Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp402971ybe; Wed, 4 Sep 2019 01:21:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqyfs+73GvrjEo2TKQsgVWarbk347mP2Iki8eXXkF76NGZDxtaqWWRznnnwVcTD1KF213jNl X-Received: by 2002:a65:6406:: with SMTP id a6mr33227067pgv.393.1567585295882; Wed, 04 Sep 2019 01:21:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1567585295; cv=none; d=google.com; s=arc-20160816; b=Q142MKDFctx+cPSyAGDHipi5N8rHpmP3d45NlTFi0KTJKA6xTzHVDcC5RYTc1zey3h K6JWgtx+YtjGKcNZRyXBa/aMePHm2ABG32s/eIGuqQafoIT02AFDX1SB50V8szcq1nkX p8bngwkAGAKmK+xdA9amRuJZP/5B3T7nUFJu+B/r9Yv40c2+RP33LbxhyqqJL6mAnUFU tYcAQq/1ccmdWPFdgfAbyxmmHzXURVagi3c1muFcvSUQkm3IluyY/l4F3G2IA0Ji8M4w fTLB1O1E4CJ6jVDXFrSdGarH/dSff853pprFqprbGdO00haUILA88Dubd5vvsRRcOvf6 f5HQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:organization:from:references:cc:to:subject :dkim-signature; bh=2o1WO7Y9SfX/iikvx6+3aPXtkjQTwWjD4CFj+7Ya9Og=; b=gZKjqDQfPuZ74sZjxLJu0nzkZhrR4zTrR+b5ccELMXNXFJQZVUhxVQYufaGs1i0gKP s/CFBDGLEtvH26nPsfZEYdJ6+ANfN6DLz9LQh6ZXi9H4rtPhhqzExQQS8iuMAR2dmAfO GN3iFZq0HejkgZbjqLLtWd7Hfd0QiJYrpToDp+hB+1OSqExTDGiPUvQxzEzr/goLTvWw CmU3oPWjsg+EPASWwRi0LoIvVTcSEYY8eyc6oQFKd6IbBe5VAFpSMbulZeTEsIhs8AGp gppciKO9bCGQM42X5D8rcA2KaZU8dkFVpam7pMen39sW3mGyTzyz43Fv/wR+0lxWo+s6 yc/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail (test mode) header.i=@shipmail.org header.s=mail header.b=NnMLvqmS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 8si14810287pfo.32.2019.09.04.01.21.20; Wed, 04 Sep 2019 01:21:35 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail (test mode) header.i=@shipmail.org header.s=mail header.b=NnMLvqmS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729255AbfIDIUC (ORCPT + 99 others); Wed, 4 Sep 2019 04:20:02 -0400 Received: from ste-pvt-msa1.bahnhof.se ([213.80.101.70]:51786 "EHLO ste-pvt-msa1.bahnhof.se" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725840AbfIDIUC (ORCPT ); Wed, 4 Sep 2019 04:20:02 -0400 Received: from localhost (localhost [127.0.0.1]) by ste-pvt-msa1.bahnhof.se (Postfix) with ESMTP id 9AFA03F670; Wed, 4 Sep 2019 10:19:59 +0200 (CEST) Authentication-Results: ste-pvt-msa1.bahnhof.se; dkim=pass (1024-bit key; unprotected) header.d=shipmail.org header.i=@shipmail.org header.b=NnMLvqmS; dkim-atps=neutral X-Virus-Scanned: Debian amavisd-new at bahnhof.se X-Spam-Flag: NO X-Spam-Score: -2.099 X-Spam-Level: X-Spam-Status: No, score=-2.099 tagged_above=-999 required=6.31 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from ste-pvt-msa1.bahnhof.se ([127.0.0.1]) by localhost (ste-pvt-msa1.bahnhof.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z0xEnIk568vo; Wed, 4 Sep 2019 10:19:58 +0200 (CEST) Received: from mail1.shipmail.org (h-205-35.A357.priv.bahnhof.se [155.4.205.35]) (Authenticated sender: mb878879) by ste-pvt-msa1.bahnhof.se (Postfix) with ESMTPA id 9B82A3F367; Wed, 4 Sep 2019 10:19:50 +0200 (CEST) Received: from localhost.localdomain (h-205-35.A357.priv.bahnhof.se [155.4.205.35]) by mail1.shipmail.org (Postfix) with ESMTPSA id DBCBD36117F; Wed, 4 Sep 2019 10:19:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=shipmail.org; s=mail; t=1567585190; bh=aAKUc1d8so5bVj7uOzEQsEKgmHbL9Y6J7AB2rLBUQOQ=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=NnMLvqmSERGsQWz4m9ga766nvuJfd3Ow/tZkPs7cy9NTLSwGSJ9Wc/1sfOr4X6++X QPalbhsqNYj7w1RLw+cA4mM5kbKtJKagoVpQGFebCup77Vhz25DH1GvlnT5ZXDamG3 +Y1AFe4mTpNoTVc9G14umlpmJw8cAPkKgvpczc1E= Subject: Re: [PATCH v2 3/4] drm/ttm, drm/vmwgfx: Correctly support support AMD memory encryption To: "Koenig, Christian" , Dave Hansen , Daniel Vetter Cc: dri-devel , "pv-drivers@vmware.com" , VMware Graphics , Linux Kernel Mailing List , "Lendacky, Thomas" , Thomas Hellstrom , Peter Zijlstra , Dave Hansen , Heiko Carstens , Christian Borntraeger , Ingo Molnar , Borislav Petkov , Andy Lutomirski , "H. Peter Anvin" , Thomas Gleixner References: <20190903131504.18935-1-thomas_os@shipmail.org> <20190903131504.18935-4-thomas_os@shipmail.org> <6d0fafcc-b596-481b-7b22-1f26f0c02c5c@intel.com> <7fa3b178-b9b4-2df9-1eee-54e24d48342e@intel.com> From: =?UTF-8?Q?Thomas_Hellstr=c3=b6m_=28VMware=29?= Organization: VMware Inc. Message-ID: <94113acc-1f99-2386-1d42-4b9930b04f73@shipmail.org> Date: Wed, 4 Sep 2019 10:19:49 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Christian, On 9/4/19 9:33 AM, Koenig, Christian wrote: > Am 03.09.19 um 23:05 schrieb Thomas Hellström (VMware): >> On 9/3/19 10:51 PM, Dave Hansen wrote: >>> On 9/3/19 1:36 PM, Thomas Hellström (VMware) wrote: >>>> So the question here should really be, can we determine already at mmap >>>> time whether backing memory will be unencrypted and adjust the *real* >>>> vma->vm_page_prot under the mmap_sem? >>>> >>>> Possibly, but that requires populating the buffer with memory at mmap >>>> time rather than at first fault time. >>> I'm not connecting the dots. >>> >>> vma->vm_page_prot is used to create a VMA's PTEs regardless of if they >>> are created at mmap() or fault time.  If we establish a good >>> vma->vm_page_prot, can't we just use it forever for demand faults? >> With SEV I think that we could possibly establish the encryption flags >> at vma creation time. But thinking of it, it would actually break with >> SME where buffer content can be moved between encrypted system memory >> and unencrypted graphics card PCI memory behind user-space's back. >> That would imply killing all user-space encrypted PTEs and at fault >> time set up new ones pointing to unencrypted PCI memory.. > Well my problem is where do you see encrypted system memory here? > > At least for AMD GPUs all memory accessed must be unencrypted and that > counts for both system as well as PCI memory. We're talking SME now right? The current SME setup is that if a device's DMA mask says it's capable of addressing the encryption bit, coherent memory will be encrypted. The memory controllers will decrypt for the device on the fly. Otherwise coherent memory will be decrypted. > > So I don't get why we can't assume always unencrypted and keep it like that. I see two reasons. First, it would break with a real device that signals it's capable of addressing the encryption bit. Second I can imagine unaccelerated setups (something like vkms using prime feeding a VNC connection) where we actually want the TTM buffers encrypted to protect data. But at least the latter reason is way far out in the future. So for me I'm ok with that if that works for you? /Thomas > > Regards, > Christian.