Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp3661610iog;
        Tue, 21 Jun 2022 03:25:16 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1tERlFxYvRxVBMfjRiAiqwGU4BZcaN5wx4SWfszu36ISLkcyIFaYjY1xeTthujnQRlHh8dT
X-Received: by 2002:a63:441f:0:b0:3fc:8bd2:f828 with SMTP id r31-20020a63441f000000b003fc8bd2f828mr25185184pga.579.1655807116539;
        Tue, 21 Jun 2022 03:25:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1655807116; cv=none;
        d=google.com; s=arc-20160816;
        b=btsnntdQCoHy6PMVtQAA6+AyJRKT66SjmJLXCPsAL4Yab6spWPy+Wnw6SAT2uaCKZt
         r+XUsQRJfVNDbad7qm7vSs7AbtpS3vGMZ2Iya2RTXwVPbAPBeXfTPB/lZ5YXEwNpRSkL
         kFqAeHI2elCw5hOEYdrMyvKFoJmuAu98ipiM6PFuetNEYXYAHEe2s8Kd0TztqQEwXl6c
         OAAuGbQQX/VfhgAFPB1uN2RJ8zrGqbaCVrZRX8ViHxuJjop348zNH8OI+Q+HX8xR9PsN
         /1DTdgoSjEYwekEZvjgxbhfqNgh331qgbcjncUnMCKiTZIOEbKA185RxlZkDBXSxlC3c
         OQ/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=nFKOWnxfMAvpfuR5nZvfo/PJZQyBNJd8pSCg3peeMzU=;
        b=nko/4g+LV1izh4O33Ov3BbazT/PkOsUn8M+TmqL/BCjdd+ydBHmvPPE2MvQ0PO/upk
         2R8cLUTP+HPlW+IaFkjhgqCPue1CwmkN1ErjLJnUIchJo8Cu6tYxJTb5DKaRTBq1BHw4
         tNv867vCmMN4DMUBwgIlAlibwAEZrbCgK56DQoVG/6D1pe7R49sjQgxa783YyDYOcijb
         ZmZ8xpX5GREhKehmcEm2dKB0VsW3lw3eUw/Mq2kkOgmU3FzR5p3h59g4INttOxlGGyT7
         q6a6T/zL8lX94N8DRrk4zWKUcUdvkMK7dueVTzpxzVd3ocRUKVlQRCObOAMNXd35LfEQ
         RiUA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=PS1CvUmf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id l9-20020a056a0016c900b005228c3285f6si22844894pfc.168.2022.06.21.03.25.02;
        Tue, 21 Jun 2022 03:25:16 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=PS1CvUmf;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1348285AbiFUKW2 (ORCPT <rfc822;airlied@gmail.com> + 99 others);
        Tue, 21 Jun 2022 06:22:28 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55012 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229497AbiFUKWZ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 21 Jun 2022 06:22:25 -0400
Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D38242899F;
        Tue, 21 Jun 2022 03:22:22 -0700 (PDT)
Received: by mail-wr1-x42c.google.com with SMTP id g4so18206620wrh.11;
        Tue, 21 Jun 2022 03:22:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=nFKOWnxfMAvpfuR5nZvfo/PJZQyBNJd8pSCg3peeMzU=;
        b=PS1CvUmfj+YgU/b5s3RHKMSGeq25FnBJ908QsNFw9En7udzmO5KWpI87Fxrz7cBCP2
         M2b9eOiapgceBX3JBUOGXwsuO368zVhC/SL8YP/Op3i6NFfG1zDNg/KwAHfdkbJmI2lb
         O+ogXD9IU1W5rytIxgWHMlX/2SofhA841OyaEHNBnT2edKBa9lD5y45EXkzgmoOu7YYQ
         PvBlHX+7wd63wZAmEW021ZnD8kGY2023HmEU9Yr4wF58bJsOGCCw+v7sV8JCZWq1y6WD
         5VT3LCPDRZ1Np+Dy8RyNwiTdDogQ+c7VvDkGUrqtUuJEwv1zdV3FmofzDfOUD9BUnNNX
         7K7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=nFKOWnxfMAvpfuR5nZvfo/PJZQyBNJd8pSCg3peeMzU=;
        b=NFuh6s89PwucEuKCVjuhWx06tW8JJ+On9dQxo0l433T1jQsZgC4uWWKYwITxf1ZXzl
         ETX85mualIgunL6Udk+DOE4I279YbpiCeI8H6AeefWo48WNmwgacFZbY4erp1gy1XkzK
         t81XfoHzTQ5+qJPwuXhMrr8y5uytXJmH1J3kj6GTAZlS/9LpdXhk/Y8rMur+yQJVj5Fh
         P3c7e816JBRC9JgGa3AcCq3I08fyytOl5rJVfs0jIoUfr5UQfHTSEmKqWycryqRSvFIm
         YPLbe2CkFjoV7L3F9LveS6vsIPY7BYZpqLPNC5si7+acaqj8VELwApkTt9D6oh7OWgqF
         CTJA==
X-Gm-Message-State: AJIora8cVlaD80yc6Dmgf7vtLeHqMe8hVbT4k7NoKK4tXnjbR4TG4tel
        Q07Mm2ueGAo7Frifqgho1DDa2SOZnNX9phZJSZFasHaLgig=
X-Received: by 2002:adf:e0c3:0:b0:21a:39f3:e6f6 with SMTP id
 m3-20020adfe0c3000000b0021a39f3e6f6mr23433295wri.98.1655806941204; Tue, 21
 Jun 2022 03:22:21 -0700 (PDT)
MIME-Version: 1.0
References: <CAMZm_C=o-rc4a+u_8-pFJtmL_2drwczASMRTqszamrks5Zm_OA@mail.gmail.com>
 <CAG48ez2PVMs-CeLoZtvPq2EeQqOg05mm3AuvEE_pr9Sog0O5og@mail.gmail.com>
 <CAMZm_CmW7pHwfEfCQfXRJPiHOjeGviQunfwxY_1ejrihKab5rA@mail.gmail.com> <CAG48ez2OcfTQ4SRbY89uHDJG6QujSfChaO4B3=zgGpj=9J8bdA@mail.gmail.com>
In-Reply-To: <CAG48ez2OcfTQ4SRbY89uHDJG6QujSfChaO4B3=zgGpj=9J8bdA@mail.gmail.com>
From:   Federico Di Pierro <nierro92@gmail.com>
Date:   Tue, 21 Jun 2022 12:22:10 +0200
Message-ID: <CAMZm_C=5sNVxB6vE83zcrhv+b0JhYT9hL8i4o_6rwRuwm_ggVg@mail.gmail.com>
Subject: Re: pgprot_encrypted macro is broken
To:     Jann Horn <jannh@google.com>
Cc:     Linux API <linux-api@vger.kernel.org>,
        kernel list <linux-kernel@vger.kernel.org>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        "the arch/x86 maintainers" <x86@kernel.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT,
        FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi!

Thank you very much for your hints and for your time!
I solved the issue and I agree that we should not have used that macro
in the first place.

Again, thank you very much for your help,
Regards
Federico

Il giorno lun 20 giu 2022 alle ore 13:32 Jann Horn <jannh@google.com>
ha scritto:
>
> On Mon, Jun 20, 2022 at 9:39 AM Federico Di Pierro <nierro92@gmail.com> wrote:
> > > Why does your driver need to use that macro? pgprot_encrypted() is
> > > mostly only directly used by core kernel code, not by drivers... and
> > > if memory encryption is enabled, almost all memory mappings created by
> > > the kernel should be marked as encrypted automatically.
> >
> > This is interesting; i don't really know the history behind our piece
> > of code; as far as i understand,
> > we have a shared ring buffer with userspace, onto which we push tracing events,
> > and we must mark it as encrypted when
> > the kmod runs on an AMD SME enabled kernel to allow userspace to grab sane data.
> >
> > This is the commit that introduced the change (if you wish to give it a look):
> > https://github.com/falcosecurity/libs/commit/0333501cf429c045c61aaf5909812156f090786e
> >
> > Do you see any workaround not involving `pgprot_encrypted` ?
>
> If you do have to use remap_pfn_range() to map normal kernel memory,
> then you might want to use vma->vm_page_prot instead, like a few other
> places in the kernel do.
>
> (Alternatively you might want to use remap_vmalloc_range() to map
> vmalloc pages into userspace, but note that that has very different
> semantics - I believe that installs a normal page reference rather
> than a raw PFN reference, so that would permit get_user_pages() calls
> on the range.)