| Message ID | 20170216154236.19244.7580.stgit@tlendack-t1.amdoffice.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, Feb 16, 2017 at 09:42:36AM -0600, Tom Lendacky wrote: > Update the CPU features to include identifying and reporting on the > Secure Memory Encryption (SME) feature. SME is identified by CPUID > 0x8000001f, but requires BIOS support to enable it (set bit 23 of > SYS_CFG MSR). Only show the SME feature as available if reported by > CPUID and enabled by BIOS. > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/include/asm/cpufeature.h | 7 +++++-- > arch/x86/include/asm/cpufeatures.h | 5 ++++- > arch/x86/include/asm/disabled-features.h | 3 ++- > arch/x86/include/asm/msr-index.h | 2 ++ > arch/x86/include/asm/required-features.h | 3 ++- > arch/x86/kernel/cpu/common.c | 19 +++++++++++++++++++ > 6 files changed, 34 insertions(+), 5 deletions(-) What happened here? You had it already: https://lkml.kernel.org/r/20161110003459.3280.25796.stgit@tlendack-t1.amdoffice.net The bit in get_cpu_cap() with checking the MSR you can add at the end of init_amd() for example.
On 02/16/2017 12:13 PM, Borislav Petkov wrote: > On Thu, Feb 16, 2017 at 09:42:36AM -0600, Tom Lendacky wrote: >> Update the CPU features to include identifying and reporting on the >> Secure Memory Encryption (SME) feature. SME is identified by CPUID >> 0x8000001f, but requires BIOS support to enable it (set bit 23 of >> SYS_CFG MSR). Only show the SME feature as available if reported by >> CPUID and enabled by BIOS. >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> --- >> arch/x86/include/asm/cpufeature.h | 7 +++++-- >> arch/x86/include/asm/cpufeatures.h | 5 ++++- >> arch/x86/include/asm/disabled-features.h | 3 ++- >> arch/x86/include/asm/msr-index.h | 2 ++ >> arch/x86/include/asm/required-features.h | 3 ++- >> arch/x86/kernel/cpu/common.c | 19 +++++++++++++++++++ >> 6 files changed, 34 insertions(+), 5 deletions(-) > > What happened here? > > You had it already: > > https://lkml.kernel.org/r/20161110003459.3280.25796.stgit@tlendack-t1.amdoffice.net > > The bit in get_cpu_cap() with checking the MSR you can add at the end of > init_amd() for example. I realize it's a bit more code and expands the changes but I thought it would be a bit clearer as to what was going on this way. And then the follow on patch for the physical address reduction goes in nicely, too. If you prefer I stay with the scattered feature approach and then clear the bit based on the MSR at the end of init_amd() I can do that. I'm not attached to either method. Thanks, Tom >
On Thu, Feb 16, 2017 at 01:42:13PM -0600, Tom Lendacky wrote: > I realize it's a bit more code and expands the changes but I thought it > would be a bit clearer as to what was going on this way. And then the > follow on patch for the physical address reduction goes in nicely, too. Well, the code from the next patch should go to AMD-specific place like arch/x86/kernel/cpu/amd.c anyway, where you don't have to do vendor checks. > If you prefer I stay with the scattered feature approach and then clear > the bit based on the MSR at the end of init_amd() I can do that. I'm > not attached to either method. Yes please. We should keep the shole X86_FEATURE machinery from exploding in size. Especially if CPUID_0x8000001f is not a leaf we're going to be adding the majority of its bits, to warrant a separate ->x86_capability array element. [If it does later, we can always move it to a separate element. ] Thanks.
diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h index d59c15c..ea2de6a 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -28,6 +28,7 @@ enum cpuid_leafs CPUID_8000_000A_EDX, CPUID_7_ECX, CPUID_8000_0007_EBX, + CPUID_8000_001F_EAX, }; #ifdef CONFIG_X86_FEATURE_NAMES @@ -78,8 +79,9 @@ enum cpuid_leafs CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 15, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ REQUIRED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 18)) + BUILD_BUG_ON_ZERO(NCAPINTS != 19)) #define DISABLED_MASK_BIT_SET(feature_bit) \ ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \ @@ -100,8 +102,9 @@ enum cpuid_leafs CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 15, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \ DISABLED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 18)) + BUILD_BUG_ON_ZERO(NCAPINTS != 19)) #define cpu_has(c, bit) \ (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index d45ab4b..331fb81 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -12,7 +12,7 @@ /* * Defines x86 CPU feature bits */ -#define NCAPINTS 18 /* N 32-bit words worth of info */ +#define NCAPINTS 19 /* N 32-bit words worth of info */ #define NBUGINTS 1 /* N 32-bit bug flags */ /* @@ -296,6 +296,9 @@ #define X86_FEATURE_SUCCOR (17*32+1) /* Uncorrectable error containment and recovery */ #define X86_FEATURE_SMCA (17*32+3) /* Scalable MCA */ +/* AMD-defined CPU features, CPUID level 0x8000001f (eax), word 18 */ +#define X86_FEATURE_SME (18*32+0) /* Secure Memory Encryption */ + /* * BUG word(s) */ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 85599ad..8b45e08 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -57,6 +57,7 @@ #define DISABLED_MASK15 0 #define DISABLED_MASK16 (DISABLE_PKU|DISABLE_OSPKE) #define DISABLED_MASK17 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18) +#define DISABLED_MASK18 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 00293a9..e2d0503 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -339,6 +339,8 @@ #define MSR_K8_TOP_MEM1 0xc001001a #define MSR_K8_TOP_MEM2 0xc001001d #define MSR_K8_SYSCFG 0xc0010010 +#define MSR_K8_SYSCFG_MEM_ENCRYPT_BIT 23 +#define MSR_K8_SYSCFG_MEM_ENCRYPT BIT_ULL(MSR_K8_SYSCFG_MEM_ENCRYPT_BIT) #define MSR_K8_INT_PENDING_MSG 0xc0010055 /* C1E active bits in int pending message */ #define K8_INTP_C1E_ACTIVE_MASK 0x18000000 diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h index fac9a5c..6847d85 100644 --- a/arch/x86/include/asm/required-features.h +++ b/arch/x86/include/asm/required-features.h @@ -100,6 +100,7 @@ #define REQUIRED_MASK15 0 #define REQUIRED_MASK16 0 #define REQUIRED_MASK17 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 18) +#define REQUIRED_MASK18 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index c188ae5..b33bc06 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -763,6 +763,25 @@ void get_cpu_cap(struct cpuinfo_x86 *c) if (c->extended_cpuid_level >= 0x8000000a) c->x86_capability[CPUID_8000_000A_EDX] = cpuid_edx(0x8000000a); + if (c->extended_cpuid_level >= 0x8000001f) { + cpuid(0x8000001f, &eax, &ebx, &ecx, &edx); + + /* SME feature support */ + if ((c->x86_vendor == X86_VENDOR_AMD) && (eax & 0x01)) { + u64 msr; + + /* + * For SME, BIOS support is required. If BIOS has not + * enabled SME don't advertise the feature. + */ + rdmsrl(MSR_K8_SYSCFG, msr); + if (!(msr & MSR_K8_SYSCFG_MEM_ENCRYPT)) + eax &= ~0x01; + } + + c->x86_capability[CPUID_8000_001F_EAX] = eax; + } + init_scattered_cpuid_features(c); /*
Update the CPU features to include identifying and reporting on the Secure Memory Encryption (SME) feature. SME is identified by CPUID 0x8000001f, but requires BIOS support to enable it (set bit 23 of SYS_CFG MSR). Only show the SME feature as available if reported by CPUID and enabled by BIOS. Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> --- arch/x86/include/asm/cpufeature.h | 7 +++++-- arch/x86/include/asm/cpufeatures.h | 5 ++++- arch/x86/include/asm/disabled-features.h | 3 ++- arch/x86/include/asm/msr-index.h | 2 ++ arch/x86/include/asm/required-features.h | 3 ++- arch/x86/kernel/cpu/common.c | 19 +++++++++++++++++++ 6 files changed, 34 insertions(+), 5 deletions(-)