Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp9923991ybi; Wed, 24 Jul 2019 12:24:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqynvx6pUx5skyzfHPRctjAaIjo4Kx3IPczoZcf2r0m06SAJmYkXqlOwjnFAtBW2z9Qd9pmE X-Received: by 2002:a17:902:9a04:: with SMTP id v4mr84744943plp.95.1563996276383; Wed, 24 Jul 2019 12:24:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563996276; cv=none; d=google.com; s=arc-20160816; b=tmdTZ9W56KRBDtO+BZk8x9EXnGY9JKGL8APkVgPYZ+9ACy3KUN1h9tqQgX+f494hlr raRKT+eFAaG/kuotP7QQebJ2Pc6ze++7w2WLdP55hIQjq8l9+Od+HwFgC4ukXqPf/9sS 4UV5V4/5fQBjiT+ZtDaOdrSEhKUj0TUL4q9L2FGGsOX5v9xnIh7yPvNs2Fx6KoGFlj8U GoxSNJAHAd0TbdHwriznYMQ+b3Ed4dtbtEMxarF7lc7xgRW5tH71wGHxhcDJ9oS3iW+U LPYwoAr5tOQqLffVeJPEUDShSUYsTxgVbbnt4C4DnznWZHev7iPaAf+jkLmPaSjMogL9 TbFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=O8BpPykOGPMrcNWO68vuYRL0O4QY5mFmWnwLnMdbXek=; b=rvqLn7cf3y4twuzIAmYIdrglSQU00+SvA7n6NQwkDV9FcdIsjhp/0H27o9sjOOotHa bfL31wu1a+08rUMNGHGm9z0pXeOR2OVLcKnJo4+3J7W69i3qB+hITqloSUwCkGJlcE2G 6ccXc/mH5pED8vSyxTAJRMI/uPtth4qEB//NkaX+2nwz93yMH4/TbbpjKtXsE+3WEItF fevSAOC772mb7JPupPbIE5/FWsitWCymfI2fiVjS4mP60QVnTFFlF2/ABDA4xDWf8OGh Vai692aPcXe9EsQBSspPbpm9wmh23zkQ6EhHSjYaJnM7aeoYIvrN92ndLItE4qWDn3MO 3f3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="zS/bVLGP"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n61si13891839pjb.20.2019.07.24.12.24.21; Wed, 24 Jul 2019 12:24:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="zS/bVLGP"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727126AbfGXSLr (ORCPT + 99 others); Wed, 24 Jul 2019 14:11:47 -0400 Received: from mail-ed1-f67.google.com ([209.85.208.67]:35015 "EHLO mail-ed1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726298AbfGXSLq (ORCPT ); Wed, 24 Jul 2019 14:11:46 -0400 Received: by mail-ed1-f67.google.com with SMTP id w20so47884159edd.2 for ; Wed, 24 Jul 2019 11:11:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=O8BpPykOGPMrcNWO68vuYRL0O4QY5mFmWnwLnMdbXek=; b=zS/bVLGPe7Biddu3tvwjxuJoE7XfssHm9A/D8B3sP1tRSW0ABm1Zr3GTP948ZUZoYk rRQk1qET++mJxWEizDZAZlrHpxRur3R4IwaejxU3NgmAAP0EBUVI+lb/54oEy/WdTZ9h SKobC8Q0AWyJr5Kk/XAxuCZLeTUzOg78ZegpDU6YlMXhQWYFdKRsi9QpqYTrCqUIgbEI vNQ4oIeVdvyPQLBmKqZdyuQkJeTgbO5xafzcXSyUD1eoBeiiEoSACykaToz9efeG/xQZ Opm842qAOGZH9V/l9cbqIRV8TfquUXfLQlDvLLZl8EPUa/YUvwrY6sdElsmQdqZvgcDS tdzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=O8BpPykOGPMrcNWO68vuYRL0O4QY5mFmWnwLnMdbXek=; b=OW7HalopPhISxJ82D95vINoX2szbIIIWEqGA9GtHXicdxia32DkjLJLbd21o1RdhHv pySAu7ENUgCsZrZlgIM7K31dKsocnIJEi5Bbl67wHIW+7Rv77OrA5Hnp9232IKFurEMz YRwIdYiQO9I4nfTjo3tpmtlD5zKz+NfGmWfairjOd/fDYhQdN97rke9PUC75vYl7xzLY GAoCAPMNylrnxyFHolxVLrptja6SVxAywTPWIo2lD4EjuwwtPC+nTuaqjXwOqpYHYo5m ML6RupBY1HNIFtpZAhkN/MXliR44MThuCj39PLyecrWRQWaq8yTBm8DGB3FSli9Csfx9 b8Jw== X-Gm-Message-State: APjAAAWXawob1MDvsDzWyHKcgHLEmhjrdG4pFgoGg6i7hoX/N2Esj9YR QAqwXZY8/ZA51HuKFbE7wCw= X-Received: by 2002:a17:906:2f0f:: with SMTP id v15mr61261234eji.33.1563991904593; Wed, 24 Jul 2019 11:11:44 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id o11sm9407138ejd.68.2019.07.24.11.11.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jul 2019 11:11:44 -0700 (PDT) Received: by box.localdomain (Postfix, from userid 1000) id 00DBA10169F; Wed, 24 Jul 2019 21:11:39 +0300 (+03) Date: Wed, 24 Jul 2019 21:11:39 +0300 From: "Kirill A. Shutemov" To: "Lendacky, Thomas" Cc: Robin Murphy , "iommu@lists.linux-foundation.org" , "linux-kernel@vger.kernel.org" , "x86@kernel.org" , Christoph Hellwig , Marek Szyprowski , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" , Dave Hansen , Andy Lutomirski , Peter Zijlstra , Lianbo Jiang Subject: Re: [PATCH] dma-direct: Force unencrypted DMA under SME for certain DMA masks Message-ID: <20190724181139.yebja5yflzjgfxlx@box> References: <10b83d9ff31bca88e94da2ff34e30619eb396078.1562785123.git.thomas.lendacky@amd.com> <20190724155530.hlingpcirjcf2ljg@box> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 24, 2019 at 05:34:26PM +0000, Lendacky, Thomas wrote: > On 7/24/19 12:06 PM, Robin Murphy wrote: > > On 24/07/2019 17:42, Lendacky, Thomas wrote: > >> On 7/24/19 10:55 AM, Kirill A. Shutemov wrote: > >>> On Wed, Jul 10, 2019 at 07:01:19PM +0000, Lendacky, Thomas wrote: > >>>> @@ -351,6 +355,32 @@ bool sev_active(void) > >>>> ? } > >>>> ? EXPORT_SYMBOL(sev_active); > >>>> ? +/* Override for DMA direct allocation check - > >>>> ARCH_HAS_FORCE_DMA_UNENCRYPTED */ > >>>> +bool force_dma_unencrypted(struct device *dev) > >>>> +{ > >>>> +??? /* > >>>> +???? * For SEV, all DMA must be to unencrypted addresses. > >>>> +???? */ > >>>> +??? if (sev_active()) > >>>> +??????? return true; > >>>> + > >>>> +??? /* > >>>> +???? * For SME, all DMA must be to unencrypted addresses if the > >>>> +???? * device does not support DMA to addresses that include the > >>>> +???? * encryption mask. > >>>> +???? */ > >>>> +??? if (sme_active()) { > >>>> +??????? u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask)); > >>>> +??????? u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask, > >>>> +??????????????????????? dev->bus_dma_mask); > >>>> + > >>>> +??????? if (dma_dev_mask <= dma_enc_mask) > >>>> +??????????? return true; > >>> > >>> Hm. What is wrong with the dev mask being equal to enc mask? IIUC, it > >>> means that device mask is wide enough to cover encryption bit, doesn't it? > >> > >> Not really...? it's the way DMA_BIT_MASK works vs bit numbering. Let's say > >> that sme_me_mask has bit 47 set. __ffs64 returns 47 and DMA_BIT_MASK(47) > >> will generate a mask without bit 47 set (0x7fffffffffff). So the check > >> will catch anything that does not support at least 48-bit DMA. > > > > Couldn't that be expressed as just: > > > > ????if (sme_me_mask & dma_dev_mask == sme_me_mask) > > Actually !=, but yes, it could have been done like that, I just didn't > think of it. I'm looking into generalizing the check to cover MKTME. Leaving off the Kconfig changes and moving the check to other file, doest the change below look reasonable to you. It's only build tested so far. diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index fece30ca8b0c..6c86adcd02da 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -355,6 +355,8 @@ EXPORT_SYMBOL(sev_active); /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ bool force_dma_unencrypted(struct device *dev) { + u64 dma_enc_mask; + /* * For SEV, all DMA must be to unencrypted addresses. */ @@ -362,18 +364,20 @@ bool force_dma_unencrypted(struct device *dev) return true; /* - * For SME, all DMA must be to unencrypted addresses if the - * device does not support DMA to addresses that include the - * encryption mask. + * For SME and MKTME, all DMA must be to unencrypted addresses if the + * device does not support DMA to addresses that include the encryption + * mask. */ - if (sme_active()) { - u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask)); - u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask, - dev->bus_dma_mask); + if (!sme_active() && !mktme_enabled()) + return false; - if (dma_dev_mask <= dma_enc_mask) - return true; - } + dma_enc_mask = sme_me_mask | mktme_keyid_mask(); + + if (dev->coherent_dma_mask && (dev->coherent_dma_mask & dma_enc_mask) != dma_enc_mask) + return true; + + if (dev->bus_dma_mask && (dev->bus_dma_mask & dma_enc_mask) != dma_enc_mask) + return true; return false; } -- Kirill A. Shutemov