Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp498349pxj; Thu, 13 May 2021 09:43:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxcAzrq09WiO6W4RH4gt7qwoRt3SDVh0SQoUy1kciFeJ6TkjYhqpZ1UeiCxIT7jMmlKCZrr X-Received: by 2002:a17:906:3a45:: with SMTP id a5mr45745468ejf.288.1620924224945; Thu, 13 May 2021 09:43:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620924224; cv=none; d=google.com; s=arc-20160816; b=L8bOj8HiCv15ycKv24Z964H3kjkaGWXQe1dBH99sX/J9OFO0IzF2WUwLQNNMgykJT8 LsL4jEDB/+FpRHj3ZedWgsT+nFkxmZs4IA0jbpAeH8tlBT8xugk3gEbXgMLYl8c4XWUU 8oPTHQFxt4uiavYmIpni681JoN+1ZHCvlHjiN2KZ9caDqlP2eqXYOf33DQukXm3NAkuU 7T2XLe8OwGzoFQpQ+NLAWStGrW1PIWkpDs1QXNGBmnu/7hz9aOAXKsTCYBGFHSzZ/XWW YeOxUWE2mlmENGVcsuieO57vsiW2y/rutKJK6Ehg5tnqxPSxyN8YdgGwgott9wbzRTsg Gg9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=SIOdcx/2/z6sf0ilq0/Yq4eFg+PAdxcHdU+3wRC1+HY=; b=Yd2SXvpxqZToSg+hzH+9JI4ZSOTR+WT4n9xF5kRfCYfecpA2+N2esjPz1t8RlAIE8W 65bzUnt/wI8ViCZRMLYB3DN71VFEbkspQXVFCbswvpfoa1BsEOJqwPfJgdlGwblX4DbV GzgBxp7FRALEe6fDuEepS+RTei4sKkSAJ5Er5XgICqLwEo6koM/ZaG/goOWahIop/Jiw qxvWqjRT635tRSlgwYDJRzFsMl++tvHD0tl4Hr25/+bBxctkGMFC0VFvfdKl7I9Hm6z5 pMOsfxBWr+uVaAg1sHe91sXOa998gMV+Pg300+HF81lxrA/X2cWA12LRUT2t+zzAyLQL cJ/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id fi12si3776027ejb.474.2021.05.13.09.43.20; Thu, 13 May 2021 09:43:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235147AbhEMQmB (ORCPT + 99 others); Thu, 13 May 2021 12:42:01 -0400 Received: from mga18.intel.com ([134.134.136.126]:9154 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233941AbhEMQl4 (ORCPT ); Thu, 13 May 2021 12:41:56 -0400 IronPort-SDR: 4QmGe2EnWjRKVslWrby4pJ+dkXoQISkLjUPyZdos+B9oviSVjaB4bM6s7rsSzuPqP62yFf+T6F EMJozLtVvGiw== X-IronPort-AV: E=McAfee;i="6200,9189,9983"; a="187406427" X-IronPort-AV: E=Sophos;i="5.82,296,1613462400"; d="scan'208";a="187406427" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 May 2021 09:40:39 -0700 IronPort-SDR: t3lGb3KeyBG+L8wO4yBM45lrlCHXZuWJrTJHRox+TXI3YDJ2KEIV59ddHcR6gCQzEC33E2QgdC hmOHnQFmuwfA== X-IronPort-AV: E=Sophos;i="5.82,296,1613462400"; d="scan'208";a="437727386" Received: from dleves-mobl1.amr.corp.intel.com (HELO skuppusw-mobl5.amr.corp.intel.com) ([10.209.146.134]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 May 2021 09:40:38 -0700 Subject: Re: [RFC v2 26/32] x86/mm: Move force_dma_unencrypted() to common code To: Sean Christopherson , Dave Hansen Cc: "Kirill A. Shutemov" , Peter Zijlstra , Andy Lutomirski , Dan Williams , Tony Luck , Andi Kleen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Raj Ashok , linux-kernel@vger.kernel.org References: <7c5adf75d69ea327b22b404b7c37b29712d73640.1619458733.git.sathyanarayanan.kuppuswamy@linux.intel.com> <5536639a-918d-de8d-ff32-934a13902a03@intel.com> <20210512130821.7r2rtzcyjltecun7@box.shutemov.name> From: "Kuppuswamy, Sathyanarayanan" Message-ID: Date: Thu, 13 May 2021 09:40:34 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/12/21 8:53 AM, Sean Christopherson wrote: > On Wed, May 12, 2021, Dave Hansen wrote: >> On 5/12/21 6:08 AM, Kirill A. Shutemov wrote: >>>> That's not an excuse to have a bunch of AMD (or Intel) feature-specific >>>> code in a file named "common". I'd make an attempt to keep them >>>> separate and then call into the two separate functions *from* the common >>>> function. >>> But why? What good does the additional level of inderection brings? >>> >>> It's like saying arch/x86/kernel/cpu/common.c shouldn't have anything AMD >>> or Intel specific. If a function can cover both vendors I don't see a >>> point for additinal complexity. >> >> Because the code is already separate. You're actually going to some >> trouble to move the SEV-specific code and then combine it with the >> TDX-specific code. >> >> Anyway, please just give it a shot. Should take all of ten minutes. If >> it doesn't work out in practice, fine. You'll have a good paragraph for >> the changelog. > > Or maybe wait to see how Boris' propose protected_guest_has() pans out? E.g. if > we can do "protected_guest_has(MEMORY_ENCRYPTION)" or whatever, then the truly > common bits could be placed into common.c without any vendor-specific logic. How about following abstraction? This patch was initially created to enable us use is_tdx_guest() outside of arch/x86 code. But extended it to support bitmap flags. commit 188bdd3c97e49020b2bda9efd992a22091423b85 Author: Kuppuswamy Sathyanarayanan Date: Wed May 12 11:35:13 2021 -0700 tdx: Introduce generic protected_guest abstraction Add a generic way to check if we run with an encrypted guest, without requiring x86 specific ifdefs. This can then be used in non architecture specific code. Enablethis when running under TDX/SEV. Also add helper functions to set/test encrypted guest feature flags. Signed-off-by: Kuppuswamy Sathyanarayanan diff --git a/arch/Kconfig b/arch/Kconfig index ecfd3520b676..98c30312555b 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -956,6 +956,9 @@ config HAVE_ARCH_NVRAM_OPS config ISA_BUS_API def_bool ISA +config ARCH_HAS_PROTECTED_GUEST + bool + # # ABI hall of shame # diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 07fb4df1d881..001487c21874 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -882,6 +882,7 @@ config INTEL_TDX_GUEST select PARAVIRT_XL select X86_X2APIC select SECURITY_LOCKDOWN_LSM + select ARCH_HAS_PROTECTED_GUEST help Provide support for running in a trusted domain on Intel processors equipped with Trusted Domain eXtenstions. TDX is a new Intel @@ -1537,6 +1538,7 @@ config AMD_MEM_ENCRYPT select ARCH_USE_MEMREMAP_PROT select ARCH_HAS_FORCE_DMA_UNENCRYPTED select INSTRUCTION_DECODER + select ARCH_HAS_PROTECTED_GUEST help Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index ccab6cf91283..8260893c34ae 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -21,6 +21,7 @@ #include #include #include +#include #include @@ -107,6 +108,10 @@ static struct resource bss_resource = { .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM }; +#ifdef CONFIG_ARCH_HAS_PROTECTED_GUEST +DECLARE_BITMAP(protected_guest_flags, PROTECTED_GUEST_BITMAP_LEN); +EXPORT_SYMBOL(protected_guest_flags); +#endif #ifdef CONFIG_X86_32 /* CPU data as detected by the assembly code in head_32.S */ diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c index 04a780abb512..45b848ec8325 100644 --- a/arch/x86/kernel/sev-es.c +++ b/arch/x86/kernel/sev-es.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -680,6 +681,9 @@ static void __init init_ghcb(int cpu) data->ghcb_active = false; data->backup_ghcb_active = false; + + set_protected_guest_flag(GUEST_TYPE_SEV); + set_protected_guest_flag(MEMORY_ENCRYPTION); } void __init sev_es_init_vc_handling(void) diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c index 4dfacde05f0c..d0207b990fe4 100644 --- a/arch/x86/kernel/tdx.c +++ b/arch/x86/kernel/tdx.c @@ -7,6 +7,7 @@ #include #include +#include static struct { unsigned int gpa_width; @@ -92,6 +93,9 @@ void __init tdx_early_init(void) setup_force_cpu_cap(X86_FEATURE_TDX_GUEST); + set_protected_guest_flag(GUEST_TYPE_TDX); + set_protected_guest_flag(MEMORY_ENCRYPTION); + tdg_get_info(); pr_info("TDX guest is initialized\n"); diff --git a/include/linux/protected_guest.h b/include/linux/protected_guest.h new file mode 100644 index 000000000000..44e8c642654c --- /dev/null +++ b/include/linux/protected_guest.h @@ -0,0 +1,37 @@ +#ifndef _LINUX_PROTECTED_GUEST_H +#define _LINUX_PROTECTED_GUEST_H 1 + +#define PROTECTED_GUEST_BITMAP_LEN 128 + +/* Protected Guest vendor types */ +#define GUEST_TYPE_TDX (1) +#define GUEST_TYPE_SEV (2) + +/* Protected Guest features */ +#define MEMORY_ENCRYPTION (20) + +#ifdef CONFIG_ARCH_HAS_PROTECTED_GUEST +extern DECLARE_BITMAP(protected_guest_flags, PROTECTED_GUEST_BITMAP_LEN); + +static bool protected_guest_has(unsigned long flag) +{ + return test_bit(flag, protected_guest_flags); +} + +static inline void set_protected_guest_flag(unsigned long flag) +{ + __set_bit(flag, protected_guest_flags); +} + +static inline bool is_protected_guest(void) +{ + return ( protected_guest_has(GUEST_TYPE_TDX) | + protected_guest_has(GUEST_TYPE_SEV) ); +} +#else +static inline bool protected_guest_has(unsigned long flag) { return false; } +static inline void set_protected_guest_flag(unsigned long flag) { } +static inline bool is_protected_guest(void) { return false; } +#endif + +#endif > -- Sathyanarayanan Kuppuswamy Linux Kernel Developer