Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp583934lqd; Wed, 24 Apr 2024 10:38:05 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCURx9PSSYd+aZvsBCD3ksb9XkwqphfHvcV1nGVO72YpgjepzqGvSwxMPw0JPBMIw7rnMtRpvZJbcyk2UGKEbWOGhWlAk0XAsUyddo++Hg== X-Google-Smtp-Source: AGHT+IF8I6BH9vRpR2ND3UPtIvR9idwM46f1vGlSULUITBoZBCTtaaXrxBTSuyNftN/2u507V+ES X-Received: by 2002:a17:906:1396:b0:a58:7dee:ae6e with SMTP id f22-20020a170906139600b00a587deeae6emr1997906ejc.69.1713980284841; Wed, 24 Apr 2024 10:38:04 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713980284; cv=pass; d=google.com; s=arc-20160816; b=pXKEM/HkCLh75K/bS9Hjvf+O2UR5moDXteTWnvWtLRAiAg7+rDpRUBMCjttGaorpjQ F1hUAjYQuPVX6E2XFW3Nhgf3lIemlUEp0rIJ/eyoH7jL9rNUZ08lCiX8qFCqgCuLEHrS 0taFVQf7nw1wRb8xfphoN3UXbsnJo49i0Q13vMvEAx/4f1GeYfz2ZFdZjNDlhrRvqJMy yq7kF5JKMP9PnhV3bYn346O67+Qp5ishhsf1IvBH56mx+bbFnxPoQA41hYsGdk7jlS/I cSOpMo4H/ELYHFbx6hgTOeUlYzjxcMs9x0pdYKi4t0ry2m/MaoFOnGdrMYYOJ2ML2XuJ cRNA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:precedence:robot-unsubscribe:robot-id :message-id:mime-version:list-unsubscribe:list-subscribe:list-id :precedence:cc:subject:to:reply-to:sender:from:dkim-signature :dkim-signature:date; bh=jwhKVNavcoyb1EKysuNrb+LLqiWdy99Ko+lHf85CJUE=; fh=q5J615XdZ9aU3n5u1dONIOWvQpD/WKBpxTsi69/0Onw=; b=QJVEmJkRF4TAaAeoDpapVr8A04e3kpVefWDH37gCwj+HpCKrTFMIJM0QxKGiMIiVsF nLiN1xE4/gDUaorxSSov5zx8WlqMtn0BAnr0u3kb8b97JWxTuzWA9thckHJFoQ4SgTm5 D5ISxCKsm8rRKQ2jEtAXNuf8JPIYzfsYG4ePTsTdEnYhTtW9a8/xTrAdAyVtsClhNEu2 9xk5DZWk77x+4PUIFlHFw6fXSdSLNWTMHYxq2Xom5w0tnGbUgO66frXEISOVIhdCYE4h sVKrC+KAEyKi1l8kswpjtMbv/NraxH8yOt/zNH2n13Qb5m5J/jR0G30LikgRL/TcpuYa ba6g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b="wagpp5/7"; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-157410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157410-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id us8-20020a170906bfc800b00a51902ba103si8353731ejb.534.2024.04.24.10.38.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Apr 2024 10:38:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-157410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b="wagpp5/7"; dkim=neutral (no key) header.i=@linutronix.de header.s=2020e; arc=pass (i=1 spf=pass spfdomain=linutronix.de dkim=pass dkdomain=linutronix.de dmarc=pass fromdomain=linutronix.de); spf=pass (google.com: domain of linux-kernel+bounces-157410-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-157410-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 8E6951F283AE for ; Wed, 24 Apr 2024 17:38:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 8D70016D4D3; Wed, 24 Apr 2024 17:37:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="wagpp5/7"; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b="bHbcfwKr" Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5115E15821E; Wed, 24 Apr 2024 17:37:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=193.142.43.55 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713980276; cv=none; b=GWCy7vPzNHBcEOplbWf43LRo1baPmYXJrr4KXDINaMKxmjqiXh1kFMDNTLbyqYqVeoSGs7uwTE57702AfAAjKv7912r3Cwxik3Wbn0DRXzAYPni6CZAprNahEOW4xPBf/zQnrvq9qehNBBihdoG0kgTVjVoXlgLAOe5J2rDkEUA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713980276; c=relaxed/simple; bh=Nfg2Y4SmEDTeFM/e5TfSu/l2NIpcgIhs4FnO8pbGvck=; h=Date:From:To:Subject:Cc:MIME-Version:Message-ID:Content-Type; b=QotfLIQ6cc45hZ/L/O9bO0U3zrZCmCapct4+Hz+6V0b2o3NfgUZ79EhYITvCWdwXCEcZZdWQ+4YZmzOIrV9zLi2KrBTpWryxEgERPLZQANKKdUeScfOf78K3f2pG41HSTGXIy7odaL9QUynuHu3uKlHIPJFCP0p4DekexvqynWA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de; spf=pass smtp.mailfrom=linutronix.de; dkim=pass (2048-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=wagpp5/7; dkim=permerror (0-bit key) header.d=linutronix.de header.i=@linutronix.de header.b=bHbcfwKr; arc=none smtp.client-ip=193.142.43.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linutronix.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linutronix.de Date: Wed, 24 Apr 2024 17:37:52 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1713980273; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jwhKVNavcoyb1EKysuNrb+LLqiWdy99Ko+lHf85CJUE=; b=wagpp5/7j1QgfzDNbbU5rue15G3p0Qgfy9JqS8V8EDqtlqa+sn0AlXcsqQ7J5DDAJ9OK4T K9xplRRBPCli9wFOhal/3Kp7bTI4kfec2lZ6ypvgZle9Tmrsfq2o6kvXcaAtSjyWWycbVk /xXVMgiD4aedsJ+7+BKqtlclEtgx7p4CfQZ91JHIaRZW1OsAGjokTu2T7DDvAK4UU5h07W 7DevUQ0FkngkdlaER/+DB9KpUshdLsECYJQdqwLysVCq9+csXQ6FqFZDB48zUnMAiMt4FS l2D4CzB4hAJoc251SQHee8wntz8yeycE1OFBsAXPE/p/lINLOoHmxeP7fXutgw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1713980273; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jwhKVNavcoyb1EKysuNrb+LLqiWdy99Ko+lHf85CJUE=; b=bHbcfwKrhR9OM9XvANF1cgdHErgOth6ue1dNtIgu3atBlV2RWCmIy05wFIuzSWFAvzc/Ua swW4kSlyUoQLsSCA== From: "tip-bot2 for Kirill A. Shutemov" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/urgent] x86/tdx: Preserve shared bit on mprotect() Cc: Chris Oo , "Kirill A. Shutemov" , Dave Hansen , Rick Edgecombe , Kuppuswamy Sathyanarayanan , Tom Lendacky , stable@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <171398027263.10875.3592375840753497804.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Precedence: bulk Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit The following commit has been merged into the x86/urgent branch of tip: Commit-ID: a0a8d15a798be4b8f20aca2ba91bf6b688c6a640 Gitweb: https://git.kernel.org/tip/a0a8d15a798be4b8f20aca2ba91bf6b688c6a640 Author: Kirill A. Shutemov AuthorDate: Wed, 24 Apr 2024 11:20:35 +03:00 Committer: Dave Hansen CommitterDate: Wed, 24 Apr 2024 08:11:43 -07:00 x86/tdx: Preserve shared bit on mprotect() The TDX guest platform takes one bit from the physical address to indicate if the page is shared (accessible by VMM). This bit is not part of the physical_mask and is not preserved during mprotect(). As a result, the 'shared' bit is lost during mprotect() on shared mappings. _COMMON_PAGE_CHG_MASK specifies which PTE bits need to be preserved during modification. AMD includes 'sme_me_mask' in the define to preserve the 'encrypt' bit. To cover both Intel and AMD cases, include 'cc_mask' in _COMMON_PAGE_CHG_MASK instead of 'sme_me_mask'. Reported-and-tested-by: Chris Oo Fixes: 41394e33f3a0 ("x86/tdx: Extend the confidential computing API to support TDX guests") Signed-off-by: Kirill A. Shutemov Signed-off-by: Dave Hansen Reviewed-by: Rick Edgecombe Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Tom Lendacky Cc: stable@vger.kernel.org Link: https://lore.kernel.org/all/20240424082035.4092071-1-kirill.shutemov%40linux.intel.com --- arch/x86/include/asm/coco.h | 1 + arch/x86/include/asm/pgtable_types.h | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/coco.h b/arch/x86/include/asm/coco.h index c086699..aa6c8f8 100644 --- a/arch/x86/include/asm/coco.h +++ b/arch/x86/include/asm/coco.h @@ -25,6 +25,7 @@ u64 cc_mkdec(u64 val); void cc_random_init(void); #else #define cc_vendor (CC_VENDOR_NONE) +static const u64 cc_mask = 0; static inline u64 cc_mkenc(u64 val) { diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h index 0b748ee..9abb8cc 100644 --- a/arch/x86/include/asm/pgtable_types.h +++ b/arch/x86/include/asm/pgtable_types.h @@ -148,7 +148,7 @@ #define _COMMON_PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \ _PAGE_SPECIAL | _PAGE_ACCESSED | \ _PAGE_DIRTY_BITS | _PAGE_SOFT_DIRTY | \ - _PAGE_DEVMAP | _PAGE_ENC | _PAGE_UFFD_WP) + _PAGE_DEVMAP | _PAGE_CC | _PAGE_UFFD_WP) #define _PAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PAT) #define _HPAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PSE | _PAGE_PAT_LARGE) @@ -173,6 +173,7 @@ enum page_cache_mode { }; #endif +#define _PAGE_CC (_AT(pteval_t, cc_mask)) #define _PAGE_ENC (_AT(pteval_t, sme_me_mask)) #define _PAGE_CACHE_MASK (_PAGE_PWT | _PAGE_PCD | _PAGE_PAT)