Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp5428241imm; Tue, 12 Jun 2018 07:44:10 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJZGqWDvBdr++woG/4Zh6PAyvLcVPIa9vAa5EOWYdsnxW6HG1GCf5gTFhwtgycxPilQHXnE X-Received: by 2002:a17:902:2f84:: with SMTP id t4-v6mr781586plb.24.1528814650095; Tue, 12 Jun 2018 07:44:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528814650; cv=none; d=google.com; s=arc-20160816; b=HONVKRpVKUQJ/NFBVjpGlDvlJIkaN0k55w5Epv70ZB1ZGTw8x/6n9VW0bi6nCOuwcS 8iwje/+Wca94es6ip3V6y2u4j2QOMoq2DO1dE02oV5vKXKIyHOK7PLf9mwUPrRfngk3+ UWricSypU+Y3qC9L0b9LyTyly44sgjr/QfDbMJVWg2IeRf0bcJhVhzauEzYPrYVolpCE QVRu5+Eyzu1/OpAOIIMgdalsKWPQpk1YwrKyq1dfwOIeCivBIk24VfIuHEiqrFiZM8NR eF0ji4u6J6EywQ1dcTL8l84vSPXxugYJpB55B84wZi3l+Up+Bv4bxl79srSNuL2lfCdk MlXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=EAbwDX30q7YjpIxvRLDRgim5uU7BDVU3/OwF9iSqdVg=; b=SIitcPCkYw/QQ8V+6Kp2FoVvSBb08Y9A03qwfoBanxQTVDgtksCgtP3O+g+DdSMTN3 iRxDAs2DGbmxsbavXXPu1hr0DD/DqJJ/G4i0eOZFORyFswdoVXTrizmLkqMj4FO0RziG PatmNABE5LsHamhpMS91gNdV9d/PBZwkQWD5yiAL7rPiFctNxjMrtPa40tRwg/UIV6MK bRrG0Lcj1s5t3FHWXAC6Pw40IjjLNTWMtGIWtfcB72LzfccyHUlAxixZ/pFUyIzugk9p dDwG9VHRX6Gkb9Q2w3JdBoWQGStNZpvpdnxX5X9sIvqUOPWfnMdCYb+2zCX3xI3ZmCXW MMCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g15-v6si224607pgf.249.2018.06.12.07.43.56; Tue, 12 Jun 2018 07:44:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934321AbeFLOl6 (ORCPT + 99 others); Tue, 12 Jun 2018 10:41:58 -0400 Received: from mga02.intel.com ([134.134.136.20]:8257 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934244AbeFLOj1 (ORCPT ); Tue, 12 Jun 2018 10:39:27 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Jun 2018 07:39:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,215,1526367600"; d="scan'208";a="49279031" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga006.jf.intel.com with ESMTP; 12 Jun 2018 07:39:24 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 25AC44C9; Tue, 12 Jun 2018 17:39:21 +0300 (EEST) From: "Kirill A. Shutemov" To: Ingo Molnar , x86@kernel.org, Thomas Gleixner , "H. Peter Anvin" , Tom Lendacky Cc: Dave Hansen , Kai Huang , Jacob Pan , linux-kernel@vger.kernel.org, linux-mm@kvack.org, "Kirill A. Shutemov" Subject: [PATCHv3 12/17] x86/mm: Allow to disable MKTME after enumeration Date: Tue, 12 Jun 2018 17:39:10 +0300 Message-Id: <20180612143915.68065-13-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180612143915.68065-1-kirill.shutemov@linux.intel.com> References: <20180612143915.68065-1-kirill.shutemov@linux.intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Separate MKTME enumaration from enabling. We need to postpone enabling until initialization is complete. The new helper mktme_disable() allows to disable MKTME even if it's enumerated successfully. MKTME initialization may fail and this functionallity allows system to boot regardless of the failure. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 12 ++++++++++++ arch/x86/kernel/cpu/intel.c | 15 ++++----------- arch/x86/mm/mktme.c | 9 +++++++++ 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index ec7036abdb3f..9363b989a021 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -6,11 +6,21 @@ struct vm_area_struct; +/* Values for mktme_status */ +#define MKTME_DISABLED 0 +#define MKTME_ENUMERATED 1 +#define MKTME_ENABLED 2 +#define MKTME_UNINITIALIZED 3 + +extern int mktme_status; + #ifdef CONFIG_X86_INTEL_MKTME extern phys_addr_t mktme_keyid_mask; extern int mktme_nr_keyids; extern int mktme_keyid_shift; +void mktme_disable(void); + #define prep_encrypted_page prep_encrypted_page void prep_encrypted_page(struct page *page, int order, int keyid, bool zero); @@ -28,6 +38,8 @@ extern struct page_ext_operations page_mktme_ops; #define page_keyid page_keyid int page_keyid(const struct page *page); +void mktme_disable(void); + #else #define mktme_keyid_mask ((phys_addr_t)0) #define mktme_nr_keyids 0 diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index efc9e9fc47d4..fb58776513e6 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -508,11 +508,7 @@ static void detect_vmx_virtcap(struct cpuinfo_x86 *c) #define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ #define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 -/* Values for mktme_status (SW only construct) */ -#define MKTME_ENABLED 0 -#define MKTME_DISABLED 1 -#define MKTME_UNINITIALIZED 2 -static int mktme_status = MKTME_UNINITIALIZED; +int mktme_status __ro_after_init = MKTME_UNINITIALIZED; static void detect_tme(struct cpuinfo_x86 *c) { @@ -568,11 +564,11 @@ static void detect_tme(struct cpuinfo_x86 *c) if (mktme_status == MKTME_UNINITIALIZED) { /* MKTME is usable */ - mktme_status = MKTME_ENABLED; + mktme_status = MKTME_ENUMERATED; } #ifdef CONFIG_X86_INTEL_MKTME - if (mktme_status == MKTME_ENABLED && nr_keyids) { + if (mktme_status == MKTME_ENUMERATED && nr_keyids) { mktme_nr_keyids = nr_keyids; mktme_keyid_shift = c->x86_phys_bits - keyid_bits; @@ -591,10 +587,7 @@ static void detect_tme(struct cpuinfo_x86 *c) * Maybe needed if there's inconsistent configuation * between CPUs. */ - physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; - mktme_keyid_mask = 0; - mktme_keyid_shift = 0; - mktme_nr_keyids = 0; + mktme_disable(); } #endif diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 1821b87abb2f..43a44f0f2a2d 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -6,6 +6,15 @@ phys_addr_t mktme_keyid_mask; int mktme_nr_keyids; int mktme_keyid_shift; +void mktme_disable(void) +{ + physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; + mktme_keyid_mask = 0; + mktme_keyid_shift = 0; + mktme_nr_keyids = 0; + mktme_status = MKTME_DISABLED; +} + int page_keyid(const struct page *page) { if (mktme_status != MKTME_ENABLED) -- 2.17.1