Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp563400pxk; Wed, 23 Sep 2020 10:01:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxT2f/BS/VToZ6vc7lm9PGpa2/oByebyZDHp3QdY5fLS5G2YU5urObLnF6NlbJ5LH8fdWG8 X-Received: by 2002:a17:906:fb84:: with SMTP id lr4mr625466ejb.282.1600880468389; Wed, 23 Sep 2020 10:01:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600880468; cv=none; d=google.com; s=arc-20160816; b=rkxpq7SSb/aPjNT/GeGg04bROp3XvIb1rjExUobRzMQATN/iGw136YJ22uEbib6fV9 gG03wGiCTAvAGC8RsmPOfzui0UKj+VewHiQYXfVJh65ghg+PAUq4c8AztKkmWMhISrRQ cEaTy7LsT1pmJAl5AVAaFfz8HRdW8u/y73nIxoRsZvDiMxw1oArGxOzv5nfv+6jB6WC0 EP7fK4O8xCc0Bpsn6FvhnKUvRT6LCXb4hBx+AD61QXXKhrVsmIdOJjjECSXDK8N8O67a Rx7vWTCwuBqpbft0STBYp03qUzlzBdUhB3rfxQMpVxMOXr55VvkGTYQNk1a9b7R5YvE3 r5SA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=vmVARHYAsE9tPU6eUJfulnvnl82Jvse1QKnk4N0AG3M=; b=lDNvjPlPC5aYEJPElK+MFVTLCjhCTpvAowWGs2RoOfmlgVTny0y9lZU7r5XSNNxHev woy3tMHsGy+1Mdby1ukBcmwi37NjzwGRBJMc9uDty2u27A1ZKltidooHCa8VJe79Vma3 6lUw3UWOlrLjDxMVmJFG25rK84wKGx+JwSTV9TDuVkyBW+yHwKuupRWKBxEqpTeSFwXZ nlcTEc1c/mUZp76D233/XaR0LaBds2BfUUVGwuZvGiiW5df3ADdXYZEgMt0NghBwvhoF rNNauWrR8K8krzqZNBCTcs6Xzj/v1o83fS7kLjQ9waYcQuIsbQSlMqQO65BSwUZykjZL cc3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GM1e3aHk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bk4si328569ejb.215.2020.09.23.10.00.42; Wed, 23 Sep 2020 10:01:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GM1e3aHk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726617AbgIWQ7o (ORCPT + 99 others); Wed, 23 Sep 2020 12:59:44 -0400 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:44375 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726424AbgIWQ7o (ORCPT ); Wed, 23 Sep 2020 12:59:44 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600880382; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vmVARHYAsE9tPU6eUJfulnvnl82Jvse1QKnk4N0AG3M=; b=GM1e3aHkSxWv0Km+LIQqjMbxOt7O1ur7EOdtVsv7NGrj9lYR2trI1oswdgDEwONWoAm4Lr BpFgI9DcCXWYrLkgI6GN7lsGuZB3QPyE18JvfPGBTW/EFFGP7UVUM7liZ6SAvkYbPuulEp onYuvbe21BA3XbXakGeiLfRrDn2oV/M= Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com [209.85.221.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-182-7u79O3-pPWqNdX4-_n2xBw-1; Wed, 23 Sep 2020 12:59:40 -0400 X-MC-Unique: 7u79O3-pPWqNdX4-_n2xBw-1 Received: by mail-wr1-f71.google.com with SMTP id l9so64340wrq.20 for ; Wed, 23 Sep 2020 09:59:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=vmVARHYAsE9tPU6eUJfulnvnl82Jvse1QKnk4N0AG3M=; b=XJyfcZx4m7QBiOPj/uQUg8kDhvh+7dADaEA3lIo4gor4i0A2mq5asgrYQwo43jjzZI UK9BWCQMASuyk/ofkxKSIfWUuK18eye7OgmW4SkA7blnDYs8ZR7CnqIs1SbHO23rlD4l GzDh11kYUBT4iMyf728h5E+ionV7l/c03xVmOT3nbAhBqe80bhzMaO4bpAKPtdHZT/lj txzt7YUpCO0VCgjEvWFOw030699JO24IC8sJh02Umk/lwNx/0ScN7orfkm5MuASBXhzc PlOTYrPtFW+JKLVMsK6cGESqVNQCf+1jLcw3xiNC4DkOo+QXZt8h3dDP/78B03F7xiyH Dk6Q== X-Gm-Message-State: AOAM530O/Isqcf2u6RO86apNex7I2go/EDqx3PEJMN/VSmXJrRsWqrKf zAEddINeKFEzepv7Nv8ddncBjx0HSRKYRI3SdTH/Bm/1wknr9VNXXBB6BtOSMys56K+7TPgGqmt Xa1SrQkYGkYsYgqRb11HW79Uk X-Received: by 2002:adf:dd82:: with SMTP id x2mr609816wrl.419.1600880378592; Wed, 23 Sep 2020 09:59:38 -0700 (PDT) X-Received: by 2002:adf:dd82:: with SMTP id x2mr609777wrl.419.1600880378347; Wed, 23 Sep 2020 09:59:38 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:15f1:648d:7de6:bad9? ([2001:b07:6468:f312:15f1:648d:7de6:bad9]) by smtp.gmail.com with ESMTPSA id x10sm401353wmi.37.2020.09.23.09.59.36 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 23 Sep 2020 09:59:37 -0700 (PDT) Subject: Re: [PATCH] KVM: SVM: Mark SEV launch secret pages as dirty. To: Sean Christopherson , Cfir Cohen Cc: "kvm @ vger . kernel . org" , Lendacky Thomas , Singh Brijesh , Grimm Jon , David Rientjes , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H . Peter Anvin" , x86@kernel.org, linux-kernel@vger.kernel.org References: <20200807012303.3769170-1-cfir@google.com> <20200919045505.GC21189@sjchrist-ice> From: Paolo Bonzini Message-ID: <5ac77c46-88b4-df45-4f02-72adfb096262@redhat.com> Date: Wed, 23 Sep 2020 18:59:36 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <20200919045505.GC21189@sjchrist-ice> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 19/09/20 06:55, Sean Christopherson wrote: > Side topic, while I love the comment (I do, honestly) regarding in-place > encryption, this is the fourth? instance of the same 4-line comment (6 lines > if you count the /* and */. Maybe it's time to do something like > > /* LAUNCH_SECRET does in-place encryption, see sev_clflush_pages(). */ > > and then have the main comment in sev_clflush_pages(). With the addition of > X86_FEATURE_SME_COHERENT, there's even a fantastic location for the comment: Two of the three instances are a bit different though. What about this which at least shortens the comment to 2 fewer lines: diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index bb0e89c79a04..7b11546e65ba 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -446,10 +446,8 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) } /* - * The LAUNCH_UPDATE command will perform in-place encryption of the - * memory content (i.e it will write the same memory region with C=1). - * It's possible that the cache may contain the data with C=0, i.e., - * unencrypted so invalidate it first. + * Flush before LAUNCH_UPDATE encrypts pages in place, in case the cache + * contains the data that was written unencrypted. */ sev_clflush_pages(inpages, npages); @@ -805,10 +803,8 @@ static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec) } /* - * The DBG_{DE,EN}CRYPT commands will perform {dec,en}cryption of the - * memory content (i.e it will write the same memory region with C=1). - * It's possible that the cache may contain the data with C=0, i.e., - * unencrypted so invalidate it first. + * Flush before DBG_{DE,EN}CRYPT reads or modifies the pages, flush the + * destination too in case the cache contains its current data. */ sev_clflush_pages(src_p, 1); sev_clflush_pages(dst_p, 1); @@ -870,10 +866,8 @@ static int sev_launch_secret(struct kvm *kvm, struct kvm_sev_cmd *argp) return PTR_ERR(pages); /* - * The LAUNCH_SECRET command will perform in-place encryption of the - * memory content (i.e it will write the same memory region with C=1). - * It's possible that the cache may contain the data with C=0, i.e., - * unencrypted so invalidate it first. + * Flush before LAUNCH_SECRET encrypts pages in place, in case the cache + * contains the data that was written unencrypted. */ sev_clflush_pages(pages, n);