Received: by 10.223.176.5 with SMTP id f5csp2056603wra; Thu, 8 Feb 2018 07:47:46 -0800 (PST) X-Google-Smtp-Source: AH8x225Ak2WDtxkIBkQlaPPQjBzP9Mw6LAB68JuADPxyDTqt4ZQ9sE0KF/jp2ZKGRdnY+A/bNUNP X-Received: by 10.98.32.157 with SMTP id m29mr1134184pfj.182.1518104866627; Thu, 08 Feb 2018 07:47:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518104866; cv=none; d=google.com; s=arc-20160816; b=xtF0KTAiVfhVpUjkwLXxKyqE92fGOqg4XZnAIMBZJE5+ax6T/SvY7ykrMcNUhRVSMw ddeI8C4Lev71rCu7XQeSq8eA7+3AsTzKkGFbJUTt+/dJqFTy66xTj1RwCxDVDuGgarPA LSQEUbyf9Bz6mBG0vw7YOf8HXrb/RgC1v1J/O1ymtoSF47a8SH8wTzC0J9PU7NciaNGP CxxunzDb60GTjFTtcmglZX1x4NqJGB42vVdHBdjXbtNpuz6Uk/8Fi6nMkFayiqBIdkp9 CPTrc5Sx5cODMXIS1fD+pVOTHkgKtdu8IpeqnQpbHynXxxnMXsgXLIOBeLJ/EFbqNl0R 7ttg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=xantTfoujwUfgnEZr9Ah4VNOy5TeRrKbrg5oIXZHfLM=; b=zZSaNXeZZd2xuLfxKP4XN2uKcQcYO35QWdsqeP8VSxU6+jh6gAxF4o+YFq3nQntHmu hr4SLlG3zA+9t5eFVabwxg7zFpdoJtk6XRo1NzjUbKgjV0QmpwkwOjNpteZvOoFogJ0K Attrqd4x7M8CJaCErblj9nDqPmGoUMxtKdTVp+Is5kFiy5lBQK9Y6ezpQih4sUU98dGV rKE0nDxZ+OYdiTjbW7PzGkAyWvofKurYQ1Y1yFxa2uSQs+4T8Iy2tBk59TU4vZd6maGi 5zA90o68nHeMwWN8u09hGvkFKUd1qIa/zu4/ZY5/NW3FQu8STGeDcnFJEAb91wo4iicB fTRA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=ABqKalYM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n78si134828pfj.337.2018.02.08.07.47.30; Thu, 08 Feb 2018 07:47:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=ABqKalYM; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752227AbeBHPp4 (ORCPT + 99 others); Thu, 8 Feb 2018 10:45:56 -0500 Received: from mail-wm0-f46.google.com ([74.125.82.46]:50331 "EHLO mail-wm0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752020AbeBHPpy (ORCPT ); Thu, 8 Feb 2018 10:45:54 -0500 Received: by mail-wm0-f46.google.com with SMTP id f71so10279608wmf.0 for ; Thu, 08 Feb 2018 07:45:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=xantTfoujwUfgnEZr9Ah4VNOy5TeRrKbrg5oIXZHfLM=; b=ABqKalYMi2Z51eY588UYudR5GzXdMgnuaspIaX1o34nBNkGdKWNPUdqpp8DcXdWsm4 N7n7VxZnl3bJ3+rBRzGQBLWpKqTcMc8nPmEGuXDCO+fRq+7jMG4zZx4GCDiH3VmcAueE X2C+AY6Fw2RHF7314nS7XPYMjzJH4J3Moi0qhvqbI/yFnidJ8Rjv/EH7IGXioR6QI2Lm urBEZJA3KtEiQuBnelCCzizqGmTsUbM+nEst8FTPfPaRTpCsr0O7cOg2fQ7xxWaZVe0F gPBm1fB7PWH7Uk3zQ1mohg/bRdVMptcOFXFjZjfKBwkxNOfewKfJuCa4q2KlyvV94zvJ xrag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=xantTfoujwUfgnEZr9Ah4VNOy5TeRrKbrg5oIXZHfLM=; b=tawnN2pKPY3PLKuxeitnAud7W+4OB8e/ea47/rvuUYwpicv0cd2NxlauZ3ZW6eP2KK 0bcnkscIqdXtIHleoFYKdNgpy9xzMcSHqWI84Wy9Y2FZoApWUBsEAxAl90u/Yc52Adgo y9QyzgFKKAfMA9ipv1DYi8S7CqCNjjyFIkIth2itKZhJCnrLWtGzVveOwLOtmkPN86YS gY9zxW5+z/RGJIP328JmZAEO0jgwz/uGYbuaQpdJW85AUc1wu+0ArWor8tRU/hx9IxyU 3Wtv5xokyGA2wV1htluz1L7RHdSPl+GFIVfHNryTJ1JJv2vg8lBsI1yJL78jOF9SBcrN 58Zw== X-Gm-Message-State: APf1xPDJNaj05Pqj1Zs1pvvCee3HBNEpMdnMMxKaeQj8PdtCQ9Bp6fGj +lqezdU6ldSQ75wQK2uYpT0LWRNV X-Received: by 10.80.159.169 with SMTP id c38mr2097949edf.277.1518104752962; Thu, 08 Feb 2018 07:45:52 -0800 (PST) Received: from node.shutemov.name ([178.121.192.223]) by smtp.gmail.com with ESMTPSA id x35sm113123edb.55.2018.02.08.07.45.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 08 Feb 2018 07:45:52 -0800 (PST) Received: by node.shutemov.name (Postfix, from userid 1000) id 1E836648D520; Thu, 8 Feb 2018 18:45:51 +0300 (+03) Date: Thu, 8 Feb 2018 18:45:51 +0300 From: "Kirill A. Shutemov" To: Dave Hansen Cc: "Kirill A. Shutemov" , Ingo Molnar , x86@kernel.org, Thomas Gleixner , "H. Peter Anvin" , Tom Lendacky , Kai Huang , linux-kernel@vger.kernel.org Subject: Re: [PATCHv2 2/5] x86/tme: Detect if TME and MKTME is activated by BIOS Message-ID: <20180208154551.ywl5cec66m5mf4zw@node.shutemov.name> References: <20180207125946.5906-1-kirill.shutemov@linux.intel.com> <20180207125946.5906-3-kirill.shutemov@linux.intel.com> <191f2605-0cba-ec81-2039-0872dcb63791@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <191f2605-0cba-ec81-2039-0872dcb63791@intel.com> User-Agent: NeoMutt/20171215 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Feb 07, 2018 at 11:02:26AM -0800, Dave Hansen wrote: > On 02/07/2018 04:59 AM, Kirill A. Shutemov wrote: > > IA32_TME_ACTIVATE MSR (0x982) can be used to check if BIOS has enabled > > TME and MKTME. It includes which encryption policy/algorithm is selected > > for TME or available for MKTME. For MKTME, the MSR also enumerates how > > many KeyIDs are available. > > The hacking of the phys_addr_bits is a pretty important part of this. > Are you sure it's not worth calling out in the description? Okay, will do on the next revision. > > +#define MSR_IA32_TME_ACTIVATE 0x982 > > + > > +#define TME_ACTIVATE_LOCKED(x) (x & 0x1) > > +#define TME_ACTIVATE_ENABLED(x) (x & 0x2) > > + > > +#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ > > +#define TME_ACTIVATE_POLICY_AES_XTS_128 0 > > + > > +#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ > > + > > +#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ > > +#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 > > + > > +#define MKTME_ENABLED 0 > > +#define MKTME_DISABLED 1 > > +#define MKTME_UNINITIALIZED 2 > > The indentation there looks a bit wonky. Might want to double-check it. Do you mean that MKTME_* is indented differently than the rest? I'll fix that. > Also, can you clearly spell out which of these things are software > constructs vs. hardware ones? MKTME_* look like software constructs. Yes, MKTME_* is software. I'll call it out. > > +static int mktme_status = MKTME_UNINITIALIZED; > > + > > +static void detect_keyid_bits(struct cpuinfo_x86 *c, u64 tme_activate) > > +{ > > + int keyid_bits = 0, nr_keyids = 0; > > + > > + keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); > > + nr_keyids = (1UL << keyid_bits) - 1; > > + if (nr_keyids) { > > + pr_info_once("x86/mktme: enabled by BIOS\n"); > > + pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); > > + } else { > > + pr_info_once("x86/mktme: disabled by BIOS\n"); > > + } > > Just curious, but how do you know that this indicates the BIOS disabling > MKTME? 0 bits for KeyID means we don't have MKTME. Only TME. > > > + if (mktme_status == MKTME_UNINITIALIZED) { > > + /* MKTME is usable */ > > + mktme_status = MKTME_ENABLED; > > + } > > To me, it's a little bit odd that we "enable" MKTME down in the keyid > detection code. I wonder if you could just return the resulting number > of keyids and then actually do the mktme_status munging in one place > (detect_tme()). Makes sense. > > + /* > > + * Exclude KeyID bits from physical address bits. > > + * > > + * We have to do this even if we are not going to use KeyID bits > > + * ourself. VM guests still have to know that these bits are not usable > > + * for physical address. > > + */ > > + c->x86_phys_bits -= keyid_bits; > > +} > > How do we tell guests about this? kvm_set_mmio_spte_mask()? Has Kai answered this for you? > > +static void detect_tme(struct cpuinfo_x86 *c) > > +{ > > + u64 tme_activate, tme_policy, tme_crypto_algs; > > + static u64 tme_activate_cpu0 = 0; > > + > > + rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); > > + > > + if (mktme_status != MKTME_UNINITIALIZED) { > > + if (tme_activate != tme_activate_cpu0) { > > + /* Broken BIOS? */ > > + pr_err_once("x86/tme: configuation is inconsistent between CPUs\n"); > > + pr_err_once("x86/tme: MKTME is not usable\n"); > > + mktme_status = MKTME_DISABLED; > > + > > + /* Proceed. We may need to exclude bits from x86_phys_bits. */ > > + } > > + } else { > > + tme_activate_cpu0 = tme_activate; > > + } > > + > > + if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { > > + pr_info_once("x86/tme: not enabled by BIOS\n"); > > + mktme_status = MKTME_DISABLED; > > + return; > > + } > > + > > + if (mktme_status != MKTME_UNINITIALIZED) > > + return detect_keyid_bits(c, tme_activate); > > Returning the result of a void function is a bit odd-looking. Would it > look nicer to just have a label and some gotos to the detection? Okay. Either way fine to me. > > + pr_info("x86/tme: enabled by BIOS\n"); > > + > > + tme_policy = TME_ACTIVATE_POLICY(tme_activate); > > + if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) > > + pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); > > + > > + tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); > > + if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { > > + pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", > > + tme_crypto_algs); > > + mktme_status = MKTME_DISABLED; > > + } > > + > > + detect_keyid_bits(c, tme_activate); > > +} > > I noticed that this code is not optional, other than by disabling > CPU_SUP_INTEL. Was that intentional? What were your thoughts behind that? We need to mask out bits for KeyID even if we don't use them ourself, so I think we should do this unconditionally. I need to re-check this with 32-bit kernel, though. -- Kirill A. Shutemov