Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3060576pxj; Mon, 31 May 2021 19:14:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzapQsYeaiBoJMYX9BwkDgHARRhnQGBMaSDhJBN3AMPhCxbfhjW5jeUCRN48RP4Ti2aKr7s X-Received: by 2002:a17:906:7302:: with SMTP id di2mr25438650ejc.409.1622513655980; Mon, 31 May 2021 19:14:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622513655; cv=none; d=google.com; s=arc-20160816; b=awxvUy28ViY9Cdnym4OcexgsyQm8qdWvS5uA0fvqBr+DPOzwSB0tcqyfxnslGu+JB/ A3JqILiCA19MwP5fgua5QrKKEj2plxPJUf66Gxg8ELeVJgU5Ao51b+4LGtgxrPcLk8QJ aiaXbRJ263KfY8b9ZqmlUAM1SGG3vulzYgLEoY6bJetbS99fPQLFWoJdTOO8eFpjwdNr BgNfCS1LezDBAL/q1V6+A6Hb8LIWGA90PwGu0kDFMkpL86twzTHp2kgnPUTxQJZ0CPi2 92tiZNNTnjjmKTTptvLnQ2qJB26dfz0L408Vmp8NaQ0Cj/vp1EK9360V3/LEGmjRhC9z CeCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=fPmB+5KmskZIj6okrn4lp2AIss1zY/jwlZqvPOHAYYo=; b=ymHzbsWJatmgOLKWU9+tLHKGxbxXjJhED2OIKZcKQPg5sS2tdcGD9Q882aQCjdX/4Y 68NlZXBBvTiT62UuifTdv6czpN/GgY5ssVPmYYG20ExyUZNfhmjkVKRBo0Hlic7FY8jY ulZd/JdhhsA9J8nhorWMhk3LvMnBVj9ZOSBeeYFSn7LB+jTv5F2ReOrchVrUZaYpUEMv 2EzpfQYmhTBdLP1s8S2oV6maMpysfw6CqDunQHlHPgF9IVtUBxmpJwHQnXjiOsRrUGFE cjX2sIrO1CE4eNLa8tsGmshb+LrNwTZG43rnfMBeOVdI5XvYLPck7m5PXMijT63zp0JL BWPg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bh4si16901433ejb.358.2021.05.31.19.13.53; Mon, 31 May 2021 19:14:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232637AbhFACLq (ORCPT + 99 others); Mon, 31 May 2021 22:11:46 -0400 Received: from mga05.intel.com ([192.55.52.43]:40556 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232611AbhFACLq (ORCPT ); Mon, 31 May 2021 22:11:46 -0400 IronPort-SDR: oNWtsp2Xu7iehEL35gnqQLA6trAMBU5+FLcg/uaJFm9DmiVsxb+0X7Gmm8EMydBL0x7LSSjZ8o 40weHBSpi+wg== X-IronPort-AV: E=McAfee;i="6200,9189,10001"; a="289072093" X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="289072093" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2021 19:10:05 -0700 IronPort-SDR: WMOjzy1JzgvnJXP+36xSUmk8BVhZ4SQUJ4W9MaqUscJ8UcqOv//KIItT5ue5iTzuKlaUv2gQGO HmkhXcDZ8/wg== X-IronPort-AV: E=Sophos;i="5.83,239,1616482800"; d="scan'208";a="479094388" Received: from mjdelaro-mobl.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.254.3.23]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 May 2021 19:10:04 -0700 From: Kuppuswamy Sathyanarayanan To: Peter Zijlstra , Andy Lutomirski , Dave Hansen , Tony Luck Cc: Andi Kleen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Dan Williams , Raj Ashok , Sean Christopherson , Kuppuswamy Sathyanarayanan , linux-kernel@vger.kernel.org Subject: [RFC v2-fix-v2 1/1] x86/mm: Move force_dma_unencrypted() to common code Date: Mon, 31 May 2021 19:10:02 -0700 Message-Id: <20210601021002.4235-1-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210527044736.3984684-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20210527044736.3984684-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: "Kirill A. Shutemov" Intel TDX doesn't allow VMM to access guest private memory. Any memory that is required for communication with VMM must be shared explicitly by setting the bit in page table entry. After setting the shared bit, the conversion must be completed with MapGPA TDVMALL. The call informs VMM about the conversion between private/shared mappings. The shared memory is similar to unencrypted memory in AMD SME/SEV terminology but the underlying process of sharing/un-sharing the memory is different for Intel TDX guest platform. SEV assumes that I/O devices can only do DMA to "decrypted" physical addresses without the C-bit set.  In order for the CPU to interact with this memory, the CPU needs a decrypted mapping. To add this support, AMD SME code forces force_dma_unencrypted() to return true for platforms that support AMD SEV feature. It will be used for DMA memory allocation API to trigger set_memory_decrypted() for platforms that support AMD SEV feature. TDX is similar. So, to communicate with I/O devices, related pages need to be marked as shared. As mentioned above, shared memory in TDX architecture is similar to decrypted memory in AMD SME/SEV. So similar to AMD SEV, force_dma_unencrypted() has to forced to return true. This support is added in other patches in this series. So move force_dma_unencrypted() out of AMD specific code and call AMD specific (amd_force_dma_unencrypted()) initialization function from it. force_dma_unencrypted() will be modified by later patches to include Intel TDX guest platform specific initialization. Also, introduce new config option X86_MEM_ENCRYPT_COMMON that has to be selected by all x86 memory encryption features. This will be selected by both AMD SEV and Intel TDX guest config options. This is preparation for TDX changes in DMA code and it has not functional change.     Signed-off-by: Kirill A. Shutemov Reviewed-by: Andi Kleen Reviewed-by: Tony Luck Signed-off-by: Kuppuswamy Sathyanarayanan --- Changes since RFC v2-fix-v1: * Added mem_encrypt_common.h and moved common encryption related function declarations to it. Changes since RFC v2: * Instead of moving all the contents of force_dma_unencrypted() to mem_encrypt_common.c, create sub function for AMD and call it from common code. * Fixed commit log as per review comments. arch/x86/Kconfig | 8 ++++++-- arch/x86/include/asm/mem_encrypt_common.h | 18 ++++++++++++++++++ arch/x86/mm/Makefile | 2 ++ arch/x86/mm/mem_encrypt.c | 5 +++-- arch/x86/mm/mem_encrypt_common.c | 20 ++++++++++++++++++++ 5 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 arch/x86/include/asm/mem_encrypt_common.h create mode 100644 arch/x86/mm/mem_encrypt_common.c diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index fc588a64d1a0..7bc371d8ad7d 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1531,14 +1531,18 @@ config X86_CPA_STATISTICS helps to determine the effectiveness of preserving large and huge page mappings when mapping protections are changed. +config X86_MEM_ENCRYPT_COMMON + select ARCH_HAS_FORCE_DMA_UNENCRYPTED + select DYNAMIC_PHYSICAL_MASK + def_bool n + config AMD_MEM_ENCRYPT bool "AMD Secure Memory Encryption (SME) support" depends on X86_64 && CPU_SUP_AMD select DMA_COHERENT_POOL - select DYNAMIC_PHYSICAL_MASK select ARCH_USE_MEMREMAP_PROT - select ARCH_HAS_FORCE_DMA_UNENCRYPTED select INSTRUCTION_DECODER + select X86_MEM_ENCRYPT_COMMON help Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/arch/x86/include/asm/mem_encrypt_common.h b/arch/x86/include/asm/mem_encrypt_common.h new file mode 100644 index 000000000000..697bc40a4e3d --- /dev/null +++ b/arch/x86/include/asm/mem_encrypt_common.h @@ -0,0 +1,18 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Copyright (C) 2020 Intel Corporation */ +#ifndef _ASM_X86_MEM_ENCRYPT_COMMON_H +#define _ASM_X86_MEM_ENCRYPT_COMMON_H + +#include +#include + +#ifdef CONFIG_AMD_MEM_ENCRYPT +bool amd_force_dma_unencrypted(struct device *dev); +#else /* CONFIG_AMD_MEM_ENCRYPT */ +static inline bool amd_force_dma_unencrypted(struct device *dev) +{ + return false; +} +#endif /* CONFIG_AMD_MEM_ENCRYPT */ + +#endif diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index 5864219221ca..b31cb52bf1bd 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -52,6 +52,8 @@ obj-$(CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS) += pkeys.o obj-$(CONFIG_RANDOMIZE_MEMORY) += kaslr.o obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o +obj-$(CONFIG_X86_MEM_ENCRYPT_COMMON) += mem_encrypt_common.o + obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_identity.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_boot.o diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index ae78cef79980..5a81f73dd61e 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -29,6 +29,7 @@ #include #include #include +#include #include "mm_internal.h" @@ -390,8 +391,8 @@ bool noinstr sev_es_active(void) return sev_status & MSR_AMD64_SEV_ES_ENABLED; } -/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ -bool force_dma_unencrypted(struct device *dev) +/* Override for DMA direct allocation check - AMD specific initialization */ +bool amd_force_dma_unencrypted(struct device *dev) { /* * For SEV, all DMA must be to unencrypted addresses. diff --git a/arch/x86/mm/mem_encrypt_common.c b/arch/x86/mm/mem_encrypt_common.c new file mode 100644 index 000000000000..4a9a4d5f36cd --- /dev/null +++ b/arch/x86/mm/mem_encrypt_common.c @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Memory Encryption Support Common Code + * + * Copyright (C) 2021 Intel Corporation + * + * Author: Kuppuswamy Sathyanarayanan + */ + +#include +#include + +/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ +bool force_dma_unencrypted(struct device *dev) +{ + if (sev_active() || sme_active()) + return amd_force_dma_unencrypted(dev); + + return false; +} -- 2.25.1