Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753920AbcD2PNC (ORCPT ); Fri, 29 Apr 2016 11:13:02 -0400 Received: from mail-bl2on0066.outbound.protection.outlook.com ([65.55.169.66]:45792 "EHLO na01-bl2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753843AbcD2PM4 (ORCPT ); Fri, 29 Apr 2016 11:12:56 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Subject: Re: [RFC PATCH v1 13/18] x86: DMA support for memory encryption To: Konrad Rzeszutek Wilk References: <20160426225553.13567.19459.stgit@tlendack-t1.amdoffice.net> <20160426225812.13567.91220.stgit@tlendack-t1.amdoffice.net> <20160429071743.GC11592@char.us.oracle.com> CC: , , , , , , , , , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Joerg Roedel , Paolo Bonzini , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Andrey Ryabinin , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov From: Tom Lendacky Message-ID: <572379ED.9050404@amd.com> Date: Fri, 29 Apr 2016 10:12:45 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160429071743.GC11592@char.us.oracle.com> Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR17CA0030.namprd17.prod.outlook.com (10.169.33.168) To BY2PR1201MB1111.namprd12.prod.outlook.com (10.164.168.19) X-MS-Office365-Filtering-Correlation-Id: 4e6a6972-c493-4ed4-a4f4-08d37040bb17 X-Microsoft-Exchange-Diagnostics: 1;BY2PR1201MB1111;2:WT1Jl5P/fzEXp5zWpjMXEDIPbonxy3CVUQZPdvHLBovpu0YIfg5oihojvcb9lxaPtjUTjNExNr8DHF6Z9o1EYfSjaXeA4yTamzrDp2xgHExMib9FqFomaM5wVpqb7LKwoFXatcznLXZbIDpBBX45Q9pBstL5LgOhgmAvr8I3N9YhQbflgHtwovMX/6XXcPw6;3:FcQ1EmIRU+Pgq1RL9bsH7VxAcQgTMgKJwm3vnyQMdgh88KFKxLp4hPNx6ZoK0t+eUVjAFi6IPCs/iPxiskIMLT5JRLi5VnkM7vJ1CLr4wRM/g32zfJ+OaC+SFQumye6o;25:a6OQ6Tb4GgGlBFXJR5Ad8U7nIR9HcCQdcvK5hyFfHuBsOZ7FhGoZl5Vjlcc7spaUzRnqN0IAKnSuXbptc/BjsDDlqxEWP6nfJGTj71lzsu+jsC1uTDgI8pNrf7QEXJLU6pHp3W2Uyj+HUjJsSKM93+rEd6y9QPoVkP+WTpgbfHuWgACl/fzo+0ifB5zFa9XHsnCtrd0frQ7NGON/gPdAPUcKoN4xPbAvbWX/Ay41Z7WbTbqaq50Xs0QMQcJoTvVP9ylus36DY60UOx14FBC0RmeU9CgCmrmQptNiestsGgL3dDoVHpQqcHJ9yaWHOFFNC/vvQj/1q1tge+LmXNWZTg== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR1201MB1111; X-Microsoft-Exchange-Diagnostics: 1;BY2PR1201MB1111;20:4oB+Abb8KLGnA0zVySu0Wyl7/8abQaAPALmdcsA4Y98cYN1USAf4ztNBIiE9FIaNS7JZvvicghvSeqVLgfKkY/iUv4pfqzKdA+FCpi5kRQctMzjmCzf6P+8hl3TGYQiQHHMVmC6GsHVIVGs+0OO1rk90oPGhoYFHTWD7T1RW14KBUD3DG2s5uYxcbc0VHt72anEyYN6cPiBcq7yP4G0Jx1QS3hK0YeeR8h+WI/dTkB/l0l59RHEYcednPoJzJfEpB1HZzKkBtU+NoAly5wB9icwJ95yfIyD5lJnNz7A/qoZ46nERb20xLJ/vooEql+XX57RtCKePjmuH7XoUHdV/Ab1q7Pxs2eiXYOO77F/0bJbx9x8WQgcZt1AMNF0GF6I6/2SYlvR/+JYXpSlkeC3dLw8jTWBT1EAxcB8UajA7NlN/VshXTZiVJJ7jjZ+7LXY4Rv4qBaP2hF17m4S1H/oiZe69MbY/kJWwQblc96vDCg7L6G5uwIfR5NADQbgcAZ2/;4:QQ0xZcAQsWOmSKI+q3NH0A/eTSUrkovE8FARkrOnIjJ4w+QMLUoqo8mrB5FXpMnK13v4abm6Z2/+wvHynsUsIUyErIuh6VOLj6b/Uyt7ZvOscWD4Mo0XtIP8fjp+vX+icDUi+8QezEe/nvyEv3B68KaExnYtq8iQrg3c3GIafHLw1tQA6bkolpTk56TA2jnQSjd1WlE7C430P566iXK1UetDDrOka3YEH7thdewgwzBxbNKBc9JXFxVA5fCL832rIB1TMw4Dj1Lp8Yk0tEUxWsiNJeUFzdc5TgqRiinHvbik0tFQ7jwYPqYZbeaZlqsgA/nF7aZTPeyV2hXChSkcXYH9JCmhPlDpjGxOZglzEQ9fWNWzpijx4mnG1IKvhfToi8dQUb30pCpwYHMoZtK/lb/7bVcagVNrBpph9LlhdpA= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(9101521072)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026);SRVR:BY2PR1201MB1111;BCL:0;PCL:0;RULEID:;SRVR:BY2PR1201MB1111; X-Forefront-PRVS: 0927AA37C7 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(377454003)(24454002)(4326007)(81166005)(99136001)(64126003)(36756003)(54356999)(87266999)(65816999)(50986999)(230700001)(23746002)(76176999)(5008740100001)(92566002)(3846002)(6116002)(110136002)(4001350100001)(586003)(189998001)(86362001)(1096002)(47776003)(65806001)(66066001)(33656002)(65956001)(42186005)(77096005)(5004730100002)(80316001)(59896002)(2906002)(2950100001)(50466002)(83506001)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:BY2PR1201MB1111;H:[10.236.18.82];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?Windows-1252?Q?1;BY2PR1201MB1111;23:z79x6AOCff44Ry7r/yrwY9PN1G0Uq2VwxTa?= =?Windows-1252?Q?KoQSvok1EdwVIFTm4LueUi7gICQwZG4NLHcj2ftd/QEgsrotGbplfzYo?= =?Windows-1252?Q?4kvCSinL22EarqOUjO1um6H0JP3iY8Cg8Me6CS3Ow4ePLuzify9vNpev?= =?Windows-1252?Q?bCnwvyiwq26P54jUosAgyMZsdSJ6Y2BRUPIK5Wy3EZdjNeSGhnat9h49?= =?Windows-1252?Q?ThTtqkdVXPoXlR/R8Q9kWypquD5b4cbeRNkUOwqi8d3ovZZZWVrrjjlE?= =?Windows-1252?Q?4SNJwQ2Fzz4aLVWGAx3CY+ysxhHri0YYs7LFo/uFS9eDtPSkMLRrpEcj?= =?Windows-1252?Q?4ZT7F33h9KDMuye4mbwsG00iEkOqgKqBJzhPzESF9/tb1NVSijceu5u4?= =?Windows-1252?Q?LnzAM5JuUwMni6BWQ+8wAVoSzHFFW0D+ZBI9TcJA6L0Tt5QeA0nf5WwJ?= =?Windows-1252?Q?qVE79yZ0osWF3VyjeSZTOrz3tAcierSreVwDWV3pn7b5C1raezCAHFC1?= =?Windows-1252?Q?1Bmg8QvswV3JXEv6uiZD6njqE/ETu02VajJlTX7bBdwjdJsLeTiUiLph?= =?Windows-1252?Q?MJ/6AJgL8+b8JlxbtvEC/MhjEPtG1g71UAJG0uT7gietAUfarbYSODBm?= =?Windows-1252?Q?C2LXNc8nKu9YVaDUgz8hRreJ/0zTEUzr0mWXxkBpOD+eqbvOgSAW7Ln8?= =?Windows-1252?Q?LjcAexIK1AL/TCLYTRiXIpF2V9TBbRCMaNq5Lhy7U30md3tNjKR3WJVz?= =?Windows-1252?Q?YaQuB5nk/iUZ8YSgZ9Q2l59Fq4cUWoCQDLfXHUafJ+kdKQZfqplhLj55?= =?Windows-1252?Q?TvBu7s0twTKI0bRteXr7B7Y4QDV4O/1Ysi6iW9IE0dXGeKtlrT7o7/x5?= =?Windows-1252?Q?AydC1EQn3ri4YKdSTEoGxM/Lw9SXF92l/TromczbYstrRVYhbg9Ba/ob?= =?Windows-1252?Q?lWzMAQwi0CNTDsaqQ6/SzVeXl8jIGHjtZIqdtz30vNtHXEBolLSzkIUJ?= =?Windows-1252?Q?gcPZ0OnJbz0g4nX14OYTl6tVS0hVq9Mu3lib+eR5+FF/GLqnHPSRJJeK?= =?Windows-1252?Q?C0V384MuyC9z5iTNmmbOCmKkKyYa+6s3dnyfkI8NGVmrj7DqZs9VTMKB?= =?Windows-1252?Q?JOWzuiubfj7qrEDXoC25jOkqnog3E8BjId80FkrmD3SLx5K75ZXBWYhI?= =?Windows-1252?Q?THRaE6A+/Jg=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;BY2PR1201MB1111;5:eYx+Dvw0jkqn06J6a2COHPGd1hMUcIjyPLie3+rtGLNg7Vk8DIYHjLKhRMHN9dzrE5blsMsjTDjG//cSrgkF8VrcrTKrZNHnbDEny+ws4unV+GOTz8QugSoAgOE0fDUqBPW+yJxlqspJGsWcs/YWFA==;24:jwzBwhcuY7s0kqU6hiDG+AatvndnthVPVUwh75n+4cTBH6wkl3MTPcAUq+G4Z3d6ugtyqYowRsqZUutyOqhIWf3bhIJKfIHYmTo2X/n/97E=;7:d6iLnaaSKOuXFzIDJEL9a4stg+WYnklJEiTyW7UWCKFN6Hw9HOcr2ak2uYVoa9SG3bKiwqsZiZfn0902p3FUL2Zp0qMw4DT6Dl/7BZMUJwrz5Wsdcw04oN3FlT/t500ark3Az8PyTfIdfQR6DbTH6Fx/0VSV1ZHFIUUjiGimtwjDh6ilyBl3isA7arhNVzCe;20:sTPcWws+ISJdRqKJ1IMShbjwMIVlHQtM33eFGJqTmBa9wAwY8VCjeB6QwyZhts1s8OlqvO6JFZeDgWOXZWQ2gQLR5GevY6zmRb6dBNqRT2NcDRVU1V9N1O5z8MM7GvlWkTJZfIAHUn6yBUY6CJf/6AXNU42j4XC8/bGJJLv1X0d230h74+gVsw3MEE8c0kkNwtLx425sYY2+3lX+mCHdRcCQl0t1Y32Yw+qJKMqfg1Wc3Yr0122x5k6Syu7rtIDB SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2016 15:12:49.5978 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR1201MB1111 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3018 Lines: 105 On 04/29/2016 02:17 AM, Konrad Rzeszutek Wilk wrote: > On Tue, Apr 26, 2016 at 05:58:12PM -0500, Tom Lendacky wrote: >> Since DMA addresses will effectively look like 48-bit addresses when the >> memory encryption mask is set, SWIOTLB is needed if the DMA mask of the >> device performing the DMA does not support 48-bits. SWIOTLB will be >> initialized to create un-encrypted bounce buffers for use by these devices. >> > > > I presume the sme_me_mask does not use the lower 48 bits? The sme_me_mask will actually be bit 47. So, when applied, the address will become a 48-bit address. > > > ..snip.. >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index 7d56d1b..594dc65 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -12,6 +12,8 @@ >> >> #include >> #include >> +#include >> +#include >> >> #include >> #include >> @@ -168,6 +170,25 @@ void __init sme_early_init(void) >> } >> >> /* Architecture __weak replacement functions */ >> +void __init mem_encrypt_init(void) >> +{ >> + if (!sme_me_mask) >> + return; >> + >> + /* Make SWIOTLB use an unencrypted DMA area */ >> + swiotlb_clear_encryption(); >> +} >> + >> +unsigned long swiotlb_get_me_mask(void) >> +{ >> + return sme_me_mask; >> +} >> + >> +void swiotlb_set_mem_dec(void *vaddr, unsigned long size) >> +{ >> + sme_set_mem_dec(vaddr, size); >> +} >> + >> void __init *efi_me_early_memremap(resource_size_t paddr, >> unsigned long size) >> { >> diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h >> index 017fced..121b9de 100644 >> --- a/include/linux/swiotlb.h >> +++ b/include/linux/swiotlb.h >> @@ -30,6 +30,7 @@ int swiotlb_init_with_tbl(char *tlb, unsigned long nslabs, int verbose); >> extern unsigned long swiotlb_nr_tbl(void); >> unsigned long swiotlb_size_or_default(void); >> extern int swiotlb_late_init_with_tbl(char *tlb, unsigned long nslabs); >> +extern void __init swiotlb_clear_encryption(void); >> >> /* >> * Enumeration for sync targets >> diff --git a/init/main.c b/init/main.c >> index b3c6e36..1013d1c 100644 >> --- a/init/main.c >> +++ b/init/main.c >> @@ -458,6 +458,10 @@ void __init __weak thread_info_cache_init(void) >> } >> #endif >> >> +void __init __weak mem_encrypt_init(void) >> +{ >> +} >> + >> /* >> * Set up kernel memory allocators >> */ >> @@ -597,6 +601,8 @@ asmlinkage __visible void __init start_kernel(void) >> */ >> locking_selftest(); >> >> + mem_encrypt_init(); >> + >> #ifdef CONFIG_BLK_DEV_INITRD >> if (initrd_start && !initrd_below_start_ok && >> page_to_pfn(virt_to_page((void *)initrd_start)) < min_low_pfn) { > > What happens if devices use the bounce buffer before mem_encrypt_init()? The call to mem_encrypt_init is early in the boot process, I may have overlooked something, but what devices would be performing DMA before this? Thanks, Tom > > ..snip.. >