Received: by 2002:a05:6602:18e:0:0:0:0 with SMTP id m14csp2676233ioo; Tue, 24 May 2022 03:30:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzL2A5nybFLO2Z5sfdu6num33sIZYnBgmY7oQ0hUKh7mzD2p8xab0nsCDehwiS4a3YIfC8j X-Received: by 2002:a17:906:cb97:b0:6fe:ec71:a49 with SMTP id mf23-20020a170906cb9700b006feec710a49mr7769608ejb.540.1653388256333; Tue, 24 May 2022 03:30:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1653388256; cv=none; d=google.com; s=arc-20160816; b=dsbV2QB//tJ06k7oTVXdSOJcaXVmmbcx2Hfz2bNrY1wsVKwnOMnDOFoEbaZuRhU9jR ndfu8OCC8KCyB6NuYE4GfqnZRt2W1lvxyCqd++u7yrYyGMyQ8eyotvItgbCv/onZ6S1l U3G1C3NwJCV6gVeI6o5mjt5qkSGIYxw5M+gOk9+aHLqX9V5GmyUJk1p2ZSd46RRD7q7n qNy+B4oDMrGQ5MMRaM8v5wxXGiVvR+vN1Qx7BQ9YCa5ftxGi1avltuGDSVunvmtKZ+Lr iyQWdrLGtYDUXkA5sh1Iou99mmuvO/sCjMx8K4ku+18zVytXSw+Jo3nj6U6UKpSu4SRC 0ARg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=9l74Icuv8TFkFu+n1bmX0/rZCpknXTFpjQhRyO2FTck=; b=IR2IkQXb/6mFTAXJMe/W9odcTXdQVgKF4b4LAXuEvpvuuxI7FAT8ivMvvv323/Rfyx +I4adn4oYVSXyVIoeIfvoq8qsYLCvokd8jn/OYE1oaMytsUVuWD7UJRz/8WIub1CWk+q EophdD9mVq6KnfPsPr7ZEQXGXm8pM1+ZvRFVl5GsSPbpNfwbredCoJZorUTm7UdL1+rI IVgtx6JuwENJVW0em+7ZR07lwvZ37XttyXjgt0rIa9mZkEd9s/Ra7TIAuQHy5sKbD/5r RYdLtTO+jgjweYWnmYlQa1B+7zpG8M9sY2LkNCHHsCrAyQPoD4KVHSLTGPKjC704rogw cvbA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=P7tp1yOP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hc6-20020a170907168600b006feb3d65323si13522319ejc.726.2022.05.24.03.30.30; Tue, 24 May 2022 03:30:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=P7tp1yOP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233925AbiEXEF7 (ORCPT + 99 others); Tue, 24 May 2022 00:05:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47228 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229462AbiEXEF6 (ORCPT ); Tue, 24 May 2022 00:05:58 -0400 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 320E08FF80 for ; Mon, 23 May 2022 21:05:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653365157; x=1684901157; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5A7dT1L6ZJt8z9kOLisNXrC0kDqefQt3kFNjxh+z7CQ=; b=P7tp1yOPSCYAK+DYu5Ub2e/maPqv0bMb1SjvnxBK2EI0kzje3cJnshnW c7rB7u8rW4pFNFDR1NeYz45B8RYEZ8AH8YjSZj157w3grhpSBui9i1dWz pnI2cq/jmsCK8XaU+sT9h5DXTDGTHGNRT2CRTp9N9IFMyp0eBMUcK/hU9 St81CVC1Dqz4rw2l5Dct6IcuFAZ8PIchLNC9DleseKksj2uJi9pDA6eYX B88TgagXBw4HaA/zo86/sk2gPhG+oK4pGJCuZ/cZxjcoCq9ZdxIg0cXIx hh/0WXibeQ7X59kybOS+oe/nwl9g8K9fRCSz+8mDQbYcxRM/OaBdOoa5f A==; X-IronPort-AV: E=McAfee;i="6400,9594,10356"; a="336479189" X-IronPort-AV: E=Sophos;i="5.91,248,1647327600"; d="scan'208";a="336479189" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 May 2022 21:05:56 -0700 X-IronPort-AV: E=Sophos;i="5.91,248,1647327600"; d="scan'208";a="526242043" Received: from jwosulli-mobl1.ger.corp.intel.com (HELO skuppusw-desk1.home) ([10.212.165.122]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 May 2022 21:05:56 -0700 From: Kuppuswamy Sathyanarayanan To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org Cc: "H . Peter Anvin" , Kuppuswamy Sathyanarayanan , "Kirill A . Shutemov" , Tony Luck , Andi Kleen , Kai Huang , Wander Lairson Costa , Isaku Yamahata , marcelo.cerri@canonical.com, tim.gardner@canonical.com, khalid.elmously@canonical.com, philip.cox@canonical.com, linux-kernel@vger.kernel.org Subject: [PATCH v7 4/5] x86/mm: Add noalias variants of set_memory_*crypted() functions Date: Mon, 23 May 2022 21:05:16 -0700 Message-Id: <20220524040517.703581-5-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220524040517.703581-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20220524040517.703581-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-5.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org set_memory_*crypted() functions are used to modify the "shared" page attribute of the given memory. Using these APIs will modify the page attributes of the aliased mappings (which also includes the direct mapping). But such aliased mappings modification is not desirable in use cases like TDX guest, where the requirement is to create the shared mapping without touching the direct map. It is used when allocating VMM shared buffers using alloc_pages()/vmap()/set_memory_*crypted() API combinations. So to support such use cases, add support for noalias variants of set_memory_*crypted() functions. Signed-off-by: Kuppuswamy Sathyanarayanan --- arch/x86/include/asm/set_memory.h | 2 ++ arch/x86/mm/pat/set_memory.c | 26 ++++++++++++++++++++------ 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/set_memory.h b/arch/x86/include/asm/set_memory.h index 78ca53512486..0e5fc2b818be 100644 --- a/arch/x86/include/asm/set_memory.h +++ b/arch/x86/include/asm/set_memory.h @@ -46,7 +46,9 @@ int set_memory_wb(unsigned long addr, int numpages); int set_memory_np(unsigned long addr, int numpages); int set_memory_4k(unsigned long addr, int numpages); int set_memory_encrypted(unsigned long addr, int numpages); +int set_memory_encrypted_noalias(unsigned long addr, int numpages); int set_memory_decrypted(unsigned long addr, int numpages); +int set_memory_decrypted_noalias(unsigned long addr, int numpages); int set_memory_np_noalias(unsigned long addr, int numpages); int set_memory_nonglobal(unsigned long addr, int numpages); int set_memory_global(unsigned long addr, int numpages); diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index 0656db33574d..4475f6e3bebb 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -1976,7 +1976,8 @@ int set_memory_global(unsigned long addr, int numpages) * __set_memory_enc_pgtable() is used for the hypervisors that get * informed about "encryption" status via page tables. */ -static int __set_memory_enc_pgtable(unsigned long addr, int numpages, bool enc) +static int __set_memory_enc_pgtable(unsigned long addr, int numpages, + bool enc, int checkalias) { pgprot_t empty = __pgprot(0); struct cpa_data cpa; @@ -2004,7 +2005,7 @@ static int __set_memory_enc_pgtable(unsigned long addr, int numpages, bool enc) /* Notify hypervisor that we are about to set/clr encryption attribute. */ x86_platform.guest.enc_status_change_prepare(addr, numpages, enc); - ret = __change_page_attr_set_clr(&cpa, 1); + ret = __change_page_attr_set_clr(&cpa, checkalias); /* * After changing the encryption attribute, we need to flush TLBs again @@ -2024,29 +2025,42 @@ static int __set_memory_enc_pgtable(unsigned long addr, int numpages, bool enc) return ret; } -static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) +static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc, + int checkalias) { if (hv_is_isolation_supported()) return hv_set_mem_host_visibility(addr, numpages, !enc); if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) - return __set_memory_enc_pgtable(addr, numpages, enc); + return __set_memory_enc_pgtable(addr, numpages, enc, checkalias); return 0; } int set_memory_encrypted(unsigned long addr, int numpages) { - return __set_memory_enc_dec(addr, numpages, true); + return __set_memory_enc_dec(addr, numpages, true, 1); } EXPORT_SYMBOL_GPL(set_memory_encrypted); int set_memory_decrypted(unsigned long addr, int numpages) { - return __set_memory_enc_dec(addr, numpages, false); + return __set_memory_enc_dec(addr, numpages, false, 1); } EXPORT_SYMBOL_GPL(set_memory_decrypted); +int set_memory_encrypted_noalias(unsigned long addr, int numpages) +{ + return __set_memory_enc_dec(addr, numpages, true, 0); +} +EXPORT_SYMBOL_GPL(set_memory_encrypted_noalias); + +int set_memory_decrypted_noalias(unsigned long addr, int numpages) +{ + return __set_memory_enc_dec(addr, numpages, false, 0); +} +EXPORT_SYMBOL_GPL(set_memory_decrypted_noalias); + int set_pages_uc(struct page *page, int numpages) { unsigned long addr = (unsigned long)page_address(page); -- 2.25.1