From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1764215AbcINOVI (ORCPT ); Wed, 14 Sep 2016 10:21:08 -0400 Received: from mail-sn1nam02on0072.outbound.protection.outlook.com ([104.47.36.72]:11728 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1764171AbcINOU5 (ORCPT ); Wed, 14 Sep 2016 10:20:57 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Subject: Re: [RFC PATCH v2 11/20] mm: Access BOOT related data in the clear To: Andy Lutomirski , Matt Fleming References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> <20160822223738.29880.6909.stgit@tlendack-t1.amdoffice.net> CC: kasan-dev , "linux-efi@vger.kernel.org" , linux-arch , Thomas Gleixner , Paolo Bonzini , Ingo Molnar , Borislav Petkov , , "linux-doc@vger.kernel.org" , Jonathan Corbet , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Konrad Rzeszutek Wilk , "linux-mm@kvack.org" , Matt Fleming , Alexander Potapenko , "linux-kernel@vger.kernel.org" , Dmitry Vyukov , Arnd Bergmann , Joerg Roedel , Andrey Ryabinin , "H. Peter Anvin" , X86 ML , kvm list From: Tom Lendacky Message-ID: Date: Wed, 14 Sep 2016 09:20:44 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: YQXPR01CA0070.CANPRD01.PROD.OUTLOOK.COM (10.165.103.38) To MWHPR12MB1152.namprd12.prod.outlook.com (10.169.204.16) X-MS-Office365-Filtering-Correlation-Id: 2a8f6e87-3cf3-4bf8-b872-08d3dcaa565b X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;2:qm0zakQwUczrM1Yd/WjjSFHpLKMqDKPWB5fuxfj/SytI/ZaCigrmSg0Je/0BM7kVj3siBOgzJ+Yfn85kcbwZqmOGulZq3La33El82zhsKmWGljITadvSn0oks26VUjSSSJghRapdJQ99MnLgEEtB+hnG54FJJxSrdQmix7WRh7/O1aTaHT/aQP7eocrfcHdm;3:3F/HbTYP7Sf61bQQZ+JC5vjLHDDlJAmqpaTOrsdc8dMsTjJTfm10nF5rpwyx1a4KskZIXdm5BAyTlVkaID1uPJPIKTsPaj+KYQ7IIpfxbM7ki28u9ObczRlbxpyr3LP5 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1152; X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;25:1Avovrd1YMJLSjbyby86rr4fm+NuJztz0coTS8nmzpidnoOXsywhx4S67C7YmcXCBc0g0Kw1gSGiWmdPkxSZ/2PEMzZqwoiDi3BgP2thCSw6C8meVRvJsXXW4frZW42YOLsfDc/rS26fmaPPVHKqnqIFCoQRAAEXr7nVMYatBLvdRMlXRPd6jSmWMPF/JthfEVGS5uHWsxO2rFUfr8P1jE/cNQb3Gpx10tyKtUYK50pxfLA32XGAQwGmam8w7lg/8MkKvA4DoYsUbEi4vzBamAYQOzEOyfqzGJ8jpy4OFo3KdyrABzaWDnfqPTHpXTT/NEXMU2EFaqIw2b5n8MfvekuWULtDl+xlh87/2HU8tdEd4kwYVIYoNebzegoFPitxnUza2GNi+3KH2bNODTzC5C6WBnYMdr13RECyTusBowdmNvLcLM0q+TPR1/56dbL7WATOlCLuiUmPma/FBE0Wpf8iKYHbwogngnJLHLetrJX7BfutfrDewcWlEgiBWn034ewufdnMHNBHLZIyh+R13wTik/smcfu0fnK0IeKfMJuGjLytbBHbcTIUX1WW6LhlemYI9jT/RaDCoSj7COk5AlZtq6kqhFlVA4/ZRxv21wahZskUfw8TIZ1X62zxvd1gn2YYgye96l8l/oj4LHVPzMMWzjHtuOQpeImMn9Ai6kulKjupQmtFptSk8Qe9Yx36z/74jZAo2bW2FzGU8RgE6g==;31:O4HCxGS2W3oMj0tG6vend1kxpIHvm3br1Zdso4YvOCSYGENJn01F2rWOaAi7pi7gPFGKSMnXnbklzAjm5PJRLUE46nVjJ5SkMqGCXwSpC8KpKu/lmh9UvtpwVi4FkuSV+PBG0Jhxov3DhuZ6U9TAXM4+7djMVwE9wQNpCFDxrrmkyI7ioqHVbQzDgW9VOneSIVPF1UVrO2I8ZT8t7qLrh2ESgh1jxSIaH/uh8jl3DuA= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;20:y9/s74QoQm6AOJzrpxSr40vpVEWRioQhfLQ4eApItViguGAzmvSxKVCkRDyB2L4DV6aHWQ/MJVbfH84zb9h+MwWlBDFo0XQIlLos8wLcQmn7CWbj4WT1MXvekliqbOsAUc2wEh7n2YeNkWV8wGcdAPpverIf2M22RVx2t8bcP9Hb3ba1z7eluTeYH5sC6qgnZZRaGl5ffYc9KV/CU33IXk8uxwgKcKpRFOUs4FfcV7PmonAzCsXDviP/V1phrM1t7JedLv3lXwi6KERqzmBWeH5kul+bw1O0mUc5QEG0uOMbseGOgUecqN382eyvsllaw6F7YuJmnUdQlGObPQkDsHIqYpVBiP7NK+Ar0fzotj9VY0LAwzRM5i9/m4upRScyTQhHYUKou4ImCHAXLWluEwf5JahdqXVtWcOFJcFYL6Vc+3VsISJPDun+jcVidM0TiMQt5glwvklHVlBt2BQ1TQQ9WjFe/L/ddtt3soZfdZCHqBTTfoR+HrHTUZD2/2wP;4:PAyR+td1FQIV8tNg/y3TMQ7wVWJGV3gJo1/PjDPBfwFBr4txhrkdGTdQJModTFPQA4QzN1ElCMwxsWQMtghmdfEpx092ffuA4M8xM0a3o/+5OlufwxXpQtdCblARwMhYVIExn9IWZflJUHWKOb5LaYO7CIC3SDG8XKLAzHhXLcF+jUL5SKcMH2cxZTEZtkGOMh1tKHTnTJIQ/1QlfJFkdTPNkBW8EiLEDmVyomQD7KwVPNn3mUpPd97+AGSF+VrXNrxengSj0zOXS31/rJma165i7KNWVMnqHaHRcyl/sN3kkVN4W/oR6l4gGbAL7+LiKvDT+NoMGswC3hitZtmAt6K1diR1hWcM1L5zDpWRpqfoL7ziBW2xlZxQ9XVq0rZUxP15Z+bHlgRnHBXSS1SVvgnkdAKf9dAEr34bfAkVPJP7ewQn1f0uU2V9+gNxvvsa X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026);SRVR:MWHPR12MB1152;BCL:0;PCL:0;RULEID:;SRVR:MWHPR12MB1152; X-Forefront-PRVS: 006546F32A X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6049001)(6009001)(7916002)(199003)(377454003)(24454002)(189002)(5001770100001)(2906002)(50986999)(19580405001)(50466002)(76176999)(19580395003)(189998001)(105586002)(106356001)(81166006)(305945005)(65956001)(5660300001)(31686004)(81156014)(66066001)(54356999)(42186005)(101416001)(8676002)(36756003)(7416002)(65826007)(64126003)(92566002)(7736002)(97736004)(7846002)(83506001)(4001350100001)(47776003)(23676002)(65806001)(33646002)(3846002)(77096005)(31696002)(4326007)(2950100001)(586003)(86362001)(230700001)(6116002)(68736007)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:MWHPR12MB1152;H:[10.236.18.82];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxMTUyOzIzOkhjZWZjdW9oaTl4SndKakJoL0ovUTR4cGVH?= =?utf-8?B?UktDUTJ4SklDZ1V4ZWdVTm5CQ0greUpuWjJvM3d6eStVSFRNSFdtSy95QzZj?= =?utf-8?B?T0FqaU4xbkthUXBrc3RyZnlJZHE3SVZ2NlVyMjlnblQwVnQxNGxyZlBubWNx?= =?utf-8?B?SUxSUXA0MkhjNlBaY0E3enl0amF1Rk84OFRuVjZaY2NyM0F6cUNrTUhlby9I?= =?utf-8?B?dVk5ZjBKNlI0VnlFM1U3Y29NN3dySmpIdGtITTgwNmIySWFpbG1RanJIcVRl?= =?utf-8?B?U2xCMWxPZFR0Y0hidUJsTWk1Z0FoT0NldUVMa28vdDJtNEIxVnIvOTBvZ1FH?= =?utf-8?B?WFo2OXROMXd4bXdOdUVQUS9BV2NvMVRyUkV6dVN1REhFNjJWZHo3VHhLUi82?= =?utf-8?B?NEY5bHVJTHZsdmV4N2RyWk55SjlMMG1jWmZKaEIyTFJyOHc3dE5FQ3BKS0ZZ?= =?utf-8?B?S1VSQVluS1RDUVFOa1phTHg5dkFwcmlzbjZvSkdzN0pYNW5RNXIwREM5bmN4?= =?utf-8?B?WTBWSm1iU3Jhb1FNY1lUeVNXemtQWUdoaGdSY055Rm5zWk1vMmdhQkxaNm5s?= =?utf-8?B?U1FaRTY5S3Z2KzdSUm9NNGpZWEJIZk8zK2FaekdkaWcrSVdxOHh0WlFlK1pY?= =?utf-8?B?cUpPWGk4bVg4akM1SW1IMFRwUHFMM0JXZU9lbzdPaHZyZ1NRbkRyZ2tLSmZY?= =?utf-8?B?cHRkUmdiOG1haVBFa0ZFWHlyMjBKcDBaQmNFZ2ZHY2M5QzVSQUxYbTkvRGdC?= =?utf-8?B?cXpRNlNuMUR4aXlMRWU3d0pkamVXQUxjV3NXc1BYeWM0WWc1M0JXaFNKV3Vz?= =?utf-8?B?K3dsczR6UVQ5TEdsR3JyclgvcUpTMGppSnlWLzNHalF0QUk5M24xUm9IdTNh?= =?utf-8?B?YmJGUHVpTy84ZnRpVGppY3M1WFlxMEVxTHR5Nm0vcWp6YWtVa3U1VnBNTENE?= =?utf-8?B?eDg3NDdtWmNkOGpwOFFXQU9kWkdBamZ6SXdQQ3F1WEVXRVBYT2tlS2FhMUdH?= =?utf-8?B?Y0M3V1ZyQzNWcktZVFpWMVhldUZ5ZFVjM0NQZ2NaUi8yWU1UUHE5ZFlFNHpH?= =?utf-8?B?c0JPZXovU0ZWMTFZQS9STkxDSWdlRjkzM3dQZTNKMVFFRE55MWllS1JZYk90?= =?utf-8?B?OWN5YTliQXJaV0VWcm5FUUxCMW5lYnVMN2RrMGFoRSt3QVcra1RlQmdyYk12?= =?utf-8?B?UkZxbW5PQmNGRmhsMU5hOGg1aXRKcjdjSnNmQmRISDUxbjQ1SzlvQnBuQW9D?= =?utf-8?B?bVBxLzF4UU95WVZpYWZORjFNM1hVK1REeXgwTXdHc3BYa08ydU4rdjdwYVlT?= =?utf-8?B?K01WY1VuVjM4b1pzMmx0cmFpOHltYU9HSGpDQ1A4OEZQbkpqYVVYcS9udUk3?= =?utf-8?B?NkNaSGZXWmFPNktXWStGeGNFakdHdVhJYjNkeUdDZlV2Vk1oem1IWkFGVWRs?= =?utf-8?B?OUdNNVdSSGJPb3ZGZ3VkQ1cxekJ4YjVzaDZTZHR5Y2drcG9NaUpZUEJleDhY?= =?utf-8?B?ZkJYbzRia3c4Y1dwSHUyOC83UjBzYTdsbzQyQ1JCaXdZNk96VW1GdE1MTXgz?= =?utf-8?B?WWQwbko4bkFUVHIxQkIzY2o3NzNodjR4TVRhK2pBYlFYVkkxNk41VzB2M2h4?= =?utf-8?B?Tnk2WTlneEdLclE1SzJBU011cUNyeUJJcEorTStGeVdIZ3Yzei9EdndEOGtO?= =?utf-8?B?QkJqRDJycndZTlN6c3M3TGRIVTB4aG5ORVIwdUJpbjFlTHM3dTlVSUE5OGVp?= =?utf-8?B?SjJ2QURkM2czK1pkT1VKQzJweFJKZjlaWCtiQm9YcGRBUGdFckpWNEVtWWZw?= =?utf-8?Q?0tsZOvgHx0WNp?= X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;6:zb14ZeeC6C7SFsD/4YVMdNyoFukNxBGwjMFfcNOUMgMhv8UmHHL4vs0ew8EvnOI3r5FZ7BrsQ22L75f/J/FSPJHYNxTkKLz+YNHZplZaPsg1fGqCR8oqot/la6l3IWq4wrJ4p2SOcO59RJ2ZGyPs5HfCu6YaAaWyc8m/hvOJopCRDQAREzh28/SZVQiZd1m+5qQuFHnYOvbTABONr8NuL/oI4yH9qUEFXhSs8iGPdGmMg8ahz1mVUKiqtWpKljSm7Pk5x6qFqbv5gZGhKc3BodAkrD39HEblAaP9umwMHTKDzvZk9GPYCHoqtt/u6KuuDEMMTl00h0A3Hw0neZTKpw==;5:AIZF+nkPraNFtXfIY6rTl8ulDz47tBc0Fe2Q5ymLwUA+euN+a7IZjh8zb0uo8O53Yi0VRyrzoquPYCSzC/TZuCvwp3byJuSKBnvpzhio5QN7A3xxzJIUWjFIufMxcjzihvGH5FKNw3J64wF8tIL05Q==;24:qomy5IDkofOkaw8pTWzkiVVDhV3v3n1Wea2TwfGztuDjkcqp7Udk2IpBUNBJfl8U7VuYrb+MXhZ6+cFbuXh7kQ2v2l6jrko8CL+9NC1Q8Mg=;7:JVIbHWO2MJVPb+mx5h2QYRqemJFIFa9TqYAFfEVuIhOLLauIhfOXQJbj4NCnY4lzqANOllrhN1h/7u9OS7reVIAAKiy1mUW3s/RL/qF4YnS6ls+sSRbLO+WsyiwxbHVIHhH6m/VHK7H3VN9gVRf/vxGpSBXKR6y7vDHHzaMerx1o5S4TDx6GKnr1Ty/BjFxLIznSCAzik2kFlABvsfzxMHOWZ7NhIgUFgvjGIb2WPJnxvoiL4d78sMKR6tOPYeeI SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;MWHPR12MB1152;20:3SAws7gvEoryZRGv/rrQcEpKwP1IX0iXaeqZX3IPF7xZZnOPNxbLrhYsiKXSG8h0SqeAkXRTkVEGaidRrMBRVRZetws0Jdd6qh6XkydpPs9dprJNa9NQDTtndISoHfqfmf1uM/+NJbol78FraNNib8PWHkVpW0F8hIeQX46It42BS3gHFQI/gyPZ/Eaf4XIsi1T0c7VgM15ayZXQH9/3ytED3T/HHWGG2mwbE9KXDIq8+9/ev7ZX6jPZLu7Fv0uM X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Sep 2016 14:20:50.5264 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1152 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/12/2016 11:55 AM, Andy Lutomirski wrote: > On Aug 22, 2016 6:53 PM, "Tom Lendacky" wrote: >> >> BOOT data (such as EFI related data) is not encyrpted when the system is >> booted and needs to be accessed as non-encrypted. Add support to the >> early_memremap API to identify the type of data being accessed so that >> the proper encryption attribute can be applied. Currently, two types >> of data are defined, KERNEL_DATA and BOOT_DATA. > > What happens when you memremap boot services data outside of early > boot? Matt just added code that does this. > > IMO this API is not so great. It scatters a specialized consideration > all over the place. Could early_memremap not look up the PA to figure > out what to do? Yes, I could see if the PA falls outside of the kernel usable area and, if so, remove the memory encryption attribute from the mapping (for both early_memremap and memremap). Let me look into that, I would prefer something along that line over this change. Thanks, Tom > > --Andy >