Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp2549094ybe; Tue, 3 Sep 2019 14:47:58 -0700 (PDT) X-Google-Smtp-Source: APXvYqym4k+dgIYPyPgJ5YE7wfEgZ5Qv4Wd8N/JfSgsEaKITFbsH0v7aBmvnbl2i5ThS7maSkRiD X-Received: by 2002:a63:58c:: with SMTP id 134mr5115588pgf.106.1567547277988; Tue, 03 Sep 2019 14:47:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567547277; cv=none; d=google.com; s=arc-20160816; b=nCoys/hzPjrp/8+eLmWbpelGZNc1bqxvvmp/hZO2wJKUpnITSzazuqEN9ZtZK1u+l5 phTG/WFWBK60RZnJ2Il8C1+Wjitz/uHNPq2bRIObWm8fDbU+ILUsprxUtmFdNqAZsbIz qy9omCtVuhokrBfYUfuWwiJLf9QV1mP6WdbaqfQqLKGlS6B0vvzjbh18hYZi8QtSWwjR FM+50v+f/hEboUw86WK5M2YtI/D2CvdrUtm8Mxr0Z23Nzk4jLQYAjXXbsbMOmrflwzMZ PdFTj15oHEOgEUN2gjNQg7ZmRx8nKUODTb7I1qaY+jCcVz3ERiIkH7hqfIom9l9H0A1t aVAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=qaCtDNz3yx06FmZYCVhFvxBHL4zwHyFeheg8IAKdTwA=; b=g5gcxrfnld9Us63LXgPqsCkQKgttRhy/Fx1wAksy7mZQImMqu4GW0BbknLZLd1a2y0 inTaPa2mgCUEK/I+N6En8NC1cTbe3a6cUzrunKT5mX5s95sMHPhMxJek4vFg6eSNY6MR hji538rerPXutEshSYcNzPhPRYTy8WbP2Mr4w0JpGHHBL3ri1o2cA9ZUzECgV8UejBnl c8Ghwv9kNNnEcSTZrunn3L+QVU0GGheEZcVq/ORA3Rsed8BIJvrFqQ81PGnB2XbqECuh sKo3ybgJMfx6U7iHpBgduirfJW+qvq82+FUc4kDxh6K5Rj2UIJwd2O4KUjcsa1If8AR3 p3fg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="CD6/9CM1"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j24si15847213pgh.287.2019.09.03.14.47.36; Tue, 03 Sep 2019 14:47:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="CD6/9CM1"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726858AbfICVql (ORCPT + 99 others); Tue, 3 Sep 2019 17:46:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:59940 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726079AbfICVql (ORCPT ); Tue, 3 Sep 2019 17:46:41 -0400 Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id C18C022CF8 for ; Tue, 3 Sep 2019 21:46:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1567547200; bh=OP29gy/q+Cu68z+EtjpWoGyc83iGnUe1WahW7rKmtJU=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=CD6/9CM1nKcIzrbPVDQFlgnKevgZNXmRfLLC6PyzUU/mCHfU3iVEH4CGTWufDJwfm qS1yJoSThByNKWmHG8XrhXhForrSoQrkKjc/rwJBxAjJDMqkBbjYony0DU8r71kWro 3KTryIXmbZM88cQ6U4i08+KJlFlSkKvQ8zduc6hY= Received: by mail-wr1-f54.google.com with SMTP id y8so18999593wrn.10 for ; Tue, 03 Sep 2019 14:46:39 -0700 (PDT) X-Gm-Message-State: APjAAAV0foZD80Mc3sysMQBXac7BBYkg4TVMa0b501L/vIa9NrTD+F5o xm7OCCCSCR+SlzcJQ9hd/5vgFSj0UH9SP3Y/mIE37Q== X-Received: by 2002:adf:eec5:: with SMTP id a5mr45408830wrp.352.1567547198323; Tue, 03 Sep 2019 14:46:38 -0700 (PDT) MIME-Version: 1.0 References: <20190903131504.18935-1-thomas_os@shipmail.org> <20190903131504.18935-4-thomas_os@shipmail.org> <6d0fafcc-b596-481b-7b22-1f26f0c02c5c@intel.com> <7fa3b178-b9b4-2df9-1eee-54e24d48342e@intel.com> In-Reply-To: From: Andy Lutomirski Date: Tue, 3 Sep 2019 14:46:27 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 3/4] drm/ttm, drm/vmwgfx: Correctly support support AMD memory encryption To: =?UTF-8?Q?Thomas_Hellstr=C3=B6m_=28VMware=29?= Cc: Dave Hansen , Daniel Vetter , dri-devel , pv-drivers@vmware.com, VMware Graphics , Linux Kernel Mailing List , Tom Lendacky , Thomas Hellstrom , Peter Zijlstra , Dave Hansen , Heiko Carstens , Christian Borntraeger , Ingo Molnar , Borislav Petkov , Andy Lutomirski , "H. Peter Anvin" , Thomas Gleixner , =?UTF-8?Q?Christian_K=C3=B6nig?= Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 3, 2019 at 2:05 PM Thomas Hellstr=C3=B6m (VMware) wrote: > > On 9/3/19 10:51 PM, Dave Hansen wrote: > > On 9/3/19 1:36 PM, Thomas Hellstr=C3=B6m (VMware) wrote: > >> So the question here should really be, can we determine already at mma= p > >> time whether backing memory will be unencrypted and adjust the *real* > >> vma->vm_page_prot under the mmap_sem? > >> > >> Possibly, but that requires populating the buffer with memory at mmap > >> time rather than at first fault time. > > I'm not connecting the dots. > > > > vma->vm_page_prot is used to create a VMA's PTEs regardless of if they > > are created at mmap() or fault time. If we establish a good > > vma->vm_page_prot, can't we just use it forever for demand faults? > > With SEV I think that we could possibly establish the encryption flags > at vma creation time. But thinking of it, it would actually break with > SME where buffer content can be moved between encrypted system memory > and unencrypted graphics card PCI memory behind user-space's back. That > would imply killing all user-space encrypted PTEs and at fault time set > up new ones pointing to unencrypted PCI memory.. > > > > > Or, are you concerned that if an attempt is made to demand-fault page > > that's incompatible with vma->vm_page_prot that we have to SEGV? > > > >> And it still requires knowledge whether the device DMA is always > >> unencrypted (or if SEV is active). > > I may be getting mixed up on MKTME (the Intel memory encryption) and > > SEV. Is SEV supported on all memory types? Page cache, hugetlbfs, > > anonymous? Or just anonymous? > > SEV AFAIK encrypts *all* memory except DMA memory. To do that it uses a > SWIOTLB backed by unencrypted memory, and it also flips coherent DMA > memory to unencrypted (which is a very slow operation and patch 4 deals > with caching such memory). > I'm still lost. You have some fancy VMA where the backing pages change behind the application's back. This isn't particularly novel -- plain old anonymous memory and plain old mapped files do this too. Can't you all the insert_pfn APIs and call it a day? What's so special that you need all this magic? ISTM you should be able to allocate memory that's addressable by the device (dma_alloc_coherent() or whatever) and then map it into user memory just like you'd map any other page. I feel like I'm missing something here.