Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935657AbdCWVDP (ORCPT ); Thu, 23 Mar 2017 17:03:15 -0400 Received: from mail-sn1nam01on0055.outbound.protection.outlook.com ([104.47.32.55]:36000 "EHLO NAM01-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753960AbdCWVC7 (ORCPT ); Thu, 23 Mar 2017 17:02:59 -0400 Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Subject: Re: [RFC PATCH v4 15/28] Add support to access persistent memory in the clear To: "Elliott, Robert (Persistent Memory)" , "linux-arch@vger.kernel.org" , "linux-efi@vger.kernel.org" , "kvm@vger.kernel.org" , "linux-doc@vger.kernel.org" , "x86@kernel.org" , "linux-kernel@vger.kernel.org" , "kasan-dev@googlegroups.com" , "linux-mm@kvack.org" , "iommu@lists.linux-foundation.org" References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> <20170216154521.19244.89502.stgit@tlendack-t1.amdoffice.net> CC: Rik van Riel , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , "Kani, Toshimitsu" , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov From: Tom Lendacky Message-ID: <01d5f854-c8ea-61db-7e1b-1f97952bff75@amd.com> Date: Thu, 23 Mar 2017 16:02:53 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CY4PR12CA0028.namprd12.prod.outlook.com (10.175.82.142) To DM5PR12MB1148.namprd12.prod.outlook.com (10.168.236.143) X-MS-Office365-Filtering-Correlation-Id: 6f50e542-5d2a-4b1a-4325-08d4722ffb6a X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081);SRVR:DM5PR12MB1148; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1148;3:GPtFQSqJNUK+fd1Q0nOCi633k0fD8E3qpwuppUvK9gQa0r+oblnB3o9YahkxffKtWqq5QXylvy719y0GNTfFdfj+S1tLCa3q5ty/VMlKVvRmMi18XNlQ/3j3pK5g9L+beVS3ganhnneYiodVZpQx5Bdv3JIOS1XXuMJSsS+kVx2PEM0hFc2X+QfVl1QyTvSLKft2AeYXSFnONu5A/VQLD3BcOOVI282v/Mv9f8HB5LMPYMvZVB+3WuOp3zYZ67U45FaNgtVS/r+6J+5T62q04f8pHuRCbXSSfdIRWmAsAuY=;25:erkbHnv8kVymxg/5EAR/4aKFxvxBcphAeodCRFPRD9fVGo9fNk+S/BPCcwj8jq5rkVODK7kRHpVQ4fdCVG3yZl11sPGu71id7t2d/4ZfT9M7ObyFVBLTCDYhB0qVJa7TS0GZK57adjvf8uijJQPyKMboSSL//q3gv+gEb5DmSq/6tNEjwIHONnE9eN9SGL7CRYgMmnbJqA2D/J8oRSOqJ7L1shE0TCAP/WMMLFFXY+07VxHOwSL0wxV3ssukSexH+nYV+jkI3XhEPqFDElxvwx0cFQ3aub2sRLSW1CCYo5RDIxlcINLT+VlgGnVWU6vdbiW5Yg5yK/sL9QIts4vmOGMMcEoYuZfNebXbepBVId+n+iNlidhWKmhBNvSz1xBWnQqrCEDljUrUOWu1tGN3qslybWpfcUmif2QcIztAuRuZlhZ58zKScWg3ETFev5/fAcmMdvAiwID5iyB3TZeHgw== X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1148;31:1CvbVZYvhvpQlUy0K6ZdGxKOcePf/zBrXs8NOVTG/d2NyxLMNqEexJWyeuMELagf8x6Zyw6CGUIrMdu3sfAR7RGQsCADWLmlzR3zk+6Pz4ZtIDeo/CSq9dv1Db6oP94tlbqf3RHcRabEU++2/gBxB3sqnQVSf41adQJ9m4R5y3+z1usiEPGUmZweZqX1OzH36sCNGpg/RWBM76dttyhgkQdXg/frLUk8xD6TVdEGymjp8bmpneCQlnzy3PO69yQA;20:4D5X65yOWYblnAbZPLyKaeriJPOxalQINXfgJmFr1lo5kJzbKdcQvz6wvrb/0gnKlyPTGLnczzsXWo08I3/TBWQ75XuS8SzmVeFdydDdRKP8mJ1+iqEydqr0IwfFlUk6kdx0EdEoJJeLWXjE11EMBx4mHC9XXVDVoC9yUp2TGIVeJ8DEUHVAeyuW8UbN6LWB2XAO0fXi8TqOKTWE/Kth9lh+J2gOyhDE2q24vBEs0+vsRALpTzQ9vizt3WDRjFjuaxj7MqY6j/G2zEDDajS57e6kl5PUhV/wQtsfjmzMMLCEMc2aBA22FZeLZ9b41rQL4X+SusJxlAuQkkvx2fsJnbcTnChl8KnNaOQ9Vd7SOLy8giQXB0aI36NVkcIH9+5kPHdBpoA1m8DftHewSJ5Cqk4R/8TSkiNspY+fyv/1Vu4TVebmrN3UAytFXXiN2+ckOzgrg/YDocrHacmGKErGRbv0PqDoNETctrt+v1bToMNAlD9XXv3RK3+bjDSCYCA7 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123558025)(20161123562025)(20161123555025)(20161123564025)(20161123560025)(6072148);SRVR:DM5PR12MB1148;BCL:0;PCL:0;RULEID:;SRVR:DM5PR12MB1148; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1148;4:UlzQvjYbv+SjJz/APKtZ6U8PSehoLQcOdeNJ8iZMPj65Ehc1jFyALV+htfFBu/TrxGWs4jUnIqP8bSV2y0KUuD7DNdDMJPpDDeEbzo81y/gjj0aZkCcwJorgpiqKKFsRhBVso1olRV/ddMWKPEMFN2GQ+3IY1S1IKp1yE57XAddCOE+a1Hg2yIRCxnwY1mGj8asA78W3kPZudQ86+MnkY/w4x0+OP4i4vbx4csIo8RWGxtJpLQTv3ewtnIFz+bughGN6TPQGA0J4n6yEPkELPpp9uzj0Cgdxx3Ol5c512NeH+sBrTDfkTnO9OPxr6JC3bBmP95Ratjb8BkhaZ8pIWmrOv2FE3Q/DYE8eFe3qkE4gCmH+S05ao9ySXPnjMsReo2Sz2bHDFbeEamXTIC/vMnB4+HiugARdwT9Mifazp4jRYb/OJs59dD0iDIIYt1nCR0+WDrVKvcrTOwohw3eVtir9ykj7lQtgepLtPlUpdvQk3IAmiH2Z4W/F+svoJs+3GicIMJuvrLG3Vq77Fspn5tIVMCDFPMP6qtGrAVkG8XAJSaUeTP0qe2YlT9HX2WbKghBHb5RGr+MmJ/8hA5COM0MY4pxPw8lo3c9FJQtFQvwnX0Ur8+SHPjiuDXdrbbLpEDzZ8PSw7cBZKMk/e2hfTGd4+ROC7bbunx0HxJMKMkj+kZY7V0/2i1YC6AOJ3IJe X-Forefront-PRVS: 0255DF69B9 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(39850400002)(39410400002)(39860400002)(39450400003)(39840400002)(24454002)(51914003)(13464003)(377454003)(230700001)(2906002)(3846002)(6116002)(33646002)(7736002)(38730400002)(50986999)(229853002)(4326008)(8676002)(305945005)(81166006)(53936002)(25786009)(3260700006)(53546009)(6246003)(2501003)(83506001)(6486002)(77096006)(90366009)(54356999)(76176999)(5660300001)(54906002)(4001350100001)(6306002)(189998001)(65826007)(2950100002)(36756003)(575784001)(86362001)(31696002)(2201001)(42186005)(65956001)(47776003)(23676002)(66066001)(50466002)(921003)(217873001)(1121003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1148;H:[10.236.64.250];FPR:;SPF:None;MLV:sfv;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ4OzIzOmtyME8xZld6UkdPUEpLOWt0cGY0YUp1T2RB?= =?utf-8?B?THFjSkYyckVLSW9GVHVNUnMwUFZwcEhKTWsyNklodC9jWmN6enFFVHBjVWJx?= =?utf-8?B?bTErUElYT2F6UkpzNnlPeXBvRzM1WGU1SzN5b25BVi9UYVlUQTRsUE5mNWNt?= =?utf-8?B?RGxFN2daZ2dOUzhjRjR6ajB3TXhqU0lIUDlEcDRmWUpySVlSYnAzNkxjUWRR?= =?utf-8?B?U2EyaDRIQjRNV3R2ZW5oQ1IwQlFXK09hSzRKdWpES3hldWtVUmJLR1ptb1JL?= =?utf-8?B?bk0wVUk5elRsS0Z5cVlGOERXYWVDQkwxWEI3c0tReXA5TkNyLzdiK0xpVjBv?= =?utf-8?B?WDJucjNFOFVMYXJiVUlETnNPOEdVakZaTTRRSE8va1FDci9sQnhpa0JCcGNp?= =?utf-8?B?YU1KbzFldlJ2WGhhb3FmUFN5R0tVTjF2UkVueFN3M2FZeXRTV0k3WHRRY3JV?= =?utf-8?B?NjZEOVNGZlNhUEdmak1haEg0Rnh2MldVV3NIN0ZQRXg1VVlJSERIT2xpN1k0?= =?utf-8?B?bXpHVS9WVUVCZ0xIZVlIaTc4V1RZdkNGd0pwNXZLUDBPNnJLenlpT2Nxa3l3?= =?utf-8?B?d3R6U0s5VVZkT3pWS1c2LzhqYUVvc0M4Tk85dHRmL2t4UDlmWUpmNVlySFMv?= =?utf-8?B?US83V1c3ejJ6UVlCWUtzSXhZZ0IwNXdjVUFuL014bUsxS2xsa21YUm42QkRH?= =?utf-8?B?eWxvTWZCVlpsUUtoQk8xWVo1Ui9TZ1RETFNPdzNLSWN1cWdGdVB5ZFJVWlVa?= =?utf-8?B?TTZsTGJVbWwwT3E1QVZxRm1idFZxYmdnYTlYa2wrbDdsRHZwWHVvT3ZoK2Ft?= =?utf-8?B?aEZPWGgxbm8yZndSR2FNdktMSm5oNlVXeWR4N2dkak5RSHJxMU1RODJmUmU3?= =?utf-8?B?MzdBYnRaNDE3SllJUlA0MGtqOVA3a0M2M3FNY2pmT3lESTNaQVpNRktOL2gx?= =?utf-8?B?Vkh0SEo4TW1xMEZIaUNFMVJFbmhrT2QxTDlrOFFTMzZmVWVVaWl0amZudlJO?= =?utf-8?B?RGJMeVBNWU50N3V0d1M2a0Q5dWw3aWxLRXl6TzBaclpneWxtTlNwM1Y2Sm9P?= =?utf-8?B?V3E1Rzh1alFNVVp6Qk1MZlBNSlQrQ0RUdVBWU2xMbG5vZHVwWCtBcjZCZG5J?= =?utf-8?B?Vi9uUjlZcEQxQ3pTNUdPVEpLUG50b1hQMFJaeFFadXFxSEZPdVphNTNHdHdr?= =?utf-8?B?bnV3dEJOM1NPUW1TQnpmeGx4dUM0Mlo4Mm5rczQ4b094TC9zN2xzcnp2Q1VM?= =?utf-8?B?Q0JublRzQVZNTVJLZURYMVRZYU9LYWtCVFV3OVJMSkxTb2hVaTh4SUMrWjlo?= =?utf-8?B?c3lBUk5xY3NuSFdBUjNtMlFDcXgzTlovaVlRRjg0Wi9KUGIyTndUVS9XMjhj?= =?utf-8?B?bjRwbXBwbm1lamRiN3N2MzRaUDkxaTgyZ095aUJvbCtLOFpkQTFJL1lMYjJH?= =?utf-8?B?NDNFanhoSEVma0FOSGZ3enQ3MGhiZDZvQkNpUjUzbDhjNzA2VGFYN2c0UEZW?= =?utf-8?B?Ti9yMkFoTjNpL3dNK2h6dlp0VEFWa1c4YkZFSnNHdlhmdUd6aWNiQ0xHMXdV?= =?utf-8?B?NTlBcEFGSGYwVTFJaGhYVFJnWEFEQlFVZ25NZ1hXdG9nbkNZQkl5M01QdkF5?= =?utf-8?B?Qzl5WlkrZ0U1UVkzZk5qeU5uY2tLT2sxK08yNGczTlFSMXhCQWVRL2xXY204?= =?utf-8?B?WlU2eXNiVzNjbFg1RGppc2tYcHlJNVBZc29vajRxTGRXZ1FTbzY1YjB0eVI0?= =?utf-8?B?Z0d3YVVNSlhxcEV2d0s4R0hFK3VmdW1HZm1LSzlMRUc3c01CUmtoemFVWkdw?= =?utf-8?B?d0lRMzh0bXRWZzVWN3FYL3hhMk5lbXJsYTdnM0FvUnpxSWM3a0RPMUFMeDRH?= =?utf-8?Q?R9vgY8cQQFCRUVHOBXwfkBJUFAlQf42P?= X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1148;6:J5ynzwqvziPouxCe7R667MzU3cCwD5NwZfpLIhUWqWv3mtiTMPjnCpr7M1byl5Zpx3EtiJDhOllcmzqJOAYXhvSGCb6QB0LdIqjSf3Ph1bul+aFzgX0WulvtBRoizUyVdZC01fibA3i78CC/j8CLDAqSkKq4uFfktUJSykrd/XAgUr5G505MqauzCX5WfMw97PJOxbMp2KvS7irhR+dgTM3+aLndNXLNFWi/cKlNAOxqE5EWLwgo4jh41Q0rF+UQ5XosjdNpSuJdfcAAm7a1nhG5A5EfmKlRzXNt2AMinzg073efrBBTSfKgSBbWiO5R6UrqT5BS5j/AG0phSQ+YvdVD06Jrcsg+uK3C7Ycw+DzsN4XAQIX4qm0+WjOpVnIqwQ75y8cFy0kSReW7XDTB7fgKtLoavfOrFRgLZQwme4I=;5:2vClV0emjpyVUVL16dYM8ffPrQa6SR4Zt7OdbmP7yjbiJ8tkOvis4YpHVrH1wTPfujcUww1i5I+IxPcq60HB+YHJPFiS5NX1oEJNJhbsFNb0Gwm8MENkCnyOiQfkTOYOKptwOg5Nh0Mlrn6dAcb6aQ==;24:AQ1w+gCOBmEwNU1ebJ3TA+2n2CpSMtBje6N1cpC4xXpIFjeQbCmDQnDuhi4zXYmXsNEC4QU3hSSuY1oX5jxwdpKSNtIbiIuVSvRqf4m6TL4= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1148;7:bsniF1V9tcdvhQ/RUvaLDglltYHpvl+fUhw42/jigrJLHyLUvWZ0l5K/2AtWum2rYvZP723XoMyLl+I2iX7JePJYQG0QZVAuJG2lYibOqMjXoByjd5u2lwX4j81qfM2qgOvi4sw0eXt3nnz9rShmCF3PZkRWuCYE6BBQzl7qY7ckPR/5WnwA6B18aBKgwTmPl09AAVUjEc6Sd+JfBQABr3iqLIFPkUqKP9WHkdV9O3g0D1EfvX/uMFWDpnWdENQwzk9gT4X96xFjFDa/mBnhOSSBbMuzZuAhHT3FpsYgQylgtXgLbtOwiu/X8RSjdjJuoyDlxE16HVAWFpfQK2AIIg==;20:mxhUN7XtpUkrNdH+/Dwsa7/0WRRwM1IJfu07WXOfgNswzO1qJjugUzuA/PBKQVxi58I3zWmgF0CKD87FAkx3TBhCZuuV3vlNPD4OuHmwFoCp4KA9nDw7/kWyKwti24jMiRD5qkre4cKIBskXhVXjQPXXG5FR9FxpR2YfcoR9OM3N2cRC2l5Acu6N7LF87aVLaa4z4iARDGmdbl6UBxJ9lfCrnjatC76NUaM4c4tL0B2crJtXsGQCwTzg1OytV5dC X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Mar 2017 21:02:55.7824 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1148 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3052 Lines: 85 On 3/17/2017 5:58 PM, Elliott, Robert (Persistent Memory) wrote: > > >> -----Original Message----- >> From: linux-kernel-owner@vger.kernel.org [mailto:linux-kernel- >> owner@vger.kernel.org] On Behalf Of Tom Lendacky >> Sent: Thursday, February 16, 2017 9:45 AM >> Subject: [RFC PATCH v4 15/28] Add support to access persistent memory in >> the clear >> >> Persistent memory is expected to persist across reboots. The encryption >> key used by SME will change across reboots which will result in corrupted >> persistent memory. Persistent memory is handed out by block devices >> through memory remapping functions, so be sure not to map this memory as >> encrypted. > > The system might be able to save and restore the correct encryption key for a > region of persistent memory, in which case it does need to be mapped as > encrypted. If the OS could get some indication that BIOS/UEFI has saved and restored the encryption key, then it could be mapped encrypted. > > This might deserve a new EFI_MEMORY_ENCRYPTED attribute bit so the > system firmware can communicate that information to the OS (in the > UEFI memory map and the ACPI NFIT SPA Range structures). It wouldn't > likely ever be added to the E820h table - ACPI 6.1 already obsoleted the > Extended Attribute for AddressRangeNonVolatile. An attribute bit in some form would be a nice way to inform the OS that the persistent memory can be mapped encrypted. > >> >> Signed-off-by: Tom Lendacky >> --- >> arch/x86/mm/ioremap.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c >> index b0ff6bc..c6cb921 100644 >> --- a/arch/x86/mm/ioremap.c >> +++ b/arch/x86/mm/ioremap.c >> @@ -498,6 +498,8 @@ static bool >> memremap_should_map_encrypted(resource_size_t phys_addr, >> case E820_TYPE_ACPI: >> case E820_TYPE_NVS: >> case E820_TYPE_UNUSABLE: >> + case E820_TYPE_PMEM: >> + case E820_TYPE_PRAM: >> return false; >> default: >> break; > > E820_TYPE_RESERVED is also used to report persistent memory in > some systems (patch 16 adds that for other reasons). > > You might want to intercept the persistent memory types in the > efi_mem_type(phys_addr) switch statement earlier in the function > as well. https://lkml.org/lkml/2017/3/13/357 recently mentioned that > "in qemu hotpluggable memory isn't put into E820," with the latest > information only in the UEFI memory map. > > Persistent memory can be reported there as: > * EfiReservedMemoryType type with the EFI_MEMORY_NV attribute > * EfiPersistentMemory type with the EFI_MEMORY_NV attribute > > Even the UEFI memory map is not authoritative, though. To really > determine what is in these regions requires parsing the ACPI NFIT > SPA Ranges structures. Parts of the E820 or UEFI regions could be > reported as volatile there and should thus be encrypted. Thanks for the details on this. I'll take a closer look at this and update the checks appropriately. Thanks, Tom > > --- > Robert Elliott, HPE Persistent Memory > > >