From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org,
kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org,
linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com,
linux-mm@kvack.org, iommu@lists.linux-foundation.org,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Jonathan Corbet" <corbet@lwn.net>,
"Matt Fleming" <matt@codeblueprint.co.uk>,
"Joerg Roedel" <joro@8bytes.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"Alexander Potapenko" <glider@google.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Dmitry Vyukov" <dvyukov@google.com>
Subject: Re: [RFC PATCH v1 13/18] x86: DMA support for memory encryption
Date: Fri, 29 Apr 2016 12:27:58 -0400 [thread overview]
Message-ID: <20160429162757.GA1191@char.us.oracle.com> (raw)
In-Reply-To: <572379ED.9050404@amd.com>
On Fri, Apr 29, 2016 at 10:12:45AM -0500, Tom Lendacky wrote:
> On 04/29/2016 02:17 AM, Konrad Rzeszutek Wilk wrote:
> > On Tue, Apr 26, 2016 at 05:58:12PM -0500, Tom Lendacky wrote:
> >> Since DMA addresses will effectively look like 48-bit addresses when the
> >> memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
> >> device performing the DMA does not support 48-bits. SWIOTLB will be
> >> initialized to create un-encrypted bounce buffers for use by these devices.
> >>
> >
> >
> > I presume the sme_me_mask does not use the lower 48 bits?
>
> The sme_me_mask will actually be bit 47. So, when applied, the address
> will become a 48-bit address.
>
> >
> >
> > ..snip..
> >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
> >> index 7d56d1b..594dc65 100644
> >> --- a/arch/x86/mm/mem_encrypt.c
> >> +++ b/arch/x86/mm/mem_encrypt.c
> >> @@ -12,6 +12,8 @@
> >>
> >> #include <linux/init.h>
> >> #include <linux/mm.h>
> >> +#include <linux/dma-mapping.h>
> >> +#include <linux/swiotlb.h>
> >>
> >> #include <asm/mem_encrypt.h>
> >> #include <asm/cacheflush.h>
> >> @@ -168,6 +170,25 @@ void __init sme_early_init(void)
> >> }
> >>
> >> /* Architecture __weak replacement functions */
> >> +void __init mem_encrypt_init(void)
> >> +{
> >> + if (!sme_me_mask)
> >> + return;
> >> +
> >> + /* Make SWIOTLB use an unencrypted DMA area */
> >> + swiotlb_clear_encryption();
> >> +}
> >> +
> >> +unsigned long swiotlb_get_me_mask(void)
> >> +{
> >> + return sme_me_mask;
> >> +}
> >> +
> >> +void swiotlb_set_mem_dec(void *vaddr, unsigned long size)
> >> +{
> >> + sme_set_mem_dec(vaddr, size);
> >> +}
> >> +
> >> void __init *efi_me_early_memremap(resource_size_t paddr,
> >> unsigned long size)
> >> {
> >> diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h
> >> index 017fced..121b9de 100644
> >> --- a/include/linux/swiotlb.h
> >> +++ b/include/linux/swiotlb.h
> >> @@ -30,6 +30,7 @@ int swiotlb_init_with_tbl(char *tlb, unsigned long nslabs, int verbose);
> >> extern unsigned long swiotlb_nr_tbl(void);
> >> unsigned long swiotlb_size_or_default(void);
> >> extern int swiotlb_late_init_with_tbl(char *tlb, unsigned long nslabs);
> >> +extern void __init swiotlb_clear_encryption(void);
> >>
> >> /*
> >> * Enumeration for sync targets
> >> diff --git a/init/main.c b/init/main.c
> >> index b3c6e36..1013d1c 100644
> >> --- a/init/main.c
> >> +++ b/init/main.c
> >> @@ -458,6 +458,10 @@ void __init __weak thread_info_cache_init(void)
> >> }
> >> #endif
> >>
> >> +void __init __weak mem_encrypt_init(void)
> >> +{
> >> +}
> >> +
> >> /*
> >> * Set up kernel memory allocators
> >> */
> >> @@ -597,6 +601,8 @@ asmlinkage __visible void __init start_kernel(void)
> >> */
> >> locking_selftest();
> >>
> >> + mem_encrypt_init();
> >> +
> >> #ifdef CONFIG_BLK_DEV_INITRD
> >> if (initrd_start && !initrd_below_start_ok &&
> >> page_to_pfn(virt_to_page((void *)initrd_start)) < min_low_pfn) {
> >
> > What happens if devices use the bounce buffer before mem_encrypt_init()?
>
> The call to mem_encrypt_init is early in the boot process, I may have
> overlooked something, but what devices would be performing DMA before
> this?
I am not saying that you overlooked. Merely wondering if somebody re-orders these
calls what would happen. It maybe also good to have a comment right before
mem_encrpyt_init stating what will happen if the device does DMA before the function
is called.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-04-29 16:27 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-26 22:55 [RFC PATCH v1 00/18] x86: Secure Memory Encryption (AMD) Tom Lendacky
2016-03-22 13:00 ` Pavel Machek
[not found] ` <20160322130058.GA16528-5NIqAleC692hcjWhqY66xCZi+YwRKgec@public.gmane.org>
2016-04-27 14:05 ` Borislav Petkov
2016-04-27 14:30 ` Pavel Machek
2016-04-27 14:39 ` Borislav Petkov
[not found] ` <20160427143951.GH21011-fF5Pk5pvG8Y@public.gmane.org>
2016-04-27 14:58 ` Pavel Machek
2016-04-27 15:47 ` Pavel Machek
2016-04-27 14:21 ` Tom Lendacky
2016-04-26 22:56 ` [RFC PATCH v1 01/18] x86: Set the write-protect cache mode for AMD processors Tom Lendacky
[not found] ` <20160426225604.13567.55443.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org>
2016-04-27 14:33 ` Andy Lutomirski
2016-04-27 14:44 ` Tom Lendacky
2016-04-27 14:47 ` Andy Lutomirski
[not found] ` <CALCETrV+JzPZjrrqkhWSVfvKQt62Aq8NSW=ZvfdiAi8XKoLi8A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-04-27 15:05 ` Tom Lendacky
2016-04-27 15:12 ` Andy Lutomirski
2016-04-27 15:31 ` Borislav Petkov
2016-04-27 15:34 ` Andy Lutomirski
2016-04-26 22:56 ` [RFC PATCH v1 02/18] x86: Secure Memory Encryption (SME) build enablement Tom Lendacky
2016-03-22 13:01 ` Pavel Machek
2016-04-27 15:17 ` Tom Lendacky
2016-04-27 15:30 ` Pavel Machek
2016-04-27 15:41 ` Borislav Petkov
2016-04-27 16:41 ` Pavel Machek
2016-04-27 17:07 ` Robin Murphy
2016-04-27 17:12 ` Borislav Petkov
2016-04-26 22:56 ` [RFC PATCH v1 03/18] x86: Secure Memory Encryption (SME) support Tom Lendacky
2016-03-22 13:03 ` Pavel Machek
2016-04-27 16:20 ` Tom Lendacky
2016-04-26 22:56 ` [RFC PATCH v1 04/18] x86: Add the Secure Memory Encryption cpu feature Tom Lendacky
2016-04-26 22:56 ` [RFC PATCH v1 05/18] x86: Handle reduction in physical address size with SME Tom Lendacky
2016-04-26 22:56 ` [RFC PATCH v1 06/18] x86: Provide general kernel support for memory encryption Tom Lendacky
2016-04-26 22:57 ` [RFC PATCH v1 07/18] x86: Extend the early_memmap support with additional attrs Tom Lendacky
2016-04-26 22:57 ` [RFC PATCH v1 08/18] x86: Add support for early encryption/decryption of memory Tom Lendacky
2016-04-26 22:57 ` [RFC PATCH v1 09/18] x86: Insure that memory areas are encrypted when possible Tom Lendacky
2016-04-26 22:57 ` [RFC PATCH v1 10/18] x86/efi: Access EFI related tables in the clear Tom Lendacky
[not found] ` <20160426225740.13567.85438.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org>
2016-05-10 13:43 ` Matt Fleming
[not found] ` <20160510134358.GR2839-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-05-10 13:57 ` Borislav Petkov
2016-05-12 18:20 ` Tom Lendacky
2016-05-24 14:54 ` Tom Lendacky
2016-05-25 16:09 ` Daniel Kiper
2016-05-25 19:30 ` Matt Fleming
2016-05-26 13:45 ` Tom Lendacky
2016-06-08 10:07 ` Matt Fleming
2016-06-09 16:16 ` Tom Lendacky
2016-06-13 12:03 ` Matt Fleming
2016-06-13 12:34 ` Matt Fleming
2016-06-13 15:16 ` Tom Lendacky
2016-06-08 11:18 ` Matt Fleming
2016-06-09 18:33 ` Tom Lendacky
2016-06-13 13:51 ` Matt Fleming
[not found] ` <20160613135110.GC2658-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-06-15 13:17 ` Tom Lendacky
[not found] ` <57615561.4090502-5C7GfCeVMHo@public.gmane.org>
2016-06-16 14:38 ` Tom Lendacky
2016-06-17 15:51 ` Matt Fleming
2016-04-26 22:57 ` [RFC PATCH v1 11/18] x86: Decrypt trampoline area if memory encryption is active Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 12/18] x86: Access device tree in the clear Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 13/18] x86: DMA support for memory encryption Tom Lendacky
2016-04-29 7:17 ` Konrad Rzeszutek Wilk
2016-04-29 15:12 ` Tom Lendacky
2016-04-29 16:27 ` Konrad Rzeszutek Wilk [this message]
[not found] ` <20160429162757.GA1191-he5eyhs8q0BAdwtm4QZOy9BPR1lH4CV8@public.gmane.org>
2016-04-29 23:49 ` Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 14/18] iommu/amd: AMD IOMMU " Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 15/18] x86: Enable memory encryption on the APs Tom Lendacky
2016-05-01 22:10 ` Huang, Kai
[not found] ` <f37dd7de-23ad-f70f-c32d-a32f116215ce-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2016-05-03 15:59 ` Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 16/18] x86: Do not specify encrypted memory for VGA mapping Tom Lendacky
2016-04-26 22:58 ` [RFC PATCH v1 17/18] x86/kvm: Enable Secure Memory Encryption of nested page tables Tom Lendacky
2016-04-26 22:59 ` [RFC PATCH v1 18/18] x86: Add support to turn on Secure Memory Encryption Tom Lendacky
[not found] ` <20160426225904.13567.538.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org>
2016-03-22 13:13 ` Pavel Machek
[not found] ` <20160426225553.13567.19459.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org>
2016-04-27 14:39 ` [RFC PATCH v1 00/18] x86: Secure Memory Encryption (AMD) Andy Lutomirski
2016-04-27 20:10 ` Tom Lendacky
2016-05-02 18:31 ` Andy Lutomirski
2016-05-09 15:13 ` Paolo Bonzini
2016-05-09 21:08 ` Tom Lendacky
2016-05-10 11:23 ` Paolo Bonzini
2016-05-10 12:04 ` Borislav Petkov
2016-04-30 6:13 ` Elliott, Robert (Persistent Memory)
[not found] ` <94D0CD8314A33A4D9D801C0FE68B402963918FDA-wwDBVnaDRpYSZAcGdq5asR6epYMZPwEe5NbjCUgZEJk@public.gmane.org>
2016-05-03 15:55 ` Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160429162757.GA1191@char.us.oracle.com \
--to=konrad.wilk@oracle.com \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=kasan-dev@googlegroups.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).