From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EC7C5C43219 for ; Thu, 9 Sep 2021 07:35:29 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C776C61132 for ; Thu, 9 Sep 2021 07:35:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352681AbhIIHgh (ORCPT ); Thu, 9 Sep 2021 03:36:37 -0400 Received: from pegase2.c-s.fr ([93.17.235.10]:50099 "EHLO pegase2.c-s.fr" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232549AbhIIHgg (ORCPT ); Thu, 9 Sep 2021 03:36:36 -0400 Received: from localhost (mailhub3.si.c-s.fr [172.26.127.67]) by localhost (Postfix) with ESMTP id 4H4rQ51qzmz9sWf; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from pegase2.c-s.fr ([172.26.127.65]) by localhost (pegase2.c-s.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id URKDW8TFRsBc; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase2.c-s.fr (Postfix) with ESMTP id 4H4rQ50Vdgz9sWd; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id E92F38B77E; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id ouyCwfPnJfe2; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) Received: from po9476vm.idsi0.si.c-s.fr (po22017.idsi0.si.c-s.fr [192.168.7.20]) by messagerie.si.c-s.fr (Postfix) with ESMTP id C29B88B77D; Thu, 9 Sep 2021 09:35:23 +0200 (CEST) Subject: Re: [PATCH v3 2/8] mm: Introduce a function to check for confidential computing features To: Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org Cc: Sathyanarayanan Kuppuswamy , Andi Kleen , Tianyu Lan , Joerg Roedel , Christoph Hellwig , Borislav Petkov , Brijesh Singh References: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> From: Christophe Leroy Message-ID: <96aa160a-e35e-452e-b785-24410265b0f6@csgroup.eu> Date: Thu, 9 Sep 2021 07:35:21 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/8/21 10:58 PM, Tom Lendacky wrote: > In prep for other confidential computing technologies, introduce a generic > helper function, cc_platform_has(), that can be used to check for specific I have little problem with that naming. For me CC has always meant Compiler Collection. > active confidential computing attributes, like memory encryption. This is > intended to eliminate having to add multiple technology-specific checks to > the code (e.g. if (sev_active() || tdx_active())). > > Co-developed-by: Andi Kleen > Signed-off-by: Andi Kleen > Co-developed-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Tom Lendacky > --- > arch/Kconfig | 3 ++ > include/linux/cc_platform.h | 88 +++++++++++++++++++++++++++++++++++++ > 2 files changed, 91 insertions(+) > create mode 100644 include/linux/cc_platform.h > > diff --git a/arch/Kconfig b/arch/Kconfig > index 3743174da870..ca7c359e5da8 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -1234,6 +1234,9 @@ config RELR > config ARCH_HAS_MEM_ENCRYPT > bool > > +config ARCH_HAS_CC_PLATFORM > + bool > + > config HAVE_SPARSE_SYSCALL_NR > bool > help > diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h > new file mode 100644 > index 000000000000..253f3ea66cd8 > --- /dev/null > +++ b/include/linux/cc_platform.h > @@ -0,0 +1,88 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Confidential Computing Platform Capability checks > + * > + * Copyright (C) 2021 Advanced Micro Devices, Inc. > + * > + * Author: Tom Lendacky > + */ > + > +#ifndef _CC_PLATFORM_H > +#define _CC_PLATFORM_H > + > +#include > +#include > + > +/** > + * enum cc_attr - Confidential computing attributes > + * > + * These attributes represent confidential computing features that are > + * currently active. > + */ > +enum cc_attr { > + /** > + * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active > + * > + * The platform/OS is running with active memory encryption. This > + * includes running either as a bare-metal system or a hypervisor > + * and actively using memory encryption or as a guest/virtual machine > + * and actively using memory encryption. > + * > + * Examples include SME, SEV and SEV-ES. > + */ > + CC_ATTR_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active > + * > + * The platform/OS is running as a bare-metal system or a hypervisor > + * and actively using memory encryption. > + * > + * Examples include SME. > + */ > + CC_ATTR_HOST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption. > + * > + * Examples include SEV and SEV-ES. > + */ > + CC_ATTR_GUEST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption and register state encryption. > + * > + * Examples include SEV-ES. > + */ > + CC_ATTR_GUEST_STATE_ENCRYPT, > +}; > + > +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM > + > +/** > + * cc_platform_has() - Checks if the specified cc_attr attribute is active > + * @attr: Confidential computing attribute to check > + * > + * The cc_platform_has() function will return an indicator as to whether the > + * specified Confidential Computing attribute is currently active. > + * > + * Context: Any context > + * Return: > + * * TRUE - Specified Confidential Computing attribute is active > + * * FALSE - Specified Confidential Computing attribute is not active > + */ > +bool cc_platform_has(enum cc_attr attr); This declaration make it impossible for architectures to define this function inline. For such function, having it inline would make more sense as it would allow GCC to perform constant folding and avoid the overhead of calling a sub-function. > + > +#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +static inline bool cc_platform_has(enum cc_attr attr) { return false; } > + > +#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +#endif /* _CC_PLATFORM_H */ > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2AB3C433EF for ; Thu, 9 Sep 2021 07:35:58 +0000 (UTC) Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2AD05610C8 for ; Thu, 9 Sep 2021 07:35:57 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 2AD05610C8 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=csgroup.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.ozlabs.org Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4H4rQh3crHz2yR7 for ; Thu, 9 Sep 2021 17:35:56 +1000 (AEST) Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=csgroup.eu (client-ip=93.17.235.10; helo=pegase2.c-s.fr; envelope-from=christophe.leroy@csgroup.eu; receiver=) Received: from pegase2.c-s.fr (pegase2.c-s.fr [93.17.235.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4H4rQ90znzz2xYL for ; Thu, 9 Sep 2021 17:35:28 +1000 (AEST) Received: from localhost (mailhub3.si.c-s.fr [172.26.127.67]) by localhost (Postfix) with ESMTP id 4H4rQ51qzmz9sWf; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from pegase2.c-s.fr ([172.26.127.65]) by localhost (pegase2.c-s.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id URKDW8TFRsBc; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase2.c-s.fr (Postfix) with ESMTP id 4H4rQ50Vdgz9sWd; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id E92F38B77E; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id ouyCwfPnJfe2; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) Received: from po9476vm.idsi0.si.c-s.fr (po22017.idsi0.si.c-s.fr [192.168.7.20]) by messagerie.si.c-s.fr (Postfix) with ESMTP id C29B88B77D; Thu, 9 Sep 2021 09:35:23 +0200 (CEST) Subject: Re: [PATCH v3 2/8] mm: Introduce a function to check for confidential computing features To: Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org References: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> From: Christophe Leroy Message-ID: <96aa160a-e35e-452e-b785-24410265b0f6@csgroup.eu> Date: Thu, 9 Sep 2021 07:35:21 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Sathyanarayanan Kuppuswamy , Andi Kleen , Tianyu Lan , Joerg Roedel , Christoph Hellwig , Borislav Petkov , Brijesh Singh Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" On 9/8/21 10:58 PM, Tom Lendacky wrote: > In prep for other confidential computing technologies, introduce a generic > helper function, cc_platform_has(), that can be used to check for specific I have little problem with that naming. For me CC has always meant Compiler Collection. > active confidential computing attributes, like memory encryption. This is > intended to eliminate having to add multiple technology-specific checks to > the code (e.g. if (sev_active() || tdx_active())). > > Co-developed-by: Andi Kleen > Signed-off-by: Andi Kleen > Co-developed-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Tom Lendacky > --- > arch/Kconfig | 3 ++ > include/linux/cc_platform.h | 88 +++++++++++++++++++++++++++++++++++++ > 2 files changed, 91 insertions(+) > create mode 100644 include/linux/cc_platform.h > > diff --git a/arch/Kconfig b/arch/Kconfig > index 3743174da870..ca7c359e5da8 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -1234,6 +1234,9 @@ config RELR > config ARCH_HAS_MEM_ENCRYPT > bool > > +config ARCH_HAS_CC_PLATFORM > + bool > + > config HAVE_SPARSE_SYSCALL_NR > bool > help > diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h > new file mode 100644 > index 000000000000..253f3ea66cd8 > --- /dev/null > +++ b/include/linux/cc_platform.h > @@ -0,0 +1,88 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Confidential Computing Platform Capability checks > + * > + * Copyright (C) 2021 Advanced Micro Devices, Inc. > + * > + * Author: Tom Lendacky > + */ > + > +#ifndef _CC_PLATFORM_H > +#define _CC_PLATFORM_H > + > +#include > +#include > + > +/** > + * enum cc_attr - Confidential computing attributes > + * > + * These attributes represent confidential computing features that are > + * currently active. > + */ > +enum cc_attr { > + /** > + * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active > + * > + * The platform/OS is running with active memory encryption. This > + * includes running either as a bare-metal system or a hypervisor > + * and actively using memory encryption or as a guest/virtual machine > + * and actively using memory encryption. > + * > + * Examples include SME, SEV and SEV-ES. > + */ > + CC_ATTR_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active > + * > + * The platform/OS is running as a bare-metal system or a hypervisor > + * and actively using memory encryption. > + * > + * Examples include SME. > + */ > + CC_ATTR_HOST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption. > + * > + * Examples include SEV and SEV-ES. > + */ > + CC_ATTR_GUEST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption and register state encryption. > + * > + * Examples include SEV-ES. > + */ > + CC_ATTR_GUEST_STATE_ENCRYPT, > +}; > + > +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM > + > +/** > + * cc_platform_has() - Checks if the specified cc_attr attribute is active > + * @attr: Confidential computing attribute to check > + * > + * The cc_platform_has() function will return an indicator as to whether the > + * specified Confidential Computing attribute is currently active. > + * > + * Context: Any context > + * Return: > + * * TRUE - Specified Confidential Computing attribute is active > + * * FALSE - Specified Confidential Computing attribute is not active > + */ > +bool cc_platform_has(enum cc_attr attr); This declaration make it impossible for architectures to define this function inline. For such function, having it inline would make more sense as it would allow GCC to perform constant folding and avoid the overhead of calling a sub-function. > + > +#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +static inline bool cc_platform_has(enum cc_attr attr) { return false; } > + > +#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +#endif /* _CC_PLATFORM_H */ > From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-17.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 37726C433F5 for ; Thu, 9 Sep 2021 07:35:34 +0000 (UTC) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D9E8B61132 for ; Thu, 9 Sep 2021 07:35:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org D9E8B61132 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=csgroup.eu Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id AFA7560AD3; Thu, 9 Sep 2021 07:35:33 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BCslqfNZxtDh; Thu, 9 Sep 2021 07:35:32 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp3.osuosl.org (Postfix) with ESMTPS id 7106060AD1; Thu, 9 Sep 2021 07:35:32 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 46380C000F; Thu, 9 Sep 2021 07:35:32 +0000 (UTC) Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id BF7ADC000D for ; Thu, 9 Sep 2021 07:35:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 9ADC082CDE for ; Thu, 9 Sep 2021 07:35:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a_2cIy4ECs1B for ; Thu, 9 Sep 2021 07:35:29 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 Received: from pegase2.c-s.fr (pegase2.c-s.fr [93.17.235.10]) by smtp1.osuosl.org (Postfix) with ESMTPS id CF7BA8293F for ; Thu, 9 Sep 2021 07:35:28 +0000 (UTC) Received: from localhost (mailhub3.si.c-s.fr [172.26.127.67]) by localhost (Postfix) with ESMTP id 4H4rQ51qzmz9sWf; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from pegase2.c-s.fr ([172.26.127.65]) by localhost (pegase2.c-s.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id URKDW8TFRsBc; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from messagerie.si.c-s.fr (messagerie.si.c-s.fr [192.168.25.192]) by pegase2.c-s.fr (Postfix) with ESMTP id 4H4rQ50Vdgz9sWd; Thu, 9 Sep 2021 09:35:25 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by messagerie.si.c-s.fr (Postfix) with ESMTP id E92F38B77E; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) X-Virus-Scanned: amavisd-new at c-s.fr Received: from messagerie.si.c-s.fr ([127.0.0.1]) by localhost (messagerie.si.c-s.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id ouyCwfPnJfe2; Thu, 9 Sep 2021 09:35:24 +0200 (CEST) Received: from po9476vm.idsi0.si.c-s.fr (po22017.idsi0.si.c-s.fr [192.168.7.20]) by messagerie.si.c-s.fr (Postfix) with ESMTP id C29B88B77D; Thu, 9 Sep 2021 09:35:23 +0200 (CEST) Subject: Re: [PATCH v3 2/8] mm: Introduce a function to check for confidential computing features To: Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org References: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> From: Christophe Leroy Message-ID: <96aa160a-e35e-452e-b785-24410265b0f6@csgroup.eu> Date: Thu, 9 Sep 2021 07:35:21 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> Content-Language: en-US Cc: Andi Kleen , Tianyu Lan , Christoph Hellwig , Borislav Petkov , Brijesh Singh X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: iommu-bounces@lists.linux-foundation.org Sender: "iommu" On 9/8/21 10:58 PM, Tom Lendacky wrote: > In prep for other confidential computing technologies, introduce a generic > helper function, cc_platform_has(), that can be used to check for specific I have little problem with that naming. For me CC has always meant Compiler Collection. > active confidential computing attributes, like memory encryption. This is > intended to eliminate having to add multiple technology-specific checks to > the code (e.g. if (sev_active() || tdx_active())). > > Co-developed-by: Andi Kleen > Signed-off-by: Andi Kleen > Co-developed-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Tom Lendacky > --- > arch/Kconfig | 3 ++ > include/linux/cc_platform.h | 88 +++++++++++++++++++++++++++++++++++++ > 2 files changed, 91 insertions(+) > create mode 100644 include/linux/cc_platform.h > > diff --git a/arch/Kconfig b/arch/Kconfig > index 3743174da870..ca7c359e5da8 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -1234,6 +1234,9 @@ config RELR > config ARCH_HAS_MEM_ENCRYPT > bool > > +config ARCH_HAS_CC_PLATFORM > + bool > + > config HAVE_SPARSE_SYSCALL_NR > bool > help > diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h > new file mode 100644 > index 000000000000..253f3ea66cd8 > --- /dev/null > +++ b/include/linux/cc_platform.h > @@ -0,0 +1,88 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Confidential Computing Platform Capability checks > + * > + * Copyright (C) 2021 Advanced Micro Devices, Inc. > + * > + * Author: Tom Lendacky > + */ > + > +#ifndef _CC_PLATFORM_H > +#define _CC_PLATFORM_H > + > +#include > +#include > + > +/** > + * enum cc_attr - Confidential computing attributes > + * > + * These attributes represent confidential computing features that are > + * currently active. > + */ > +enum cc_attr { > + /** > + * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active > + * > + * The platform/OS is running with active memory encryption. This > + * includes running either as a bare-metal system or a hypervisor > + * and actively using memory encryption or as a guest/virtual machine > + * and actively using memory encryption. > + * > + * Examples include SME, SEV and SEV-ES. > + */ > + CC_ATTR_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active > + * > + * The platform/OS is running as a bare-metal system or a hypervisor > + * and actively using memory encryption. > + * > + * Examples include SME. > + */ > + CC_ATTR_HOST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption. > + * > + * Examples include SEV and SEV-ES. > + */ > + CC_ATTR_GUEST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption and register state encryption. > + * > + * Examples include SEV-ES. > + */ > + CC_ATTR_GUEST_STATE_ENCRYPT, > +}; > + > +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM > + > +/** > + * cc_platform_has() - Checks if the specified cc_attr attribute is active > + * @attr: Confidential computing attribute to check > + * > + * The cc_platform_has() function will return an indicator as to whether the > + * specified Confidential Computing attribute is currently active. > + * > + * Context: Any context > + * Return: > + * * TRUE - Specified Confidential Computing attribute is active > + * * FALSE - Specified Confidential Computing attribute is not active > + */ > +bool cc_platform_has(enum cc_attr attr); This declaration make it impossible for architectures to define this function inline. For such function, having it inline would make more sense as it would allow GCC to perform constant folding and avoid the overhead of calling a sub-function. > + > +#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +static inline bool cc_platform_has(enum cc_attr attr) { return false; } > + > +#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +#endif /* _CC_PLATFORM_H */ > _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from pegase2.c-s.fr ([93.17.235.10]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1mOEan-008S4M-PN for kexec@lists.infradead.org; Thu, 09 Sep 2021 07:35:32 +0000 Subject: Re: [PATCH v3 2/8] mm: Introduce a function to check for confidential computing features References: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> From: Christophe Leroy Message-ID: <96aa160a-e35e-452e-b785-24410265b0f6@csgroup.eu> Date: Thu, 9 Sep 2021 07:35:21 +0000 MIME-Version: 1.0 In-Reply-To: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> Content-Language: en-US List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "kexec" Errors-To: kexec-bounces+dwmw2=infradead.org@lists.infradead.org To: Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org Cc: Sathyanarayanan Kuppuswamy , Andi Kleen , Tianyu Lan , Joerg Roedel , Christoph Hellwig , Borislav Petkov , Brijesh Singh On 9/8/21 10:58 PM, Tom Lendacky wrote: > In prep for other confidential computing technologies, introduce a generic > helper function, cc_platform_has(), that can be used to check for specific I have little problem with that naming. For me CC has always meant Compiler Collection. > active confidential computing attributes, like memory encryption. This is > intended to eliminate having to add multiple technology-specific checks to > the code (e.g. if (sev_active() || tdx_active())). > > Co-developed-by: Andi Kleen > Signed-off-by: Andi Kleen > Co-developed-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Kuppuswamy Sathyanarayanan > Signed-off-by: Tom Lendacky > --- > arch/Kconfig | 3 ++ > include/linux/cc_platform.h | 88 +++++++++++++++++++++++++++++++++++++ > 2 files changed, 91 insertions(+) > create mode 100644 include/linux/cc_platform.h > > diff --git a/arch/Kconfig b/arch/Kconfig > index 3743174da870..ca7c359e5da8 100644 > --- a/arch/Kconfig > +++ b/arch/Kconfig > @@ -1234,6 +1234,9 @@ config RELR > config ARCH_HAS_MEM_ENCRYPT > bool > > +config ARCH_HAS_CC_PLATFORM > + bool > + > config HAVE_SPARSE_SYSCALL_NR > bool > help > diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h > new file mode 100644 > index 000000000000..253f3ea66cd8 > --- /dev/null > +++ b/include/linux/cc_platform.h > @@ -0,0 +1,88 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Confidential Computing Platform Capability checks > + * > + * Copyright (C) 2021 Advanced Micro Devices, Inc. > + * > + * Author: Tom Lendacky > + */ > + > +#ifndef _CC_PLATFORM_H > +#define _CC_PLATFORM_H > + > +#include > +#include > + > +/** > + * enum cc_attr - Confidential computing attributes > + * > + * These attributes represent confidential computing features that are > + * currently active. > + */ > +enum cc_attr { > + /** > + * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active > + * > + * The platform/OS is running with active memory encryption. This > + * includes running either as a bare-metal system or a hypervisor > + * and actively using memory encryption or as a guest/virtual machine > + * and actively using memory encryption. > + * > + * Examples include SME, SEV and SEV-ES. > + */ > + CC_ATTR_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active > + * > + * The platform/OS is running as a bare-metal system or a hypervisor > + * and actively using memory encryption. > + * > + * Examples include SME. > + */ > + CC_ATTR_HOST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption. > + * > + * Examples include SEV and SEV-ES. > + */ > + CC_ATTR_GUEST_MEM_ENCRYPT, > + > + /** > + * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active > + * > + * The platform/OS is running as a guest/virtual machine and actively > + * using memory encryption and register state encryption. > + * > + * Examples include SEV-ES. > + */ > + CC_ATTR_GUEST_STATE_ENCRYPT, > +}; > + > +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM > + > +/** > + * cc_platform_has() - Checks if the specified cc_attr attribute is active > + * @attr: Confidential computing attribute to check > + * > + * The cc_platform_has() function will return an indicator as to whether the > + * specified Confidential Computing attribute is currently active. > + * > + * Context: Any context > + * Return: > + * * TRUE - Specified Confidential Computing attribute is active > + * * FALSE - Specified Confidential Computing attribute is not active > + */ > +bool cc_platform_has(enum cc_attr attr); This declaration make it impossible for architectures to define this function inline. For such function, having it inline would make more sense as it would allow GCC to perform constant folding and avoid the overhead of calling a sub-function. > + > +#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +static inline bool cc_platform_has(enum cc_attr attr) { return false; } > + > +#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ > + > +#endif /* _CC_PLATFORM_H */ > _______________________________________________ kexec mailing list kexec@lists.infradead.org http://lists.infradead.org/mailman/listinfo/kexec