From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756594AbdESTxR (ORCPT ); Fri, 19 May 2017 15:53:17 -0400 Received: from mail-bn3nam01on0062.outbound.protection.outlook.com ([104.47.33.62]:11482 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1756559AbdESTxM (ORCPT ); Fri, 19 May 2017 15:53:12 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Subject: Re: [PATCH v5 19/32] x86/mm: Add support to access persistent memory in the clear To: Borislav Petkov References: <20170418211612.10190.82788.stgit@tlendack-t1.amdoffice.net> <20170418211941.10190.19751.stgit@tlendack-t1.amdoffice.net> <20170516140449.zmp3sm4krro55bbi@pd.tnic> CC: , , , , , , , , , , Rik van Riel , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Larry Woodman , Brijesh Singh , Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Dave Young , Thomas Gleixner , Dmitry Vyukov From: Tom Lendacky Message-ID: Date: Fri, 19 May 2017 14:52:58 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <20170516140449.zmp3sm4krro55bbi@pd.tnic> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR14CA0001.namprd14.prod.outlook.com (10.173.157.139) To BN6PR12MB1137.namprd12.prod.outlook.com (10.168.226.139) X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN6PR12MB1137: X-MS-Office365-Filtering-Correlation-Id: fb760970-164e-41a1-2ef1-08d49ef0ab36 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(201703131423075)(201703031133081);SRVR:BN6PR12MB1137; X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1137;3:scbKFOMGjxf6rzDRxoSsZrM2yhmQISwPG35f+6U8hIgjI8RnPswf5Z5oB2bcWJ4VkEvPDkYlvfFmLGFkzExeZLnzs4u+f4lVkU55JEiIkfarlFal7I12L6E0BiMELMZrMyhEbHW8btMAjd4oJ214NV3a5gWcsnf7PNnSfShecqQw8o6KDAKtBjZ9RFxfZmpIeBVAypCM8fLuSqD/rJg0sPpXhWq4VkgwL2r/ZmhD5RhIYCv4A3yhaPc1uF36cuvx8iYsb85jVynbt7hDtlH7g00zeZk28ZAE4LVUbdIBG1WHBNQtWrmdRh/17jHdDSDUQE2ggEybujP+clYWkF/iftBdPHwvchzZllJdNvVL+LM=;25:6kRc8m/ambG0LRcaW5N3TjbPfM65mo4Jk7Z9sEBr/qoLv8d3jUUUeKtyGA/A+grkIM+VoAfA7u4QB9K5XwC/BeEZ8wnmvaHwtDUlyg8ZTpk3hc6NvNSiP0Ku1m7wfYCfM/lPw0aETKBWRjrrCkYuatw2kreVZhS0fVb3nj7dt/lrEnRCWtLeiFMIrwJU8wtZOxFPNk4nXqLMQaCRaisrSAi3EafQz+H1s/cc0RPACEtl5yPzK+XrKwYNn0Ovw9Kt3zUfPy6nxYOMMfZl0xZDMhYyCrvCScTI0CcPk/pwDWMwNLsE5ItqEMadbewKxuz9YAsMHKkwozGqa2VqcR7ADZjq461j+UuXQDbvjsdWbF+MTQAbvyzwBPI5QJdKvFQ6cV9c+1LJrGcsed8UT3O1R5nCyUEwN7IVCjISv3omG3UU+OsLtmVAPE+zTv2+S3HRRcCldFm62tnN+J2hhj4eDbPlI0bjRIlEl0JITC8adM0= X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1137;31:OqI+hhLGyzlZRW7GMzq0d1NNTov63ZNAJVWWTUnh3ZIqJxUBfD9/5wY5dLwmkcYqrfHXsMik4pI0cmb3NV0jSqW6y4vvoum2qx+KOaBOJb7/hyai36XWolnANg8ZT13HisJkgD/1Pz6F1xCo7UqTwKGcx+W1K+bC0W92tyiME1I4fZ9YMj1P3RkzxvrM61qVod/sU5jQQdHnWYdPFBcRyo8UvdutyhOe1QC6rPljOsQ=;20:kEnzsSA0wPcX6YCebZP/UaM7fzkG2E/AbV1+fN5E4xlQ51OV/Sq4mJ2eAqVdTBBBvmmjyiGtqs2uX9whymNyU3Z31zGSjHDlr4i1MMW1obqCDCfvMOqnrmu0OH60XkTzpioCPPpi1XEU89wlapiNo96IOKjqMwZ8MdSi/VVTOv8bXcU+cMxHtRMUwFLGX50BEM1WJMIUC6tNxomG2+BBjtai68lruBnoht6d1LWPK6gcPOoGCAJhnwmjz7VYxjpHfBjLfW3IqS+tHVRI9bz7rv8poUqIaOF+n/f8lZZfi1jBjTs2KEb8EX7ly0FC+Wq0NQZN/l2/sEKgUX9gjbaswSmx7j/HEqF6ZLa0Hs15DevgjXPSE3KobocxK+QHWddhXo47XxQjnyIzpkVAJ9rK1p950Kn9dHFnuiy9HRcLorD84p3UNvNKkHqlFq0xbF2gRsj67TSzkpLtfE0kC5aYxMx08Z+6NQWMwZlGxNkYmRHRQqLzxllK7mpMQopdT1Zv X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(6055026)(6041248)(20161123562025)(20161123560025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123555025)(20161123558100)(6072148);SRVR:BN6PR12MB1137;BCL:0;PCL:0;RULEID:;SRVR:BN6PR12MB1137; X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1137;4:I+CaFE/Yax5A1ZZ6+ROaDticEZOdc+78u5V63Q+f7VufN0KydMxns2vBvwge65ER15VjBqogd7uTT/fddakWMcyF6ooqSpfYaeFWvKzMIqps9dOVuB1UodLdT1GJOS0U9Hphfh3VPpIDAhZUwR1DGkwi/yTrf/EcN4IzfPRPb2CF6xNTh9RonEJpZNwvfmsBW/WDGVTyxrKIjZMqaW84nWt7cQDhZyUxItXbRJ0lqOEol4ANkEINF5L0UY0LUaBKyut+KRlkHOGF4266pNqG+SrXic/VX2KwAKaiV5xIf28Yub+whE+SmSbsGPUP/A8fPr935txiDaUWz0sGKlEsCHnpBDdCO5Fd4CRg2nlwTgvNbUoxV4cLgVQaIsaAAq2HDq+Lzq5PkmlCAYSxz3p+Q/Q2D0CmjL+C+nAJxz/gn4PifJEEHboHU530Yk5Rnlu+W57gZkK4WERoLNUyb8ECG6OVoT4+rK9djjbhhOJsXe8Szj8KjqzUbBAIXXZPCB4NtzTQiv4oSheBOltI8cNiUYh8ayrQ1RTX/+LgLoZzD+QKlWRCvjTXzBpDYODhwhK7mPXePzhXeKVM1jPJmcAMa1Eyq+CuEfEEmgKG8TuKn/QXre8SPtoEjT+8kYLS/iqCuCC4Buu5XTvGFGORqUSd6IBZkJezaLhd2jK5888DWeC11lWYKtXM/DdZFX0TAcUL7MpaWGbU0p1gYV4SAytk5wESym0ECMrRV8dipe1TpYJbwF64Rs563dBhrNJrpvImTCUn7AGwe59zGeKCv6VsbVmiNtuluMPNcdv6uIDXVpl/t0075fj+vADqRZ/p4ij0uLyPg6sIBYYplO9eO1iBAw== X-Forefront-PRVS: 031257FE13 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(39840400002)(39410400002)(39850400002)(39860400002)(39400400002)(39450400003)(24454002)(377454003)(2906002)(4326008)(4001350100001)(6916009)(110136004)(2950100002)(53936002)(6246003)(42186005)(189998001)(31696002)(31686004)(77096006)(90366009)(81166006)(6486002)(25786009)(50466002)(53546009)(3260700006)(8676002)(54906002)(33646002)(50986999)(86362001)(54356999)(76176999)(230700001)(5660300001)(36756003)(65826007)(229853002)(478600001)(83506001)(65806001)(7736002)(65956001)(66066001)(47776003)(23676002)(72206003)(305945005)(7416002)(7406005)(6116002)(3846002)(38730400002)(6666003);DIR:OUT;SFP:1101;SCL:1;SRVR:BN6PR12MB1137;H:[10.236.64.250];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjZQUjEyTUIxMTM3OzIzOkRsOG1BWlBIQ1hHYXErNTgwbXFNNjh6TmZS?= =?utf-8?B?eDBVaXlMRjYwOS9vVEpKNmRXRm1NKzJSeTdJaWxidEVoaG9LaU0vYkJVcFQ0?= =?utf-8?B?VGNzT0tDakFzVU13VDQ4K2dYc05zU0s4dXBuSjYzS0pLbFIyLzR5SmcyTnVh?= =?utf-8?B?RU9vV3JkV0w3dTF0aUlzeXJxdUxCV2ZTMjJ4VndlM3V3cHFrK2NpSCt0Z2tq?= =?utf-8?B?RjA5a29QSVhYUVJOaGRvK1hvQXloTkpJQ0l1SHN2NEJ2R2tYa2tzVkIwWHk3?= =?utf-8?B?Y2NMNDk5am9lU2FtcUgxcDZMdWJMRlJzanY1c0MwWjEwNDJGeHdIbzlTUis0?= =?utf-8?B?MWl2a0pURTRzVnlzZ2lmZzZIUFFoT1dpMnBXb3BCcGh6YjlDbXd6OVE3MHBT?= =?utf-8?B?MDlUZlIwVVNONjVoMkxoMkJ4VFo2aUg1R290bGVONk9aRDk4UzlwcTJiWTVs?= =?utf-8?B?OXIyZS9kTzBEN0I3bzE0WU14T2t5NHQrUTRESjBoaWRRUzF1YW1BbXg2RnY1?= =?utf-8?B?OVRjWnhwUFpVMHRsUEFWVGI5eFAyVEZEM0M5bFlUOEQ2NkpWTFpGR29LRGpO?= =?utf-8?B?THNDK0NjZjduRXVEek54QkJNblhXWkZiVnp3ODJmTVhROUs3Z0w4Z0R3cmdh?= =?utf-8?B?L0JrUThqdEtJanlqbW42eHlycnUxY1F5QVlwcWFabEl4U3RZOEZwWjBQaW4w?= =?utf-8?B?MTBBOG1nTkFYZDYwR0RlakYxTEM5MVVYazZoUWZoR3UrM2hka3hsejJSZkVz?= =?utf-8?B?anpkU2NiWFlhU0REcUNBY1A4Sno0NDk1eS9XSUtpUWZNcHIxRkU1T3Z4TTQ1?= =?utf-8?B?N0pURWxIa0t5RXNTT1g2YkZ4RTBGVjNVOCt1NlhKbG9XaGFyUzZhSjNDa1lh?= =?utf-8?B?Rk55blRXTm1xMHVzNlZ4SWovWTVlWXBiOVQ2bzNObi9PaE9CM2w0bzZLeGxB?= =?utf-8?B?QnlPMVFZS282MFJkMEkyNnJMSmhrczlrb3o1WWt5blhoUE50cHdSNDVHdTV5?= =?utf-8?B?bVlBdURhTlRJUS9CL0lFMkFTSE5IcUVadVFTL3pIRU51TWRIbjJRVzBiMmoy?= =?utf-8?B?QytZMUpHcmNZNkFOMWVrSXpoQlFwYUI3T2dSZURyaUZ4T3JRWkdMSXJjMUN0?= =?utf-8?B?OEREMWIyY2FZdCtrTzdEQkpqVjVhSUFpTk9seEhCME5lNjEzNklTZmRJcTdl?= =?utf-8?B?WWtpamRGeXgzOWZvaDBJV1pEYU9jc3diUzVrMW5JSEdKRzNMSFVqNVVFeFVP?= =?utf-8?B?R3ZpYitSdXZCUnQ2UFR1eWdkYi9rODlFbFNvdEZOZldYR1dkQXZlSnRQZmNL?= =?utf-8?B?NnhlM3RZekcyM0h5MzQ3UlFscUdBQVExS1Jkdmk4N29iSDZRMXFYbi9iZW9N?= =?utf-8?B?Wkl3ZExsR3MrWTBQM0lhUzFOcGZUNlp1OGFZVkxhODR2UFJoaXVnSC8yTUY1?= =?utf-8?B?cTlTWGM0SjhEbWcwYTVleTd4dWxId1o4ZklsWWlrcU5XV3cvRitwamVmOUk2?= =?utf-8?B?MStzdHFNN2JBdm1tRWhId0k3ZjNTSnZuMno5a0hpbEVqbHg0WHlVYjNRZGox?= =?utf-8?B?TXpUWkphUGVNS0p4dVhwbndiblZ6RnZNSVZ0MnpjUEFOWHVSL3ZPTUM0UTN6?= =?utf-8?B?TGxYS3gzRTJJNkt4MURDWVF4U0pjbnVueWlZelNuczl3T1ZZNXJ3ZVdkMkVQ?= =?utf-8?B?RU40VnhZak5WcXJGZ1JkeksrSGJGLzlRc003dlFKK1NlYVROd0Y3QWF0aWFK?= =?utf-8?B?ZTRQMjVSNVNkbzExck9aSVl6N2ZOMU43QTB5WHpObm5FeTZRdWxzSElvL2dE?= =?utf-8?B?VEsvVnJJNEV1M0IvMjV4MklNQTQ1RUhTMjJ1aDNET003L0xBR0ZUVVk4TmJD?= =?utf-8?B?ZEhnVm9sN1JQazNVbVREUmwxMk9jVXNGU0orUnFXbHRFN0lnTEJhOU5vc1Zu?= =?utf-8?Q?HOoMMT4SA/m1lwmp/Lfzm0iG+9/ET4=3D?= X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1137;6:uLbImyNWLihADZAorHB1bC7fncH8fPAinkAwSe+xWgLn1HNmrPoBWyOqR4NNloG2bVGVN14KeQ82pzXlv9YQWsmNkyibsNDpN9MDzOkAAt82F5jsR9KExyZuQkfv/Ugc7AzlBIMGyT54yTzR+lnwosvFRxNtknKx5Qjb4EcF6Svk8UNuZIUUSQ/4MH49baxmIpiMEUGtfMa0z5bg6LdAG8PI2sy0te+fwBM+GeHG/jZk33qMCJPc+ESKDMT1+c5mAZth/wVFsjgxTQjPLoiKfE+Wfgaz9RlxV3zBtVt9A+OhJXCzImu3wjUluNpnNf1whoTyBOwREdUxIZKY+ah2L+AU2Db3VEsnqzL1VfV0FfKCzTYMQRiR7cMhea2ewVbLDt7tpO4hpu1bAzYX5kp46rNunDAq0WRsLc7MnEkpZejBY9vO5J02TTRZ7gKI8LqwVXpJhjJRPVRlQotW5TIk+J90H6d+ZHfqd10n8v0T0F89C40ta723FC/9sv4QuP8fS4GvVCj5O2drEVSRM+Od9m/6vIiiXrofGc4A8IIqMR8=;5:GmArj+NXbGK0aBMUexX6CJtDjImB0oembNn6UYR3MPQuWy7u02yKpDoj/MoVaHTjyBVVV4R42KQYTb3xbwe4nfR4Yb3Bvrld6p9KPeU3m972GeG4ONGDudh91CZ6ZMtaJJyVzYAsa6B1BbNAhtuA+A==;24:cu8CKKMkhUTq6/P7q9rz+0vrJA2L7Y4YPbi6titCsrHYAPWiOVAwyxGm4BMlBvgMPcEzEq3cotgYvJGzTHivZ9TruQLGo5c0s7Cd5alWAsA= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BN6PR12MB1137;7:UBecANMtCkY+MFQbZ1J/P/BWuMkl828qaNmjunwXBKv1hw8czcILSgHw1fbYWzeGw7NwR9RxxyQI3a+KVZQIn2DBuQytQxkpyc9iK/dTvV7Q5fXcpOAGEt7BCR1hxPz8cxmvLYjC1JeCs3oYQX8VjHeVC/wc84gGekayga7nvsdFxt11HJdAHtV7zb/wrf+FuOvT2N2jYLDTz9ySYdpsEdnv/1BJ6a+9LEPlD8skr/ffZ5ElGlp/HfgRfQ+EexGI+/IrYozPBviP4Lu48nv00uJTW9WWoBRcogSNssWBOszRFlTRVjibt6AoyU2kRcTxTxS0F/oNdnbquM8UscekAA==;20:PH6lBiXzhdVVg7TyvUVs3B9Y7I4NJ194MGQeJoNu+S8qaPUf+u8s/V7aTcWS7e/PDI/LHLYR/LoZP0Gs0fcH9rXn4BUGLgkakbUzk4Qt1HhPWnpbg9aqHHySlEukG06mGYpbqCUq6IioB4IdFh7+R4tQZJlV1bsdGFxxL3fj0V+AE9vTPX5jiT8ihusQe/hmWzE1M5AbA2Fdld3Pfy0KimiESLxZPEaML/OoOO29lmnSJRbeyo0b4yuffvjWwFT4 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 May 2017 19:53:04.8791 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1137 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/16/2017 9:04 AM, Borislav Petkov wrote: > On Tue, Apr 18, 2017 at 04:19:42PM -0500, Tom Lendacky wrote: >> Persistent memory is expected to persist across reboots. The encryption >> key used by SME will change across reboots which will result in corrupted >> persistent memory. Persistent memory is handed out by block devices >> through memory remapping functions, so be sure not to map this memory as >> encrypted. >> >> Signed-off-by: Tom Lendacky >> --- >> arch/x86/mm/ioremap.c | 31 ++++++++++++++++++++++++++++++- >> 1 file changed, 30 insertions(+), 1 deletion(-) >> >> diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c >> index bce0604..55317ba 100644 >> --- a/arch/x86/mm/ioremap.c >> +++ b/arch/x86/mm/ioremap.c >> @@ -425,17 +425,46 @@ void unxlate_dev_mem_ptr(phys_addr_t phys, void *addr) >> * Examine the physical address to determine if it is an area of memory >> * that should be mapped decrypted. If the memory is not part of the >> * kernel usable area it was accessed and created decrypted, so these >> - * areas should be mapped decrypted. >> + * areas should be mapped decrypted. And since the encryption key can >> + * change across reboots, persistent memory should also be mapped >> + * decrypted. >> */ >> static bool memremap_should_map_decrypted(resource_size_t phys_addr, >> unsigned long size) >> { >> + int is_pmem; >> + >> + /* >> + * Check if the address is part of a persistent memory region. >> + * This check covers areas added by E820, EFI and ACPI. >> + */ >> + is_pmem = region_intersects(phys_addr, size, IORESOURCE_MEM, >> + IORES_DESC_PERSISTENT_MEMORY); >> + if (is_pmem != REGION_DISJOINT) >> + return true; >> + >> + /* >> + * Check if the non-volatile attribute is set for an EFI >> + * reserved area. >> + */ >> + if (efi_enabled(EFI_BOOT)) { >> + switch (efi_mem_type(phys_addr)) { >> + case EFI_RESERVED_TYPE: >> + if (efi_mem_attributes(phys_addr) & EFI_MEMORY_NV) >> + return true; >> + break; >> + default: >> + break; >> + } >> + } >> + >> /* Check if the address is outside kernel usable area */ >> switch (e820__get_entry_type(phys_addr, phys_addr + size - 1)) { >> case E820_TYPE_RESERVED: >> case E820_TYPE_ACPI: >> case E820_TYPE_NVS: >> case E820_TYPE_UNUSABLE: >> + case E820_TYPE_PRAM: > > Can't you simply add: > > case E820_TYPE_PMEM: > > here too and thus get rid of the region_intersects() thing above? > > Because, for example, e820_type_to_iores_desc() maps E820_TYPE_PMEM to > IORES_DESC_PERSISTENT_MEMORY so those should be equivalent... I'll have to double-check this, but I believe that when persistent memory is identified through the NFIT table it adds it as a resource but doesn't add it as an e820 entry so I can't rely on the type being returned as E820_TYPE_PMEM by e820__get_entry_type(). Thanks, Tom >