Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1291684imm; Tue, 3 Jul 2018 08:39:01 -0700 (PDT) X-Google-Smtp-Source: AAOMgpeEGDPu14Rv7g0NbtK1nKZeWb0MpLQ505GCU8sUiLMN8/cd7XkdgKRoj8526lMgkfXnL1WX X-Received: by 2002:a65:58c8:: with SMTP id e8-v6mr15132669pgu.96.1530632341561; Tue, 03 Jul 2018 08:39:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530632341; cv=none; d=google.com; s=arc-20160816; b=vMrKHhOJHruNcsKRNOZHFD/tUIWiiwXspR9utrPwgoczbqFPsc6hAIRn1Zgp6WoEvG wmI4h2FTNQpqGdagBHm4p5E18bia4Aoonn+aWefBrgAZgH6Ljm4Z1IQvM0Zf7mLfJlLZ xn39PpaHiHO+I9oIPa/YpzNa1LRFZ+VzX+HXf3vVam9sjMEJ52Wso8ZD1Jxg8AgW2QjA jRe+sM7TS0ovBiGeqpqEbArzGLfYQqW+UFHBKGkPq0NaJSuyrt/uyOw3qf+rHltJuOUn ndQgTMIO7T6xVRJywlol5Bu4I7kA2LEmRBvKe3gN7NUc6kEXqPDzA0gyC1+mu3Nrvs5l 3I/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=30w5FcS4aSaL45ySKftVASszSujMzzBVXluFiBfMawo=; b=nB8GRu8xuxZxixo29RT6lZbxMvMCDv5AYVL6lqWxvcjY063iexzSERyycO0K40XC7K /mD19xtkWMEKiUhzTmqS+YJbl8mDyiMePOaRGdeexGmFCWNPuKCmKkE3lQ1Vw6B8Dhwk bjMfLCzbspUlmtnf2HM3b6QBLsqUgKGXnFld3AaczoDDN1w43t6BhRXYqfHyt4BDttKP ZosUBhGFnaunmdnv+47egatCyiceHlhGTlSeJ8iAFq9DRuJGV0Zu9R+cthyHaphJKVhZ BufXTQqdaALw581/FifErnf1SW+ULobjhfy+DEpkOkg+F2t7QYBkAWFUzPuJIxQQw3k4 mS7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Mvrq9/Uh"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e36-v6si1281484pge.507.2018.07.03.08.38.46; Tue, 03 Jul 2018 08:39:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Mvrq9/Uh"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934030AbeGCPhW (ORCPT + 99 others); Tue, 3 Jul 2018 11:37:22 -0400 Received: from mail-it0-f68.google.com ([209.85.214.68]:52329 "EHLO mail-it0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933933AbeGCPhU (ORCPT ); Tue, 3 Jul 2018 11:37:20 -0400 Received: by mail-it0-f68.google.com with SMTP id p4-v6so3728730itf.2 for ; Tue, 03 Jul 2018 08:37:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=30w5FcS4aSaL45ySKftVASszSujMzzBVXluFiBfMawo=; b=Mvrq9/Uh0F04wGHdQIgapKadKrjWEaxZ41KiJZgYOhdpL956ovvxASslqRkpG7OgVc ryN5U6a1bzGN7xRdU14XMay+OsBZb/YCgTDIpdMepgzDddZ5Ls/8PRlk6fZmJpiqkfSM HL8GzH0ImvX/Pz/A1ioxKgp1/tRwIPPFJhbTA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=30w5FcS4aSaL45ySKftVASszSujMzzBVXluFiBfMawo=; b=AfEuiy8RShtxdnbaM3KTe181JsAIJFmOs1ELDEH0MS0lrBoCC3w8FULzvBv+Iq80tv OIiaa+Ye+Rs6OufqPdUjsMxX/Gg0Q3VpCIOHyDgyeaDDOIGtgcJunhMQIRyldMtJuzFk AQ88GGBmriXcVrxstf+GlvGdKwCXsfXXr+IXTUegbWoNJugUKnwOlDL9n5IyCu84zG8D p4y8pNENlanbm+BGu+gtevs2x0xYE5isUt9kuMMYmXqIlqZCejH3air6tJuZr+ySP4Rj /4kV/lXIfnLEtjDYxJMkiMTQwIaq8dHW4MKk2KLWzUFVJu+5CqMADIvTRWCF6ix3KEs2 HRjw== X-Gm-Message-State: APt69E2k099U/VuWBKYPw+yubMzUyZDYeQT5EsO1T0tCgjlxF2f75HJ3 5nlP4RsNG4ODeu5PYMLyCViokVBW0W5maYVaE2ynog== X-Received: by 2002:a02:4187:: with SMTP id n7-v6mr24904392jad.86.1530632238681; Tue, 03 Jul 2018 08:37:18 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a6b:bbc7:0:0:0:0:0 with HTTP; Tue, 3 Jul 2018 08:37:18 -0700 (PDT) In-Reply-To: <1530624720-32004-1-git-send-email-brijesh.singh@amd.com> References: <1530624720-32004-1-git-send-email-brijesh.singh@amd.com> From: Ard Biesheuvel Date: Tue, 3 Jul 2018 17:37:18 +0200 Message-ID: Subject: Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active To: Brijesh Singh Cc: "the arch/x86 maintainers" , linux-efi , Linux Kernel Mailing List , Tom Lendacky , Thomas Gleixner , Borislav Petkov , KVM devel mailing list , Matt Fleming , Andy Lutomirski , "# 4 . 15 . x" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3 July 2018 at 15:32, Brijesh Singh wrote: > SEV guest fails to update the UEFI runtime variables stored in the > flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted > when SEV is active") unconditionally maps all the UEFI runtime data > as 'encrypted' (C=1). When SEV is active the UEFI runtime data marked > as EFI_MEMORY_MAPPED_IO should be mapped as 'unencrypted' so that both > guest and hypervisor can access the data. > I'm uncomfortable having to carry these heuristics in the kernel. The UEFI memory map should be the definitive source of information regarding how the OS should map the regions it describes, and if we need to guess the encryption status, we are likely to get it wrong at least some of the times. Is any work underway to get the UEFI spec extended to take encrypted memory into account? I am aware that we cannot disclose specifics, but you should be able to disclose whether it is under discussion or not. In the mean time, we will have to do something, I know that, but I would like to discuss the proper solution before proceeding with the stop gap one. -- Ard. > Fixes: 1379edd59673 (x86/efi: Access EFI data as encrypted ...) > Cc: Tom Lendacky > Cc: Thomas Gleixner > Cc: Borislav Petkov > Cc: linux-efi@vger.kernel.org > Cc: kvm@vger.kernel.org > Cc: Ard Biesheuvel > Cc: Matt Fleming > Cc: Andy Lutomirski > Cc: # 4.15.x > Signed-off-by: Brijesh Singh > --- > arch/x86/platform/efi/efi_64.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c > index 77873ce..5f2eb32 100644 > --- a/arch/x86/platform/efi/efi_64.c > +++ b/arch/x86/platform/efi/efi_64.c > @@ -417,7 +417,7 @@ static void __init __map_region(efi_memory_desc_t *md, u64 va) > if (!(md->attribute & EFI_MEMORY_WB)) > flags |= _PAGE_PCD; > > - if (sev_active()) > + if (sev_active() && md->type != EFI_MEMORY_MAPPED_IO) > flags |= _PAGE_ENC; > > pfn = md->phys_addr >> PAGE_SHIFT; > -- > 2.7.4 >