Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp5439837pxb; Mon, 7 Feb 2022 01:55:28 -0800 (PST) X-Google-Smtp-Source: ABdhPJw780SImBfkfXvgxbwypnI4d7NpvrTb/xw8w0rDLKQZZsvCgVT2K8A8G9zj3bjL9L1MTFeW X-Received: by 2002:a50:ed16:: with SMTP id j22mr13197053eds.114.1644227728097; Mon, 07 Feb 2022 01:55:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644227728; cv=none; d=google.com; s=arc-20160816; b=zpuT1CHeh+e6uuHgky5KAMaRV4giOXey+Tp1VX7ddogPj+BHWFgaKEo/2Cat8PA1C6 3aMjYa09uwCGrabpzRkfgNuRUTqcoH7/QYGI12wSptCFjrDF4tma/cr2h9dM0pdJQpDb 1W3igD8IwXUE6DZZuZ4jvKcLNvu6Uo4AXEzubg4JokEppIxjeCbp7l6EGwoQNY6ob0RZ J4golT/zsBg+0xtfkdP4rV+EOfm0Tepg5IQkWkKTewDh0jP6QtOFZAU7+5aWbvBx9GOO d92UfBBWruDGhjIN/bAKsCkimxrFgi/U1gMgQFOpupN1lJVgdewQ6vvRtZvq3EmsDpcN E0+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=0uGEKSITxQrWpa/yaW47k8Ta9BvFQRSsB43CPM3U2pE=; b=UwBaV2PnekeXDhRheVAP2oi8q+FCte+k1M/PzGXRCWmQNoeRG4GnQgrTCI2hmcBdHC v5uXxWUa4/1EXKp84etirEttxfz+H6tIJg/LCIDWetiVZkXrSO2xt5X0rkUYDkkPPW36 DgxXjMbJx4lTt5CoH153B4X/aYbZyltiCphmgJsYlsG3W6y9+izqCpb1zY1n7zpNhy45 Jb3ak2RTB1PkFHXP51IPMZHdz9uRgUKBoZxY2aYHpV66HB1cFCg0x9tw5ztMWXRsxYcd SVi0IQIQUKPVnVlpsOoQMqvBh9+TQJBTANqNYwbMNT4UrN0Pxm3FXJe4Utw5cwp2G5sc inYQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=UUQLxIao; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id eb8si8011666edb.481.2022.02.07.01.55.01; Mon, 07 Feb 2022 01:55:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=UUQLxIao; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377311AbiBDSBB (ORCPT + 99 others); Fri, 4 Feb 2022 13:01:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377297AbiBDSA7 (ORCPT ); Fri, 4 Feb 2022 13:00:59 -0500 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9F433C061714; Fri, 4 Feb 2022 10:00:59 -0800 (PST) Received: from zn.tnic (dslb-088-067-221-104.088.067.pools.vodafone-ip.de [88.67.221.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 15E151EC063A; Fri, 4 Feb 2022 19:00:54 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1643997654; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=0uGEKSITxQrWpa/yaW47k8Ta9BvFQRSsB43CPM3U2pE=; b=UUQLxIaoMf/nwCi4J8rxMOVbaUu6wbdcXn3eagaWD3Td7lbAn/YW7n2TUL1Zie3G6r13QM v3jTcAXxJfJefnQxi6sIWf5jmADHjUhQUZu5FdVbGqcDnLvwo+RLpOLKFiY5ddE/s7dcj3 md+zSSsXkFUV0mIYljXLuJxw24gsCp8= Date: Fri, 4 Feb 2022 19:00:49 +0100 From: Borislav Petkov To: Tom Lendacky Cc: "Limonciello, Mario" , Martin Fernandez , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-mm@kvack.org, tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, ardb@kernel.org, dvhart@infradead.org, andy@infradead.org, gregkh@linuxfoundation.org, rafael@kernel.org, rppt@kernel.org, akpm@linux-foundation.org, daniel.gutson@eclypsium.com, hughsient@gmail.com, alex.bazhaniuk@eclypsium.com, alison.schofield@intel.com, keescook@chromium.org Subject: Re: [PATCH v6 6/6] drivers/node: Show in sysfs node's crypto capabilities Message-ID: References: <20220203164328.203629-1-martin.fernandez@eclypsium.com> <20220203164328.203629-7-martin.fernandez@eclypsium.com> <67d2711b-200c-0894-4ff7-beb3eb304399@amd.com> <5c5ffe29-d3d3-2955-cf78-ad275110f012@amd.com> <5ee34cad-8daf-6282-f2ed-cbc92a89d013@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <5ee34cad-8daf-6282-f2ed-cbc92a89d013@amd.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 04, 2022 at 11:12:04AM -0600, Tom Lendacky wrote: > https://elixir.bootlin.com/linux/latest/source/arch/x86/kernel/process.c#L761 For those who won't open a browser just to see what he means :), that's this snippet: void stop_this_cpu(void *dummy): /* * Use wbinvd on processors that support SME. This provides support * for performing a successful kexec when going from SME inactive * to SME active (or vice-versa). The cache must be cleared so that * if there are entries with the same physical address, both with and * without the encryption bit, they don't race each other when flushed * and potentially end up with the wrong entry being committed to * memory. */ if (boot_cpu_has(X86_FEATURE_SME)) native_wbinvd(); Well, we do clear our *representation* of CPUID flags for other features - see output of $ git grep -E "(setup_)?clear_cpu_cap" for examples. We do that for SME even: early_detect_mem_encrypt(). Which means, since this needs to be "processors that support SME", this line should change to: /* ... test the CPUID bit directly because the machine might've cleared * X86_FEATURE_SME due to cmdline options. */ if (cpuid_eax(0x8000001f) & BIT(0)) native_wbinvd(); I'd say... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette