Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp53900rwd; Fri, 26 May 2023 14:53:48 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7DJI5Pw7ovByIaLp0whDP5hrmFPVjl47hrz50hjf905Xt3Q0XzAeBlNW6Bozq6H0JhNCMi X-Received: by 2002:a05:6a00:1883:b0:64a:f8c9:a42c with SMTP id x3-20020a056a00188300b0064af8c9a42cmr5915219pfh.18.1685138028251; Fri, 26 May 2023 14:53:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685138028; cv=none; d=google.com; s=arc-20160816; b=akfd9MLdF9mbQBJw4q6yEsYJ6+85G5xACf+g1uW6or2KgaRGulwJXb7W/zq9A6EUl0 aBoQ3v/blUL60+zYUzPn7rXL3T7HwnNsZlk3wUjXutqv//oCgvbWgmxJPnFsiBh5juaQ zL7XXLNpSivLj+rblH91Cl7h4t5qKHg3TJGNCUGMpCyngnzLfdsviXSU+dXaR0/5H912 V65xBeeEzQUm3S74TYC0p2l/JYZQFoEM/oM3dvLwiiJFipNh31flA03VLSbsjGheqOyn EQJreTNZiRq7XI/2CmQKdUW/Z/QbPxSdqBFfEyYeLikh17yeiurz/jSD4N1zRy45awW8 wP8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=b+ftow5zfHn6F8ThY7LJkpEp3vw5ipioux+v0B+Ynfk=; b=L9g07AQZ/awxqG0mOoScRWahkhbDr7A8d9VBhF5GwixzEv6LdEW6opQVRusLT0/wo4 MGhihyLo7/YgnrDXDqA1XmV44LvqHjm6t2/M8wrTpcc8G1vOaRgcHMpphcfnqRm+FpV4 vlZfV3CspL1DSYx4O13b9j9D3ndgKSj1xejHHFh8C7LHnxnc5ucIRufjWec/uZGxi8fP BHBqIz10psnl3UZISNHI65jrYOe0UQyvtyo0lCs8hqbXBUZYVxH4c6PQHEBnsn6F+WQP 9ofItZEB0J6S4Is/LGZNYCESF1Nd0uw3XiwfGz8qhxN4w1hiQCOmYCY3sH1i3xAaklZ9 +I7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="B2sgH/O2"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p22-20020a637416000000b0053eef42c759si3327280pgc.851.2023.05.26.14.53.34; Fri, 26 May 2023 14:53:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="B2sgH/O2"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243395AbjEZVub (ORCPT + 99 others); Fri, 26 May 2023 17:50:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45954 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236842AbjEZVu3 (ORCPT ); Fri, 26 May 2023 17:50:29 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E415FF7; Fri, 26 May 2023 14:50:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685137828; x=1716673828; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=VfEhsdKfsdRHsXF4n5Ad6c1ZfAY94T+oTXwCQNRuezI=; b=B2sgH/O2VuWvgVCpnayAWN+VcOkMh8YqN6rLiqp7WxQ86C2Ybfz82lC6 YBofYT9+IQiOn9wg6r4MZw7t89P3daxHNqBJykc52YQxG0zvcDdcbkBL/ Q+ftH4UZ+5DNwdw5+Whcbwa6EJqsTFX/Wp7vqDSw9ytZEw8L3IrBEUUMl 2QcVsdV3YutqI5/givOQtHvmIgYK8iKg53n30o485hJ76tEzbdBMJNdpK TsstSPn2lgQSRWeF7RZuQJWwsdjF1cLusTJdQ/l1DpC/6rPNTkq6VZ63K h9UG2FV+8MiGa43iAhjr2xLX1wWhXPULH2LpUsZbh9tdWQh9r7Et009Ti g==; X-IronPort-AV: E=McAfee;i="6600,9927,10722"; a="440669248" X-IronPort-AV: E=Sophos;i="6.00,195,1681196400"; d="scan'208";a="440669248" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 May 2023 14:50:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10722"; a="879673483" X-IronPort-AV: E=Sophos;i="6.00,195,1681196400"; d="scan'208";a="879673483" Received: from svepakom-mobl1.amr.corp.intel.com (HELO [10.252.139.203]) ([10.252.139.203]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 May 2023 14:50:27 -0700 Message-ID: Date: Fri, 26 May 2023 14:50:27 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0 Thunderbird/102.11.0 Subject: Re: [PATCHv2 1/3] x86/mm: Allow guest.enc_status_change_prepare() to fail To: "Kirill A. Shutemov" , dave.hansen@intel.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de Cc: decui@microsoft.com, rick.p.edgecombe@intel.com, seanjc@google.com, thomas.lendacky@amd.com, x86@kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org References: <20230526120225.31936-1-kirill.shutemov@linux.intel.com> <20230526120225.31936-2-kirill.shutemov@linux.intel.com> Content-Language: en-US From: Sathyanarayanan Kuppuswamy In-Reply-To: <20230526120225.31936-2-kirill.shutemov@linux.intel.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/26/23 5:02 AM, Kirill A. Shutemov wrote: > TDX code is going to provide guest.enc_status_change_prepare() that is > able to fail. TDX will use the call to convert the GPA range from shared > to private. This operation can fail. > > Add a way to return an error from the callback. > > Signed-off-by: Kirill A. Shutemov > Cc: stable@vger.kernel.org > --- Looks good to me. Reviewed-by: Kuppuswamy Sathyanarayanan > arch/x86/include/asm/x86_init.h | 2 +- > arch/x86/kernel/x86_init.c | 2 +- > arch/x86/mm/mem_encrypt_amd.c | 4 +++- > arch/x86/mm/pat/set_memory.c | 3 ++- > 4 files changed, 7 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h > index 88085f369ff6..1ca9701917c5 100644 > --- a/arch/x86/include/asm/x86_init.h > +++ b/arch/x86/include/asm/x86_init.h > @@ -150,7 +150,7 @@ struct x86_init_acpi { > * @enc_cache_flush_required Returns true if a cache flush is needed before changing page encryption status > */ > struct x86_guest { > - void (*enc_status_change_prepare)(unsigned long vaddr, int npages, bool enc); > + bool (*enc_status_change_prepare)(unsigned long vaddr, int npages, bool enc); > bool (*enc_status_change_finish)(unsigned long vaddr, int npages, bool enc); > bool (*enc_tlb_flush_required)(bool enc); > bool (*enc_cache_flush_required)(void); > diff --git a/arch/x86/kernel/x86_init.c b/arch/x86/kernel/x86_init.c > index d82f4fa2f1bf..f230d4d7d8eb 100644 > --- a/arch/x86/kernel/x86_init.c > +++ b/arch/x86/kernel/x86_init.c > @@ -130,7 +130,7 @@ struct x86_cpuinit_ops x86_cpuinit = { > > static void default_nmi_init(void) { }; > > -static void enc_status_change_prepare_noop(unsigned long vaddr, int npages, bool enc) { } > +static bool enc_status_change_prepare_noop(unsigned long vaddr, int npages, bool enc) { return true; } > static bool enc_status_change_finish_noop(unsigned long vaddr, int npages, bool enc) { return false; } > static bool enc_tlb_flush_required_noop(bool enc) { return false; } > static bool enc_cache_flush_required_noop(void) { return false; } > diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c > index e0b51c09109f..4f95c449a406 100644 > --- a/arch/x86/mm/mem_encrypt_amd.c > +++ b/arch/x86/mm/mem_encrypt_amd.c > @@ -319,7 +319,7 @@ static void enc_dec_hypercall(unsigned long vaddr, int npages, bool enc) > #endif > } > > -static void amd_enc_status_change_prepare(unsigned long vaddr, int npages, bool enc) > +static bool amd_enc_status_change_prepare(unsigned long vaddr, int npages, bool enc) > { > /* > * To maintain the security guarantees of SEV-SNP guests, make sure > @@ -327,6 +327,8 @@ static void amd_enc_status_change_prepare(unsigned long vaddr, int npages, bool > */ > if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP) && !enc) > snp_set_memory_shared(vaddr, npages); > + > + return true; > }> > /* Return true unconditionally: return value doesn't matter for the SEV side */ > diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c > index 7159cf787613..b8f48ebe753c 100644 > --- a/arch/x86/mm/pat/set_memory.c > +++ b/arch/x86/mm/pat/set_memory.c > @@ -2151,7 +2151,8 @@ static int __set_memory_enc_pgtable(unsigned long addr, int numpages, bool enc) > cpa_flush(&cpa, x86_platform.guest.enc_cache_flush_required()); > > /* Notify hypervisor that we are about to set/clr encryption attribute. */ > - x86_platform.guest.enc_status_change_prepare(addr, numpages, enc); > + if (!x86_platform.guest.enc_status_change_prepare(addr, numpages, enc)) > + return -EIO; > > ret = __change_page_attr_set_clr(&cpa, 1); > -- Sathyanarayanan Kuppuswamy Linux Kernel Developer