From patchwork Fri Sep  7 22:36:27 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alison Schofield <alison.schofield@intel.com>
X-Patchwork-Id: 10592659
Return-Path: <owner-linux-mm@kvack.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
 [172.30.200.125])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id E982914E2
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri,  7 Sep 2018 22:35:48 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DA0832B030
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri,  7 Sep 2018 22:35:48 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id CDE7C2B2ED; Fri,  7 Sep 2018 22:35:48 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 759BC2B030
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Fri,  7 Sep 2018 22:35:48 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id A12518E0007; Fri,  7 Sep 2018 18:35:47 -0400 (EDT)
Delivered-To: linux-mm-outgoing@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 9C2C08E0001; Fri,  7 Sep 2018 18:35:47 -0400 (EDT)
X-Original-To: int-list-linux-mm@kvack.org
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 864358E0007; Fri,  7 Sep 2018 18:35:47 -0400 (EDT)
X-Original-To: linux-mm@kvack.org
X-Delivered-To: linux-mm@kvack.org
Received: from mail-pg1-f199.google.com (mail-pg1-f199.google.com
 [209.85.215.199])
	by kanga.kvack.org (Postfix) with ESMTP id 41CCB8E0001
	for <linux-mm@kvack.org>; Fri,  7 Sep 2018 18:35:47 -0400 (EDT)
Received: by mail-pg1-f199.google.com with SMTP id m4-v6so7794377pgq.19
        for <linux-mm@kvack.org>; Fri, 07 Sep 2018 15:35:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-original-authentication-results:x-gm-message-state:date:from:to
         :cc:subject:message-id:references:mime-version:content-disposition
         :in-reply-to:user-agent;
        bh=QhDbTojele+tkuorJ+S8MjX4aBdoKtXOnG20rxXYlhk=;
        b=fCAGv64kaWC0IxiPiywKeuwHA2HL9nYyY28msn81K49rhiooQg5uL85yKT87pphSUV
         OXTDdXjNOS1FMqduXJrBoM/1ZtDzVGcFsI3Nycl80ppCJNuevzqzdahwTgaLSKnebbas
         ZqaTHVJHVLka3Xz5gEQ66g746rUO7gBD55zuAQucGMM03CfFq+jjbWSTDled2nhR9naL
         vkEmAXKM4nTgtE5xeppZ88LTTKga0fYH7dy+8uE2YLF8LKIwcqVT2ttP55TfQzo6YBMk
         It0qHg6t5znYmIC3IALaWrfxxWtOtmNvSuc61bjr1w5B2qloaDQn/6908/pEMODGHqdp
         v/QQ==
X-Original-Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of alison.schofield@intel.com designates
 192.55.52.151 as permitted sender) smtp.mailfrom=alison.schofield@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
X-Gm-Message-State: APzg51DVPIKbpFYOGesOy8luJSArCRLGxoiQojrNfRzAtF3i4548BsK2
	sUsyIC7raFb1bBuamnyXT8w9Y15gnaYIAoYy32yVj5qfNgdfLnDDf31LWVLJeECx/oRwuChNQI5
	e7IUrPAd0PtrlvNMye1MHKyuhQhm2gtu/od6tqE5RtK5DKHVz5+X3QfJ377EXNX9XKg==
X-Received: by 2002:a63:dd09:: with SMTP id
 t9-v6mr10212366pgg.370.1536359746946;
        Fri, 07 Sep 2018 15:35:46 -0700 (PDT)
X-Google-Smtp-Source: 
 ANB0VdbmyvNjroOdykwD2mV/PWlwVM2NCpqwXaXcHlTK2XiW+YD2qmNYcT9xcjMU9Qd/7GZSNYJp
X-Received: by 2002:a63:dd09:: with SMTP id
 t9-v6mr10212316pgg.370.1536359746129;
        Fri, 07 Sep 2018 15:35:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536359746; cv=none;
        d=google.com; s=arc-20160816;
        b=Yh9DkNHGPDGimHYdH/XaN3MF9QJdVzVQ7CDULfhzzGAjp/PxcrHPmecBOyFMmntU6Q
         EmLMNDfDhYzLIZkUnPLC+VOO0QrNk3v/9lD23IL+Ev24m8mRlgbf+xtt98a/aN+p57u2
         rki+twzcIHfRgPIFURH6CCrDbIDCyEmUAlym7Olni2z9koQLEvgXQC4Ifl1Dk91S8Ijb
         5IGyy+Zd0FkOXpj8J4Q7uzETm0mhxiiS3L0qbFe/Xn7pLsmdQvRN55kEwBOYfxg9SEjI
         ie9TX5F9tGT/9XsRzLNBELPQkv+X4zEjOqTZpUoLpb59F0QGLhWgQei5xtCCjOuIxp8d
         bx0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=user-agent:in-reply-to:content-disposition:mime-version:references
         :message-id:subject:cc:to:from:date;
        bh=QhDbTojele+tkuorJ+S8MjX4aBdoKtXOnG20rxXYlhk=;
        b=s1m9/WHMD0PwOBuoe6FsxFNLE7VInD8gxgu385iW717B1x91ZK7PstgY10CUth/1uV
         oBbJRDnoqEdn96EA+UkIIGWaCaGrlqbECV1a1S84tykuz0UjKcJt61uX8+3Q6eUsuEmw
         CDM1r29MLyn2Ch3PLG295cEr1B+h2dRdxEsyDUTc3SSuO19G/WmG4pLhUrRgGfKmNrUU
         jas44FSuiOe1Pr7n7hxE3DRGZP4CxNewr4Gkx6YKTfT6NI0t0MH1i1eBjpMeAssa1p0O
         hnW5u5n5q/VmURaantwJ50OzsZBF2zBkCu9BHdFqdoOOyFchCIh/PN65u+jShpaJ6TVX
         QKtg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of alison.schofield@intel.com designates
 192.55.52.151 as permitted sender) smtp.mailfrom=alison.schofield@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from mga17.intel.com (mga17.intel.com. [192.55.52.151])
        by mx.google.com with ESMTPS id
 64-v6si8803977plk.257.2018.09.07.15.35.45
        for <linux-mm@kvack.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 07 Sep 2018 15:35:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of alison.schofield@intel.com
 designates 192.55.52.151 as permitted sender) client-ip=192.55.52.151;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of alison.schofield@intel.com designates
 192.55.52.151 as permitted sender) smtp.mailfrom=alison.schofield@intel.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
  by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 07 Sep 2018 15:35:45 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,344,1531810800";
   d="scan'208";a="84055650"
Received: from alison-desk.jf.intel.com ([10.54.74.53])
  by fmsmga002.fm.intel.com with ESMTP; 07 Sep 2018 15:35:45 -0700
Date: Fri, 7 Sep 2018 15:36:27 -0700
From: Alison Schofield <alison.schofield@intel.com>
To: dhowells@redhat.com, tglx@linutronix.de
Cc: Kai Huang <kai.huang@intel.com>, Jun Nakajima <jun.nakajima@intel.com>,
	Kirill Shutemov <kirill.shutemov@intel.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Jarkko Sakkinen <jarkko.sakkinen@intel.com>, jmorris@namei.org,
	keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
	mingo@redhat.com, hpa@zytor.com, x86@kernel.org, linux-mm@kvack.org
Subject: [RFC 05/12] x86/mm: Add a helper function to set keyid bits in
 encrypted VMA's
Message-ID: 
 <efec45aae8dab3f4db8a79d001ec65137748cdb1.1536356108.git.alison.schofield@intel.com>
References: <cover.1536356108.git.alison.schofield@intel.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <cover.1536356108.git.alison.schofield@intel.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Store the memory encryption keyid in the upper bits of vm_page_prot
that match position of keyid, bits 51:46, in a PTE.

Signed-off-by: Alison Schofield <alison.schofield@intel.com>
---
 arch/x86/include/asm/mktme.h |  3 +++
 arch/x86/mm/mktme.c          | 15 +++++++++++++++
 include/linux/mm.h           |  4 ++++
 3 files changed, 22 insertions(+)

diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h
index f6acd551457f..b707f800b68f 100644
--- a/arch/x86/include/asm/mktme.h
+++ b/arch/x86/include/asm/mktme.h
@@ -13,6 +13,9 @@ extern phys_addr_t mktme_keyid_mask;
 extern int mktme_nr_keyids;
 extern int mktme_keyid_shift;
 
+/* Set the encryption keyid bits in a VMA */
+extern void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid);
+
 /* Manage mappings between hardware keyids and userspace keys */
 extern int mktme_map_alloc(void);
 extern void mktme_map_free(void);
diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c
index 5246d8323359..5ee7f37e9cd0 100644
--- a/arch/x86/mm/mktme.c
+++ b/arch/x86/mm/mktme.c
@@ -63,6 +63,21 @@ int vma_keyid(struct vm_area_struct *vma)
 	return (prot & mktme_keyid_mask) >> mktme_keyid_shift;
 }
 
+/* Set the encryption keyid bits in a VMA */
+void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid)
+{
+	int oldkeyid = vma_keyid(vma);
+	pgprotval_t newprot;
+
+	if (newkeyid == oldkeyid)
+		return;
+
+	newprot = pgprot_val(vma->vm_page_prot);
+	newprot &= ~mktme_keyid_mask;
+	newprot |= (unsigned long)newkeyid << mktme_keyid_shift;
+	vma->vm_page_prot = __pgprot(newprot);
+}
+
 /*
  * struct mktme_mapping and the mktme_map_* functions manage the mapping
  * of userspace keys to hardware keyids in MKTME. They are used by the
diff --git a/include/linux/mm.h b/include/linux/mm.h
index a4ce26aa0b65..ac85c0805761 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -2799,5 +2799,9 @@ void __init setup_nr_node_ids(void);
 static inline void setup_nr_node_ids(void) {}
 #endif
 
+#ifndef CONFIG_X86_INTEL_MKTME
+static inline void mprotect_set_encrypt(struct vm_area_struct *vma,
+					int newkeyid) {}
+#endif /* CONFIG_X86_INTEL_MKTME */
 #endif /* __KERNEL__ */
 #endif /* _LINUX_MM_H */