Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp3033476imm; Mon, 16 Jul 2018 20:13:27 -0700 (PDT) X-Google-Smtp-Source: AAOMgpck8raatfRV6Y8p71O3WZ0HvZCBuxe07kgRkn1iTikfoZVzwnm3zjIPNkyFZPXUfpwuqw5S X-Received: by 2002:a62:e813:: with SMTP id c19-v6mr20430809pfi.124.1531797207168; Mon, 16 Jul 2018 20:13:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531797207; cv=none; d=google.com; s=arc-20160816; b=0Z7W2sD39E+3QnfcOZOdh1r1mwOFIys6xVYb4FWRtIkS8NKpSsOHKlr+G+8TFRwDEz A4ujspcbov+W2nEv7emjU0j5lxOa8+UdTu7O6S3QiNxh2gcPREjht1BoitFCdP02Vk9O jxxrXY9uZtAei8ZfCXJzBq9imbio44kQY5Q9PfLRQgPoDdke0mqX/q25tKOa7KpUnuxU VgTTqopoBvWwTgCUhjSHcCO/ohO5ZA4IOmUfAVBd22PAi5GRLXiSdbHTlpIrRpd+OhUP E43FCZ2xcLZw1vknA4tUvJkns7sWmHAPkh4RnGjOkglzKv9xZ8TpbYN245n6x9A2F+0X Lkxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=TMOJhCt+cFMGjV6Yk9QKP7Wwn94pdyXOBWfixEDIA5c=; b=PSeMRQj9JNkvMsEe+HCWo1BHMNIfgbjzqWOhv4VPaYeFuUFlePZcdopHKwvEUBMe/U 1XZKS/GJrI/uaJDQIv5AOmT7YfeRdgWs5xJjFQwQgmWyadsPJ4vN9+fLaTGK9Xx/4qaq TgnucuQL43GrU6hFqpHgzuB6a7JjXWRHWTU5N3zpO6ABh7MEzkFGGgncKAd/E38mCF5K RbEqhX2Saf811GQFAG4D9ytaUWzBNNVx6klTpLw1vsLk1u6Z6cOf6aK73609FrGqxwsA u2mseZUNnclBtV4Wj0S5BJCVV8kvjMar2Ww7jmFoYQJ15AxOyPIgWBoJ82CoiBbWshhd StZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aiPPiu6O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g67-v6si32765958plb.73.2018.07.16.20.13.11; Mon, 16 Jul 2018 20:13:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aiPPiu6O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730180AbeGQDnB (ORCPT + 99 others); Mon, 16 Jul 2018 23:43:01 -0400 Received: from mail-io0-f194.google.com ([209.85.223.194]:34907 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729934AbeGQDnB (ORCPT ); Mon, 16 Jul 2018 23:43:01 -0400 Received: by mail-io0-f194.google.com with SMTP id q4-v6so39880631iob.2 for ; Mon, 16 Jul 2018 20:12:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TMOJhCt+cFMGjV6Yk9QKP7Wwn94pdyXOBWfixEDIA5c=; b=aiPPiu6O8zIJ7x3xpk1abad3ecFZZ4jAIIaQ9OvDMxPc/oK/AY6wLjZPNtJVa8ieg5 jp4rlWP8jOxSY/0JV2zKqAAZopRfWVDW6CvwZd4lEVugR5Ng6ErcyZ51L6LAyE1DjYJH po9JCCwsJu9EhGKcu+MTHGNrS/DqBRqvMGR8k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TMOJhCt+cFMGjV6Yk9QKP7Wwn94pdyXOBWfixEDIA5c=; b=Dx6aPJwbzjhFwbW9mrCn5sIntgQwoTSMjISV47347Gs/EcAFaWcz/jXTqzvy9P0TUq d9n+3CYAvAJATKRpd7dQNaPRtFwI5unxSdJs6e/S+tSjezx80727KsJ+CLn2h9AzABaN QaARMrE9CKfuTSzyAZIWfCQb72nZLMAcsILpLeqKUFSwb6sUp7t3fn19DqBPDOwqLpN9 czckeEDm/WUnrNAZ9FPr43eqFWL6O5IR6wsBOgQH9U8524uYfl23fMRdxKzARYSZiWd1 2HOGsMsHYE/1solbRhl7xQK+ab2Pqd84imL7gkXtsFNRUbCf9pGRra1kfFUhzvifkjcv 5qsQ== X-Gm-Message-State: AOUpUlHmslvckzpaMt+ZBhQisFc32xhn45icRkPqVQ8AwmsO0vBQmFsS zeg3IO8vtF1vwnfkfoKqXHiypR/gNHVb1t7PMUcU5Q== X-Received: by 2002:a6b:5d1a:: with SMTP id r26-v6mr33414566iob.170.1531797158872; Mon, 16 Jul 2018 20:12:38 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a6b:bbc7:0:0:0:0:0 with HTTP; Mon, 16 Jul 2018 20:12:38 -0700 (PDT) In-Reply-To: <3b48a62e-8a5c-3e83-2935-03c9ab011403@amd.com> References: <1530624720-32004-1-git-send-email-brijesh.singh@amd.com> <3b48a62e-8a5c-3e83-2935-03c9ab011403@amd.com> From: Ard Biesheuvel Date: Tue, 17 Jul 2018 11:12:38 +0800 Message-ID: Subject: Re: [PATCH] x86/efi: Access EFI MMIO data as unencrypted when SEV is active To: Brijesh Singh Cc: "the arch/x86 maintainers" , linux-efi , Linux Kernel Mailing List , Tom Lendacky , Thomas Gleixner , Borislav Petkov , KVM devel mailing list , Matt Fleming , Andy Lutomirski , "# 4 . 15 . x" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 17 July 2018 at 03:15, Brijesh Singh wrote: > Hi Ard, > > > > On 07/11/2018 05:00 AM, Ard Biesheuvel wrote: >> >> On 3 July 2018 at 15:32, Brijesh Singh wrote: >>> >>> SEV guest fails to update the UEFI runtime variables stored in the >>> flash. commit 1379edd59673 ("x86/efi: Access EFI data as encrypted >>> when SEV is active") unconditionally maps all the UEFI runtime data >>> as 'encrypted' (C=1). When SEV is active the UEFI runtime data marked >>> as EFI_MEMORY_MAPPED_IO should be mapped as 'unencrypted' so that both >>> guest and hypervisor can access the data. >>> >>> Fixes: 1379edd59673 (x86/efi: Access EFI data as encrypted ...) >>> Cc: Tom Lendacky >>> Cc: Thomas Gleixner >>> Cc: Borislav Petkov >>> Cc: linux-efi@vger.kernel.org >>> Cc: kvm@vger.kernel.org >>> Cc: Ard Biesheuvel >>> Cc: Matt Fleming >>> Cc: Andy Lutomirski >>> Cc: # 4.15.x >>> Signed-off-by: Brijesh Singh >>> --- >>> arch/x86/platform/efi/efi_64.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/arch/x86/platform/efi/efi_64.c >>> b/arch/x86/platform/efi/efi_64.c >>> index 77873ce..5f2eb32 100644 >>> --- a/arch/x86/platform/efi/efi_64.c >>> +++ b/arch/x86/platform/efi/efi_64.c >>> @@ -417,7 +417,7 @@ static void __init __map_region(efi_memory_desc_t >>> *md, u64 va) >>> if (!(md->attribute & EFI_MEMORY_WB)) >>> flags |= _PAGE_PCD; >>> >>> - if (sev_active()) >>> + if (sev_active() && md->type != EFI_MEMORY_MAPPED_IO) >>> flags |= _PAGE_ENC; >>> >>> pfn = md->phys_addr >> PAGE_SHIFT; >> >> >> Is it safe to only update this occurrence and not the one in >> efi_runtime_update_mappings() ? >> > > > It's safe to update this occurrence only. The SEV support is added > in recent EDK2 bios, and the version of bios provides the > EFI_MEMORY_ATTRIBUTE_TABLE. Hence the efi_enabled(EFI_MEM_ATTR) check in > efi_runtime_update_mappings() will always be true. When EFI_MEM_ATTR is > set the code updates the mapping and returns (see below) > > void __init efi_runtime_update_mappings(void) > { > ..... > ..... > > /* > * Use the EFI Memory Attribute Table for mapping permissions if it > * exists, since it is intended to supersede EFI_PROPERTIES_TABLE. > */ > if (efi_enabled(EFI_MEM_ATTR)) { > efi_memattr_apply_permissions(NULL, efi_update_mem_attr); > return; > } > > > ... > > } > > The EFI_MEMORY_ATTRIBUTE_TABLE table does not include MMIO regions, the > table describes the memory protections to EFI runtime code and data > regions only. Both EFI runtime code and data should be mapped as > encrypted. Hence I skipped updating the efi_runtime_update_mappings(). > Ok, thanks for clearing that up Queued in efi/urgent