From patchwork Tue Dec 4 07:39:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alison Schofield X-Patchwork-Id: 10711213 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 016CA13BF for ; Tue, 4 Dec 2018 07:37:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E4A3C2A46B for ; Tue, 4 Dec 2018 07:37:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D91152A544; Tue, 4 Dec 2018 07:37:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 71B2E2A46B for ; Tue, 4 Dec 2018 07:37:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D2A606B6D8C; Tue, 4 Dec 2018 02:37:26 -0500 (EST) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id CB2D46B6D89; Tue, 4 Dec 2018 02:37:26 -0500 (EST) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8977C6B6D8F; Tue, 4 Dec 2018 02:37:26 -0500 (EST) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) by kanga.kvack.org (Postfix) with ESMTP id 28E446B6D8D for ; Tue, 4 Dec 2018 02:37:26 -0500 (EST) Received: by mail-pf1-f197.google.com with SMTP id p9so13349559pfj.3 for ; Mon, 03 Dec 2018 23:37:26 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id:in-reply-to:references:in-reply-to :references; bh=yWKLvARv3dMDlSzdpqz1+sqef7vYh6J6y+fNOkxPdEc=; b=bQ/UUsTaMvnaPjBNCvtmIkq5acUzHFpnYtxMyJiMJe/QxrAPiv549W0h3UGjJB2cJg KocgD5onBRTJX6Q/NidpRPFpgZoRmS7/teihoh/005g9DFfFmHbUcpGq8QH3cccSkn4j xl7NFMLcyuWXTqlg2O/F+obz3VnCCfssBcf7Zlu0eI4RJbbf4aI5Cl5c0NI516NvmGcC DxfDTPae1++WK0zcezAz76XMvEY0NjHDisPjVQ82xLOTglpWIzW8C3fiULB84fWfb+Vt 6xnVZqnSFA6jBgCttS1pUMQ6nXB2qPjYq9NgYmit0413TxBb6BYCRx73DKfv8msCKH9L GRuA== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of alison.schofield@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=alison.schofield@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Gm-Message-State: AA+aEWbb+o769O89GOFZ39W0O1MNf9L/NO5lUXlxUOS7DqyXy63n4sfI e6XrjQTI7k1HxOuIm16L1dWElvILVhmlH7C94BbHibOeniMm6fXYbrQPnK6UPtCFgAdweMLKK2f zeHWe3yfcnxMMIG4XD0NudC9uU+uKcntmt1AuJRwwMKanL/jgycqhjL8xwEmRj6uMiw== X-Received: by 2002:a62:9419:: with SMTP id m25mr19955815pfe.147.1543909045833; Mon, 03 Dec 2018 23:37:25 -0800 (PST) X-Google-Smtp-Source: AFSGD/W1qvlIht+Vj8Er6VSdl0XAtJmRs0zK7zCGSy02jsPKHi8NlPZpcFFSeozT2APduiEJzlJo X-Received: by 2002:a62:9419:: with SMTP id m25mr19955785pfe.147.1543909044866; Mon, 03 Dec 2018 23:37:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543909044; cv=none; d=google.com; s=arc-20160816; b=HUgIMjzTf+e+7s3Qk9YXx8k3jHRPdIAkzqYp2Z23AUkS+iiqiDlTYw9eyLolFL38sQ r3bM1hV0EbokOvJmWOicK70yzipxMIYc2FgHzIGHBFz1gRrIsg4zSQS18XnFoqn+/8Sl dhtokrlk5XZ+JF9Z3+s/NIxxFf+TgHU72ugq8vizkGvi0zoi75chKk0aRpVxr7exTHrX tuSPOB7psFxbezQk0wsAAbTyS/2lK7wT8hJlYkmJvvpT33wV/3CIRh5egiRStPACt9ev IxSongdfnJgdB2I9H11J1ptru3vjZTCK9phb8/Zuc2Tf7rjIIU410ofudmSY0IFMZ7uQ TqGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:references:in-reply-to:message-id:date :subject:cc:to:from; bh=yWKLvARv3dMDlSzdpqz1+sqef7vYh6J6y+fNOkxPdEc=; b=wCea5j2hlf9yQsKDRxukh4hjXSRNp8USNLdRt6MCIqC13hLC2MAhunwu3jggQ93pOP 5tApL4jHEY4H8GwqXnyv9I2KNSFKPlbGlI5qS2T3TVkf6UEcc1Shu9mcSfT+nXlCJPhI enlRzrBHCXzM/nwF3xZlekwUJXwq8fVybHBXZfbUWvrstvG1PvcgpWZfa+nW59jnJzCL AKQK2f7+ZnrTJbxxArpkno9HlU7Ne/eJLCux/TpPGwaGpDLd5sa53v3Zn28OLRcWWOYt mNZoMnOTIPsfY+KCx/FYvp7pb9cBN3KGysC76eur7wlsPJo6n5+MQT7H72vFw8q4IEVS eklg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of alison.schofield@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=alison.schofield@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from mga05.intel.com (mga05.intel.com. [192.55.52.43]) by mx.google.com with ESMTPS id y6si15330213pgb.516.2018.12.03.23.37.24 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 Dec 2018 23:37:24 -0800 (PST) Received-SPF: pass (google.com: domain of alison.schofield@intel.com designates 192.55.52.43 as permitted sender) client-ip=192.55.52.43; Authentication-Results: mx.google.com; spf=pass (google.com: domain of alison.schofield@intel.com designates 192.55.52.43 as permitted sender) smtp.mailfrom=alison.schofield@intel.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Dec 2018 23:37:24 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,313,1539673200"; d="scan'208";a="299106228" Received: from alison-desk.jf.intel.com (HELO alison-desk) ([10.54.74.53]) by fmsmga006.fm.intel.com with ESMTP; 03 Dec 2018 23:37:22 -0800 From: Alison Schofield To: dhowells@redhat.com, tglx@linutronix.de Cc: jmorris@namei.org, mingo@redhat.com, hpa@zytor.com, bp@alien8.de, luto@kernel.org, peterz@infradead.org, kirill.shutemov@linux.intel.com, dave.hansen@intel.com, kai.huang@intel.com, jun.nakajima@intel.com, dan.j.williams@intel.com, jarkko.sakkinen@intel.com, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-mm@kvack.org, x86@kernel.org Subject: [RFC v2 05/13] x86/mm: Set KeyIDs in encrypted VMAs Date: Mon, 3 Dec 2018 23:39:52 -0800 Message-Id: X-Mailer: git-send-email 2.7.4 In-Reply-To: References: In-Reply-To: References: X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP MKTME architecture requires the KeyID to be placed in PTE bits 51:46. To create an encrypted VMA, place the KeyID in the upper bits of vm_page_prot that matches the position of those PTE bits. When the VMA is assigned a KeyID it is always considered a KeyID change. The VMA is either going from not encrypted to encrypted, or from encrypted with any KeyID to encrypted with any other KeyID. To make the change safely, remove the user pages held by the VMA and unlink the VMA's anonymous chain. Change-Id: I676056525c49c8803898315a10b196ef5a5c5415 Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 4 ++++ arch/x86/mm/mktme.c | 26 ++++++++++++++++++++++++++ include/linux/mm.h | 6 ++++++ 3 files changed, 36 insertions(+) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index dbb49909d665..de3e529f3ab0 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -24,6 +24,10 @@ extern int mktme_map_keyid_from_key(void *key); extern void *mktme_map_key_from_keyid(int keyid); extern int mktme_map_get_free_keyid(void); +/* Set the encryption keyid bits in a VMA */ +extern void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, + unsigned long start, unsigned long end); + DECLARE_STATIC_KEY_FALSE(mktme_enabled_key); static inline bool mktme_enabled(void) { diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 34224d4e3f45..e3fdf7b48173 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,5 +1,6 @@ #include #include +#include #include #include @@ -131,6 +132,31 @@ int mktme_map_get_free_keyid(void) return 0; } +/* Set the encryption keyid bits in a VMA */ +void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, + unsigned long start, unsigned long end) +{ + int oldkeyid = vma_keyid(vma); + pgprotval_t newprot; + + /* Unmap pages with old KeyID if there's any. */ + zap_page_range(vma, start, end - start); + + if (oldkeyid == newkeyid) + return; + + newprot = pgprot_val(vma->vm_page_prot); + newprot &= ~mktme_keyid_mask; + newprot |= (unsigned long)newkeyid << mktme_keyid_shift; + vma->vm_page_prot = __pgprot(newprot); + + /* + * The VMA doesn't have any inherited pages. + * Start anon VMA tree from scratch. + */ + unlink_anon_vmas(vma); +} + /* Prepare page to be used for encryption. Called from page allocator. */ void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) { diff --git a/include/linux/mm.h b/include/linux/mm.h index 1309761bb6d0..e2d87e92ca74 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2806,5 +2806,11 @@ void __init setup_nr_node_ids(void); static inline void setup_nr_node_ids(void) {} #endif +#ifndef CONFIG_X86_INTEL_MKTME +static inline void mprotect_set_encrypt(struct vm_area_struct *vma, + int newkeyid, + unsigned long start, + unsigned long end) {} +#endif /* CONFIG_X86_INTEL_MKTME */ #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */