From: "Thomas Hellström (VMware)" <thomas_os@shipmail.org>
To: linux-kernel@vger.kernel.org, x86@kernel.org, pv-drivers@vmware.com
Cc: "Thomas Hellstrom" <thellstrom@vmware.com>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Peter Zijlstra" <peterz@infradead.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"Christoph Hellwig" <hch@infradead.org>,
"Christian König" <christian.koenig@amd.com>,
"Marek Szyprowski" <m.szyprowski@samsung.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>
Subject: [RFC PATCH 1/2] x86: Don't let pgprot_modify() change the page encryption bit
Date: Thu, 5 Sep 2019 12:35:40 +0200 [thread overview]
Message-ID: <20190905103541.4161-2-thomas_os@shipmail.org> (raw)
In-Reply-To: <20190905103541.4161-1-thomas_os@shipmail.org>
From: Thomas Hellstrom <thellstrom@vmware.com>
When SEV or SME is enabled and active, vm_get_page_prot() typically
returns with the encryption bit set. This means that users of
pgprot_modify(, vm_get_page_prot()) (mprotect_fixup, do_mmap) typically
unintentionally sets encrypted page protection even on mmap'd coherent
memory where the mmap callback has cleared the bit. Fix this by not
allowing pgprot_modify() to change the encryption bit, similar to
how it's done for PAT bits.
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Christian König <christian.koenig@amd.com>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
---
arch/x86/include/asm/pgtable.h | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
index 0bc530c4eb13..8e507169fd90 100644
--- a/arch/x86/include/asm/pgtable.h
+++ b/arch/x86/include/asm/pgtable.h
@@ -624,12 +624,16 @@ static inline pmd_t pmd_modify(pmd_t pmd, pgprot_t newprot)
return __pmd(val);
}
-/* mprotect needs to preserve PAT bits when updating vm_page_prot */
+/*
+ * mprotect needs to preserve PAT and encryption bits when updating
+ * vm_page_prot
+ */
#define pgprot_modify pgprot_modify
static inline pgprot_t pgprot_modify(pgprot_t oldprot, pgprot_t newprot)
{
- pgprotval_t preservebits = pgprot_val(oldprot) & _PAGE_CHG_MASK;
- pgprotval_t addbits = pgprot_val(newprot);
+ pgprotval_t preservebits = pgprot_val(oldprot) &
+ (_PAGE_CHG_MASK | sme_me_mask);
+ pgprotval_t addbits = pgprot_val(newprot) & ~sme_me_mask;
return __pgprot(preservebits | addbits);
}
--
2.20.1
next prev parent reply other threads:[~2019-09-05 10:36 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-05 10:35 [RFC PATCH 0/2] Fix SEV user-space mapping of unencrypted coherent memory Thomas Hellström (VMware)
2019-09-05 10:35 ` Thomas Hellström (VMware) [this message]
2019-09-05 14:15 ` [RFC PATCH 1/2] x86: Don't let pgprot_modify() change the page encryption bit Dave Hansen
2019-09-05 15:21 ` Thomas Hellström (VMware)
2019-09-05 15:24 ` Christoph Hellwig
2019-09-05 16:40 ` Thomas Hellström (VMware)
2019-09-05 17:05 ` dma_mmap_fault discussion Thomas Hellström (VMware)
2019-09-06 6:32 ` Christoph Hellwig
2019-09-06 7:10 ` Thomas Hellström (VMware)
2019-09-06 7:20 ` Christoph Hellwig
2019-09-10 8:37 ` Thomas Hellström (VMware)
2019-09-10 16:11 ` [RFC PATCH 1/2] x86: Don't let pgprot_modify() change the page encryption bit Andy Lutomirski
2019-09-10 19:26 ` Thomas Hellström (VMware)
2019-09-11 4:18 ` Andy Lutomirski
2019-09-11 7:49 ` Thomas Hellström (VMware)
2019-09-11 18:03 ` Andy Lutomirski
2019-09-12 8:29 ` Thomas Hellström (VMware)
2019-09-11 9:08 ` Koenig, Christian
2019-09-11 10:10 ` TTM huge page-faults WAS: " Thomas Hellström (VMware)
2019-09-11 14:06 ` Koenig, Christian
2019-09-11 14:06 ` Koenig, Christian
2019-09-11 15:08 ` Thomas Hellström (VMware)
2019-09-24 12:03 ` Koenig, Christian
2019-09-24 12:03 ` Koenig, Christian
2019-09-05 15:59 ` Dave Hansen
2019-09-05 16:29 ` Thomas Hellström (VMware)
2019-09-05 10:35 ` [RFC PATCH 2/2] dma-mapping: Fix dma_pgprot() for unencrypted coherent pages Thomas Hellström (VMware)
2019-09-05 11:23 ` [RFC PATCH 0/2] Fix SEV user-space mapping of unencrypted coherent memory Christoph Hellwig
2019-09-10 6:11 ` Christoph Hellwig
2019-09-10 6:25 ` Thomas Hellström (VMware)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190905103541.4161-2-thomas_os@shipmail.org \
--to=thomas_os@shipmail.org \
--cc=bp@alien8.de \
--cc=christian.koenig@amd.com \
--cc=dave.hansen@linux.intel.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=pv-drivers@vmware.com \
--cc=tglx@linutronix.de \
--cc=thellstrom@vmware.com \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.