From: Tom Lendacky <thomas.lendacky@amd.com>
To: Borislav Petkov <bp@alien8.de>
Cc: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org,
kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org,
kexec@lists.infradead.org, linux-kernel@vger.kernel.org,
kasan-dev@googlegroups.com, linux-mm@kvack.org,
iommu@lists.linux-foundation.org,
"Rik van Riel" <riel@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Toshimitsu Kani" <toshi.kani@hpe.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Jonathan Corbet" <corbet@lwn.net>,
"Matt Fleming" <matt@codeblueprint.co.uk>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Joerg Roedel" <joro@8bytes.org>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Larry Woodman" <lwoodman@redhat.com>,
"Brijesh Singh" <brijesh.singh@amd.com>,
"Ingo Molnar" <mingo@redhat.com>,
"Andy Lutomirski" <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
"Andrey Ryabinin" <aryabinin@virtuozzo.com>,
"Alexander Potapenko" <glider@google.com>,
"Dave Young" <dyoung@redhat.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Dmitry Vyukov" <dvyukov@google.com>
Subject: Re: [PATCH v6 24/34] x86, swiotlb: Add memory encryption support
Date: Wed, 14 Jun 2017 14:38:48 -0500 [thread overview]
Message-ID: <c1a59a06-2850-b215-5c08-27adff6fecde@amd.com> (raw)
In-Reply-To: <20170614164553.jwcfgugpizz5pc2e@pd.tnic>
On 6/14/2017 11:45 AM, Borislav Petkov wrote:
> On Wed, Jun 07, 2017 at 02:17:21PM -0500, Tom Lendacky wrote:
>> Since DMA addresses will effectively look like 48-bit addresses when the
>> memory encryption mask is set, SWIOTLB is needed if the DMA mask of the
>> device performing the DMA does not support 48-bits. SWIOTLB will be
>> initialized to create decrypted bounce buffers for use by these devices.
>>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
>> ---
>
> ...
>
>
>> diff --git a/init/main.c b/init/main.c
>> index df58a41..7125b5f 100644
>> --- a/init/main.c
>> +++ b/init/main.c
>> @@ -488,6 +488,10 @@ void __init __weak thread_stack_cache_init(void)
>> }
>> #endif
>>
>> +void __init __weak mem_encrypt_init(void)
>> +{
>> +}
>
> void __init __weak mem_encrypt_init(void) { }
>
> saves some real estate. Please do that for the rest of the stubs you're
> adding, for the next version.
Ok, will do.
Thanks,
Tom
>
>> +
>> /*
>> * Set up kernel memory allocators
>> */
>> @@ -640,6 +644,15 @@ asmlinkage __visible void __init start_kernel(void)
>> */
>> locking_selftest();
>>
>> + /*
>> + * This needs to be called before any devices perform DMA
>> + * operations that might use the SWIOTLB bounce buffers.
>> + * This call will mark the bounce buffers as decrypted so
>> + * that their usage will not cause "plain-text" data to be
>> + * decrypted when accessed.
>
> s/This call/It/
>
>> + */
>> + mem_encrypt_init();
>> +
>> #ifdef CONFIG_BLK_DEV_INITRD
>> if (initrd_start && !initrd_below_start_ok &&
>> page_to_pfn(virt_to_page((void *)initrd_start)) < min_low_pfn) {
>> diff --git a/lib/swiotlb.c b/lib/swiotlb.c
>> index a8d74a7..74d6557 100644
>> --- a/lib/swiotlb.c
>> +++ b/lib/swiotlb.c
>> @@ -30,6 +30,7 @@
>> #include <linux/highmem.h>
>> #include <linux/gfp.h>
>> #include <linux/scatterlist.h>
>> +#include <linux/mem_encrypt.h>
>>
>> #include <asm/io.h>
>> #include <asm/dma.h>
>> @@ -155,6 +156,17 @@ unsigned long swiotlb_size_or_default(void)
>> return size ? size : (IO_TLB_DEFAULT_SIZE);
>> }
>>
>> +void __weak swiotlb_set_mem_attributes(void *vaddr, unsigned long size)
>> +{
>> +}
>
> As above.
>
next prev parent reply other threads:[~2017-06-14 19:39 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-07 19:13 [PATCH v6 00/34] x86: Secure Memory Encryption (AMD) Tom Lendacky
2017-06-07 19:13 ` [PATCH v6 01/34] x86: Document AMD Secure Memory Encryption (SME) Tom Lendacky
2017-06-07 19:13 ` [PATCH v6 02/34] x86/mm/pat: Set write-protect cache mode for full PAT support Tom Lendacky
2017-06-07 19:13 ` [PATCH v6 03/34] x86, mpparse, x86/acpi, x86/PCI, x86/dmi, SFI: Use memremap for RAM mappings Tom Lendacky
2017-06-07 19:13 ` [PATCH v6 04/34] x86/CPU/AMD: Add the Secure Memory Encryption CPU feature Tom Lendacky
2017-06-09 10:55 ` Borislav Petkov
2017-06-07 19:14 ` [PATCH v6 05/34] x86/CPU/AMD: Handle SME reduction in physical address size Tom Lendacky
2017-06-09 16:30 ` Borislav Petkov
2017-06-07 19:14 ` [PATCH v6 06/34] x86/mm: Add Secure Memory Encryption (SME) support Tom Lendacky
2017-06-09 16:43 ` Borislav Petkov
2017-06-07 19:14 ` [PATCH v6 07/34] x86/mm: Don't use phys_to_virt in ioremap() if SME is active Tom Lendacky
2017-06-07 19:14 ` [PATCH v6 08/34] x86/mm: Add support to enable SME in early boot processing Tom Lendacky
2017-06-07 19:14 ` [PATCH v6 09/34] x86/mm: Simplify p[gum]d_page() macros Tom Lendacky
2017-06-10 10:44 ` Borislav Petkov
2017-06-07 19:14 ` [PATCH v6 10/34] x86, x86/mm, x86/xen, olpc: Use __va() against just the physical address in cr3 Tom Lendacky
2017-06-07 22:06 ` Boris Ostrovsky
2017-06-08 13:42 ` Tom Lendacky
2017-06-08 20:51 ` Boris Ostrovsky
2017-06-08 21:02 ` Tom Lendacky
2017-06-08 21:17 ` Boris Ostrovsky
2017-06-08 22:01 ` [Xen-devel] " Andrew Cooper
2017-06-09 18:36 ` Tom Lendacky
2017-06-09 18:43 ` Boris Ostrovsky
2017-06-09 18:54 ` Andrew Cooper
2017-06-09 18:59 ` Tom Lendacky
2017-06-09 19:42 ` Boris Ostrovsky
2017-06-08 6:05 ` Andy Lutomirski
2017-06-08 22:38 ` Tom Lendacky
2017-06-09 18:46 ` Andy Lutomirski
2017-06-09 21:20 ` Tom Lendacky
2017-06-08 7:39 ` kbuild test robot
2017-06-07 19:15 ` [PATCH v6 11/34] x86/mm: Provide general kernel support for memory encryption Tom Lendacky
2017-06-07 19:15 ` [PATCH v6 12/34] x86/mm: Extend early_memremap() support with additional attrs Tom Lendacky
2017-06-07 19:15 ` [PATCH v6 13/34] x86/mm: Add support for early encrypt/decrypt of memory Tom Lendacky
2017-06-10 15:56 ` Borislav Petkov
2017-06-07 19:15 ` [PATCH v6 14/34] x86/mm: Insure that boot memory areas are mapped properly Tom Lendacky
2017-06-10 16:01 ` Borislav Petkov
2017-06-12 13:31 ` Tom Lendacky
2017-06-07 19:15 ` [PATCH v6 15/34] x86/boot/e820: Add support to determine the E820 type of an address Tom Lendacky
2017-06-07 19:16 ` [PATCH v6 16/34] efi: Add an EFI table address match function Tom Lendacky
2017-06-07 19:16 ` [PATCH v6 17/34] efi: Update efi_mem_type() to return an error rather than 0 Tom Lendacky
2017-06-07 19:16 ` [PATCH v6 18/34] x86/efi: Update EFI pagetable creation to work with SME Tom Lendacky
2017-06-11 19:44 ` Borislav Petkov
2017-06-07 19:16 ` [PATCH v6 19/34] x86/mm: Add support to access boot related data in the clear Tom Lendacky
2017-06-08 4:24 ` kbuild test robot
2017-06-07 19:16 ` [PATCH v6 20/34] x86, mpparse: Use memremap to map the mpf and mpc data Tom Lendacky
2017-06-14 16:07 ` Borislav Petkov
2017-06-14 17:06 ` Tom Lendacky
2017-06-14 17:27 ` Borislav Petkov
2017-06-07 19:16 ` [PATCH v6 21/34] x86/mm: Add support to access persistent memory in the clear Tom Lendacky
2017-06-07 19:17 ` [PATCH v6 22/34] x86/mm: Add support for changing the memory encryption attribute Tom Lendacky
2017-06-14 16:25 ` Borislav Petkov
2017-06-07 19:17 ` [PATCH v6 23/34] x86, realmode: Decrypt trampoline area if memory encryption is active Tom Lendacky
2017-06-14 16:24 ` Borislav Petkov
2017-06-14 16:38 ` Tom Lendacky
2017-06-07 19:17 ` [PATCH v6 24/34] x86, swiotlb: Add memory encryption support Tom Lendacky
2017-06-14 16:45 ` Borislav Petkov
2017-06-14 19:38 ` Tom Lendacky [this message]
2017-06-07 19:17 ` [PATCH v6 25/34] swiotlb: Add warnings for use of bounce buffers with SME Tom Lendacky
2017-06-08 5:53 ` kbuild test robot
2017-06-08 21:09 ` Tom Lendacky
2017-06-08 7:58 ` Christoph Hellwig
2017-06-08 23:04 ` Tom Lendacky
2017-06-14 16:50 ` Borislav Petkov
2017-06-14 19:49 ` Tom Lendacky
2017-06-15 9:08 ` Borislav Petkov
2017-06-15 13:23 ` Tom Lendacky
2017-06-07 19:17 ` [PATCH v6 26/34] iommu/amd: Allow the AMD IOMMU to work with memory encryption Tom Lendacky
2017-06-08 2:38 ` Nick Sarnie
2017-06-08 14:26 ` Tom Lendacky
2017-06-14 17:42 ` Borislav Petkov
2017-06-14 20:40 ` Tom Lendacky
2017-06-15 9:41 ` Borislav Petkov
2017-06-15 14:59 ` Tom Lendacky
2017-06-15 15:33 ` Borislav Petkov
2017-06-15 16:33 ` Tom Lendacky
2017-06-19 17:18 ` Borislav Petkov
2017-06-15 20:13 ` Konrad Rzeszutek Wilk
2017-06-21 15:37 ` Joerg Roedel
2017-06-21 16:59 ` Borislav Petkov
2017-06-21 18:40 ` Tom Lendacky
2017-06-07 19:17 ` [PATCH v6 27/34] x86, realmode: Check for memory encryption on the APs Tom Lendacky
2017-06-07 19:18 ` [PATCH v6 28/34] x86, drm, fbdev: Do not specify encrypted memory for video mappings Tom Lendacky
2017-06-07 19:18 ` [PATCH v6 29/34] kvm: x86: svm: Support Secure Memory Encryption within KVM Tom Lendacky
2017-06-15 9:55 ` Borislav Petkov
2017-06-07 19:18 ` [PATCH v6 30/34] x86/mm, kexec: Allow kexec to be used with SME Tom Lendacky
2017-06-15 10:03 ` Borislav Petkov
2017-06-15 17:43 ` Tom Lendacky
2017-06-07 19:18 ` [PATCH v6 31/34] x86/mm: Use proper encryption attributes with /dev/mem Tom Lendacky
2017-06-07 19:18 ` [PATCH v6 32/34] x86/mm: Add support to encrypt the kernel in-place Tom Lendacky
2017-06-07 19:19 ` [PATCH v6 33/34] x86/boot: Add early cmdline parsing for options with arguments Tom Lendacky
2017-06-07 19:19 ` [PATCH v6 34/34] x86/mm: Add support to make use of Secure Memory Encryption Tom Lendacky
2017-06-08 2:40 ` [PATCH v6 00/34] x86: Secure Memory Encryption (AMD) Nick Sarnie
2017-06-08 16:14 ` Tom Lendacky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c1a59a06-2850-b215-5c08-27adff6fecde@amd.com \
--to=thomas.lendacky@amd.com \
--cc=arnd@arndb.de \
--cc=aryabinin@virtuozzo.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=corbet@lwn.net \
--cc=dvyukov@google.com \
--cc=dyoung@redhat.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=kasan-dev@googlegroups.com \
--cc=kexec@lists.infradead.org \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=lwoodman@redhat.com \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=riel@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=toshi.kani@hpe.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).