Received: by 2002:ac0:e34a:0:0:0:0:0 with SMTP id g10csp512244imn; Tue, 26 Jul 2022 01:53:38 -0700 (PDT) X-Google-Smtp-Source: AGRyM1unP5/7g3ZyR+nboQJETfrrHCfB0MC79z3JPes1h0jNwztkVZUTtnXhLAptUzHrT3n9Kp63 X-Received: by 2002:a05:6402:42cb:b0:43b:e8eb:cbc1 with SMTP id i11-20020a05640242cb00b0043be8ebcbc1mr12026075edc.414.1658825618024; Tue, 26 Jul 2022 01:53:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658825618; cv=none; d=google.com; s=arc-20160816; b=nJFt2zLEpIJQCWGl3HGLBg+8mu9V2c1mPLvWdZ57lBF99kyz9nKyOIk5vI3Jwr7sSH sv3QJMcYXWfUfsiIX1e/mH/+d9fZ7uDssUIgMR1ASimE2KzNAlZkHV970CLN0vEb/Sii 26JLBvzBbtZDtnEqMYaIplcWVaHqKxQr9C1JBqdhpiHthdPv0SDzYda5nMiaOYN+jr+w /fWi+ArqoYU1u0T5ZhSgLnO5je5YBqymHIVT6GhS7VF6xy3MukELgoBWULyN6PcXyBu1 /Xa7WYtCu2wWh/jYTjX7XoLZpA47siXs02Das3o0ZUaLPzXINKczqOckpVLd6m7GISc2 QsWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=bbGGwlLz+4u+Zu8n20tu0HQUB8+NXWLykgI1BXt6grw=; b=QH5kb1b8j5fb/M4RVFRriNrS25LCGA4I8SwuU1DbtvIyCYz+wrDi0GcMXhpsv+a3Yd EU8gLSNxa+Dy7f238vsIRe8tRS9DxbswB7dg6a41cNK0DsF0hnOYLHdHkubPJKlbUOAr 2ng3WTi5Ctr4pPGLWZnBaJgPcdX/zMQgK0bMtgnFMQMPykp4F12Bb3P+4R8g8CDQXmR+ ijXEohNn6xP+GuxYnlRywjv07RzTbkQEHsbuRNVW2ec/REcqNUm828v+B+A+PfUfhVsk 39rBkDLXMegn3JLCzF5g4Bf+QIxFeK53jw6KJMcWhR2JjfTLlCLno+QTWwTaB6uc+cAt l+Nw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=rju7UCtG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id en11-20020a056402528b00b0043c7df15c19si495499edb.554.2022.07.26.01.53.08; Tue, 26 Jul 2022 01:53:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=rju7UCtG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238508AbiGZIf0 (ORCPT + 99 others); Tue, 26 Jul 2022 04:35:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51068 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238597AbiGZIfS (ORCPT ); Tue, 26 Jul 2022 04:35:18 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8885D63A9; Tue, 26 Jul 2022 01:35:14 -0700 (PDT) Received: from zn.tnic (p200300ea970f4ff2329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:970f:4ff2:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 283591EC0742; Tue, 26 Jul 2022 10:35:09 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1658824509; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bbGGwlLz+4u+Zu8n20tu0HQUB8+NXWLykgI1BXt6grw=; b=rju7UCtGhWP7yXchLevSbfjGlUD2yJqzHeO1sy6CAn17oz9P/fyddj8BSC7XSH4kqa2V6n BhButB0IIgBHJkMm4uUND4GmR2jkmZR4bRSCrUHPEKVQzVia1BJNiX6Riw3JLr710WWG8O CjPORjcdEVdRUNKGCJRFaoJcLSwjJFQ= Date: Tue, 26 Jul 2022 10:35:05 +0200 From: Borislav Petkov To: "Kirill A. Shutemov" Cc: Andy Lutomirski , Sean Christopherson , Andrew Morton , Joerg Roedel , Ard Biesheuvel , Andi Kleen , Kuppuswamy Sathyanarayanan , David Rientjes , Vlastimil Babka , Tom Lendacky , Thomas Gleixner , Peter Zijlstra , Paolo Bonzini , Ingo Molnar , Varad Gautam , Dario Faggioli , Dave Hansen , Mike Rapoport , David Hildenbrand , marcelo.cerri@canonical.com, tim.gardner@canonical.com, khalid.elmously@canonical.com, philip.cox@canonical.com, x86@kernel.org, linux-mm@kvack.org, linux-coco@lists.linux.dev, linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCHv7 06/14] efi/x86: Implement support for unaccepted memory Message-ID: References: <20220614120231.48165-1-kirill.shutemov@linux.intel.com> <20220614120231.48165-7-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20220614120231.48165-7-kirill.shutemov@linux.intel.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 14, 2022 at 03:02:23PM +0300, Kirill A. Shutemov wrote: > diff --git a/drivers/firmware/efi/Kconfig b/drivers/firmware/efi/Kconfig > index 7aa4717cdcac..e1270beff4dc 100644 > --- a/drivers/firmware/efi/Kconfig > +++ b/drivers/firmware/efi/Kconfig > @@ -305,6 +305,20 @@ config EFI_COCO_SECRET > virt/coco/efi_secret module to access the secrets, which in turn > allows userspace programs to access the injected secrets. > > +config UNACCEPTED_MEMORY > + bool > + depends on EFI_STUB > + help > + Some Virtual Machine platforms, such as Intel TDX, require > + some memory to be "accepted" by the guest before it can be used. > + This mechanism helps prevent malicious hosts from making changes > + to guest memory. > + > + UEFI specification v2.9 introduced EFI_UNACCEPTED_MEMORY memory type. > + > + This option adds support for unaccepted memory and makes such memory > + usable by the kernel. > + This looks weird: $ grep EFI_STUB .config CONFIG_EFI_STUB=y $ grep UNACCEPTED_MEMORY .config $ So the bool needs to have a text string after it so that it is selectable or how is UNACCEPTED_MEMORY supposed to be enabled otherwise? If I add the string and select UNACCEPTED_MEMORY, it won't build: mm/page_alloc.c: In function ‘accept_page’: mm/page_alloc.c:1013:9: error: implicit declaration of function ‘accept_memory’ [-Werror=implicit-function-declaration] 1013 | accept_memory(start, start + (PAGE_SIZE << order)); | ^~~~~~~~~~~~~ mm/page_alloc.c: In function ‘page_contains_unaccepted’: mm/page_alloc.c:1029:16: error: implicit declaration of function ‘range_contains_unaccepted_memory’; did you mean ‘page_contains_unaccepted’? [-Werror=implicit-function-declaration] 1029 | return range_contains_unaccepted_memory(start, end); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | page_contains_unaccepted mm/memblock.c: In function ‘memblock_alloc_range_nid’: mm/memblock.c:1415:9: error: implicit declaration of function ‘accept_memory’ [-Werror=implicit-function-declaration] 1415 | accept_memory(found, found + size); | ^~~~~~~~~~~~~ cc1: some warnings being treated as errors make[1]: *** [scripts/Makefile.build:249: mm/memblock.o] Error 1 make[1]: *** Waiting for unfinished jobs.... cc1: some warnings being treated as errors make[1]: *** [scripts/Makefile.build:249: mm/page_alloc.o] Error 1 make: *** [Makefile:1843: mm] Error 2 make: *** Waiting for unfinished jobs.... so this is weird. > diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c > index 504955368934..b91c89100b2d 100644 > --- a/drivers/firmware/efi/libstub/x86-stub.c > +++ b/drivers/firmware/efi/libstub/x86-stub.c > @@ -15,6 +15,7 @@ > #include > #include > #include > +#include > > #include "efistub.h" > > @@ -607,6 +608,17 @@ setup_e820(struct boot_params *params, struct setup_data *e820ext, u32 e820ext_s > e820_type = E820_TYPE_PMEM; > break; > > + case EFI_UNACCEPTED_MEMORY: > + if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY)) { > + efi_warn_once("The system has unaccepted memory," > + " but kernel does not support it\n"); > + efi_warn_once("Consider enabling CONFIG_UNACCEPTED_MEMORY\n"); > + continue; > + } So that it can be grepped for: diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index b91c89100b2d..8be6b675e08e 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -610,9 +610,8 @@ setup_e820(struct boot_params *params, struct setup_data *e820ext, u32 e820ext_s case EFI_UNACCEPTED_MEMORY: if (!IS_ENABLED(CONFIG_UNACCEPTED_MEMORY)) { - efi_warn_once("The system has unaccepted memory," - " but kernel does not support it\n"); - efi_warn_once("Consider enabling CONFIG_UNACCEPTED_MEMORY\n"); + efi_warn_once( +"The system has unaccepted memory, but kernel does not support it.\nConsider enabling CONFIG_UNACCEPTED_MEMORY\n"); continue; } e820_type = E820_TYPE_RAM; Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette