From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751856AbcIORID (ORCPT ); Thu, 15 Sep 2016 13:08:03 -0400 Received: from mail-sn1nam01on0069.outbound.protection.outlook.com ([104.47.32.69]:30528 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750878AbcIORH7 (ORCPT ); Thu, 15 Sep 2016 13:07:59 -0400 X-Greylist: delayed 941 seconds by postgrey-1.27 at vger.kernel.org; Thu, 15 Sep 2016 13:07:58 EDT Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear To: Matt Fleming References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> <20160822223738.29880.6909.stgit@tlendack-t1.amdoffice.net> <20160915095709.GB16797@codeblueprint.co.uk> CC: Andy Lutomirski , kasan-dev , "linux-efi@vger.kernel.org" , linux-arch , Thomas Gleixner , Paolo Bonzini , Ingo Molnar , Borislav Petkov , , "linux-doc@vger.kernel.org" , Jonathan Corbet , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Konrad Rzeszutek Wilk , "linux-mm@kvack.org" , Alexander Potapenko , "linux-kernel@vger.kernel.org" , Dmitry Vyukov , Arnd Bergmann , Joerg Roedel , Andrey Ryabinin , "H. Peter Anvin" , X86 ML , kvm list , Dave Young From: Tom Lendacky Message-ID: Date: Thu, 15 Sep 2016 11:52:05 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <20160915095709.GB16797@codeblueprint.co.uk> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR15CA0001.namprd15.prod.outlook.com (10.163.200.11) To MWHPR12MB1149.namprd12.prod.outlook.com (10.169.204.13) X-MS-Office365-Filtering-Correlation-Id: a5972bde-bf33-45d4-d03e-08d3dd88a572 X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1149;2:pDfQcvzWdbU94QpZohaBFVl523KgHtuZGl/xIvo67LXhnypEuLzPhgvcoN+kmy6BPzTgGsV+sBTnr8IBFrT0Pkfp0sLciW2Jv8TZKNDJR6Wk9Ca/cQAg1/lVuS7cu5x2kDWh4fkO1jAQWsV0ffqkYfHkMyyZp+/hDlbTXVJJ3SAi9dznnhE4h7/KxLzQoiek;3:uuUSyMieTXkE+PguUQj0dY+b1CrILHpu8KLd2koRvGDiGQu5lMQvEAaVAbc7Kt79LXJP1wSaNMokmUmgMI8DzmntQ5dsfkC2P53bb1AHOJ4gQ7SCClQGs1k5s2pQsc4j;25:/CT6L4l1iUErQoIG/1svX0TsN9nGxypfOQKYZyexhoxi6AXaoqRPqeCBYD3VTr6zAVGVzLX3fkK74tRpmeh43pF6SBlbar9wfpF2S6jnqWIPIutr7IGE7N8i1y80/0CcBa8gWhIkwCrOGr3KasS7wHPtr73orbdWE9dz11p0RhygwOXhCYRwoH6afHJNzzJ1X/dk5lMWFr4BUBFXlOr+Zmwb45N9OPX4UqpN10jOCYKCt1ujkWClepuNpZvyniJWLzmTO88ncNQUlcqzcggHvyRre/sBIYcx3kzinGSGdJtEoZinV1sQZPKO7bU6K28d+ty6QwTyX3EdabfqwoTSwKNCxmkP30UEMGEOJ++VuyOa+hSN1f/yFHj8Zd1q1BYTkOROUto4WYeo9KpIs4nm2QYMOzD6E6UAd6VcwfrjWbo= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1149; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1149;31:fvRyUBH5DB0wQCsyWeCI7/gX8DRdqJSByJUIBtff9OarHbeo9UzKxyQByL97HfIVrt4IGO5McpX27fsphJRCvKX6UiTjsBndmjTiWAavQ1EF/HVCr3rWvkddj7XdeQf3j6l3m5d3h+TA42h5dtwEyIj0u3+kvqp1U0xL+1G5FOlmiCBgEG7v+uvUnPSMAnjXLq4rNU5QTe94fojHgUhfhJu7tkacz84gX4s100vY5WM=;20:AGDswU/vOLf6cC8nw4E+t4jzWs//4kEGAopn3JhX/VXpv9ylGiagAZ24Zi5ME829fOvrBjbJOACCLG5vEEz93q3tLC1i94zaSD8yUlWSzL3oeQz9TAbYiThf0N6F2Kpe/j7BYypf9AhRHGIkYAETL0Zak2hidOKYJBvYEqIh3UBpP0X3djX3LWa8vn1UokmFaFbDs2p7tvtZSLYmtLEfZt5kn6cFZdIPHzDb60CCfwzkIIV2ZQ6/9ABsm5LNKgw80TE5n6qAMxZ4gt3BICMrP4XXufqX0D0AY8rDXZ5pBwsXMB6R8iDOVmFnJNOr9DCxvnZbMV3U6pnaBpmp/6KccvUVmTL/58mA4SHRrTbkz2a+tqkfQNOBEUk7cLoWJyoRVX7FhgwPSkX8jQKPk0c77Rm4/Mmg+dHSeNEdRch8ZO1SJ6N++XFGpthyIn01WIVxwIrEesaIpQAGyGiBNY6IQZ5mgfltgIaaGXXye5pdrghGM04AuSpvxeV1kw/6pcyt X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026);SRVR:MWHPR12MB1149;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1149; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1149;4:pPegQ9iOJXfjDZ/+fCIp7ruZxkuXVcEXMu/4UGIpycOS9XaVk1drB6pswdK1OnVS4F3bX9VzPJEw3nXsmDKySacswuUpeCzO0zLSIpHT7r/2lsXrZSyTCcBZTq0QEs9TeGmtKAVEkPXKkLJDHctvZjCldBdjSVYFEpB8rYVqgRXkM3HOrb8/xXx6sO6bHwrSC8Qif3tq+vrJXoYtBMcW4P5MK0KCN821xJiyzV49Yf4r6Vi1dGpkVX9ZyBqVcKgKgucda2vKcZF5V+yyDSUnkYAZ761PeY9UHlF7/anawVhPG2iWE2eA5uRsNta1bEq4sX7zzFGu/iH3WSFf2z5w7HZRdAok9s90qMVhD0KICkFVoAVveZ1rJkSLA731qOxLatTzB7IH/77yfvCd44S9vXKuBZEPYQTyYO/mK+t7Bva9brx+o7/Ky8wvp4Z2C751 X-Forefront-PRVS: 0066D63CE6 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(189002)(199003)(24454002)(377454003)(4001350100001)(2906002)(33646002)(81166006)(7736002)(305945005)(8676002)(93886004)(65826007)(76176999)(81156014)(54356999)(50986999)(189998001)(7846002)(86362001)(7416002)(5660300001)(31696002)(101416001)(2950100001)(586003)(47776003)(4326007)(19580395003)(19580405001)(3846002)(110136003)(83506001)(68736007)(50466002)(92566002)(77096005)(106356001)(66066001)(23746002)(105586002)(6116002)(64126003)(65806001)(97736004)(230700001)(42186005)(65956001)(31686004)(36756003)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1149;H:[10.236.18.82];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;MWHPR12MB1149;23://Zcp+TeXODeHHtfwvLhCsfKhbfyU+SnagLU/?= =?Windows-1252?Q?droiHsVphh0jgVy5Dji99ji13RTiv3pvq/1GI2GmBZXjrF44V1DNbook?= =?Windows-1252?Q?dC3HCKyJTt/0JDh9+xtF5XkHBFwXWbHxERbRmrlqH8JDp4Oafc/5Lu94?= =?Windows-1252?Q?XM+BFHU9tm3P+gM/vaGBZ31mXG6QoJdfkNy9txPfGaqHCLPXo+H5+9or?= =?Windows-1252?Q?gAQbTzyMT9Y0qes6qYa/K10lAuBpBDu2pFM+KAcKu4qrEmFkOrmrRvn+?= =?Windows-1252?Q?X9cUV6zo1/ter1NQbFQ1iE8SRfsReyHO2V1vjwGgNHZoz621s3zx3Kso?= =?Windows-1252?Q?8Jmll8wZhWGTWkhNK/vdp1j+eF9fHLVkT91yObL8NBM4Ql7EHtXDEIQc?= =?Windows-1252?Q?ypyKO8xBJAWB6duK/DD9i6F5/2JiGYGLqhQvAI6X/GAXYhTgkJjHSRWM?= =?Windows-1252?Q?lGct09TF5d51HWmO55Bsa5jfHayLYNdDVmkUkoQjuGNFW2N5eogc2SCM?= =?Windows-1252?Q?7qlgEHOcu9NxKDcPgfLxZxWFhKOBkqGhiguVsLUcJqPf79kKu3Pdob54?= =?Windows-1252?Q?Mf02Qup79rHo8zAB9DhpcebPTaYjwZr7COezZXPtYLUS5ZHN+4XoXIDe?= =?Windows-1252?Q?RmHdEcajI3vD6Sgc3PBpcKX6ErxbPBjMrA5aZxvWcmtQg9iYTsQR6lsr?= =?Windows-1252?Q?AvC7kLPzT/1zH2HixF7lWj3/1rKaIId2z9o/suZbjTcao9oeqewgtmEt?= =?Windows-1252?Q?9Qe7x++L6dHnCOcZhP8/tCLr05b2tcQsh4zHTWhBztlPJrgMvwTVjcLl?= =?Windows-1252?Q?LT6Rg/N8/6MJPh1U2vQnGjyMRXOIdGHQ5625ZA3Bso48DZR2cvCjYYKG?= =?Windows-1252?Q?9G7itvfB9DuTtn83fA6z6saicabNeuwUBqC8SxsmkS8wrJbCTVl9WyVN?= =?Windows-1252?Q?ZahtVW+CVzThl+LIPzcc0uGllm2RZQKHGvGmI29J4Dwlr3lw4anT+/b8?= =?Windows-1252?Q?rc6gOiuWv+zZrlmf8b1FN3dGlnTNdfcZt4vx4TV+jzPtK6u5321aFEKR?= =?Windows-1252?Q?eRDKm1qq49faTRQ32t217eJiiEZ6QQkrDBK7DbFjDiwpCUHkfQElyf1o?= =?Windows-1252?Q?f7c7aVkuupTfxpIgQlFXepFI8d2wNF+MXheblfYHzvWAmQiEADSfp++H?= =?Windows-1252?Q?IhYArTpc7c1ZJNacRpKdQMQyP8iQ2AaQV4T+BFaHcwgmhULN8UVG5NI1?= =?Windows-1252?Q?4Ddmg3GOQbwv+7fDZWjHAwpY5i+F7S2KCNxrfvAgiFW/v8jKY7x7SWoh?= =?Windows-1252?Q?6g/jrMwG38gKdf2397nKXFOWinlEcyv7AaOQKpJcVF21UCn5W2HTBJ8m?= =?Windows-1252?Q?gB+BqUYeHPN7qscOKlM0PmrLwXPUFtKjFORhiYtikO4FH6BKstg6TH+9?= =?Windows-1252?Q?P+CGjkj9GCbOQ1MEfGYQNuxjsSvx00JsYHOC8bsxQ=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1149;6:53NeAja8ZAGYo0YZ7IQw9ec7sfB08gNMQYdHSu+H4wkWJsoQt3SIA8Tb3hEXyssg1sDPX682vsdUjgQKKufGW9R8oMiBRZk29hAod247Ol7lWHQ9f94bT8J+f1hrG8tHGmfBv+jz3flQyYCCK8+Llo4M0Hcc94OE1I65pRoLpqfZTUfyUk67/5/g9iVbwgfH8iI8HjG3Vm3M773w4OaPXQIZbOqL2wi7e4sg0qb0x43pMmjIVdUotI5pS0/eXfbL1OHNR00FVHokshQnn2YW7h0ni687BxcpOPFjxHMUSfR91y+VS4QiVmChm4owhLpxqz4tr2bO6R9VKLoPVg5M0g==;5:PyyILasBZJjjdIbRlrpFkymcMtp5+5x6bJt3on1aGvlePeLyJBzS2pXDSHLsnvW46zhWeSP7YA+Y/5IvenYYOdaQj7XDTGgX5qySVtMv48SiKIw2q406WOfOdXRO5lhi/nuinokjlfvGqbYpBt2v4w==;24:/BEcUt6ytbixvJkNWE3Ywm4V48hKkUTy58F7Ovw2VUEsWmAX9MlVTm7XD+ToVMrS+ehBG85O1k6WI6j0clwUoY10nyT9cliAPR8HI66PuQU=;7:ccHTQAN2NNk6vTCpUYKl2ib78GHQXBdhbCNpytVlh/XlTgtGuzosHVN9rCRAFxodkHTATIkRjK/CPVxjjmv6LSwSoK7jInkrR6jvOXfIAqkDlWIP+WT5yuO/eaNBurh/8gNoXnkh1Qjrz/WaRLghR9lQjSI6pJ62T1n9scjimkVUqOUelfJibnR0cO1OAiqosEAdUMqjSuMiT/05C6mAXyinwl84GhJVXsCVxh1rKh/EZ5RZjU3vXAIzj4++TqZG SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1149;20:nR/jYmC0v6fVFB+kt3vOqsKqskTd9ZbiLtfh3Ih3Vfgpm/ZNiMu//g6wtJCaVA79gkt0WhxANtxCq0b1uXLVWTVRCVbI5Uz2ojqpTEC3QcBMPaF4fFIdvGXDrkkeWXGlRY59L23Z5IJwxgPGn/ILQJgfeVTHoEItp+SOTGInT0rB5WC6xxE3hLSm4Z7PotboLduaLOulhpqZkHmYnFEgEn4wM7vJ61YFYaKq89kl2MrzrHDKom8IAhOEuk3O4jFe X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Sep 2016 16:52:13.3233 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1149 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/15/2016 04:57 AM, Matt Fleming wrote: > On Wed, 14 Sep, at 09:20:44AM, Tom Lendacky wrote: >> On 09/12/2016 11:55 AM, Andy Lutomirski wrote: >>> On Aug 22, 2016 6:53 PM, "Tom Lendacky" wrote: >>>> >>>> BOOT data (such as EFI related data) is not encyrpted when the system is >>>> booted and needs to be accessed as non-encrypted. Add support to the >>>> early_memremap API to identify the type of data being accessed so that >>>> the proper encryption attribute can be applied. Currently, two types >>>> of data are defined, KERNEL_DATA and BOOT_DATA. >>> >>> What happens when you memremap boot services data outside of early >>> boot? Matt just added code that does this. >>> >>> IMO this API is not so great. It scatters a specialized consideration >>> all over the place. Could early_memremap not look up the PA to figure >>> out what to do? >> >> Yes, I could see if the PA falls outside of the kernel usable area and, >> if so, remove the memory encryption attribute from the mapping (for both >> early_memremap and memremap). >> >> Let me look into that, I would prefer something along that line over >> this change. > > So, the last time we talked about using the address to figure out > whether to encrypt/decrypt you said, > > "I looked into this and this would be a large change also to parse > tables and build lists." > > Has something changed that makes this approach easier? The original idea of parsing the tables and building a list was a large change. This approach would be simpler by just checking if the PA is outside the kernel usable area, and if so, removing the encryption bit. > > And again, you need to be careful with the EFI kexec code paths, since > you've got a mixture of boot and kernel data being passed. In > particular the EFI memory map is allocated by the firmware on first > boot (BOOT_DATA) but by the kernel on kexec (KERNEL_DATA). > > That's one of the reasons I suggested requiring the caller to decide > on BOOT_DATA vs KERNEL_DATA - when you start looking at kexec the > distinction isn't easily made. Yeah, for kexec I think I'll need to make sure that everything looks like it came from the BIOS/UEFI/bootloader. If all of the kexec pieces are allocated with un-encrypted memory, then the boot path should remain the same. That's the piece I need to investigate further. Thanks, Tom >