Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp1442781ybl; Fri, 13 Dec 2019 15:38:13 -0800 (PST) X-Google-Smtp-Source: APXvYqyevVbw5k1RP3Y4uGBVLEYTG51iwmQjV9C9hc00q6/hbrJIfAChY7xw/4cUYXaoHgGmj2Mb X-Received: by 2002:a9d:6a8f:: with SMTP id l15mr17022412otq.59.1576280293855; Fri, 13 Dec 2019 15:38:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1576280293; cv=none; d=google.com; s=arc-20160816; b=uXoKkml9vrzvSeqGCGlWBY37OUT5/XjKr1M3Fa0dorcbiZuQL/WTT52hd2Ch0ibSd0 BS3MN0UHPV2y8Z2mEomZZu01QBeO7cJ+sAca6y+lNvJCJYhHMnaOZmMss3jzGvXDnDWd AqT5fuAjz585VoLOBFpl2XWNSRRo1YrjSOr2hr8MC7t9K4J59Sn/CpKObzU7qpP3p/VM XavyFJyxtgm9RIJklSNr5ZiWktSHGH6wgPJ0RrWLNo/7RtHTCIWCs3UYxMg3rjCYaVR1 FZ0YpIXKLRqG6o+lutpIdtr/2bgFdDRP/ez7Zw0Li2kPqcDXy1tsEAfoAk/7aW/ilJ3V J2dw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=tF6xdK1TQEpV0ca/a8wufcbAcaB6WhDiqEVYvGb6uhs=; b=ja11EyEjgZQ5uGjbWf2MOpW4p8FaXuHhHnKIJOeGJhGbDT5otx8cYXveGxPF/ZzE33 y1E9rJGD40g1Ig8kEHZHFUEzkgwTjIIrjjw0kgebwyP99RyKxihHz9a2Rc9UlpQsvTUb GGo9O+w5MZYhfw/TfUcTrmEdvwUBTVqlDZne7Sa/lN/yvq1c2G7cVlHdpssf07eUcGbL rk4M57QkaWP0Q+3ygI106xCQTuUF1hW35ZipJlVXW1PXtByJaO+SmzwX5yHH8xotyPne YPTi0U9t8SHYs6eUH6SOAZk2ggCe82Azk/3V3pA8UYLgNCRM+RRjfRMVR/OH/Sgc9e75 iQuA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t28si6064325otr.16.2019.12.13.15.37.57; Fri, 13 Dec 2019 15:38:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726623AbfLMXhK (ORCPT + 99 others); Fri, 13 Dec 2019 18:37:10 -0500 Received: from mail-pj1-f68.google.com ([209.85.216.68]:38122 "EHLO mail-pj1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725747AbfLMXhK (ORCPT ); Fri, 13 Dec 2019 18:37:10 -0500 Received: by mail-pj1-f68.google.com with SMTP id l4so375257pjt.5 for ; Fri, 13 Dec 2019 15:37:10 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=tF6xdK1TQEpV0ca/a8wufcbAcaB6WhDiqEVYvGb6uhs=; b=W65FZ2NQ40E8ZrPUZqpwMkACkURu8VvP7cijSt3X33k6G4rRp4o394FqZO2HlypuFU dsVJaCgtkevg3hRalCY/3ws1RsXJmxVdxItbiNnVEvQ5vfydCiaP9fbVdl75HiSM8CBm gYNj0rucxPNIQ579iEkV01EITevFEkZvTp/UGxAkpPhuVX4nEkzkwmPRp8KwV33WmpFk aG7YzCY8tqP1lKddIs6AfQgN7Pm0iqESBEBm3UXzwq6G2KTA98Mw79CHUoDHOi18acD3 JwSGsvPMZvhKoeTpsNaZbV1u44RiEfz5ZnYhPW+tFlR8svVGrRjDMEdYFysM4y/uaLic Mujg== X-Gm-Message-State: APjAAAUqbMY3AhfFSfAy17JGPnxjVOSIai5HIdkwn1hdcWIiOCpYt9bw BPxPSp8k8fL5e3TB6FPpbSFJvuIOOsImIw== X-Received: by 2002:a17:90a:374b:: with SMTP id u69mr2331439pjb.23.1576280230004; Fri, 13 Dec 2019 15:37:10 -0800 (PST) Received: from dennisz-mbp.dhcp.thefacebook.com ([2620:10d:c090:200::c0f4]) by smtp.gmail.com with ESMTPSA id d77sm13708534pfd.126.2019.12.13.15.37.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Dec 2019 15:37:09 -0800 (PST) Date: Fri, 13 Dec 2019 15:37:07 -0800 From: Dennis Zhou To: David Rientjes Cc: Dennis Zhou , Tejun Heo , Christoph Lameter , Erdem Aktas , Borislav Petkov , Brijesh Singh , linux-kernel@vger.kernel.org Subject: Re: [patch] percpu: Separate decrypted varaibles anytime encryption can be enabled Message-ID: <20191213233707.GA89837@dennisz-mbp.dhcp.thefacebook.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.2 (2019-09-21) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi David, On Fri, Dec 13, 2019 at 01:31:46PM -0800, David Rientjes wrote: > From: Erdem Aktas > > CONFIG_VIRTUALIZATION may not be enabled for memory encrypted guests. If > disabled, decrypted per-CPU variables may end up sharing the same page > with variables that should be left encrypted. > > Always separate per-CPU variables that should be decrypted into their own > page anytime memory encryption can be enabled in the guest rather than > rely on any other config option that may not be enabled. > > Fixes: ac26963a1175 ("percpu: Introduce DEFINE_PER_CPU_DECRYPTED") > Cc: stable@vger.kernel.org # 4.15+ > Signed-off-by: Erdem Aktas > Signed-off-by: David Rientjes > --- > include/linux/percpu-defs.h | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/include/linux/percpu-defs.h b/include/linux/percpu-defs.h > --- a/include/linux/percpu-defs.h > +++ b/include/linux/percpu-defs.h > @@ -175,8 +175,7 @@ > * Declaration/definition used for per-CPU variables that should be accessed > * as decrypted when memory encryption is enabled in the guest. > */ > -#if defined(CONFIG_VIRTUALIZATION) && defined(CONFIG_AMD_MEM_ENCRYPT) > - > +#ifdef CONFIG_AMD_MEM_ENCRYPT > #define DECLARE_PER_CPU_DECRYPTED(type, name) \ > DECLARE_PER_CPU_SECTION(type, name, "..decrypted") > Applied to for-5.6. Thanks, Dennis