From patchwork Wed May 8 14:44:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "kirill.shutemov@linux.intel.com" X-Patchwork-Id: 10935967 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3F49A15A6 for ; Wed, 8 May 2019 14:48:40 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2FDB12844C for ; Wed, 8 May 2019 14:48:40 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2410C2890F; Wed, 8 May 2019 14:48:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3C5C828485 for ; Wed, 8 May 2019 14:48:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727530AbfEHOsZ (ORCPT ); Wed, 8 May 2019 10:48:25 -0400 Received: from mga02.intel.com ([134.134.136.20]:19899 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728423AbfEHOou (ORCPT ); Wed, 8 May 2019 10:44:50 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 May 2019 07:44:50 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,446,1549958400"; d="scan'208";a="169656569" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga002.fm.intel.com with ESMTP; 08 May 2019 07:44:44 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id BF156D4A; Wed, 8 May 2019 17:44:30 +0300 (EEST) From: "Kirill A. Shutemov" To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCH, RFC 41/62] keys/mktme: Support memory hotplug for MKTME keys Date: Wed, 8 May 2019 17:44:01 +0300 Message-Id: <20190508144422.13171-42-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190508144422.13171-1-kirill.shutemov@linux.intel.com> References: <20190508144422.13171-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Newly added memory may mean that there is a newly added physical package. Intel platforms supporting MKTME need to know about the new physical packages that may appear during MEM_GOING_ONLINE events. Add a memory notifier for MEM_GOING_ONLINE events where MKTME can evaluate this new memory before it goes online. MKTME will quickly NOTIFY_OK in MEM_GOING_ONLINE events if no MKTME keys are currently programmed. If the newly added memory presents an unsafe MKTME topology, that will be found and reported during the next key creation attempt. (User can repair and retry.) When MKTME keys are currently programmed, MKTME will evaluate the platform topology, detect if a new PCONFIG target has been added, and program that new pconfig target if allowable. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 57 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 489dddb8c623..904748b540c6 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -626,6 +627,56 @@ static int mktme_program_new_pconfig_target(int new_pkg) return ret; } +static int mktme_memory_callback(struct notifier_block *nb, + unsigned long action, void *arg) +{ + unsigned long flags; + int ret, new_target; + + /* MEM_GOING_ONLINE is the only mem event of interest to MKTME */ + if (action != MEM_GOING_ONLINE) + return NOTIFY_OK; + + /* Do not allow key programming during hotplug event */ + spin_lock_irqsave(&mktme_lock, flags); + + /* + * If no keys are actually programmed let this event proceed. + * The topology will be checked on the next key creation attempt. + */ + if (!mktme_map->mapped_keyids) { + mktme_allow_keys = false; + ret = NOTIFY_OK; + goto out; + } + /* Do not allow this event if it creates an unsafe MKTME topology */ + if (!mktme_hmat_evaluate()) { + ret = NOTIFY_BAD; + goto out; + } + /* Topology is safe. Is there a new pconfig target? */ + new_target = mktme_get_new_pconfig_target(); + + /* No new target to program */ + if (new_target < 0) { + ret = NOTIFY_OK; + goto out; + } + if (mktme_program_new_pconfig_target(new_target)) + ret = NOTIFY_BAD; + else + ret = NOTIFY_OK; + +out: + spin_unlock_irqrestore(&mktme_lock, flags); + return ret; +} + +static struct notifier_block mktme_memory_nb = { + .notifier_call = mktme_memory_callback, + .priority = 99, /* priority ? */ +}; + static int __init init_mktme(void) { int ret, cpuhp; @@ -679,10 +730,16 @@ static int __init init_mktme(void) if (cpuhp < 0) goto free_store; + /* Memory hotplug */ + if (register_memory_notifier(&mktme_memory_nb)) + goto remove_cpuhp; + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + unregister_memory_notifier(&mktme_memory_nb); +remove_cpuhp: cpuhp_remove_state_nocalls(cpuhp); free_store: kfree(mktme_key_store);