN0VrWkJmWDk4bmR6bW9SODk3S252LytEMGFjd0pr?= =?utf-8?Q?3EI1D1gTTphi6+cDBuiD1vDPWHgg+E=3D?= X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1146;6:f1HisCh+kzFBKeWb0SpxQqCllhry5FjwpCrko7cxzkpYBJhbGJ6zSyigIErzDYkJFct9tvezzjf9Ru0tJRh+6Ewjez4LEQvNi15Y1bXt1ketu0vvj1KUzBWDfk5R9iZ5ZwLkl82AMu4wic4XfPvTIfUmv9aZwoSHs+YQ92MIEpMjs+jq/jA1WfwCNsR5bZ69FX3LHaXDceda2TgfKWrcdsimcCfYpotRyn/K9SpOIYT+B7XQsNPvf0IZB1wYvlheIAfvf5SCqg2T8a45u+Qjgopm+oTUE2WxcpKrFLui4O9zDLJxMjPSRk0Zm1EjBNBFQ3Kekn5X+Eh+v67mgTfdAvqaTYKL1Ilrhfkuj9nhkVTrJv5uvkUZhLHYWbIjupkHitTegMCsKwjRgAuV8ou5tFkHvjrc+BgiiEkItyTRzp0=;5:9OyHiDY0zb6XHFRbqRHPnlPTlCruetBApzAIEE20VsFLHdQqrlkb9cRHOv/r46y+xxpEqLcETXOdt5hSwr2uZmasGWN9QVp7LDgd/+CUGt3Mi6PkPlSTuRWFKRi1FZrLF5l6joevv7Eo5F0TJY/O5A==;24:lT/Crs6e3rGcL7MvPzqwx5hMt/R23oyuxbw2BfllVfMRNQV66vyf2ONp/K4nJuog93kyDuqa8L/d5iZl+/RP41qjtFGxiOhYk5JDmnYR3B8= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1146;7:MWDoqBv+WNn5PuHJ9OdWktA1tdTvnB51Pw2HUPYhuPCTimZ+zPG/hycET8aJuypArqHdAWR4C8FqKOS+elAi2tclBXmrQ2CrjtoGgj/usKElbf7OH7Zc7o+v1RfaB3hleliMRCd6mzknIpp4X7gd/oMj6KIhG2OXdT3np3MGpK0n1IOJ7mADOsTiS8Uv6EzpyZq/9d2LP1LbyyjUo2DCHM2mrRUMIi/io9VLn/+OnfoaCirpe8mFry1/VHJLywLFFAtuV5lwPOyHvEkLy1iG5dCkyj0kwxCbj9piMHdhHXTrTTz0hw3tOufONUCX9IAmVm0aEeIm5DcSR4F4XfsoBw==;20:cYh1UK0dxTpX+Poz9y7+795IwH5LpVpIhGINdrWf0T8FV5WDZsR5C6RBDQvnNDpB+v9Jeu5G7bDYd29K1i0FVfAI0Ct6eVwRmIhtyvHjK4LKwiKgj9PPJZy3YEJuRXCv6OFAuGp8oWWeiMnbCxNiEL5b5y+FJIRKMF4jD+csEdmGsmHP33d5WpAO666Vqh1Vl4kc0p1acqo5l2/tzOTYCSdIhy+4nFqWobZEOuechnQYkZqhhMX/bPxzBD+lrl4a X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Feb 2017 15:43:22.6063 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1146 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch adds support to the early boot code to use Secure Memory Encryption (SME). Support is added to update the early pagetables with the memory encryption mask and to encrypt the kernel in place. The routines to set the encryption mask and perform the encryption are stub routines for now with full function to be added in a later patch. A new file, arch/x86/kernel/mem_encrypt_init.c, is introduced to avoid adding #ifdefs within arch/x86/kernel/head_64.S and allow arch/x86/mm/mem_encrypt.c to be removed from the build if SME is not configured. The mem_encrypt_init.c file will contain the necessary #ifdefs to allow head_64.S to successfully build and call the SME routines. Signed-off-by: Tom Lendacky --- arch/x86/kernel/Makefile | 2 + arch/x86/kernel/head_64.S | 46 ++++++++++++++++++++++++++++++++- arch/x86/kernel/mem_encrypt_init.c | 50 ++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 arch/x86/kernel/mem_encrypt_init.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index bdcdb3b..33af80a 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -140,4 +140,6 @@ ifeq ($(CONFIG_X86_64),y) obj-$(CONFIG_PCI_MMCONFIG) += mmconf-fam10h_64.o obj-y += vsmp_64.o + + obj-y += mem_encrypt_init.o endif diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index b467b14..4f8201b 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -91,6 +91,23 @@ startup_64: jnz bad_address /* + * Enable Secure Memory Encryption (SME), if supported and enabled. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + * Save the returned mask in %r12 for later use. + */ + push %rsi + call sme_enable + pop %rsi + movq %rax, %r12 + + /* + * Add the memory encryption mask to %rbp to include it in the page + * table fixups. + */ + addq %r12, %rbp + + /* * Fixup the physical addresses in the page table */ addq %rbp, early_level4_pgt + (L4_START_KERNEL*8)(%rip) @@ -113,6 +130,7 @@ startup_64: shrq $PGDIR_SHIFT, %rax leaq (PAGE_SIZE + _KERNPG_TABLE)(%rbx), %rdx + addq %r12, %rdx movq %rdx, 0(%rbx,%rax,8) movq %rdx, 8(%rbx,%rax,8) @@ -129,6 +147,7 @@ startup_64: movq %rdi, %rax shrq $PMD_SHIFT, %rdi addq $(__PAGE_KERNEL_LARGE_EXEC & ~_PAGE_GLOBAL), %rax + addq %r12, %rax leaq (_end - 1)(%rip), %rcx shrq $PMD_SHIFT, %rcx subq %rdi, %rcx @@ -162,11 +181,25 @@ startup_64: cmp %r8, %rdi jne 1b - /* Fixup phys_base */ + /* + * Fixup phys_base - remove the memory encryption mask from %rbp + * to obtain the true physical address. + */ + subq %r12, %rbp addq %rbp, phys_base(%rip) + /* + * Encrypt the kernel if SME is active. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_encrypt_kernel + pop %rsi + .Lskip_fixup: movq $(early_level4_pgt - __START_KERNEL_map), %rax + addq %r12, %rax jmp 1f ENTRY(secondary_startup_64) /* @@ -186,7 +219,16 @@ ENTRY(secondary_startup_64) /* Sanitize CPU configuration */ call verify_cpu - movq $(init_level4_pgt - __START_KERNEL_map), %rax + /* + * Get the SME encryption mask. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_get_me_mask + pop %rsi + + addq $(init_level4_pgt - __START_KERNEL_map), %rax 1: /* Enable PAE mode and PGE */ diff --git a/arch/x86/kernel/mem_encrypt_init.c b/arch/x86/kernel/mem_encrypt_init.c new file mode 100644 index 0000000..25af15d --- /dev/null +++ b/arch/x86/kernel/mem_encrypt_init.c @@ -0,0 +1,50 @@ +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2016 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include +#include + +#ifdef CONFIG_AMD_MEM_ENCRYPT + +#include + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return sme_me_mask; +} + +unsigned long __init sme_enable(void) +{ + return sme_me_mask; +} + +#else /* !CONFIG_AMD_MEM_ENCRYPT */ + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return 0; +} + +unsigned long __init sme_enable(void) +{ + return 0; +} + +#endif /* CONFIG_AMD_MEM_ENCRYPT */ From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: [RFC PATCH v4 06/28] x86: Add support to enable SME during early boot processing Date: Thu, 16 Feb 2017 09:43:19 -0600 Message-ID: <20170216154319.19244.7863.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Sender: owner-linux-mm@kvack.org To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov List-Id: linux-efi@vger.kernel.org This patch adds support to the early boot code to use Secure Memory Encryption (SME). Support is added to update the early pagetables with the memory encryption mask and to encrypt the kernel in place. The routines to set the encryption mask and perform the encryption are stub routines for now with full function to be added in a later patch. A new file, arch/x86/kernel/mem_encrypt_init.c, is introduced to avoid adding #ifdefs within arch/x86/kernel/head_64.S and allow arch/x86/mm/mem_encrypt.c to be removed from the build if SME is not configured. The mem_encrypt_init.c file will contain the necessary #ifdefs to allow head_64.S to successfully build and call the SME routines. Signed-off-by: Tom Lendacky --- arch/x86/kernel/Makefile | 2 + arch/x86/kernel/head_64.S | 46 ++++++++++++++++++++++++++++++++- arch/x86/kernel/mem_encrypt_init.c | 50 ++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 arch/x86/kernel/mem_encrypt_init.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index bdcdb3b..33af80a 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -140,4 +140,6 @@ ifeq ($(CONFIG_X86_64),y) obj-$(CONFIG_PCI_MMCONFIG) += mmconf-fam10h_64.o obj-y += vsmp_64.o + + obj-y += mem_encrypt_init.o endif diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index b467b14..4f8201b 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -91,6 +91,23 @@ startup_64: jnz bad_address /* + * Enable Secure Memory Encryption (SME), if supported and enabled. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + * Save the returned mask in %r12 for later use. + */ + push %rsi + call sme_enable + pop %rsi + movq %rax, %r12 + + /* + * Add the memory encryption mask to %rbp to include it in the page + * table fixups. + */ + addq %r12, %rbp + + /* * Fixup the physical addresses in the page table */ addq %rbp, early_level4_pgt + (L4_START_KERNEL*8)(%rip) @@ -113,6 +130,7 @@ startup_64: shrq $PGDIR_SHIFT, %rax leaq (PAGE_SIZE + _KERNPG_TABLE)(%rbx), %rdx + addq %r12, %rdx movq %rdx, 0(%rbx,%rax,8) movq %rdx, 8(%rbx,%rax,8) @@ -129,6 +147,7 @@ startup_64: movq %rdi, %rax shrq $PMD_SHIFT, %rdi addq $(__PAGE_KERNEL_LARGE_EXEC & ~_PAGE_GLOBAL), %rax + addq %r12, %rax leaq (_end - 1)(%rip), %rcx shrq $PMD_SHIFT, %rcx subq %rdi, %rcx @@ -162,11 +181,25 @@ startup_64: cmp %r8, %rdi jne 1b - /* Fixup phys_base */ + /* + * Fixup phys_base - remove the memory encryption mask from %rbp + * to obtain the true physical address. + */ + subq %r12, %rbp addq %rbp, phys_base(%rip) + /* + * Encrypt the kernel if SME is active. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_encrypt_kernel + pop %rsi + .Lskip_fixup: movq $(early_level4_pgt - __START_KERNEL_map), %rax + addq %r12, %rax jmp 1f ENTRY(secondary_startup_64) /* @@ -186,7 +219,16 @@ ENTRY(secondary_startup_64) /* Sanitize CPU configuration */ call verify_cpu - movq $(init_level4_pgt - __START_KERNEL_map), %rax + /* + * Get the SME encryption mask. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_get_me_mask + pop %rsi + + addq $(init_level4_pgt - __START_KERNEL_map), %rax 1: /* Enable PAE mode and PGE */ diff --git a/arch/x86/kernel/mem_encrypt_init.c b/arch/x86/kernel/mem_encrypt_init.c new file mode 100644 index 0000000..25af15d --- /dev/null +++ b/arch/x86/kernel/mem_encrypt_init.c @@ -0,0 +1,50 @@ +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2016 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include +#include + +#ifdef CONFIG_AMD_MEM_ENCRYPT + +#include + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return sme_me_mask; +} + +unsigned long __init sme_enable(void) +{ + return sme_me_mask; +} + +#else /* !CONFIG_AMD_MEM_ENCRYPT */ + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return 0; +} + +unsigned long __init sme_enable(void) +{ + return 0; +} + +#endif /* CONFIG_AMD_MEM_ENCRYPT */ -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-by2nam03on0080.outbound.protection.outlook.com ([104.47.42.80]:39712 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S932277AbdBPPn3 (ORCPT ); Thu, 16 Feb 2017 10:43:29 -0500 From: Tom Lendacky Subject: [RFC PATCH v4 06/28] x86: Add support to enable SME during early boot processing Date: Thu, 16 Feb 2017 09:43:19 -0600 Message-ID: <20170216154319.19244.7863.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov Message-ID: <20170216154319.d9nRhH94mP0U8H4FAmPVCVfT4K0zL7VHitadSHmQX2E@z> This patch adds support to the early boot code to use Secure Memory Encryption (SME). Support is added to update the early pagetables with the memory encryption mask and to encrypt the kernel in place. The routines to set the encryption mask and perform the encryption are stub routines for now with full function to be added in a later patch. A new file, arch/x86/kernel/mem_encrypt_init.c, is introduced to avoid adding #ifdefs within arch/x86/kernel/head_64.S and allow arch/x86/mm/mem_encrypt.c to be removed from the build if SME is not configured. The mem_encrypt_init.c file will contain the necessary #ifdefs to allow head_64.S to successfully build and call the SME routines. Signed-off-by: Tom Lendacky --- arch/x86/kernel/Makefile | 2 + arch/x86/kernel/head_64.S | 46 ++++++++++++++++++++++++++++++++- arch/x86/kernel/mem_encrypt_init.c | 50 ++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 arch/x86/kernel/mem_encrypt_init.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index bdcdb3b..33af80a 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -140,4 +140,6 @@ ifeq ($(CONFIG_X86_64),y) obj-$(CONFIG_PCI_MMCONFIG) += mmconf-fam10h_64.o obj-y += vsmp_64.o + + obj-y += mem_encrypt_init.o endif diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index b467b14..4f8201b 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -91,6 +91,23 @@ startup_64: jnz bad_address /* + * Enable Secure Memory Encryption (SME), if supported and enabled. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + * Save the returned mask in %r12 for later use. + */ + push %rsi + call sme_enable + pop %rsi + movq %rax, %r12 + + /* + * Add the memory encryption mask to %rbp to include it in the page + * table fixups. + */ + addq %r12, %rbp + + /* * Fixup the physical addresses in the page table */ addq %rbp, early_level4_pgt + (L4_START_KERNEL*8)(%rip) @@ -113,6 +130,7 @@ startup_64: shrq $PGDIR_SHIFT, %rax leaq (PAGE_SIZE + _KERNPG_TABLE)(%rbx), %rdx + addq %r12, %rdx movq %rdx, 0(%rbx,%rax,8) movq %rdx, 8(%rbx,%rax,8) @@ -129,6 +147,7 @@ startup_64: movq %rdi, %rax shrq $PMD_SHIFT, %rdi addq $(__PAGE_KERNEL_LARGE_EXEC & ~_PAGE_GLOBAL), %rax + addq %r12, %rax leaq (_end - 1)(%rip), %rcx shrq $PMD_SHIFT, %rcx subq %rdi, %rcx @@ -162,11 +181,25 @@ startup_64: cmp %r8, %rdi jne 1b - /* Fixup phys_base */ + /* + * Fixup phys_base - remove the memory encryption mask from %rbp + * to obtain the true physical address. + */ + subq %r12, %rbp addq %rbp, phys_base(%rip) + /* + * Encrypt the kernel if SME is active. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_encrypt_kernel + pop %rsi + .Lskip_fixup: movq $(early_level4_pgt - __START_KERNEL_map), %rax + addq %r12, %rax jmp 1f ENTRY(secondary_startup_64) /* @@ -186,7 +219,16 @@ ENTRY(secondary_startup_64) /* Sanitize CPU configuration */ call verify_cpu - movq $(init_level4_pgt - __START_KERNEL_map), %rax + /* + * Get the SME encryption mask. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_get_me_mask + pop %rsi + + addq $(init_level4_pgt - __START_KERNEL_map), %rax 1: /* Enable PAE mode and PGE */ diff --git a/arch/x86/kernel/mem_encrypt_init.c b/arch/x86/kernel/mem_encrypt_init.c new file mode 100644 index 0000000..25af15d --- /dev/null +++ b/arch/x86/kernel/mem_encrypt_init.c @@ -0,0 +1,50 @@ +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2016 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include +#include + +#ifdef CONFIG_AMD_MEM_ENCRYPT + +#include + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return sme_me_mask; +} + +unsigned long __init sme_enable(void) +{ + return sme_me_mask; +} + +#else /* !CONFIG_AMD_MEM_ENCRYPT */ + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return 0; +} + +unsigned long __init sme_enable(void) +{ + return 0; +} + +#endif /* CONFIG_AMD_MEM_ENCRYPT */ From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: [RFC PATCH v4 06/28] x86: Add support to enable SME during early boot processing Date: Thu, 16 Feb 2017 09:43:19 -0600 Message-ID: <20170216154319.19244.7863.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov To: , , , , , , , , Return-path: In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Sender: owner-linux-mm@kvack.org List-Id: kvm.vger.kernel.org This patch adds support to the early boot code to use Secure Memory Encryption (SME). Support is added to update the early pagetables with the memory encryption mask and to encrypt the kernel in place. The routines to set the encryption mask and perform the encryption are stub routines for now with full function to be added in a later patch. A new file, arch/x86/kernel/mem_encrypt_init.c, is introduced to avoid adding #ifdefs within arch/x86/kernel/head_64.S and allow arch/x86/mm/mem_encrypt.c to be removed from the build if SME is not configured. The mem_encrypt_init.c file will contain the necessary #ifdefs to allow head_64.S to successfully build and call the SME routines. Signed-off-by: Tom Lendacky --- arch/x86/kernel/Makefile | 2 + arch/x86/kernel/head_64.S | 46 ++++++++++++++++++++++++++++++++- arch/x86/kernel/mem_encrypt_init.c | 50 ++++++++++++++++++++++++++++++++++++ 3 files changed, 96 insertions(+), 2 deletions(-) create mode 100644 arch/x86/kernel/mem_encrypt_init.c diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index bdcdb3b..33af80a 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -140,4 +140,6 @@ ifeq ($(CONFIG_X86_64),y) obj-$(CONFIG_PCI_MMCONFIG) += mmconf-fam10h_64.o obj-y += vsmp_64.o + + obj-y += mem_encrypt_init.o endif diff --git a/arch/x86/kernel/head_64.S b/arch/x86/kernel/head_64.S index b467b14..4f8201b 100644 --- a/arch/x86/kernel/head_64.S +++ b/arch/x86/kernel/head_64.S @@ -91,6 +91,23 @@ startup_64: jnz bad_address /* + * Enable Secure Memory Encryption (SME), if supported and enabled. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + * Save the returned mask in %r12 for later use. + */ + push %rsi + call sme_enable + pop %rsi + movq %rax, %r12 + + /* + * Add the memory encryption mask to %rbp to include it in the page + * table fixups. + */ + addq %r12, %rbp + + /* * Fixup the physical addresses in the page table */ addq %rbp, early_level4_pgt + (L4_START_KERNEL*8)(%rip) @@ -113,6 +130,7 @@ startup_64: shrq $PGDIR_SHIFT, %rax leaq (PAGE_SIZE + _KERNPG_TABLE)(%rbx), %rdx + addq %r12, %rdx movq %rdx, 0(%rbx,%rax,8) movq %rdx, 8(%rbx,%rax,8) @@ -129,6 +147,7 @@ startup_64: movq %rdi, %rax shrq $PMD_SHIFT, %rdi addq $(__PAGE_KERNEL_LARGE_EXEC & ~_PAGE_GLOBAL), %rax + addq %r12, %rax leaq (_end - 1)(%rip), %rcx shrq $PMD_SHIFT, %rcx subq %rdi, %rcx @@ -162,11 +181,25 @@ startup_64: cmp %r8, %rdi jne 1b - /* Fixup phys_base */ + /* + * Fixup phys_base - remove the memory encryption mask from %rbp + * to obtain the true physical address. + */ + subq %r12, %rbp addq %rbp, phys_base(%rip) + /* + * Encrypt the kernel if SME is active. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_encrypt_kernel + pop %rsi + .Lskip_fixup: movq $(early_level4_pgt - __START_KERNEL_map), %rax + addq %r12, %rax jmp 1f ENTRY(secondary_startup_64) /* @@ -186,7 +219,16 @@ ENTRY(secondary_startup_64) /* Sanitize CPU configuration */ call verify_cpu - movq $(init_level4_pgt - __START_KERNEL_map), %rax + /* + * Get the SME encryption mask. + * The real_mode_data address is in %rsi and that register can be + * clobbered by the called function so be sure to save it. + */ + push %rsi + call sme_get_me_mask + pop %rsi + + addq $(init_level4_pgt - __START_KERNEL_map), %rax 1: /* Enable PAE mode and PGE */ diff --git a/arch/x86/kernel/mem_encrypt_init.c b/arch/x86/kernel/mem_encrypt_init.c new file mode 100644 index 0000000..25af15d --- /dev/null +++ b/arch/x86/kernel/mem_encrypt_init.c @@ -0,0 +1,50 @@ +/* + * AMD Memory Encryption Support + * + * Copyright (C) 2016 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include +#include + +#ifdef CONFIG_AMD_MEM_ENCRYPT + +#include + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return sme_me_mask; +} + +unsigned long __init sme_enable(void) +{ + return sme_me_mask; +} + +#else /* !CONFIG_AMD_MEM_ENCRYPT */ + +void __init sme_encrypt_kernel(void) +{ +} + +unsigned long __init sme_get_me_mask(void) +{ + return 0; +} + +unsigned long __init sme_enable(void) +{ + return 0; +} + +#endif /* CONFIG_AMD_MEM_ENCRYPT */ -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org