From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C89B1C43216 for ; Mon, 9 Aug 2021 01:42:04 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id AB653603E7 for ; Mon, 9 Aug 2021 01:42:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232705AbhHIBmW (ORCPT ); Sun, 8 Aug 2021 21:42:22 -0400 Received: from mga12.intel.com ([192.55.52.136]:16048 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232678AbhHIBmU (ORCPT ); Sun, 8 Aug 2021 21:42:20 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10070"; a="194200409" X-IronPort-AV: E=Sophos;i="5.84,305,1620716400"; d="scan'208";a="194200409" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Aug 2021 18:41:59 -0700 X-IronPort-AV: E=Sophos;i="5.84,305,1620716400"; d="scan'208";a="670624711" Received: from ctrondse-mobl.amr.corp.intel.com (HELO skuppusw-mobl5.amr.corp.intel.com) ([10.212.77.4]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Aug 2021 18:41:57 -0700 Subject: Re: [PATCH 00/11] Implement generic prot_guest_has() helper function To: Tom Lendacky , linux-kernel@vger.kernel.org, x86@kernel.org, linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, iommu@lists.linux-foundation.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-graphics-maintainer@vmware.com, amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org Cc: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Tianyu Lan , Andy Lutomirski , Ard Biesheuvel , Baoquan He , Benjamin Herrenschmidt , Christian Borntraeger , Daniel Vetter , Dave Hansen , Dave Young , David Airlie , Heiko Carstens , Ingo Molnar , Maarten Lankhorst , Maxime Ripard , Michael Ellerman , Paul Mackerras , Peter Zijlstra , Thomas Gleixner , Thomas Zimmermann , Vasily Gorbik , Will Deacon References: From: "Kuppuswamy, Sathyanarayanan" Message-ID: <0d75f283-50b7-460d-3165-185cb955bd70@linux.intel.com> Date: Sun, 8 Aug 2021 18:41:54 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Tom, On 7/27/21 3:26 PM, Tom Lendacky wrote: > This patch series provides a generic helper function, prot_guest_has(), > to replace the sme_active(), sev_active(), sev_es_active() and > mem_encrypt_active() functions. > > It is expected that as new protected virtualization technologies are > added to the kernel, they can all be covered by a single function call > instead of a collection of specific function calls all called from the > same locations. > > The powerpc and s390 patches have been compile tested only. Can the > folks copied on this series verify that nothing breaks for them. With this patch set, select ARCH_HAS_PROTECTED_GUEST and set CONFIG_AMD_MEM_ENCRYPT=n, creates following error. ld: arch/x86/mm/ioremap.o: in function `early_memremap_is_setup_data': arch/x86/mm/ioremap.c:672: undefined reference to `early_memremap_decrypted' It looks like early_memremap_is_setup_data() is not protected with appropriate config. > > Cc: Andi Kleen > Cc: Andy Lutomirski > Cc: Ard Biesheuvel > Cc: Baoquan He > Cc: Benjamin Herrenschmidt > Cc: Borislav Petkov > Cc: Christian Borntraeger > Cc: Daniel Vetter > Cc: Dave Hansen > Cc: Dave Young > Cc: David Airlie > Cc: Heiko Carstens > Cc: Ingo Molnar > Cc: Joerg Roedel > Cc: Maarten Lankhorst > Cc: Maxime Ripard > Cc: Michael Ellerman > Cc: Paul Mackerras > Cc: Peter Zijlstra > Cc: Thomas Gleixner > Cc: Thomas Zimmermann > Cc: Vasily Gorbik > Cc: VMware Graphics > Cc: Will Deacon > > --- > > Patches based on: > https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git master > commit 79e920060fa7 ("Merge branch 'WIP/fixes'") > > Tom Lendacky (11): > mm: Introduce a function to check for virtualization protection > features > x86/sev: Add an x86 version of prot_guest_has() > powerpc/pseries/svm: Add a powerpc version of prot_guest_has() > x86/sme: Replace occurrences of sme_active() with prot_guest_has() > x86/sev: Replace occurrences of sev_active() with prot_guest_has() > x86/sev: Replace occurrences of sev_es_active() with prot_guest_has() > treewide: Replace the use of mem_encrypt_active() with > prot_guest_has() > mm: Remove the now unused mem_encrypt_active() function > x86/sev: Remove the now unused mem_encrypt_active() function > powerpc/pseries/svm: Remove the now unused mem_encrypt_active() > function > s390/mm: Remove the now unused mem_encrypt_active() function > > arch/Kconfig | 3 ++ > arch/powerpc/include/asm/mem_encrypt.h | 5 -- > arch/powerpc/include/asm/protected_guest.h | 30 +++++++++++ > arch/powerpc/platforms/pseries/Kconfig | 1 + > arch/s390/include/asm/mem_encrypt.h | 2 - > arch/x86/Kconfig | 1 + > arch/x86/include/asm/kexec.h | 2 +- > arch/x86/include/asm/mem_encrypt.h | 13 +---- > arch/x86/include/asm/protected_guest.h | 27 ++++++++++ > arch/x86/kernel/crash_dump_64.c | 4 +- > arch/x86/kernel/head64.c | 4 +- > arch/x86/kernel/kvm.c | 3 +- > arch/x86/kernel/kvmclock.c | 4 +- > arch/x86/kernel/machine_kexec_64.c | 19 +++---- > arch/x86/kernel/pci-swiotlb.c | 9 ++-- > arch/x86/kernel/relocate_kernel_64.S | 2 +- > arch/x86/kernel/sev.c | 6 +-- > arch/x86/kvm/svm/svm.c | 3 +- > arch/x86/mm/ioremap.c | 16 +++--- > arch/x86/mm/mem_encrypt.c | 60 +++++++++++++++------- > arch/x86/mm/mem_encrypt_identity.c | 3 +- > arch/x86/mm/pat/set_memory.c | 3 +- > arch/x86/platform/efi/efi_64.c | 9 ++-- > arch/x86/realmode/init.c | 8 +-- > drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 4 +- > drivers/gpu/drm/drm_cache.c | 4 +- > drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 4 +- > drivers/gpu/drm/vmwgfx/vmwgfx_msg.c | 6 +-- > drivers/iommu/amd/init.c | 7 +-- > drivers/iommu/amd/iommu.c | 3 +- > drivers/iommu/amd/iommu_v2.c | 3 +- > drivers/iommu/iommu.c | 3 +- > fs/proc/vmcore.c | 6 +-- > include/linux/mem_encrypt.h | 4 -- > include/linux/protected_guest.h | 37 +++++++++++++ > kernel/dma/swiotlb.c | 4 +- > 36 files changed, 218 insertions(+), 104 deletions(-) > create mode 100644 arch/powerpc/include/asm/protected_guest.h > create mode 100644 arch/x86/include/asm/protected_guest.h > create mode 100644 include/linux/protected_guest.h > -- Sathyanarayanan Kuppuswamy Linux Kernel Developer