Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3060015pxj; Mon, 31 May 2021 19:13:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJycZEkwmJUUkxmxpL5r5z/cT1hKvcIcsKaKqh7yzR2shOnBWROUSIbsUCcDBDjdLsERiAKN X-Received: by 2002:aa7:c619:: with SMTP id h25mr4495906edq.388.1622513584489; Mon, 31 May 2021 19:13:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622513584; cv=none; d=google.com; s=arc-20160816; b=YhUnWBW9uZx+wJgwIvje8E634UaLb9GGZ23mAD0KqQF1KPNWRqaSANx01ymTzkuZQn NBJp8NBcvpOYzCQ7rmy+ux9mGU4bUMvlo2YVhs6U/scOGG1u0DRJTsMP2NoLXS9XRoxQ 0fUO0rr3iqTAzTaZkjzFkRFLtIB9TqvjdbZo+HYWjP/pbiVgAmBEjiAznItH82RdYOmN GpInImYasIEIzWn4oYT9WfZiQQmPyrmG/3xtfCiU1BjfWUw+DYQcZNBtZ2ZUg1KCnju3 RUUciVv3jjBxvL4Bo1Sh880VYCcb07VqKf8UF3+fX/50VOkeP2T1jdcAr0s+y4+iAYBF KyMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=QDm/czIBtpR3fP7nL5bk9svLdcewtM9hwbxHvV+OEZE=; b=FjuXDM2TNsNIDQAjCSzNazjPf7QTvI6r+eYMwd8rDmqoW+d9+WCsQUmHZLzto308Lo Vvnwt8Njt3n35iARhszXvpfWIx74ogZ+8kIY8FHcWcV+lhB+o9HHxK3n0W1VdnKtfVjZ lkWYTwNcXzzXGLFy4z7k95KkZF4GnfO7utINFhJGCLfb9jbaz1ui37jtkyRV0AfVZXkW i3Sv8Q0VLeldRNtWONnv6yKJ+3Dw1MkQtXBWjjp8qnu/GgmMQNwmAdS2eCMneQhvS4+e 1gA+Pn9FKpSaHbKmjRsceXfWqmEiq7v6DDuQMxYtbftA8Dh73TSjP/MCKyDLlOCnnvAb QDxQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h6si16950577ejo.288.2021.05.31.19.12.39; Mon, 31 May 2021 19:13:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232573AbhFACKc (ORCPT + 99 others); Mon, 31 May 2021 22:10:32 -0400 Received: from mga12.intel.com ([192.55.52.136]:31129 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232132AbhFACKb (ORCPT ); Mon, 31 May 2021 22:10:31 -0400 IronPort-SDR: YKPch017eH/fNstaA+VDCu7fEXrvpS4xq9R9AmfmPAC0CdA9hKTv4G0n2wyS8WgLb7I61vpj8H 1DxKnK07aCKw== X-IronPort-AV: E=McAfee;i="6200,9189,10001"; a="183136421" X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="183136421" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2021 19:08:51 -0700 IronPort-SDR: 2rE58Aqp2+83M9CCev55vf+p8yKRMTWpzrig4XUzxLCO3RE/gi0wbOFeihjk3zezKW5GSzTAqm RxqjRCwqaQAg== X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="479094172" Received: from mjdelaro-mobl.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.254.3.23]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2021 19:08:49 -0700 From: Kuppuswamy Sathyanarayanan To: Peter Zijlstra , Andy Lutomirski , Dave Hansen , Tony Luck Cc: Andi Kleen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Dan Williams , Raj Ashok , Sean Christopherson , Kuppuswamy Sathyanarayanan , linux-kernel@vger.kernel.org Subject: [RFC v2-fix-v1 1/1] x86/tdx: Exclude Shared bit from physical_mask Date: Mon, 31 May 2021 19:08:45 -0700 Message-Id: <20210601020845.4127-1-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210531214602.qd6r63s5jbr4vcm5@box> References: <20210531214602.qd6r63s5jbr4vcm5@box> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: "Kirill A. Shutemov" Just like MKTME, TDX reassigns bits of the physical address for metadata. MKTME used several bits for an encryption KeyID. TDX uses a single bit in guests to communicate whether a physical page should be protected by TDX as private memory (bit set to 0) or unprotected and shared with the VMM (bit set to 1). Add a helper, tdg_shared_mask() to generate the mask. The processor enumerates its physical address width to include the shared bit, which means it gets included in __PHYSICAL_MASK by default. Remove the shared mask from 'physical_mask' since any bits in tdg_shared_mask() are not used for physical addresses in page table entries. Also, note that we cannot club shared mapping configuration between AMD SME and Intel TDX Guest platforms in common function. SME has to do it very early in __startup_64() as it sets the bit on all memory, except what is used for communication. TDX can postpone it, as it don't need any shared mapping in very early boot. Signed-off-by: Kirill A. Shutemov Reviewed-by: Andi Kleen Signed-off-by: Kuppuswamy Sathyanarayanan --- Changes since RFC-v2: * Renamed __PHYSICAL_MASK to physical_mask in commit subject. * Fixed commit log as per review comments. arch/x86/Kconfig | 1 + arch/x86/include/asm/tdx.h | 6 ++++++ arch/x86/kernel/tdx.c | 9 +++++++++ 3 files changed, 16 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 7bc371d8ad7d..7e7ac99c4f4c 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -879,6 +879,7 @@ config INTEL_TDX_GUEST select X86_X2APIC select SECURITY_LOCKDOWN_LSM select ARCH_HAS_PROTECTED_GUEST + select X86_MEM_ENCRYPT_COMMON help Provide support for running in a trusted domain on Intel processors equipped with Trusted Domain eXtenstions. TDX is a new Intel diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index dfdb303ef7e2..0808cbbde045 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -118,6 +118,8 @@ do { \ } while (0) #endif +extern phys_addr_t tdg_shared_mask(void); + #else // !CONFIG_INTEL_TDX_GUEST static inline bool is_tdx_guest(void) @@ -137,6 +139,10 @@ static inline bool tdg_early_handle_ve(struct pt_regs *regs) return false; } +static inline phys_addr_t tdg_shared_mask(void) +{ + return 0; +} #endif /* CONFIG_INTEL_TDX_GUEST */ #ifdef CONFIG_INTEL_TDX_GUEST_KVM diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c index 02a3273b09d2..29d4b06535ce 100644 --- a/arch/x86/kernel/tdx.c +++ b/arch/x86/kernel/tdx.c @@ -101,6 +101,12 @@ bool tdx_protected_guest_has(unsigned long flag) } EXPORT_SYMBOL_GPL(tdx_protected_guest_has); +/* The highest bit of a guest physical address is the "sharing" bit */ +phys_addr_t tdg_shared_mask(void) +{ + return 1ULL << (td_info.gpa_width - 1); +} + static void tdg_get_info(void) { u64 ret; @@ -112,6 +118,9 @@ static void tdg_get_info(void) td_info.gpa_width = out.rcx & GENMASK(5, 0); td_info.attributes = out.rdx; + + /* Exclude Shared bit from the __PHYSICAL_MASK */ + physical_mask &= ~tdg_shared_mask(); } static __cpuidle void tdg_halt(void) -- 2.25.1