Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp843966ybe;
        Wed, 11 Sep 2019 05:43:00 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxBWnXZNW5Wg2QT4fRhbiLmePk+R7EJorQRJSVM133xVWaKxEt+NmCh1J4GuF+RQHalKP/9
X-Received: by 2002:a50:f00c:: with SMTP id r12mr36481751edl.274.1568205780462;
        Wed, 11 Sep 2019 05:43:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1568205780; cv=none;
        d=google.com; s=arc-20160816;
        b=y4uJaGTl0nD/IEXPaZokc0KKLBw2u0XHscuqC5KM6S8OgyZWJHOadSruuA5LfguDEw
         a4YzcnzIU+jPIgboMCHndgNphAkN5kNBQqu7rPlBnuGB8+UZPB6DRSSrVXnm/Ng88rB4
         lI4pfgMiKl2dB1QcyWDlLc0Yh9W2Xxyxxs80ma42Octw0/9rZYnqywG4+LrlcB5Sj61z
         TRHG2lk8LVOmNTrX08+uxQuCvxczmih4fnAXnA308w20C5XRmgCqcZpuUkW81hN7Rp62
         e6xFGxWTapB3gMYp5G9I8WSt4O6qUiXO99z3zDA2xVteUiecnByU++0NAJ00eS3x6pxI
         dQSQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mty+cmfDkxuqy9Ow0zIujBbv0Z4V+id1aES3fLT5bjc=;
        b=FD+xHWNhmJ5scZrKE7bK2fX1hRQ4sCL0rgvsteSsMl8L+lCD45NjSmwnRNjg8HAwaS
         WPFEYXwrt4zxp9IbOHhe+0kAuOjg0TAM4djAbx7cmyQKKWOoaypJHSwRnAmNoY3cOIS7
         m60pdMgWjEzeZiPEwaNdxVTiFAm7eoYFwlIm3boZ3PmhfiuhUnSiBTnuHVQsGRJO50l6
         7lvk7AZ152re6zJuspuUD05TihtCq6QUI/irNQm+1abjfAbyiZ7ik2dcVJTXcJDUmhf/
         4z7nbaw8uDsSO6UGC153ungSh6G1ZX23hSADLiqvqcgIITFKzQoqcSh2iPYJbG8W/OgY
         Ui9A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail (test mode) header.i=@shipmail.org header.s=mail header.b=B7+fD5SU;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x3si12631622eda.285.2019.09.11.05.42.36;
        Wed, 11 Sep 2019 05:43:00 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail (test mode) header.i=@shipmail.org header.s=mail header.b=B7+fD5SU;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727782AbfIKMkg (ORCPT <rfc822;huangleihappily@gmail.com>
        + 99 others); Wed, 11 Sep 2019 08:40:36 -0400
Received: from ste-pvt-msa1.bahnhof.se ([213.80.101.70]:11248 "EHLO
        ste-pvt-msa1.bahnhof.se" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727307AbfIKMkg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 11 Sep 2019 08:40:36 -0400
Received: from localhost (localhost [127.0.0.1])
        by ste-pvt-msa1.bahnhof.se (Postfix) with ESMTP id 9E5BE3F3E7;
        Wed, 11 Sep 2019 14:40:34 +0200 (CEST)
Authentication-Results: ste-pvt-msa1.bahnhof.se;
        dkim=pass (1024-bit key; unprotected) header.d=shipmail.org header.i=@shipmail.org header.b=B7+fD5SU;
        dkim-atps=neutral
X-Virus-Scanned: Debian amavisd-new at bahnhof.se
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level: 
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=6.31
        tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
        DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, URIBL_BLOCKED=0.001]
        autolearn=ham autolearn_force=no
Received: from ste-pvt-msa1.bahnhof.se ([127.0.0.1])
        by localhost (ste-pvt-msa1.bahnhof.se [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id tauN1zsihhrY; Wed, 11 Sep 2019 14:40:32 +0200 (CEST)
Received: from mail1.shipmail.org (h-205-35.A357.priv.bahnhof.se [155.4.205.35])
        (Authenticated sender: mb878879)
        by ste-pvt-msa1.bahnhof.se (Postfix) with ESMTPA id 535A03F449;
        Wed, 11 Sep 2019 14:40:30 +0200 (CEST)
Received: from localhost.localdomain.localdomain (h-205-35.A357.priv.bahnhof.se [155.4.205.35])
        by mail1.shipmail.org (Postfix) with ESMTPSA id EE5AA3602D6;
        Wed, 11 Sep 2019 14:40:29 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=shipmail.org; s=mail;
        t=1568205630; bh=h6am28tjus1+KbMcn5GOOEwhmeKLs5yd8dEaw6oNuyQ=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=B7+fD5SUWqzBKl6tBtyQGitQAB/ns6tTT/vcHX2QMLbxxbdE5OXCMN2s/cgQs8LfS
         QL6xlLu8/6IhvwOBaYRyAzhbGyIlIu+kQ7B7vJEkKVvbdeVE05L22NTtMNfzs7daXI
         vdOkZMiPV5EckKdIAVxJ315GijRycWTptT0OCKvA=
From:   =?UTF-8?q?Thomas=20Hellstr=C3=B6m=20=28VMware=29?= 
        <thomas_os@shipmail.org>
To:     linux-kernel@vger.kernel.org
Cc:     pv-drivers@vmware.com, linux-graphics-maintainer@vmware.com,
        x86@kernel.org, Thomas Hellstrom <thellstrom@vmware.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Andy Lutomirski <luto@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Christoph Hellwig <hch@infradead.org>,
        =?UTF-8?q?Christian=20K=C3=B6nig?= <christian.koenig@amd.com>,
        Marek Szyprowski <m.szyprowski@samsung.com>,
        Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH v2 2/2] dma-mapping: Fix dma_pgprot() for unencrypted coherent pages
Date:   Wed, 11 Sep 2019 14:40:22 +0200
Message-Id: <20190911124022.22423-3-thomas_os@shipmail.org>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20190911124022.22423-1-thomas_os@shipmail.org>
References: <20190911124022.22423-1-thomas_os@shipmail.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Thomas Hellstrom <thellstrom@vmware.com>

When dma_mmap_coherent() sets up a mapping to unencrypted coherent memory
under SEV encryption and sometimes under SME encryption, it will actually
set up an encrypted mapping rather than an unencrypted, causing devices
that DMAs from that memory to read encrypted contents. Fix this.

When force_dma_unencrypted() returns true, the linear kernel map of the
coherent pages have had the encryption bit explicitly cleared and the
page content is unencrypted. Make sure that any additional PTEs we set
up to these pages also have the encryption bit cleared by having
dma_pgprot() return a protection with the encryption bit cleared in this
case.

Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Christian König <christian.koenig@amd.com>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
---
 kernel/dma/mapping.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/dma/mapping.c b/kernel/dma/mapping.c
index b0038ca3aa92..2b499dcae74f 100644
--- a/kernel/dma/mapping.c
+++ b/kernel/dma/mapping.c
@@ -157,6 +157,8 @@ EXPORT_SYMBOL(dma_get_sgtable_attrs);
  */
 pgprot_t dma_pgprot(struct device *dev, pgprot_t prot, unsigned long attrs)
 {
+	if (force_dma_unencrypted(dev))
+		prot = pgprot_decrypted(prot);
 	if (dev_is_dma_coherent(dev) ||
 	    (IS_ENABLED(CONFIG_DMA_NONCOHERENT_CACHE_SYNC) &&
              (attrs & DMA_ATTR_NON_CONSISTENT)))
-- 
2.20.1