Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5288795yba; Wed, 8 May 2019 10:44:09 -0700 (PDT) X-Google-Smtp-Source: APXvYqzAMaYejLeu/EOWK5PaBt+p1h91Yk0VVMu3Vv0qkG00fwigvG7KD6DnBynGm+KSrhrm6i+x X-Received: by 2002:a65:66d2:: with SMTP id c18mr18409134pgw.427.1557337449149; Wed, 08 May 2019 10:44:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557337449; cv=none; d=google.com; s=arc-20160816; b=FHH6dqQmkW7ka7xKQqpI/dT39mZpPYKLw+68mUJ6EBeGliq5Bmzf3IdJWfg5R0zRD1 4mUdrNqMtbqkpxxtLzjo9wZ+a2uZBVnjxl3+eVFJ/Pvf7iClb9iRKko5bnslEy1Scav0 Hz9ikF/LaD9vBwXNxm5GA7wKlbEXxBb1y63uJlLFP1KU7Z9jQFs5ca6Hoe5XoatgAfU5 TKLUfmB9qCucC8Q9QZJLkUYn9WCWNC/kzrWrHeRXxEDPg9UcB+HcYzYHT/Q0Iie5/ZPn C0cbRpuzAB+BCIBiSATvaBAKljTK5sJQOc2KzaHUqWat2nOfSnoNW4UMOAkOnApLOsBV 0iTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=x4/Z50S2DWAd5rYId6h1vAEZLevWJ2xcvSwXBFBahYU=; b=CaVIM71C2iCa0vNqBtaA+gAcWh0H4kWDM74JegC4NkkshKdptsXSbOTFoaBO/LeCzv l52ip5ORG2xCvu8vS+5WWb18AZDN8D+c0XHpQ8R89YuTuTBoERzBFUP9PqPTsI4Xfugc iQUPp7ZYl5N0V/VKY2xcMyWVzQwF6c9fTqNCNEm22Mb3T8X0fHjyTwecz53t7xA3IvZ7 FFTaZM/pQQAgFAcVHI553TpWr5R+vOUgH0XqgNOIcrW8VpUDfvTLpy90mt5p5PBdBO2h JlmjuJ9mwiKNMupW9aBTv9D+8v9w1otxvQyA3fo0I/+mZtoDIryXOfhmybFlyFsvslo9 mtoQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 9si24471328pgw.263.2019.05.08.10.43.53; Wed, 08 May 2019 10:44:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728622AbfEHOpE (ORCPT + 99 others); Wed, 8 May 2019 10:45:04 -0400 Received: from mga03.intel.com ([134.134.136.65]:59520 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728301AbfEHOop (ORCPT ); Wed, 8 May 2019 10:44:45 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 May 2019 07:44:44 -0700 X-ExtLoop1: 1 Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga005.fm.intel.com with ESMTP; 08 May 2019 07:44:40 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 11A32AF7; Wed, 8 May 2019 17:44:30 +0300 (EEST) From: "Kirill A. Shutemov" To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCH, RFC 28/62] keys/mktme: Set up PCONFIG programming targets for MKTME keys Date: Wed, 8 May 2019 17:43:48 +0300 Message-Id: <20190508144422.13171-29-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190508144422.13171-1-kirill.shutemov@linux.intel.com> References: <20190508144422.13171-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Alison Schofield MKTME Key service maintains the hardware key tables. These key tables are package scoped per the MKTME hardware definition. This means that each physical package on the system needs its key table programmed. These physical packages are the targets of the new PCONFIG programming command. So, introduce a PCONFIG targets bitmap as well as a CPU mask that includes the lead CPUs capable of programming the targets. The lead CPU mask will be used every time a new key is programmed into the hardware. Keep the PCONFIG targets bit map around for future use during hotplug events. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 42 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 9fdf482ea3e6..b5b44decfd3e 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -2,6 +2,7 @@ /* Documentation/x86/mktme_keys.rst */ +#include #include #include #include @@ -17,6 +18,8 @@ static DEFINE_SPINLOCK(mktme_lock); struct kmem_cache *mktme_prog_cache; /* Hardware programming cache */ +unsigned long *mktme_target_map; /* Pconfig programming targets */ +cpumask_var_t mktme_leadcpus; /* One lead CPU per pconfig target */ /* 1:1 Mapping between Userspace Keys (struct key) and Hardware KeyIDs */ struct mktme_mapping { @@ -303,6 +306,33 @@ struct key_type key_type_mktme = { .destroy = mktme_destroy_key, }; +static void mktme_update_pconfig_targets(void) +{ + int cpu, target_id; + + cpumask_clear(mktme_leadcpus); + bitmap_clear(mktme_target_map, 0, sizeof(mktme_target_map)); + + for_each_online_cpu(cpu) { + target_id = topology_physical_package_id(cpu); + if (!__test_and_set_bit(target_id, mktme_target_map)) + __cpumask_set_cpu(cpu, mktme_leadcpus); + } +} + +static int mktme_alloc_pconfig_targets(void) +{ + if (!alloc_cpumask_var(&mktme_leadcpus, GFP_KERNEL)) + return -ENOMEM; + + mktme_target_map = bitmap_alloc(topology_max_packages(), GFP_KERNEL); + if (!mktme_target_map) { + free_cpumask_var(mktme_leadcpus); + return -ENOMEM; + } + return 0; +} + static int __init init_mktme(void) { int ret; @@ -320,9 +350,21 @@ static int __init init_mktme(void) if (!mktme_prog_cache) goto free_map; + /* Hardware programming targets */ + if (mktme_alloc_pconfig_targets()) + goto free_cache; + + /* Initialize first programming targets */ + mktme_update_pconfig_targets(); + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + + free_cpumask_var(mktme_leadcpus); + bitmap_free(mktme_target_map); +free_cache: + kmem_cache_destroy(mktme_prog_cache); free_map: kvfree(mktme_map); -- 2.20.1