From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758302AbcILNnc (ORCPT ); Mon, 12 Sep 2016 09:43:32 -0400 Received: from mail-co1nam03on0065.outbound.protection.outlook.com ([104.47.40.65]:21184 "EHLO NAM03-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1755984AbcILNn0 (ORCPT ); Mon, 12 Sep 2016 09:43:26 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Subject: Re: [RFC PATCH v2 07/20] x86: Provide general kernel support for memory encryption To: Borislav Petkov References: <20160822223529.29880.50884.stgit@tlendack-t1.amdoffice.net> <20160822223646.29880.28794.stgit@tlendack-t1.amdoffice.net> <20160906093113.GA18319@pd.tnic> <20160907155535.i7wh46uxxa2bj3ik@pd.tnic> <20160908135551.3gtbwezbb7xpyud2@pd.tnic> CC: , , , , , , , , , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Konrad Rzeszutek Wilk , Andrey Ryabinin , Ingo Molnar , Andy Lutomirski , "H. Peter Anvin" , Paolo Bonzini , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov From: Tom Lendacky Message-ID: Date: Mon, 12 Sep 2016 08:43:14 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <20160908135551.3gtbwezbb7xpyud2@pd.tnic> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BY2PR1001CA0073.namprd10.prod.outlook.com (10.164.163.41) To CY4PR12MB1144.namprd12.prod.outlook.com (10.168.164.136) X-MS-Office365-Filtering-Correlation-Id: a0ac5f6f-c62f-4b01-28e0-08d3db12c4af X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1144;2:mWfOehTRla2WnSFWUspuCS0Gs41bqpjpZshHQnLOVylB5mXKPMudsBYTkXI61rr+q0DUR2PrnOj1SHSRf11Cc3Xbq9JhTP3xg+QAdhvjONaSDx2VDbSRbAhbjQJIA0s5uNpW2UrQDLH26lbiaWpQ+ykPfiyxtQqy1lXAbv1GWAFMloEDitXBRMlyGzqX/HRq;3:by8NiRZF8gf31MK5rMB6Hbyv8PMEBveBAt42bZ1RfdJsIgxyHiHBmqTRi3T4ACor2Ku1Eyj76RsYlPji7r6tBG5SnXTcPjzFSuGgy1CEU+eqZnSV8VKgmCZQwOClOuW+;25:nDQAdRFj1FImbBiegFbgUdNuyhIcIWGb2I8nNBVEu4uC9h7d4HM1vq8oR0x23FdR/CFyaSp/B4oFbgoyvKtG+7V0kd4SW3DhKNifOHvlavMXEur56IXMfagTW7YhFeJvBPm8Jou3S7U6xB/Hh+QVvbdwrkSRltFG6XaZok/J1R5N91qwM4mfLbC7pE+wIaCGKBpCYBN+01gnFiEdrn0YBtRr77yTQl6FrFi9+hJoU9/Srh9Adzlsu3PxTspDwGK3qI7o5qa5qzR1iEtyIFUCIN4XeQx9nSdW6Vj3o9pQoyKUh8Qi05DI2G6VKy2iwodSk/v4TJ8ZmCk8KUZAfFJIObm+DdGTMZB4wJmTguO5wIqzOxj4zbM/8JN8AwjCJksvpuHjyv4NZ0cSeVCg0474E6vxFMwUeRZtZv3FaMKxVVk= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY4PR12MB1144; X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1144;31:48l3FdQNeaXYPzFJJotY6be7hASFFPCfrsNazgMXdzqUSFV/qRHfgJ1ipnZRCRcOmu7spRS6sabzNwe8gnCTKXChRVuyACuY11RHZxW+x4u7Qz73ayNavQEtH1R37Er1HaZpXDR/d7rsrctWNw6wZRUVkOgFiL6H47qcusJ7SGStnZx2JMvztMInTmcWQAUjZDPet1/FBdN4twZSJHR87N/6Wed8M9PmTt1QBzAuOKk=;20:sKuxtHRL2SHjKLMk0WkZVQWLNkqgloGKDP6MCVjFGp90XdQnR2N1Ildd6D0V/6wgjQaXHSecvQ0fLYWH7Qg2OQjbywrke6e9w7g3tgz4kOm/1abTVy7ao7aWc9Tx+/16WdiHPw7f3yJPAJyjDcG3Jx7fYsF3EUdx8KO8eDibai/XMBIFPTFmD9Y0PHJb8zIeeZVxWTKIw+Wc4MkVrzBQOXjsPXSQZfU0qN9wv4sVxMSASkceTy0X8P0P5Pz3P/QKHAL7klH9fFl0fZRjijNDBzhY6zs7TVQhSUrgGI0v0FYarh+9PmA94ky0q7kcJQDwM2WBrFgZHUwHMuMHG7e0XaH+XB51+WQ7a/dfso9xC4oHQ0KeVijkWHh2bweObh5M8Vhw57HWYaJEdwWEZKYgM5JwegxANrB3nHUlb4QAgSFndQ4ADNkpWrTRpW5SC8jdZr+IYY7a2ydsfHH7RH8wnjqvomUOACoYwzTyyaSh0ywj3bQoxo+3DMhb9kW+ET/7 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026);SRVR:CY4PR12MB1144;BCL:0;PCL:0;RULEID:;SRVR:CY4PR12MB1144; X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1144;4:k84bEKKIjMe6CSQiy+wgJRu2GcxuD2tNrikzq4h+SqAa8cd+7eeuwMLskPhX5+TBZV9aIYQusUKN1Vcch0OQYPjcTyiJmsMARIXtCmwn+0/OPnEMT959WdWAZafDLoUsAw2b+CMO5UGkveOBOvw2M584q+9H69Powh0TOarhK7q4QaRvtQmpzX3x2/tlzXlhaI3VhqOQLDlzBdkDOKoywWobc7KwAJ1iJjkRbuJGqdUjIHqeXkf0kC3smhmC+rVnhAnp040MAgZiRTjQpyex2kNVjNIjpgP3Yq+Zp7CPdB2NgCJI2Sy7ZzAUZf4tnuZrKWUScZzRfXTlEWd3kJDm/grKh5q/74q91Rl3z+lbDzoF7IhzJd4yWrZmLgghiv5w7yMfZ1lS/Vm7s7TJKJKfIA== X-Forefront-PRVS: 006339698F X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6049001)(6009001)(7916002)(377454003)(24454002)(54356999)(64126003)(230700001)(50986999)(76176999)(4001350100001)(586003)(2950100001)(86362001)(4001520100001)(65806001)(65956001)(66066001)(6116002)(47776003)(65826007)(93886004)(4326007)(3846002)(77096005)(92566002)(7416002)(81166006)(33646002)(5660300001)(42186005)(23676002)(87386001)(31696002)(2906002)(31686004)(8676002)(7736002)(50466002)(7846002)(83506001)(189998001)(36756003)(305945005)(110136002)(5001760100003)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:CY4PR12MB1144;H:[10.236.18.82];FPR:;SPF:None;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTRQUjEyTUIxMTQ0OzIzOmRtNUdvY2Q0ck9jSDRUMnFEZGxNY2lUbjdX?= =?utf-8?B?Y0poc0dlekhWM3o1VmNnRG5WbjJneFV2SE9lSmIwblZUNVZxS2JWaisrRVlD?= =?utf-8?B?MURsRk5UOFFlZFVSRzVUb3RoeVJHeHJPcGJ1cjdOQnRKOGcwNklpak1rWFcw?= =?utf-8?B?V2JOWWhUdm5JYWdIdE9qQ3BBbFZ0ZkxTUjJhUGpCQk9NL29GdTVVeW1xZWZE?= =?utf-8?B?RHRLNVE2ZnJ5UFdBZFdUT1lON1ZNQVVFSEF1WHYzZFIzd2RmbDBCaDhadUZG?= =?utf-8?B?SnU1TmFQS28veTFEazdXVmJCT1FJbVlrVTQwOW9ZdjF3K0U0bFNBempac1cr?= =?utf-8?B?Q3B5Rm0vVjcvanB4V2QwUDlDR0VQbC9ta3RwVmgvUExrZHByOEwxWFA3b2wz?= =?utf-8?B?SjZuSmI0MGdDeUg1cmR3MnVtL0x1ejlzTVBkbEdGSEZxb0ZGZktudTdhOW15?= =?utf-8?B?RUxSYThlbmlWNVNobEJXdFB4MVJJV2FLNUtuMDFlM1RveXRIVkNGQWduNFJK?= =?utf-8?B?KzVtakhGODU2V2lJWi94RGdibXBFSmxVSWhrWDg2cEl3N0dVRXJSUkkxb2dm?= =?utf-8?B?N09XMmpWV0oyN3U1WWZWRGhCN3d2WFUzL2s5T0w5bEtwNm1oQU8zcTl1MDQ1?= =?utf-8?B?UDA1eVRuMHpRVC9YSHRZZTN5Q2dEa3NmNFhLeko4Tk10TW1vR1psNlJrRzA2?= =?utf-8?B?YVRrYmduQXFzMjZCUU04STJLRnQxcHZZNFdmTjNvWWJhcEhmcDRiYmdkMGtZ?= =?utf-8?B?MEc3d3c5bThkM3NkM3NFT1JCaWx0OEpISGFobEVwTm5KeWtRakUyeWNJVnh1?= =?utf-8?B?OEFkUWhNU1RTWVBUQmNOeGV0ODdIWUF5V2JOczY2U2VtOFdnaFBLcC9JSFpC?= =?utf-8?B?TU5yWkxXcllrU3FHNXhrcElDTzlsSmh1S3RUanJwMEVSTGVsWHAvdjMxZFBS?= =?utf-8?B?WFRJaGt4RHI4Rk83cDVUOXcrNmV5SDF2TjlXZUgwWWZFYThOdTQyR1cxNU5x?= =?utf-8?B?NWlOeWdBbTE0WUl3MHlRZHZXS2YwZUZ1NlZUY3ZwWW92NWNmaFNvZmtxem5r?= =?utf-8?B?UkxxOEthTWRQK0RXTVlsdW4vR0Z4VEZDZ1MrT1VrOGJMSjE1NmJWTGZvbmlI?= =?utf-8?B?My93dE1kRmxqNy92V2R2V2J6dkdsRStLaFpOSHhKWFlxVmd4LzE2ZXhzaE9I?= =?utf-8?B?UjZIUmZySWRyTzZwK1BsUXdIYitjaFpOcnIzYmRnQW5hUll2SWxiM0k3Vkx4?= =?utf-8?B?dTA1RTdOeTJLMEVjZzdpR2hYMlE3bHNtN1hYbTBmalVObCtiTHo1cTNvSitG?= =?utf-8?B?VUU3S1ZRdWVVVklYcms3aU13d0tzdnZBM0dxZC85WnJDS0VJcGxIN01IWHR1?= =?utf-8?B?UklpaGNLZ0F2RXdqd2ZYSExUMGw3Uy9ublFWc2ZZa05NTVhCREU1SW13TDZ5?= =?utf-8?B?N2g2SFM1YWNyLytSd1JDZ3pWQUxFR0gyMnhadFpad3VidGhYOGFzY093UzYx?= =?utf-8?B?dzI3YUIzRFZEY3VXZHNiOVF2K1VjZXFabThzcEhpN2ZyYkltSVlvcytHc1NX?= =?utf-8?B?cjRVRWd2ZlIzS3hIdHloVHRBWndhemR0cG8vTVlPdXlneVVNU0NYYVRkWHJ1?= =?utf-8?B?emJ3Vy9rV1ozRVBwbXZpa3Q0Tk8wTmhrWjBRWGtiTHVKT05NRnZoaUhBPT0=?= X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1144;6:kPah6qfAWTyOi0bOZ9yxKKTIyKxHF9WXGAqDoKKawi0hNb/eVVrgAZRTYDKhhc0iKAk5jKPIoXLmiGYch+xPGi9lGxjkoNNj/IjZr9RjiPpGSl7cLHWMBj251FbhRVlQTk65hHL9jzYx5aY7zxYTkZGAPd/QXf4R2OOlacQdm8pfX5Fu4XFoq+FF70biuAD14xOIHoTTkwf9zlru3Mz4L/FQEEtZ+mp+qJoq1JDr+dtTa/vZpbTMzWCCsLzEvqRaIwpxMrkmRNwFr7Wt6K2N6lV7ZycSQnxzVKk7+So7H1AlvdgQOeFTKNFgFaBve/rx9dSRWVeGS1d6GHO8/qORTw==;5:yUWJ/wQDv/L1O5V7BTw59FGBNYPFwjDnnEzwriQjZ0QIUqlls8tJkXr6cZdyXNbQOuilDn/QiOOARcF+Zgb64vfIOzXXnKILJfpEunR2XdWgRIllKZivIQ4ThbQWJUlamU2MTEYqwffIlOuaTijPcQ==;24:FtgQbMRBjAKJDmlG5lxdEWSOuZV0dZexd3/ZHovW44VpFuR9tKZh7mZnECdPrt6PTu4K0gI4SYflfYT2eghD5t15hrX1TDoLT3stZYiWwjc=;7:XqDsiVH83Qy8GGwK4xaDjiua3FVl6po042zPBUWV4zy/WMItqZFmjW/pf6qglk7DXEP4Myb1+s1yZUdKIlZCBYCdOnudxMmyKCtK+4Qf0Haex6XnMr7D8ksv0SFwPicgcoZx8iJdZ84KoZ7wKcbKu8XXBfGzvUnJ5GgS8ObMbcqn3vfL7YWwnzuFAr+ETK39fNFwcgQ9h6eH4pduWDovaX43FAGveM2D14lEytiQ6hNSFhG5W+p6p5h+P3oR1msw SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY4PR12MB1144;20:m5UpPqghjkjQcfTRKRbhHfcr0NDC0J9K2RI8jjGfCLqaH0HaztSvO3sSEQhG/d6P0Y27XL+zq9XKMibyWynWOicIsobraRfPoNlN6DNEQ3ZfA0nHI1fgHtli0IGyYHFHYiipbd23VvLDx2u6SzGYrUVU+cswDmpfVbpbfJHgm2n9MiNuw2Ngse51z/yjW0TCWRWoUcFl/ukI2AXIg5P93A4QuXeqWb2F3bp/Sz0Xfh+/p7ATiQdZgKEPEFTWAcwd X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Sep 2016 13:43:22.3301 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1144 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 09/08/2016 08:55 AM, Borislav Petkov wrote: > On Thu, Sep 08, 2016 at 08:26:27AM -0500, Tom Lendacky wrote: >> When does this value get initialized? Since _PAGE_ENC is #defined to >> sme_me_mask, which is not set until the boot process begins, I'm afraid >> we'd end up using the initial value of sme_me_mask, which is zero. Do >> I have that right? > > Hmm, but then that would hold true for all the other defines where you > OR-in _PAGE_ENC, no? As long as the #define is not a global variable like this one it's ok. > > In any case, the preprocessed source looks like this: > > pmdval_t early_pmd_flags = (((((((pteval_t)(1)) << 0) | (((pteval_t)(1)) << 1) | (((pteval_t)(1)) << 6) | (((pteval_t)(1)) << 5) | (((pteval_t)(1)) << 8)) | (((pteval_t)(1)) << 63)) | (((pteval_t)(1)) << 7)) | sme_me_mask) & ~((((pteval_t)(1)) << 8) | (((pteval_t)(1)) << 63)); > > but the problem is later, when building: > > arch/x86/kernel/head64.c:39:28: error: initializer element is not constant > pmdval_t early_pmd_flags = (__PAGE_KERNEL_LARGE | _PAGE_ENC) & ~(_PAGE_GLOBAL | _PAGE_NX); > ^ > scripts/Makefile.build:153: recipe for target 'arch/x86/kernel/head64.s' failed > > so I guess not. :-\ > > Ok, then at least please put the early_pmd_flags init after > sme_early_init() along with a small comment explaning what happens. Let me verify that we won't possibly take any kind of page fault during sme_early_init() and cause a page to be not be marked encrypted. Or... I can add a comment indicating I need to set this as early as possible to cover any page faults that might occur. Thanks, Tom > > Thanks. >