From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753244AbdF0PC6 (ORCPT ); Tue, 27 Jun 2017 11:02:58 -0400 Received: from mail-by2nam01on0081.outbound.protection.outlook.com ([104.47.34.81]:19904 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751657AbdF0O6n (ORCPT ); Tue, 27 Jun 2017 10:58:43 -0400 Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none;vger.kernel.org; dmarc=none action=none header.from=amd.com; From: Tom Lendacky Subject: [PATCH v8 13/38] x86/mm: Add support for early encrypt/decrypt of memory To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, xen-devel@lists.xen.org, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Brijesh Singh , Toshimitsu Kani , Radim =?utf-8?b?S3LEjW3DocWZ?= , Matt Fleming , Alexander Potapenko , "H. Peter Anvin" , Larry Woodman , Jonathan Corbet , Joerg Roedel , "Michael S. Tsirkin" , Ingo Molnar , Andrey Ryabinin , Dave Young , Rik van Riel , Arnd Bergmann , Konrad Rzeszutek Wilk , Borislav Petkov , Andy Lutomirski , Boris Ostrovsky , Dmitry Vyukov , Juergen Gross , Thomas Gleixner , Paolo Bonzini Date: Tue, 27 Jun 2017 09:58:34 -0500 Message-ID: <20170627145834.15908.73745.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> References: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: DM5PR17CA0027.namprd17.prod.outlook.com (10.173.128.141) To MWHPR12MB1150.namprd12.prod.outlook.com (10.169.204.14) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7002961c-59dd-4736-9ac8-08d4bd6cfec9 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(48565401081)(300000503095)(300135400095)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506067)(300135500095);SRVR:MWHPR12MB1150; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;3:HL/CUhECTm51Luksfyquld5FwnUd5eLzo48tADoiGZjdRp1ja3CdriyutvgKUDYzXk3M5fwipj9z3a4ND0FXI2UXlaQm4xRij6o6hIYYdMigzMPUMF0Ux3ECrRAzMtQwK/pXPnkStnqiMQN139xSQZcTF4w27gHhDB5V1PI9YkeXlr7DVDBGq8ItDRTgeTseIW8WGtHHMqJCZEYkxEGDXDU7EP4tA786h470nM/NWvqkMGNgXeODMvpdrPIam+rivbr/GMJgvkIvCNSNBiYv5TA1m3KZG5g22yrm0kzqFHJq5WEb407k+8slx1L+9mfpyvmzsFS1378yQhBVO8ccmoZCvhuUzXN6DESyrZkkC6z7/rJoNQ5aqiYDzmH8FsuJIRs8PhfpOe9U4Toxc25iAoy+9sVGLLB8jUvDbtFFgMbwoXD8LQBKbRPmDovrJzx3B8JcnuwFkomwdFMm5T0D6cV67i7Qlu8TDKFXF7gtkwslSgcw6wJfF568Hl86UOBQh8g2regIp0FXTUnz8T3jPJeRyHC2jTiLHKyYA7+vBQ79iX8/GpF0ren0iSeSqJn6FQpLEMI1pXQuxT4J+iodhwrlVHKJs7IouO7l1gnxdMfK0puhLmMIaS2nS/8pVL+n3ol4V4roRYUWcmyq0u7oUVx2pxkoxJ8a9i6oE9/4nUnuB9jP2IjjPA72dqkzJqPOzOaSBUQBZKE1RrhOEMuWYFYO5MpHFssCCzsPygLW2E/g54JnUpe0CgAN7zK0cSBXkAC7N6YyZnwmIevhZrzr4g== X-MS-TrafficTypeDiagnostic: MWHPR12MB1150: X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;25:ploqpQC4bqjGbgernE/Jpk83ZU8dDcyiGawiHuLcxSexmzs5Q9+SrFTrxAjLsWPP5B03nZGeut9vtOj5CMidedJKPoZSK4Q+gS9Jz5m4SMv9imfjY7qbJD0yfnjGKJkO5cGJLgRgvfC5N1NUlo6vcrr57y5P633TP40ptpvTPPF4h22/B++KcFX++F3dB5RFlVW1j8s1V0Vj29DhMnbGO+nKwfXF3RI57pLhFkG2E3JMHsDBFaTAGZi0GdbgdfvqwjulbF70bAc2KWeLuQ3LJfYYmmqtk7tNvRN2+hbWcIwefQznx1r8d/x0NfQWJbhxSGtRkZG42dcyUNAcopCcjSlL1AYqSzry+FnGyqiZDhf5qXuUzeAFsOFp5CfqgiLdgfP2N5HdMr8pSi5+n4KTtphEeib0IkOXA94X0eKqn7ufe0QnNtKkY1w82RnvoVzyqGBKavzKKAHqHQW7I9nXclqLj0WYWYoJVe+vVEp07kpN3AC3UzJa5yTR02xCNpEKvKTbTzLxRXB6J2zoovzwGRoWOLrcY4nKq6aFXmPQMlsyO5uqsooWXPcQlkS9u6u8eNT8gFpJzVCQ2iMsArWb7V77Pym6nXqLVQwtTboUfaDM5J9BUOa55mNJ7KZcKcD1zHhT4GAZHJtGi0+gtAx6jVKuOo9UaqM7GYdfVub8TipfYKJKdsIgpRe9UofUdYF7QXQcCNG2jgKnctuBQueQqYHUZLaqVwOkt6ZKKjlCHqfyHlM0x1JHRSVNXK1sovEwKAYtaJQXWKFYn6dcozK6cVWZRc81YgVDkLffNWYhOOwCr55avlDXJpwKqtci8d4GHoZ7kTY0Z9jNaNO0Qhue5B2G3o4HKzySf9oCzbiwYDgsIql/QadQg/zrF7rtkAzE7nPP5R97dvzoSUZoqeKjxJAE6sb1QMdArwy9LcFdEJA= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;31:8Jk0TmvqSVaxn6tQd8hO+BHBcB8m788nHPOY9u6IL/1ZuQER37zqlrNdyz6/21p99IG1BNgrhz23zOTjy0fa0UZhZywsQs8A0xDKNUv/kEjJ6H8of30K8d91UdMHzBfCLe4E4vz8XCbU+MWce9f2ohEKFmMd28H4XE6QN6WqebOcF3SkffLeRaML6Vr/KRf7yzPCHGg7xfgsgNrNNDQ38JWiVRqALduEWre+lrmbGfh2dZ9fzKDh2gqREZApyx8ugECRvIcQURhzPDEBtWZWUgESMIBNU7L9gC6R4Iyc3OygDR6O5d+SLNfNyOtPhtxcuTIXOJP/CTYepuJmtx8RH4CELaf33y8n7YAMkWe9TduH2Og+wkbxYt6t4CaGs7C9oWaB0SDxkCsRrL0gMM4j4U6Ihf/JV7jqoU6iS4nSq9ZvlyCWRIlJtvPsBxBbausFj4FzlLAtGVpDTM92cP/Sva6wOjJshjaw5gDhY7Bzi1KYIgtocwBFT/M0VEy7ocWTh5T7tt6sHMBD6kA4lBIJDmUVeptGqJ6KD7OiFwokQqD2bejvfj1o91GlR3mSfgdHjzrA0GefarM6VlBKa+xn2fFQECzp5YPZNRwJDg/OxpNtPFDZTFPmrLrVq66ZyGSsOK0/HsyqqVW2KhH2tuEFvTBzc6QgGiea9ywcpNfjro4= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;20:x9VpAazI31OnEOzsMCqmn6wMne+mvAaAog95RnbBo8P9Phb7K24eoT9sIz/OEIWZDyJowem9JmO2AtqdJs7Ry9uoc+AFBsOrkr3loji1732qa8mh7B0vd6XB9fnGHwEtHlV8IaFg8X/oxxE2fh9mIY8bDE4aY0tDNjatZyYx5c7IAU6oK7uwOFADenaZZMina7iqAal/7mj3BBAOz6bvvWKXsvYst6U21BtYezqAFLlBy7SsqTNurwDn7nQrOXPv1Edhvn3kbFo5CmvYHO9r+e8BjvyZ63lNSDu3LZVeljrg8Hu8HbR/VcavXkijxk74uSZuOGPvRnfOn6CfyqQoA/XOuDermsht+w1kAZKlB6x46Tvf6NTC5/wrs1F8qsf8tIdWVy3k5QDRcZ3UwxZNMBqy5SszBa/nbdzosYRow+jkpaHRaVb/C+aziKNZx7hmksBYnh1x5l7Lxf5wsIWeZFGVZB5chGmrMCPhSET1jgAkzkZl0yz39g8CggMcPdYa X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(133145235818549)(236129657087228)(767451399110)(247924648384137); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123562025)(20161123555025)(20161123564025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:MWHPR12MB1150;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:MWHPR12MB1150; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUwOzQ6NFgwTnpPQ29QUHUrY3hEYlRGclhKLzNyQ3Jt?= =?utf-8?B?cnM1ZG9LMXQyT01EYW5meGRJK3AwclpLYUZDNm9EdStyaGQvNXNLZzNkSGVZ?= =?utf-8?B?UlovTzhCTk9KUjhyeVpQdThFc2dtSXIyM1dLMHZ5bnRsQXBKZ2Yrbzd3cmVs?= =?utf-8?B?OXNBVkRjaVRNVTJIdExrNitic1Iwbk5uMFdqSDNJVDlNRU5hUVdxQ3liM3ZS?= =?utf-8?B?OXE5bWdraWJENXU1R3UwQWt6dXY1SkprM3g5dFl3cFErMlZsUUlmUnNUQXJN?= =?utf-8?B?b2RnRzE2ODlHVTlVQkdVVnRRZmNPSFVkOEcrNXBqb1N2WTlXVjl3TFZXcDRK?= =?utf-8?B?R3FoVzRabDFsMlpRaE53aHZBMkkzVGs3WjRobDI0Y1dvNjYrV1pTTkNrbUlk?= =?utf-8?B?c2VoZ0JOdjdGMFJlTDQrZWZyU1BJM3A0Z0o2dDh3Z2VPK0kyT1dZUmdsNVZF?= =?utf-8?B?bmVpbzhqOFhLRVNTRXJmYjY5NUhLTVZud2lMUEc0YTVsbHdsRmRuZENJR25p?= =?utf-8?B?azVTMXM3VlZVa1czbHZBUlVhN25ETHdxeTV6eFZrbCswR3l4aVh0UFI4ay83?= =?utf-8?B?OElqTnZwWFN3UTNaL2xxVGNMWkhYWGdPb2VKemFIVG9CaUZxUkFzaGh4Vy9a?= =?utf-8?B?WUcwbG9nTTV3UFBYYkQ0TlNsSjZJNjRDY2dhZzI0MFFYVnBYV0NMTFdkanZZ?= =?utf-8?B?OW5DVS9uS2Rsb0tnK2l6eGZ6RXNOd3VaMU5MZnV2Qkg0K09OUVFOTXJ5V0FZ?= =?utf-8?B?by95ZnplOUw0d3hxWXdWWVZTYktVdXhiV0EySkhVem5tYnJuMVorejJoL2lV?= =?utf-8?B?TnRpd2dnaDZtbGxPeVh0bFhWZnE1UEZNbFJKSndNVmJTV0g1Y0NMSkdnWFRw?= =?utf-8?B?a1dFdW9HYVhrWEFOSE5YUTBuLzFNcmNwZ2J6V1laZzkwWXltcHpQRzFFeFZL?= =?utf-8?B?SDZOQ1hjbGtxbFBJSjJxd3dpRTBQYldTUGZJeFYyUFpKeklXN3YycDlGRExD?= =?utf-8?B?d2hTM2x0R2dHNEJvV1NxOFRWNUtMRUpaN1dOTlhaZUtCVFNJcXhHU3hBMVdT?= =?utf-8?B?QjQ1bjM4MmVOR3hIek85aGpKbkxrNmZDN0FQc0R1M2JiV2NYc0YrV3c2Rkdq?= =?utf-8?B?bStMUzFwUE9WYkNkcUJVa1lJTVpMVnpqUzZDaHFaYTdMYVVaVWdNSEJvYWR3?= =?utf-8?B?cE13aW45UGVDaHJXcWhJeDFjVHNzRktJSzVBSGpobktyWHMwQ002MDVFdnlN?= =?utf-8?B?REtiT1NEUXhlTEJPK0pDQ0s0MlU1WHVrV3JnWDJxMmMrekxVUTRQU3hBdzBx?= =?utf-8?B?UnB5dFpRelhJNzA5MGRYZGhUdkg5dXVRKzRhdUE5YkR1VHJ6TXMvczk0K2c3?= =?utf-8?B?WTVoRFVlbEtPbXFGa3NGOW9Jc0FRc0NXa1NkWEZONFY2eDZzSzR0RTBhZFJL?= =?utf-8?B?Uzg1bVFMRVFOUmw0T2V6eDlqemtyV0VFSjNGNCs4NmhsYUhzbUg5MDBiSDZu?= =?utf-8?B?UzJYM1paTnNkME9EQ1pZbldnTTllSFJTUklMNHlVRFRKMnh5YWt4enp3RXRr?= =?utf-8?B?bDVFSmMrRkpBcmRXNjVTekpCUmtscFNsdUZXemlkeXkzQ29JOFVPc3h0d2FR?= =?utf-8?B?L1BLQmYyaWJmRWcrdUxRNVR6cmhGSkhZZ2xTMWoxK05MTWtNak92VUo0a2Ji?= =?utf-8?B?K1JYL1k5dDVCUEVMS2c0Q1oveGFGd3ZZQ044SWt1MlNKTE80NmVjVXg0aVVt?= =?utf-8?Q?aecLJeX1evcMSCYOeN0kJ3HSkHiqWMG7s4jk=3D?= X-Forefront-PRVS: 0351D213B3 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(39850400002)(39400400002)(39840400002)(39450400003)(39860400002)(39410400002)(54356999)(25786009)(76176999)(47776003)(72206003)(478600001)(66066001)(23676002)(2906002)(3846002)(1076002)(6116002)(230700001)(50466002)(53416004)(50986999)(33646002)(97746001)(86362001)(54906002)(55016002)(6666003)(6506006)(103116003)(42186005)(4001350100001)(110136004)(2950100002)(189998001)(38730400002)(7736002)(9686003)(83506001)(5660300001)(7416002)(81166006)(53936002)(4326008)(8676002)(7406005)(305945005)(921003)(1121003);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1150;H:tlendack-t1.amdoffice.net;FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUwOzIzOmZhODY4aXh6ck1TdWpFWWJPYlZONWdKcHFz?= =?utf-8?B?SytvUnRJWFMwVFRIbEdHUE5rSE1LM1VSaTFNRXVxcXZORjlFbjhYVVU5Q1lm?= =?utf-8?B?cyt3bm1UUjZJRktaQk9oRVVScFNwQ2s1S1pjcTZRWnBuNDVkMHYvSEtxNXJO?= =?utf-8?B?RHJzbXE1NWVPcjFpL3J3Z3Jjd3BtejZMUTJaeDVrZnI3bVJoZGNra2RsUlZY?= =?utf-8?B?QU10OUc2MFNQS0VPMXJObjFUTEVaQzA5T1R2UVIyZDQ4UVlCK01qZjhtYmhC?= =?utf-8?B?ZExmV09vZzBCN0VQSXRPOUdKd1IyUjNiWHNBOHJHV00rMlJQRG1mZ3hUNWxw?= =?utf-8?B?NUhpSWIzUGpYenhsS3lwMzR4ZnliQVYyUlBsdWRxMGw5b2ZhaWV6YTBIdWVi?= =?utf-8?B?aHBDOGYvR1dEWDRlL3B6TUlwM1RDQitUbGtsRmFkRmNMTUFBc1lueVJBVGdS?= =?utf-8?B?eXR0L0poSDhNS3FZK0tDNUFpeloxSnRadXVLbXFyMEE5WCs0b2gvL0hIWjRQ?= =?utf-8?B?eXBEbTBTM2lBRENXZnZZNE9nSFhzckNFejhLSklEWmdFNCtrYlU1YVlUM0g5?= =?utf-8?B?NkMzd0dTK3BDdWJVeDhtUWErQnk5cXVuZkhBaTJkZWhJOWltUFVZNkRGSG9L?= =?utf-8?B?MFA3WmhhQWxnVHpWbnZWNWgwZUZack5rSGx3dlExaVFDL2NmbHJXclowTEFk?= =?utf-8?B?NVpGbGhLNWs3K2xDZ3kxK2k2eXpuRGlrVURSTTNyZG5LTWdNY0JMaDd4TDZS?= =?utf-8?B?MW5vK3Vodk1WTC9laXBBbXJnTkdEakRwbXNYUllVUE5KZHIzL2tsS05IRHEr?= =?utf-8?B?R3F4SXNuajczVzQzblFKVTA3dmlVRVhicXBzU08vRWp1YzRuNVU4eHRFOElB?= =?utf-8?B?S2VBWUN1MDdadW5lYkZpdFZSa3U0L3IwRjRSUCtjc1IvZndpMnVRdDAyV3hJ?= =?utf-8?B?NTU1Q0ZORW1IRDFnL2FGekg3QnJaUVlFY3NaaUFTVGp6dlBVQi9YSGcyV2pU?= =?utf-8?B?enh6YmhrR3piSVNrSVMrbCtWZHdKeUR0ODJ3YkZ3OHZ4ZldUUFhMWDMzcHFa?= =?utf-8?B?MStxTmtFZjBTU3YvMWNYaFVnSVRmeGlOS2pwcE4zUE9rVndaaGFXY05YZHVl?= =?utf-8?B?M3dhZGNLQ2dJVUZlZVg2aXB1bWFMSzBFbXZ1a3loRllVbkpCamljODBVQ1hk?= =?utf-8?B?TkRhb2hJL0l2YUJOa2FjMXp5V1U3cEhqQ2JYckJQSnI2VUhHOUJYVkhuT2tX?= =?utf-8?B?blJxQzA4ckVqT2ZhWS9qZ1NDVHE3QmNlMlJtemMwWG5yWnpjVi8yUElPcnpQ?= =?utf-8?B?aXRNajRmME1KY2RhdWxDNGZIbWdSSWRtdkdrSXJ1R0w2TWhmMHo1Rm9KeHlW?= =?utf-8?B?V2tvNnBXeWtDRGNrQlRRYm5TRTJrZmJsWHlpYS9mNFJCMWY1N2ZMNXRvV3Uw?= =?utf-8?B?OGlpWWFBTjdBT1NQOXpQL2Z3d0xoZENVVnU4RnBpY2NGNE9tcUx4aTU2NUhY?= =?utf-8?B?Zlk1b0p3WWZSeWxWTk82VnZTeTJVVmd6R3diSjdNWG9BdzJUVTJqOVpWRFVn?= =?utf-8?B?c09DS3hlcVY0L0lqb1M2a2svcDQ1cndJVWFSeHR5clNaWnMrMCsyc21yK1ht?= =?utf-8?B?bE1INVkveHpGem5DbkpLQitINFhuQlZIdG9ydVhtMmtBZ1U1Q0d4RThVL0V6?= =?utf-8?Q?ZiTX2LYbJJpTvFxLb0=3D?= X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUwOzY6cklMWWcvc1hjSmRMd3Evb2p0d3BvcmhYSDZL?= =?utf-8?B?YmVXMHM5L3QzOUhZNDJVY1BUM3Q0R05DNkhkTGdENk9zeHpEZkFPbWRUMkth?= =?utf-8?B?WmlqQWxYWFp4bGp5V2dHMEh5ajJtMzRsNFJOdFhBRkRoWXlYMVlLYzNINGl5?= =?utf-8?B?Sk9GeWwyUFlFWmhUOEdKbXJJNnYySmNhOWV4QU9SQ1B6MTh4WXkyL3Q0bWYx?= =?utf-8?B?RnBHSUpTVjgrZHFpYjEvZERFRWhDMUJTRWp2d1oxOGJiejUycWZkd2s4K1NQ?= =?utf-8?B?YXA2c2s0TTZpWUpONGhqU1FZVEw4Wmh3bm9LNFRlM01lT29aSEZYT0lvR2E1?= =?utf-8?B?c1lBSFIrZTkyb0hxS25UYm5SVjlMb0RlMUhZdlFMM2VtN3hELy9SRXI0Kys4?= =?utf-8?B?WlY1cE5XQXJaRlhFZW4vZEJxbEVwMTc1QjRzR1RKNWtiUExaY29LR0dBMkxS?= =?utf-8?B?aTN2eUNuZitNL2RWb1ZTNFg3RkllMHYvUVNUWGNCYXNhaFdreDRoZElJYkNY?= =?utf-8?B?eWRQeFBvOVJFZFBGcm5pL2tTN2pFb2tZbERWaE9JRlRDNHdNczc2ajlrL1JD?= =?utf-8?B?R0FBazBoT0oxRFNDd291MUtiSnByb3pDdWpLTWdFRGFReGtkZWhIZlVYVkJt?= =?utf-8?B?R2VNM003NTNxYVVqMmdXa0hmVm1oUW8xTk03bURFQmJ4YXNQbkM3Y1FITzVG?= =?utf-8?B?M0lWK2Z2YmFDdytBbzBlSzJjWG1qdFZoZWU1SE5VYlJVdFU2NWpiaFZXYzIw?= =?utf-8?B?cC96UnpJN3E1MkxGUUZUTGdxT0NDeHZRV1VmMENjK21HMW1zOTRUL1NqWEZw?= =?utf-8?B?MU9EdG5wT1ovaE5HZ08vempJNHhLa0p0Qmo2ZktSNTZIMmZhYlVNZml4VWp1?= =?utf-8?B?NWIxc3llUkRtMmxES3BqcE5aYWEzSzZuZ2g4UVBkV0NXekFCK0x0MytSY2NQ?= =?utf-8?B?NkZVV29zT2xvM3pheEsrUXFXZXJML3V2emg2WWdFVjFDYXpndUllQmxNMnky?= =?utf-8?B?TE4wYkF5cW5hTVRGdS9qMW1rV2MxekFtU1p5dTcwSjJnTTFsNmJFT3dQam1n?= =?utf-8?B?NUp6VW5Ec2orYUpmMEErY1VLTmFSOUlINnZuREJLaSt4SVkwTU84MzhYU0h3?= =?utf-8?B?NytXTlB3RHpsOGZqSHJKaC9MMnFRMDhsUjQ3Z3RFeXdPZGJ3ZGV4YnIvY01T?= =?utf-8?B?NG52WU5jMFdYcFdnOTFiNnExbDQwZVJwMW5zNnFZMmFPZzRNeW1yRXU4aXF5?= =?utf-8?B?SFpleVc4bmxFYktycEdWTWpOMUY2R0JTQmpzY05xMEhBNGJybmlxdVFPbWNT?= =?utf-8?B?WjA0bkxQM1BxVW9JeXJwSjdBMGs2Z0F1UjNzL24zQ20zL0FrR3h2UENFTlh2?= =?utf-8?Q?hNTd7Y/?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;5:isJTOYL74AqSjN8zmuIDm459Z8K99iRB0NPW1DmPfAghpgoBOgN9V3zUCDlj8BL5zxsE9oTfr6x4mp6TcPPZff5Znt+LU++/rYt6i/BjXaJHPF3cagDD/HUukpF5ouS1mhUlxAJ8eoi9gLkFyvm8CV9UIc7sHKG6BgDTnGFYN8wSre83jJBNaAHrWZFTa3UjVa9IdCDbC8JhcW7FETkrhgkNK7lJg0fUKXu4TQG9yf1+NjPyeeQkGxW8zUgjH/vG0d5rPkUda+E1YJmqb3x2Gm4wb4kf+tX4cE7yWtF//7V0blAo1CqTWdBv/1RuGHJ5/O19lxAPIdOD8MAaeHF3LE3xEt6k/w7MlqaMByI0ZI1Ws1CnglJqHHKLYs2tygBTyfkplMm3o+UHriN6jPoMiOYt03MWoYAUU+RvcttPvkcQjARGcvzynyOQnhFDhnnZH0GA1B6Hxp+BpxP4qAo+nCf+aco25MbtRrT89BWCUiHKEOP312gk2XsuCWJoPg40;24:gSmpcslbPsDhwgC7H+1KYOQY9f/f3d1A4Rrd+PWhePqil1o+PhA0dRQEwX24gXvf5dJtFB1ToEEEr+da3B2yp2v31pTzgFM1RMMKHWcXX1E= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;7:MbZkaofarv4kRfqCuV+s+1RKTxvLLfc0+6SJ28V5NTp8MThmlFqo5bXPU06oN9N0TwC6EP4UJvS/aEI4vMhUJeOaLkOBdDzrO8JV7a6mTBXkENd4Ao/7yetOnUt1JN50txT02YvHb0MbQDOr//4GfoCSIhfHcmXiB1+ep73qA79kwALi5U4yMCEenG/YrMnF+3zw+ED4D1GG7bmCSbnaTsRw0kpbCxNd9yGEnY4HzeSEEGPdqnhyAUTp0HtPKy6rWMA0+uCGBjWmGXCnXOs0BjhwyKuTzO3yI2RS2R06/QuKItKor7uRhrNUqCiufp64/KKwUYAOVVD42LvTLE8wkzQdbzZ/QSRl+hwsvqA7jFDrDTH7sUQapH5gGy8k4RyZ7Z1NHM1TVgmvZ0m8Jnl5C+fUH4XmzlVelUgxt/gX9WPxjU3GqMGj8tIR6SHgfa/u4M1VPRlY+coz0cSsvoGr2N34mvv8NnNgc7LdCV5sgmKf5AxjX4hZVRkqOG/fceSIYtUmoLNDptqKBmMzLux3iTi5g6v0vPX6kcxQ5+vXE8xKV196CugLR0jbmu2obj6v1+hgTtxEJIljjdyN40GUEhrvYcq1HAmGI/yzeQQSBcL/rjnQFN0FsFZldSKhXM+0Nr2O8MhWwmMEYhIitGfA/Uf+dnAnevzjg+xLBsg5ssjiZu9xtKWCAG15bq9JI+gwSh7WUK8/OUuFv/mQq5iYUC2n0TRv3PbEbJaKlwPWepMqEFic6Z217hziB1KmWIkyhfzPUdTi8OLbFj0TNpNC0E9ocJu4cO2Mz2MM7ukvs2A= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1150;20:AOzSv0Wiipq1RScqkXuDQV7SLzN361yjAqCV++UJzAgeTdRdaBxFSZgWNCWYaYO/e2fmR6eJkBQqtdrsTNT4XVnkX42E3KirajuJOaAuWp77UlpslvmtPV/9p82oGQa9d2RnL1mZOUjF93+ueUQdMxjtLLWPqZ+X7XQHFx++dd1fBbuc1NioOiM0aX0WjRWtqJzWd4HwdDDF8DhdVJhi69n/eJaRzSZwJaA9dG0Ob9FPDK2DTE7Bxgu5jkEHOO0E X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Jun 2017 14:58:37.3887 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1150 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add support to be able to either encrypt or decrypt data in place during the early stages of booting the kernel. This does not change the memory encryption attribute - it is used for ensuring that data present in either an encrypted or decrypted memory area is in the proper state (for example the initrd will have been loaded by the boot loader and will not be encrypted, but the memory that it resides in is marked as encrypted). Reviewed-by: Borislav Petkov Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 10 +++++ arch/x86/mm/mem_encrypt.c | 76 ++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index dbae7a5..8baa35b 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -21,6 +21,11 @@ extern unsigned long sme_me_mask; +void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size); +void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size); + void __init sme_early_init(void); void __init sme_encrypt_kernel(void); @@ -30,6 +35,11 @@ #define sme_me_mask 0UL +static inline void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size) { } +static inline void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size) { } + static inline void __init sme_early_init(void) { } static inline void __init sme_encrypt_kernel(void) { } diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index f973d3d..54bb73c 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -14,6 +14,9 @@ #include #include +#include +#include + /* * Since SME related variables are set early in the boot process they must * reside in the .data section so as not to be zeroed out when the .bss @@ -22,6 +25,79 @@ unsigned long sme_me_mask __section(.data) = 0; EXPORT_SYMBOL_GPL(sme_me_mask); +/* Buffer used for early in-place encryption by BSP, no locking needed */ +static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); + +/* + * This routine does not change the underlying encryption setting of the + * page(s) that map this memory. It assumes that eventually the memory is + * meant to be accessed as either encrypted or decrypted but the contents + * are currently not in the desired state. + * + * This routine follows the steps outlined in the AMD64 Architecture + * Programmer's Manual Volume 2, Section 7.10.8 Encrypt-in-Place. + */ +static void __init __sme_early_enc_dec(resource_size_t paddr, + unsigned long size, bool enc) +{ + void *src, *dst; + size_t len; + + if (!sme_me_mask) + return; + + local_flush_tlb(); + wbinvd(); + + /* + * There are limited number of early mapping slots, so map (at most) + * one page at time. + */ + while (size) { + len = min_t(size_t, sizeof(sme_early_buffer), size); + + /* + * Create mappings for the current and desired format of + * the memory. Use a write-protected mapping for the source. + */ + src = enc ? early_memremap_decrypted_wp(paddr, len) : + early_memremap_encrypted_wp(paddr, len); + + dst = enc ? early_memremap_encrypted(paddr, len) : + early_memremap_decrypted(paddr, len); + + /* + * If a mapping can't be obtained to perform the operation, + * then eventual access of that area in the desired mode + * will cause a crash. + */ + BUG_ON(!src || !dst); + + /* + * Use a temporary buffer, of cache-line multiple size, to + * avoid data corruption as documented in the APM. + */ + memcpy(sme_early_buffer, src, len); + memcpy(dst, sme_early_buffer, len); + + early_memunmap(dst, len); + early_memunmap(src, len); + + paddr += len; + size -= len; + } +} + +void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, true); +} + +void __init sme_early_decrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, false); +} + void __init sme_early_init(void) { unsigned int i; From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: [PATCH v8 13/38] x86/mm: Add support for early encrypt/decrypt of memory Date: Tue, 27 Jun 2017 09:58:34 -0500 Message-ID: <20170627145834.15908.73745.stgit@tlendack-t1.amdoffice.net> References: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20170627145607.15908.26571.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, kexec-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kasan-dev-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org, xen-devel-GuqFBffKawuEi8DpZVb4nw@public.gmane.org, linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org, iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Cc: Brijesh Singh , Toshimitsu Kani , "Michael S. Tsirkin" , Matt Fleming , Alexander Potapenko , "H. Peter Anvin" , Boris Ostrovsky , Jonathan Corbet , Radim =?utf-8?b?S3LEjW3DocWZ?= , Larry Woodman , Ingo Molnar , Andrey Ryabinin , Dave Young , Rik van Riel , Arnd Bergmann , Borislav Petkov , Andy Lutomirski , Thomas Gleixner , Dmitry Vyukov , Juergen Gross , Paolo Bonzini List-Id: linux-efi@vger.kernel.org Add support to be able to either encrypt or decrypt data in place during the early stages of booting the kernel. This does not change the memory encryption attribute - it is used for ensuring that data present in either an encrypted or decrypted memory area is in the proper state (for example the initrd will have been loaded by the boot loader and will not be encrypted, but the memory that it resides in is marked as encrypted). Reviewed-by: Borislav Petkov Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 10 +++++ arch/x86/mm/mem_encrypt.c | 76 ++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index dbae7a5..8baa35b 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -21,6 +21,11 @@ extern unsigned long sme_me_mask; +void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size); +void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size); + void __init sme_early_init(void); void __init sme_encrypt_kernel(void); @@ -30,6 +35,11 @@ #define sme_me_mask 0UL +static inline void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size) { } +static inline void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size) { } + static inline void __init sme_early_init(void) { } static inline void __init sme_encrypt_kernel(void) { } diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index f973d3d..54bb73c 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -14,6 +14,9 @@ #include #include +#include +#include + /* * Since SME related variables are set early in the boot process they must * reside in the .data section so as not to be zeroed out when the .bss @@ -22,6 +25,79 @@ unsigned long sme_me_mask __section(.data) = 0; EXPORT_SYMBOL_GPL(sme_me_mask); +/* Buffer used for early in-place encryption by BSP, no locking needed */ +static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); + +/* + * This routine does not change the underlying encryption setting of the + * page(s) that map this memory. It assumes that eventually the memory is + * meant to be accessed as either encrypted or decrypted but the contents + * are currently not in the desired state. + * + * This routine follows the steps outlined in the AMD64 Architecture + * Programmer's Manual Volume 2, Section 7.10.8 Encrypt-in-Place. + */ +static void __init __sme_early_enc_dec(resource_size_t paddr, + unsigned long size, bool enc) +{ + void *src, *dst; + size_t len; + + if (!sme_me_mask) + return; + + local_flush_tlb(); + wbinvd(); + + /* + * There are limited number of early mapping slots, so map (at most) + * one page at time. + */ + while (size) { + len = min_t(size_t, sizeof(sme_early_buffer), size); + + /* + * Create mappings for the current and desired format of + * the memory. Use a write-protected mapping for the source. + */ + src = enc ? early_memremap_decrypted_wp(paddr, len) : + early_memremap_encrypted_wp(paddr, len); + + dst = enc ? early_memremap_encrypted(paddr, len) : + early_memremap_decrypted(paddr, len); + + /* + * If a mapping can't be obtained to perform the operation, + * then eventual access of that area in the desired mode + * will cause a crash. + */ + BUG_ON(!src || !dst); + + /* + * Use a temporary buffer, of cache-line multiple size, to + * avoid data corruption as documented in the APM. + */ + memcpy(sme_early_buffer, src, len); + memcpy(dst, sme_early_buffer, len); + + early_memunmap(dst, len); + early_memunmap(src, len); + + paddr += len; + size -= len; + } +} + +void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, true); +} + +void __init sme_early_decrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, false); +} + void __init sme_early_init(void) { unsigned int i; From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg0-f71.google.com (mail-pg0-f71.google.com [74.125.83.71]) by kanga.kvack.org (Postfix) with ESMTP id A36B36B0315 for ; Tue, 27 Jun 2017 10:58:43 -0400 (EDT) Received: by mail-pg0-f71.google.com with SMTP id m188so29488409pgm.2 for ; Tue, 27 Jun 2017 07:58:43 -0700 (PDT) Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0056.outbound.protection.outlook.com. [104.47.32.56]) by mx.google.com with ESMTPS id e26si2286734plj.541.2017.06.27.07.58.42 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 27 Jun 2017 07:58:42 -0700 (PDT) From: Tom Lendacky Subject: [PATCH v8 13/38] x86/mm: Add support for early encrypt/decrypt of memory Date: Tue, 27 Jun 2017 09:58:34 -0500 Message-ID: <20170627145834.15908.73745.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> References: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, xen-devel@lists.xen.org, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Brijesh Singh , Toshimitsu Kani , Radim =?utf-8?b?S3LEjW3DocWZ?= , Matt Fleming , Alexander Potapenko , "H. Peter Anvin" , Larry Woodman , Jonathan Corbet , Joerg Roedel , "Michael S. Tsirkin" , Ingo Molnar , Andrey Ryabinin , Dave Young , Rik van Riel , Arnd Bergmann , Konrad Rzeszutek Wilk , Borislav Petkov , Andy Lutomirski , Boris Ostrovsky , Dmitry Vyukov , Juergen Gross , Thomas Gleixner , Paolo Bonzini Add support to be able to either encrypt or decrypt data in place during the early stages of booting the kernel. This does not change the memory encryption attribute - it is used for ensuring that data present in either an encrypted or decrypted memory area is in the proper state (for example the initrd will have been loaded by the boot loader and will not be encrypted, but the memory that it resides in is marked as encrypted). Reviewed-by: Borislav Petkov Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 10 +++++ arch/x86/mm/mem_encrypt.c | 76 ++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index dbae7a5..8baa35b 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -21,6 +21,11 @@ extern unsigned long sme_me_mask; +void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size); +void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size); + void __init sme_early_init(void); void __init sme_encrypt_kernel(void); @@ -30,6 +35,11 @@ #define sme_me_mask 0UL +static inline void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size) { } +static inline void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size) { } + static inline void __init sme_early_init(void) { } static inline void __init sme_encrypt_kernel(void) { } diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index f973d3d..54bb73c 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -14,6 +14,9 @@ #include #include +#include +#include + /* * Since SME related variables are set early in the boot process they must * reside in the .data section so as not to be zeroed out when the .bss @@ -22,6 +25,79 @@ unsigned long sme_me_mask __section(.data) = 0; EXPORT_SYMBOL_GPL(sme_me_mask); +/* Buffer used for early in-place encryption by BSP, no locking needed */ +static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); + +/* + * This routine does not change the underlying encryption setting of the + * page(s) that map this memory. It assumes that eventually the memory is + * meant to be accessed as either encrypted or decrypted but the contents + * are currently not in the desired state. + * + * This routine follows the steps outlined in the AMD64 Architecture + * Programmer's Manual Volume 2, Section 7.10.8 Encrypt-in-Place. + */ +static void __init __sme_early_enc_dec(resource_size_t paddr, + unsigned long size, bool enc) +{ + void *src, *dst; + size_t len; + + if (!sme_me_mask) + return; + + local_flush_tlb(); + wbinvd(); + + /* + * There are limited number of early mapping slots, so map (at most) + * one page at time. + */ + while (size) { + len = min_t(size_t, sizeof(sme_early_buffer), size); + + /* + * Create mappings for the current and desired format of + * the memory. Use a write-protected mapping for the source. + */ + src = enc ? early_memremap_decrypted_wp(paddr, len) : + early_memremap_encrypted_wp(paddr, len); + + dst = enc ? early_memremap_encrypted(paddr, len) : + early_memremap_decrypted(paddr, len); + + /* + * If a mapping can't be obtained to perform the operation, + * then eventual access of that area in the desired mode + * will cause a crash. + */ + BUG_ON(!src || !dst); + + /* + * Use a temporary buffer, of cache-line multiple size, to + * avoid data corruption as documented in the APM. + */ + memcpy(sme_early_buffer, src, len); + memcpy(dst, sme_early_buffer, len); + + early_memunmap(dst, len); + early_memunmap(src, len); + + paddr += len; + size -= len; + } +} + +void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, true); +} + +void __init sme_early_decrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, false); +} + void __init sme_early_init(void) { unsigned int i; -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from mail-by2nam01on0088.outbound.protection.outlook.com ([104.47.34.88] helo=NAM01-BY2-obe.outbound.protection.outlook.com) by casper.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1dPrxI-00030n-41 for kexec@lists.infradead.org; Tue, 27 Jun 2017 14:59:07 +0000 From: Tom Lendacky Subject: [PATCH v8 13/38] x86/mm: Add support for early encrypt/decrypt of memory Date: Tue, 27 Jun 2017 09:58:34 -0500 Message-ID: <20170627145834.15908.73745.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> References: <20170627145607.15908.26571.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, xen-devel@lists.xen.org, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Brijesh Singh , Toshimitsu Kani , "Michael S. Tsirkin" , Matt Fleming , Alexander Potapenko , "H. Peter Anvin" , Boris Ostrovsky , Jonathan Corbet , Joerg Roedel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Larry Woodman , Ingo Molnar , Andrey Ryabinin , Dave Young , Rik van Riel , Arnd Bergmann , Konrad Rzeszutek Wilk , Borislav Petkov , Andy Lutomirski , Thomas Gleixner , Dmitry Vyukov , Juergen Gross , Paolo Bonzini Add support to be able to either encrypt or decrypt data in place during the early stages of booting the kernel. This does not change the memory encryption attribute - it is used for ensuring that data present in either an encrypted or decrypted memory area is in the proper state (for example the initrd will have been loaded by the boot loader and will not be encrypted, but the memory that it resides in is marked as encrypted). Reviewed-by: Borislav Petkov Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 10 +++++ arch/x86/mm/mem_encrypt.c | 76 ++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index dbae7a5..8baa35b 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -21,6 +21,11 @@ extern unsigned long sme_me_mask; +void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size); +void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size); + void __init sme_early_init(void); void __init sme_encrypt_kernel(void); @@ -30,6 +35,11 @@ #define sme_me_mask 0UL +static inline void __init sme_early_encrypt(resource_size_t paddr, + unsigned long size) { } +static inline void __init sme_early_decrypt(resource_size_t paddr, + unsigned long size) { } + static inline void __init sme_early_init(void) { } static inline void __init sme_encrypt_kernel(void) { } diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index f973d3d..54bb73c 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -14,6 +14,9 @@ #include #include +#include +#include + /* * Since SME related variables are set early in the boot process they must * reside in the .data section so as not to be zeroed out when the .bss @@ -22,6 +25,79 @@ unsigned long sme_me_mask __section(.data) = 0; EXPORT_SYMBOL_GPL(sme_me_mask); +/* Buffer used for early in-place encryption by BSP, no locking needed */ +static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); + +/* + * This routine does not change the underlying encryption setting of the + * page(s) that map this memory. It assumes that eventually the memory is + * meant to be accessed as either encrypted or decrypted but the contents + * are currently not in the desired state. + * + * This routine follows the steps outlined in the AMD64 Architecture + * Programmer's Manual Volume 2, Section 7.10.8 Encrypt-in-Place. + */ +static void __init __sme_early_enc_dec(resource_size_t paddr, + unsigned long size, bool enc) +{ + void *src, *dst; + size_t len; + + if (!sme_me_mask) + return; + + local_flush_tlb(); + wbinvd(); + + /* + * There are limited number of early mapping slots, so map (at most) + * one page at time. + */ + while (size) { + len = min_t(size_t, sizeof(sme_early_buffer), size); + + /* + * Create mappings for the current and desired format of + * the memory. Use a write-protected mapping for the source. + */ + src = enc ? early_memremap_decrypted_wp(paddr, len) : + early_memremap_encrypted_wp(paddr, len); + + dst = enc ? early_memremap_encrypted(paddr, len) : + early_memremap_decrypted(paddr, len); + + /* + * If a mapping can't be obtained to perform the operation, + * then eventual access of that area in the desired mode + * will cause a crash. + */ + BUG_ON(!src || !dst); + + /* + * Use a temporary buffer, of cache-line multiple size, to + * avoid data corruption as documented in the APM. + */ + memcpy(sme_early_buffer, src, len); + memcpy(dst, sme_early_buffer, len); + + early_memunmap(dst, len); + early_memunmap(src, len); + + paddr += len; + size -= len; + } +} + +void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, true); +} + +void __init sme_early_decrypt(resource_size_t paddr, unsigned long size) +{ + __sme_early_enc_dec(paddr, size, false); +} + void __init sme_early_init(void) { unsigned int i; _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec