Message ID | 20190718032858.28744-6-bauerman@linux.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Remove x86-specific code from generic headers | expand |
On Thu, Jul 18, 2019 at 12:28:57AM -0300, Thiago Jung Bauermann wrote: > Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't > appear in generic kernel code because it forces non-x86 architectures to > define the sev_active() function, which doesn't make a lot of sense. > > To solve this problem, add an x86 elfcorehdr_read() function to override > the generic weak implementation. To do that, it's necessary to make > read_from_oldmem() public so that it can be used outside of vmcore.c. > > Also, remove the export for sev_active() since it's only used in files that > won't be built as modules. I have to say I find the __weak overrides of the vmcore files very confusing and which we'd have a better scheme there. But as this fits into that scheme and allows to remove the AMD SME vs SEV knowledge from the core I'm fine with it. Reviewed-by: Christoph Hellwig <hch@lst.de>
On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: > Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't > appear in generic kernel code because it forces non-x86 architectures to > define the sev_active() function, which doesn't make a lot of sense. > > To solve this problem, add an x86 elfcorehdr_read() function to override > the generic weak implementation. To do that, it's necessary to make > read_from_oldmem() public so that it can be used outside of vmcore.c. > > Also, remove the export for sev_active() since it's only used in files that > won't be built as modules. > > Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Adding Lianbo and Baoquan, who recently worked on this, for their review. Thanks, Tom > --- > arch/x86/kernel/crash_dump_64.c | 5 +++++ > arch/x86/mm/mem_encrypt.c | 1 - > fs/proc/vmcore.c | 8 ++++---- > include/linux/crash_dump.h | 14 ++++++++++++++ > include/linux/mem_encrypt.h | 1 - > 5 files changed, 23 insertions(+), 6 deletions(-) > > diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c > index 22369dd5de3b..045e82e8945b 100644 > --- a/arch/x86/kernel/crash_dump_64.c > +++ b/arch/x86/kernel/crash_dump_64.c > @@ -70,3 +70,8 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char *buf, size_t csize, > { > return __copy_oldmem_page(pfn, buf, csize, offset, userbuf, true); > } > + > +ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) > +{ > + return read_from_oldmem(buf, count, ppos, 0, sev_active()); > +} > diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c > index 7139f2f43955..b1e823441093 100644 > --- a/arch/x86/mm/mem_encrypt.c > +++ b/arch/x86/mm/mem_encrypt.c > @@ -349,7 +349,6 @@ bool sev_active(void) > { > return sme_me_mask && sev_enabled; > } > -EXPORT_SYMBOL(sev_active); > > /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ > bool force_dma_unencrypted(struct device *dev) > diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c > index 57957c91c6df..ca1f20bedd8c 100644 > --- a/fs/proc/vmcore.c > +++ b/fs/proc/vmcore.c > @@ -100,9 +100,9 @@ static int pfn_is_ram(unsigned long pfn) > } > > /* Reads a page from the oldmem device from given offset. */ > -static ssize_t read_from_oldmem(char *buf, size_t count, > - u64 *ppos, int userbuf, > - bool encrypted) > +ssize_t read_from_oldmem(char *buf, size_t count, > + u64 *ppos, int userbuf, > + bool encrypted) > { > unsigned long pfn, offset; > size_t nr_bytes; > @@ -166,7 +166,7 @@ void __weak elfcorehdr_free(unsigned long long addr) > */ > ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) > { > - return read_from_oldmem(buf, count, ppos, 0, sev_active()); > + return read_from_oldmem(buf, count, ppos, 0, false); > } > > /* > diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h > index f774c5eb9e3c..4664fc1871de 100644 > --- a/include/linux/crash_dump.h > +++ b/include/linux/crash_dump.h > @@ -115,4 +115,18 @@ static inline int vmcore_add_device_dump(struct vmcoredd_data *data) > return -EOPNOTSUPP; > } > #endif /* CONFIG_PROC_VMCORE_DEVICE_DUMP */ > + > +#ifdef CONFIG_PROC_VMCORE > +ssize_t read_from_oldmem(char *buf, size_t count, > + u64 *ppos, int userbuf, > + bool encrypted); > +#else > +static inline ssize_t read_from_oldmem(char *buf, size_t count, > + u64 *ppos, int userbuf, > + bool encrypted) > +{ > + return -EOPNOTSUPP; > +} > +#endif /* CONFIG_PROC_VMCORE */ > + > #endif /* LINUX_CRASHDUMP_H */ > diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h > index 0c5b0ff9eb29..5c4a18a91f89 100644 > --- a/include/linux/mem_encrypt.h > +++ b/include/linux/mem_encrypt.h > @@ -19,7 +19,6 @@ > #else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ > > static inline bool mem_encrypt_active(void) { return false; } > -static inline bool sev_active(void) { return false; } > > #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ > >
在 2019年07月19日 01:47, Lendacky, Thomas 写道: > On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: >> Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't >> appear in generic kernel code because it forces non-x86 architectures to >> define the sev_active() function, which doesn't make a lot of sense. >> >> To solve this problem, add an x86 elfcorehdr_read() function to override >> the generic weak implementation. To do that, it's necessary to make >> read_from_oldmem() public so that it can be used outside of vmcore.c. >> >> Also, remove the export for sev_active() since it's only used in files that >> won't be built as modules. >> >> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> > > Adding Lianbo and Baoquan, who recently worked on this, for their review. > This change looks good to me. Reviewed-by: Lianbo Jiang <lijiang@redhat.com> Thanks. Lianbo > Thanks, > Tom > >> --- >> arch/x86/kernel/crash_dump_64.c | 5 +++++ >> arch/x86/mm/mem_encrypt.c | 1 - >> fs/proc/vmcore.c | 8 ++++---- >> include/linux/crash_dump.h | 14 ++++++++++++++ >> include/linux/mem_encrypt.h | 1 - >> 5 files changed, 23 insertions(+), 6 deletions(-) >> >> diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c >> index 22369dd5de3b..045e82e8945b 100644 >> --- a/arch/x86/kernel/crash_dump_64.c >> +++ b/arch/x86/kernel/crash_dump_64.c >> @@ -70,3 +70,8 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char *buf, size_t csize, >> { >> return __copy_oldmem_page(pfn, buf, csize, offset, userbuf, true); >> } >> + >> +ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) >> +{ >> + return read_from_oldmem(buf, count, ppos, 0, sev_active()); >> +} >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index 7139f2f43955..b1e823441093 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -349,7 +349,6 @@ bool sev_active(void) >> { >> return sme_me_mask && sev_enabled; >> } >> -EXPORT_SYMBOL(sev_active); >> >> /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ >> bool force_dma_unencrypted(struct device *dev) >> diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c >> index 57957c91c6df..ca1f20bedd8c 100644 >> --- a/fs/proc/vmcore.c >> +++ b/fs/proc/vmcore.c >> @@ -100,9 +100,9 @@ static int pfn_is_ram(unsigned long pfn) >> } >> >> /* Reads a page from the oldmem device from given offset. */ >> -static ssize_t read_from_oldmem(char *buf, size_t count, >> - u64 *ppos, int userbuf, >> - bool encrypted) >> +ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted) >> { >> unsigned long pfn, offset; >> size_t nr_bytes; >> @@ -166,7 +166,7 @@ void __weak elfcorehdr_free(unsigned long long addr) >> */ >> ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) >> { >> - return read_from_oldmem(buf, count, ppos, 0, sev_active()); >> + return read_from_oldmem(buf, count, ppos, 0, false); >> } >> >> /* >> diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h >> index f774c5eb9e3c..4664fc1871de 100644 >> --- a/include/linux/crash_dump.h >> +++ b/include/linux/crash_dump.h >> @@ -115,4 +115,18 @@ static inline int vmcore_add_device_dump(struct vmcoredd_data *data) >> return -EOPNOTSUPP; >> } >> #endif /* CONFIG_PROC_VMCORE_DEVICE_DUMP */ >> + >> +#ifdef CONFIG_PROC_VMCORE >> +ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted); >> +#else >> +static inline ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted) >> +{ >> + return -EOPNOTSUPP; >> +} >> +#endif /* CONFIG_PROC_VMCORE */ >> + >> #endif /* LINUX_CRASHDUMP_H */ >> diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h >> index 0c5b0ff9eb29..5c4a18a91f89 100644 >> --- a/include/linux/mem_encrypt.h >> +++ b/include/linux/mem_encrypt.h >> @@ -19,7 +19,6 @@ >> #else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ >> >> static inline bool mem_encrypt_active(void) { return false; } >> -static inline bool sev_active(void) { return false; } >> >> #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ >> >>
Hello Lianbo, lijiang <lijiang@redhat.com> writes: > 在 2019年07月19日 01:47, Lendacky, Thomas 写道: >> On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: >>> Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't >>> appear in generic kernel code because it forces non-x86 architectures to >>> define the sev_active() function, which doesn't make a lot of sense. >>> >>> To solve this problem, add an x86 elfcorehdr_read() function to override >>> the generic weak implementation. To do that, it's necessary to make >>> read_from_oldmem() public so that it can be used outside of vmcore.c. >>> >>> Also, remove the export for sev_active() since it's only used in files that >>> won't be built as modules. >>> >>> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> >> >> Adding Lianbo and Baoquan, who recently worked on this, for their review. >> > > This change looks good to me. > > Reviewed-by: Lianbo Jiang <lijiang@redhat.com> Thanks for your review!
diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c index 22369dd5de3b..045e82e8945b 100644 --- a/arch/x86/kernel/crash_dump_64.c +++ b/arch/x86/kernel/crash_dump_64.c @@ -70,3 +70,8 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char *buf, size_t csize, { return __copy_oldmem_page(pfn, buf, csize, offset, userbuf, true); } + +ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) +{ + return read_from_oldmem(buf, count, ppos, 0, sev_active()); +} diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 7139f2f43955..b1e823441093 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -349,7 +349,6 @@ bool sev_active(void) { return sme_me_mask && sev_enabled; } -EXPORT_SYMBOL(sev_active); /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ bool force_dma_unencrypted(struct device *dev) diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c index 57957c91c6df..ca1f20bedd8c 100644 --- a/fs/proc/vmcore.c +++ b/fs/proc/vmcore.c @@ -100,9 +100,9 @@ static int pfn_is_ram(unsigned long pfn) } /* Reads a page from the oldmem device from given offset. */ -static ssize_t read_from_oldmem(char *buf, size_t count, - u64 *ppos, int userbuf, - bool encrypted) +ssize_t read_from_oldmem(char *buf, size_t count, + u64 *ppos, int userbuf, + bool encrypted) { unsigned long pfn, offset; size_t nr_bytes; @@ -166,7 +166,7 @@ void __weak elfcorehdr_free(unsigned long long addr) */ ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) { - return read_from_oldmem(buf, count, ppos, 0, sev_active()); + return read_from_oldmem(buf, count, ppos, 0, false); } /* diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h index f774c5eb9e3c..4664fc1871de 100644 --- a/include/linux/crash_dump.h +++ b/include/linux/crash_dump.h @@ -115,4 +115,18 @@ static inline int vmcore_add_device_dump(struct vmcoredd_data *data) return -EOPNOTSUPP; } #endif /* CONFIG_PROC_VMCORE_DEVICE_DUMP */ + +#ifdef CONFIG_PROC_VMCORE +ssize_t read_from_oldmem(char *buf, size_t count, + u64 *ppos, int userbuf, + bool encrypted); +#else +static inline ssize_t read_from_oldmem(char *buf, size_t count, + u64 *ppos, int userbuf, + bool encrypted) +{ + return -EOPNOTSUPP; +} +#endif /* CONFIG_PROC_VMCORE */ + #endif /* LINUX_CRASHDUMP_H */ diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h index 0c5b0ff9eb29..5c4a18a91f89 100644 --- a/include/linux/mem_encrypt.h +++ b/include/linux/mem_encrypt.h @@ -19,7 +19,6 @@ #else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ static inline bool mem_encrypt_active(void) { return false; } -static inline bool sev_active(void) { return false; } #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */
Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't appear in generic kernel code because it forces non-x86 architectures to define the sev_active() function, which doesn't make a lot of sense. To solve this problem, add an x86 elfcorehdr_read() function to override the generic weak implementation. To do that, it's necessary to make read_from_oldmem() public so that it can be used outside of vmcore.c. Also, remove the export for sev_active() since it's only used in files that won't be built as modules. Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> --- arch/x86/kernel/crash_dump_64.c | 5 +++++ arch/x86/mm/mem_encrypt.c | 1 - fs/proc/vmcore.c | 8 ++++---- include/linux/crash_dump.h | 14 ++++++++++++++ include/linux/mem_encrypt.h | 1 - 5 files changed, 23 insertions(+), 6 deletions(-)