| Message ID | 20170616185154.18967.71073.stgit@tlendack-t1.amdoffice.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Fri, Jun 16, 2017 at 01:51:55PM -0500, Tom Lendacky wrote: > The cr3 register entry can contain the SME encryption mask that indicates > the PGD is encrypted. The encryption mask should not be used when > creating a virtual address from the cr3 register, so remove the SME > encryption mask in the read_cr3_pa() function. > > During early boot SME will need to use a native version of read_cr3_pa(), > so create native_read_cr3_pa(). > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/include/asm/processor-flags.h | 3 ++- > arch/x86/include/asm/processor.h | 5 +++++ > 2 files changed, 7 insertions(+), 1 deletion(-) Reviewed-by: Borislav Petkov <bp@suse.de>
On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky <thomas.lendacky@amd.com> wrote: > The cr3 register entry can contain the SME encryption mask that indicates > the PGD is encrypted. The encryption mask should not be used when > creating a virtual address from the cr3 register, so remove the SME > encryption mask in the read_cr3_pa() function. > > During early boot SME will need to use a native version of read_cr3_pa(), > so create native_read_cr3_pa(). > > Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> > --- > arch/x86/include/asm/processor-flags.h | 3 ++- > arch/x86/include/asm/processor.h | 5 +++++ > 2 files changed, 7 insertions(+), 1 deletion(-) > > diff --git a/arch/x86/include/asm/processor-flags.h b/arch/x86/include/asm/processor-flags.h > index 79aa2f9..cb6999c 100644 > --- a/arch/x86/include/asm/processor-flags.h > +++ b/arch/x86/include/asm/processor-flags.h > @@ -2,6 +2,7 @@ > #define _ASM_X86_PROCESSOR_FLAGS_H > > #include <uapi/asm/processor-flags.h> > +#include <linux/mem_encrypt.h> > > #ifdef CONFIG_VM86 > #define X86_VM_MASK X86_EFLAGS_VM > @@ -33,7 +34,7 @@ > */ > #ifdef CONFIG_X86_64 > /* Mask off the address space ID bits. */ > -#define CR3_ADDR_MASK 0x7FFFFFFFFFFFF000ull > +#define CR3_ADDR_MASK __sme_clr(0x7FFFFFFFFFFFF000ull) Can you update the comment one line above, too?
On 6/20/2017 11:17 AM, Andy Lutomirski wrote: > On Fri, Jun 16, 2017 at 11:51 AM, Tom Lendacky <thomas.lendacky@amd.com> wrote: >> The cr3 register entry can contain the SME encryption mask that indicates >> the PGD is encrypted. The encryption mask should not be used when >> creating a virtual address from the cr3 register, so remove the SME >> encryption mask in the read_cr3_pa() function. >> >> During early boot SME will need to use a native version of read_cr3_pa(), >> so create native_read_cr3_pa(). >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> >> --- >> arch/x86/include/asm/processor-flags.h | 3 ++- >> arch/x86/include/asm/processor.h | 5 +++++ >> 2 files changed, 7 insertions(+), 1 deletion(-) >> >> diff --git a/arch/x86/include/asm/processor-flags.h b/arch/x86/include/asm/processor-flags.h >> index 79aa2f9..cb6999c 100644 >> --- a/arch/x86/include/asm/processor-flags.h >> +++ b/arch/x86/include/asm/processor-flags.h >> @@ -2,6 +2,7 @@ >> #define _ASM_X86_PROCESSOR_FLAGS_H >> >> #include <uapi/asm/processor-flags.h> >> +#include <linux/mem_encrypt.h> >> >> #ifdef CONFIG_VM86 >> #define X86_VM_MASK X86_EFLAGS_VM >> @@ -33,7 +34,7 @@ >> */ >> #ifdef CONFIG_X86_64 >> /* Mask off the address space ID bits. */ >> -#define CR3_ADDR_MASK 0x7FFFFFFFFFFFF000ull >> +#define CR3_ADDR_MASK __sme_clr(0x7FFFFFFFFFFFF000ull) > > Can you update the comment one line above, too? Yup, will do. Thanks, Tom >
diff --git a/arch/x86/include/asm/processor-flags.h b/arch/x86/include/asm/processor-flags.h index 79aa2f9..cb6999c 100644 --- a/arch/x86/include/asm/processor-flags.h +++ b/arch/x86/include/asm/processor-flags.h @@ -2,6 +2,7 @@ #define _ASM_X86_PROCESSOR_FLAGS_H #include <uapi/asm/processor-flags.h> +#include <linux/mem_encrypt.h> #ifdef CONFIG_VM86 #define X86_VM_MASK X86_EFLAGS_VM @@ -33,7 +34,7 @@ */ #ifdef CONFIG_X86_64 /* Mask off the address space ID bits. */ -#define CR3_ADDR_MASK 0x7FFFFFFFFFFFF000ull +#define CR3_ADDR_MASK __sme_clr(0x7FFFFFFFFFFFF000ull) #define CR3_PCID_MASK 0xFFFull #else /* diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h index 8010c97..ab878bd 100644 --- a/arch/x86/include/asm/processor.h +++ b/arch/x86/include/asm/processor.h @@ -240,6 +240,11 @@ static inline unsigned long read_cr3_pa(void) return __read_cr3() & CR3_ADDR_MASK; } +static inline unsigned long native_read_cr3_pa(void) +{ + return __native_read_cr3() & CR3_ADDR_MASK; +} + static inline void load_cr3(pgd_t *pgdir) { write_cr3(__sme_pa(pgdir));
The cr3 register entry can contain the SME encryption mask that indicates the PGD is encrypted. The encryption mask should not be used when creating a virtual address from the cr3 register, so remove the SME encryption mask in the read_cr3_pa() function. During early boot SME will need to use a native version of read_cr3_pa(), so create native_read_cr3_pa(). Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> --- arch/x86/include/asm/processor-flags.h | 3 ++- arch/x86/include/asm/processor.h | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-)