From patchwork Wed Jul 31 15:07:15 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068069 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 75C3913A4 for ; Wed, 31 Jul 2019 15:08:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5E9621FFD8 for ; Wed, 31 Jul 2019 15:08:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 51BC6201BC; Wed, 31 Jul 2019 15:08:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6F06D1FFD8 for ; Wed, 31 Jul 2019 15:08:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2D8E18E000C; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2380F8E000D; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 08F688E000C; Wed, 31 Jul 2019 11:08:22 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by kanga.kvack.org (Postfix) with ESMTP id A425B8E0001 for ; Wed, 31 Jul 2019 11:08:22 -0400 (EDT) Received: by mail-wm1-f70.google.com with SMTP id n25so16094583wmc.7 for ; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=QvM6TLsHLaIUsQxiIrLtgZTAl4nwA/abKY84Ix9c1AI=; b=Bfj+gy1MFN7Bh7dJv/txdplTsGiEBnyWHkpSWoavHvktTe6qe9Ll8TMzE3+nq+RFjc 1d7H2ccNgzgrcMcmLvGf2djTr7ItAHau9PRJ7j/4GeBQWHxvHrU89119ACewu9h2e9Z3 UKL/xUjNj9vMZcDqDC680t/zc6Crev53DTSOYwGYBaEhL+DSS6Oh62xzT7O5gV9Y+die frnz44XzTbLa/PdI1AR5nIiNs49L67MyalES59Iur+PeqDLn+qYvtkLbyIwjIgbFs/uk rGch6rpayGFpz0DYcsUCOc6LTnMC5xZntbgWISYzKf2WSFooVdgYabjmEtcix7hPT00n Sshg== X-Gm-Message-State: APjAAAUtmnCudp1D9x2X/eLtTYom+f5BK9BVE7mkvTrP6stJCvcWB9zv AkOOCihs7uqonPh78KXffjEz7AClO5//J9C1hmm4s1uQBt2m7fkUwJMnpiZh7oKS/AQPx8f3+8G 0BYQyn7IuBbYmWZXfrcRgcxlrBjarAmpKMzIEiWt9zrwBPbPZopx0n/eivujy2QI= X-Received: by 2002:a1c:b189:: with SMTP id a131mr115302225wmf.7.1564585702208; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) X-Received: by 2002:a1c:b189:: with SMTP id a131mr115302059wmf.7.1564585699681; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585699; cv=none; d=google.com; s=arc-20160816; b=YUshKbin8P9TslZ5Tqiwc9GqQ3GQ2dw8FaUvK2MEAVhG7ziIPIwn5s5RMFBHWPX2VI mMOcEV66n9UX8U4w8viWKnTdJW08AWROznGDavvFGWWNkOz0YgcBuyrxnsYCAAgtx/g0 y5mxw8TYh97/Q8bnp15YYUAIHG5LBFcmqzuNnK/dCa+i0TNVGRJzqpdg9X0DbIe7HpBe uB/2VHfcTT+UzPD+VfNQSuh+tnLrOgwhzR6VyGVWZAaXJW4g8iAbmLfdV6O3KzZKmLdE XuaAdNc+ib91aecloSP4l83SoR/IkYcs2WqweJRXq6VhQ0ZOlU+YSlkYtSIfRaXK6Er5 dfGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=QvM6TLsHLaIUsQxiIrLtgZTAl4nwA/abKY84Ix9c1AI=; b=ezOIuS3tJOoGMjVL3HlHstnT4ppu5tJCa07mq4FnzVLvMLuXUAybaeRivrEbkmeJRB WBXZbi1y5+jTWS/ryrgpG76w55H0piBn+LGDiEjPHEiIrqH0SRlReQautGC1L7lsi+3P GmdFo3h9ytOma5vondVObhwCn5QAiuuxbqVIMj5UxXncykE4E6B7gauN4Ef/bTPEhrU4 92UiNQ+UT3DhzC+sjWlft4m6J1UVERWSzvmPjnBc/NMV0jH5+uGJNIvMrnmMOutHhhkQ 8y7S2PwqjDz1NjW1v6u7DvvePY1yrzaAy80Y2GH5AmI7Ss/HpgMk3HMjznBXT5kbtOnp mjKQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=PQMMzYAt; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id w6sor52114476edc.24.2019.07.31.08.08.19 for (Google Transport Security); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=PQMMzYAt; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=QvM6TLsHLaIUsQxiIrLtgZTAl4nwA/abKY84Ix9c1AI=; b=PQMMzYAtdHNIXrG1QMzmJkDEaLAkNcffdKITKNKyMHWPazgNFp8a/KgMG6jpyOPy6L z1/tpsyUip94xQ6akPtE8MoQmmIrADbPePw9ZUJIhjeGaokm0qqY+eEe5uAHTxdaDFOl uTxZlQ2SlbbEr+TXSFQKh3v/lXXZgYGil15BJYjAEoy1ygXMXRc7taLkzxUFswX6evY7 kDJdbo1gZxmJV0MtpSm9FnWdgOp9x//J+1DDAJcBl4SLlPClFdePa4j2HyjR2ElgASHb gjubDLRAPzaX0drp9tMCjDRDUkP7/F4q4ORRnXyI3hNiWitoyht+3ai6WwR4M8j+AqBZ 0UOA== X-Google-Smtp-Source: APXvYqxfIQGkRhrMQl5o3NEbLiMVXnwZsc3hm4rHg9K6Idq9C1pqBjRFAwNsZKfTGo4tqfavOiaY7g== X-Received: by 2002:a50:9107:: with SMTP id e7mr108538225eda.280.1564585699281; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id f21sm16902175edj.36.2019.07.31.08.08.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:15 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id EA80E101316; Wed, 31 Jul 2019 18:08:15 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 01/59] mm: Do no merge VMAs with different encryption KeyIDs Date: Wed, 31 Jul 2019 18:07:15 +0300 Message-Id: <20190731150813.26289-2-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP VMAs with different KeyID do not mix together. Only VMAs with the same KeyID are compatible. Signed-off-by: Kirill A. Shutemov --- fs/userfaultfd.c | 7 ++++--- include/linux/mm.h | 9 ++++++++- mm/madvise.c | 2 +- mm/mempolicy.c | 3 ++- mm/mlock.c | 2 +- mm/mmap.c | 31 +++++++++++++++++++------------ mm/mprotect.c | 2 +- 7 files changed, 36 insertions(+), 20 deletions(-) diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c index ccbdbd62f0d8..3b845a6a44d0 100644 --- a/fs/userfaultfd.c +++ b/fs/userfaultfd.c @@ -911,7 +911,7 @@ static int userfaultfd_release(struct inode *inode, struct file *file) new_flags, vma->anon_vma, vma->vm_file, vma->vm_pgoff, vma_policy(vma), - NULL_VM_UFFD_CTX); + NULL_VM_UFFD_CTX, vma_keyid(vma)); if (prev) vma = prev; else @@ -1461,7 +1461,8 @@ static int userfaultfd_register(struct userfaultfd_ctx *ctx, prev = vma_merge(mm, prev, start, vma_end, new_flags, vma->anon_vma, vma->vm_file, vma->vm_pgoff, vma_policy(vma), - ((struct vm_userfaultfd_ctx){ ctx })); + ((struct vm_userfaultfd_ctx){ ctx }), + vma_keyid(vma)); if (prev) { vma = prev; goto next; @@ -1623,7 +1624,7 @@ static int userfaultfd_unregister(struct userfaultfd_ctx *ctx, prev = vma_merge(mm, prev, start, vma_end, new_flags, vma->anon_vma, vma->vm_file, vma->vm_pgoff, vma_policy(vma), - NULL_VM_UFFD_CTX); + NULL_VM_UFFD_CTX, vma_keyid(vma)); if (prev) { vma = prev; goto next; diff --git a/include/linux/mm.h b/include/linux/mm.h index 0334ca97c584..5bfd3dd121c1 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1637,6 +1637,13 @@ int clear_page_dirty_for_io(struct page *page); int get_cmdline(struct task_struct *task, char *buffer, int buflen); +#ifndef vma_keyid +static inline int vma_keyid(struct vm_area_struct *vma) +{ + return 0; +} +#endif + extern unsigned long move_page_tables(struct vm_area_struct *vma, unsigned long old_addr, struct vm_area_struct *new_vma, unsigned long new_addr, unsigned long len, @@ -2301,7 +2308,7 @@ static inline int vma_adjust(struct vm_area_struct *vma, unsigned long start, extern struct vm_area_struct *vma_merge(struct mm_struct *, struct vm_area_struct *prev, unsigned long addr, unsigned long end, unsigned long vm_flags, struct anon_vma *, struct file *, pgoff_t, - struct mempolicy *, struct vm_userfaultfd_ctx); + struct mempolicy *, struct vm_userfaultfd_ctx, int keyid); extern struct anon_vma *find_mergeable_anon_vma(struct vm_area_struct *); extern int __split_vma(struct mm_struct *, struct vm_area_struct *, unsigned long addr, int new_below); diff --git a/mm/madvise.c b/mm/madvise.c index 968df3aa069f..00216780a630 100644 --- a/mm/madvise.c +++ b/mm/madvise.c @@ -138,7 +138,7 @@ static long madvise_behavior(struct vm_area_struct *vma, pgoff = vma->vm_pgoff + ((start - vma->vm_start) >> PAGE_SHIFT); *prev = vma_merge(mm, *prev, start, end, new_flags, vma->anon_vma, vma->vm_file, pgoff, vma_policy(vma), - vma->vm_userfaultfd_ctx); + vma->vm_userfaultfd_ctx, vma_keyid(vma)); if (*prev) { vma = *prev; goto success; diff --git a/mm/mempolicy.c b/mm/mempolicy.c index f48693f75b37..14ee933b1ff7 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -731,7 +731,8 @@ static int mbind_range(struct mm_struct *mm, unsigned long start, ((vmstart - vma->vm_start) >> PAGE_SHIFT); prev = vma_merge(mm, prev, vmstart, vmend, vma->vm_flags, vma->anon_vma, vma->vm_file, pgoff, - new_pol, vma->vm_userfaultfd_ctx); + new_pol, vma->vm_userfaultfd_ctx, + vma_keyid(vma)); if (prev) { vma = prev; next = vma->vm_next; diff --git a/mm/mlock.c b/mm/mlock.c index a90099da4fb4..3d0a31bf214c 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -535,7 +535,7 @@ static int mlock_fixup(struct vm_area_struct *vma, struct vm_area_struct **prev, pgoff = vma->vm_pgoff + ((start - vma->vm_start) >> PAGE_SHIFT); *prev = vma_merge(mm, *prev, start, end, newflags, vma->anon_vma, vma->vm_file, pgoff, vma_policy(vma), - vma->vm_userfaultfd_ctx); + vma->vm_userfaultfd_ctx, vma_keyid(vma)); if (*prev) { vma = *prev; goto success; diff --git a/mm/mmap.c b/mm/mmap.c index 7e8c3e8ae75f..715438a1fb93 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1008,7 +1008,8 @@ int __vma_adjust(struct vm_area_struct *vma, unsigned long start, */ static inline int is_mergeable_vma(struct vm_area_struct *vma, struct file *file, unsigned long vm_flags, - struct vm_userfaultfd_ctx vm_userfaultfd_ctx) + struct vm_userfaultfd_ctx vm_userfaultfd_ctx, + int keyid) { /* * VM_SOFTDIRTY should not prevent from VMA merging, if we @@ -1022,6 +1023,8 @@ static inline int is_mergeable_vma(struct vm_area_struct *vma, return 0; if (vma->vm_file != file) return 0; + if (vma_keyid(vma) != keyid) + return 0; if (vma->vm_ops && vma->vm_ops->close) return 0; if (!is_mergeable_vm_userfaultfd_ctx(vma, vm_userfaultfd_ctx)) @@ -1058,9 +1061,10 @@ static int can_vma_merge_before(struct vm_area_struct *vma, unsigned long vm_flags, struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff, - struct vm_userfaultfd_ctx vm_userfaultfd_ctx) + struct vm_userfaultfd_ctx vm_userfaultfd_ctx, + int keyid) { - if (is_mergeable_vma(vma, file, vm_flags, vm_userfaultfd_ctx) && + if (is_mergeable_vma(vma, file, vm_flags, vm_userfaultfd_ctx, keyid) && is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { if (vma->vm_pgoff == vm_pgoff) return 1; @@ -1079,9 +1083,10 @@ static int can_vma_merge_after(struct vm_area_struct *vma, unsigned long vm_flags, struct anon_vma *anon_vma, struct file *file, pgoff_t vm_pgoff, - struct vm_userfaultfd_ctx vm_userfaultfd_ctx) + struct vm_userfaultfd_ctx vm_userfaultfd_ctx, + int keyid) { - if (is_mergeable_vma(vma, file, vm_flags, vm_userfaultfd_ctx) && + if (is_mergeable_vma(vma, file, vm_flags, vm_userfaultfd_ctx, keyid) && is_mergeable_anon_vma(anon_vma, vma->anon_vma, vma)) { pgoff_t vm_pglen; vm_pglen = vma_pages(vma); @@ -1136,7 +1141,8 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, unsigned long end, unsigned long vm_flags, struct anon_vma *anon_vma, struct file *file, pgoff_t pgoff, struct mempolicy *policy, - struct vm_userfaultfd_ctx vm_userfaultfd_ctx) + struct vm_userfaultfd_ctx vm_userfaultfd_ctx, + int keyid) { pgoff_t pglen = (end - addr) >> PAGE_SHIFT; struct vm_area_struct *area, *next; @@ -1169,7 +1175,7 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, mpol_equal(vma_policy(prev), policy) && can_vma_merge_after(prev, vm_flags, anon_vma, file, pgoff, - vm_userfaultfd_ctx)) { + vm_userfaultfd_ctx, keyid)) { /* * OK, it can. Can we now merge in the successor as well? */ @@ -1178,7 +1184,8 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, can_vma_merge_before(next, vm_flags, anon_vma, file, pgoff+pglen, - vm_userfaultfd_ctx) && + vm_userfaultfd_ctx, + keyid) && is_mergeable_anon_vma(prev->anon_vma, next->anon_vma, NULL)) { /* cases 1, 6 */ @@ -1201,7 +1208,7 @@ struct vm_area_struct *vma_merge(struct mm_struct *mm, mpol_equal(policy, vma_policy(next)) && can_vma_merge_before(next, vm_flags, anon_vma, file, pgoff+pglen, - vm_userfaultfd_ctx)) { + vm_userfaultfd_ctx, keyid)) { if (prev && addr < prev->vm_end) /* case 4 */ err = __vma_adjust(prev, prev->vm_start, addr, prev->vm_pgoff, NULL, next); @@ -1746,7 +1753,7 @@ unsigned long mmap_region(struct file *file, unsigned long addr, * Can we just expand an old mapping? */ vma = vma_merge(mm, prev, addr, addr + len, vm_flags, - NULL, file, pgoff, NULL, NULL_VM_UFFD_CTX); + NULL, file, pgoff, NULL, NULL_VM_UFFD_CTX, 0); if (vma) goto out; @@ -3025,7 +3032,7 @@ static int do_brk_flags(unsigned long addr, unsigned long len, unsigned long fla /* Can we just expand an old private anonymous mapping? */ vma = vma_merge(mm, prev, addr, addr + len, flags, - NULL, NULL, pgoff, NULL, NULL_VM_UFFD_CTX); + NULL, NULL, pgoff, NULL, NULL_VM_UFFD_CTX, 0); if (vma) goto out; @@ -3223,7 +3230,7 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap, return NULL; /* should never get here */ new_vma = vma_merge(mm, prev, addr, addr + len, vma->vm_flags, vma->anon_vma, vma->vm_file, pgoff, vma_policy(vma), - vma->vm_userfaultfd_ctx); + vma->vm_userfaultfd_ctx, vma_keyid(vma)); if (new_vma) { /* * Source vma may have been merged into new_vma diff --git a/mm/mprotect.c b/mm/mprotect.c index bf38dfbbb4b4..82d7b194a918 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -400,7 +400,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, pgoff = vma->vm_pgoff + ((start - vma->vm_start) >> PAGE_SHIFT); *pprev = vma_merge(mm, *pprev, start, end, newflags, vma->anon_vma, vma->vm_file, pgoff, vma_policy(vma), - vma->vm_userfaultfd_ctx); + vma->vm_userfaultfd_ctx, vma_keyid(vma)); if (*pprev) { vma = *pprev; VM_WARN_ON((vma->vm_flags ^ newflags) & ~VM_SOFTDIRTY); From patchwork Wed Jul 31 15:07:16 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068055 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 81E49746 for ; Wed, 31 Jul 2019 15:08:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6C10E1FFD8 for ; Wed, 31 Jul 2019 15:08:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5FDFF201BD; Wed, 31 Jul 2019 15:08:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A1A101FFD8 for ; Wed, 31 Jul 2019 15:08:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9B3158E0005; Wed, 31 Jul 2019 11:08:19 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 93C6F8E0001; Wed, 31 Jul 2019 11:08:19 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 805828E0005; Wed, 31 Jul 2019 11:08:19 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 315EA8E0001 for ; Wed, 31 Jul 2019 11:08:19 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id l26so42618337eda.2 for ; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=wLPXwl8hvJobXFCl++g4aCvf+npUzZ0QqPbdONmdAQc=; b=CmKiSOOS5hyKqbkgqzco6ibq3zbxnN9IL66loXFi/aF6iLTL+Z3TUozgGmvDFKQX4c BBxjP6gh6SaRZWvVkgequqFP4eI8j1LHFespIhopmZ49q/8i9bb6Ji8OSNCLlfi0LxhL 9tWr4610oOf1r0sWsCv8l5wJ+8URvQqZRe1ifzn2aAQw/oqXxM/VwhdFW4F17KcjNwDv dX97bIOXzoTzmxaXmDhPQjqd5ZmFKqkToocC9InkaL1zckP99bSUp1pJdH4eH7cAtE2E 0E/tUtBfPv473n9jywtfUWG1nWlTKuK+qlts2r5n5RTD97LoVKJreqnx5HYFpjADlDfs iBGA== X-Gm-Message-State: APjAAAXDombhfIIxYjtJfha4yH0UxkMemnPotEzD8vWntNqmKIUXfsDc 9Vew2HaTbvTLN6DnkQTjsTaGZWVJkgUjX6Fgjbj04jFRTUeWkkKAiKPwbzPMvbJQdSSTtgkpYGz cZkyuIApvBIXhb5h8WSu2wfQSyBMDeH9DvoffXwL+jK2Q/2VKrKebFHJ2J3xCbas= X-Received: by 2002:a50:d7d0:: with SMTP id m16mr105325235edj.162.1564585698770; Wed, 31 Jul 2019 08:08:18 -0700 (PDT) X-Received: by 2002:a50:d7d0:: with SMTP id m16mr105325071edj.162.1564585697301; Wed, 31 Jul 2019 08:08:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585697; cv=none; d=google.com; s=arc-20160816; b=QQjdD8FDnFCLcvQoyJEU54EIlGNkwXHjdNmJS6s222lQtARrPfqdIjM7e9ZUMY1K38 +8f0v99SkrzEHzOBuPUnYO8eJ34J0HC15daJt9AYWmmv7IPnZSDMyipsdKo439e0IFyh dXUHRNg22+gRSIcgpI0dftfXa7/InSlxneEyjbXieUD2mIkSowBtX0hPPL4FmaeeKS5f v1I4KBZgbHmr9Ncc9iWe89EoLBD76bw0l4OiOOHjyK4iRODBUbz0IJyECbTx0ub8/L9P CVSGWENQ7NkLLS5yxp006R9XsNfdbxxxM/cCacxoZLyon+WVHaVXkrUnIJ/i20RnYTw4 RgeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=wLPXwl8hvJobXFCl++g4aCvf+npUzZ0QqPbdONmdAQc=; b=R9eBVQ6nA9pVnjnowKnujDCg8Oh/9Vd0Y/C/BmjZIMGoiCqvv7c7jL5D+VlgTfo/+e d7gr+J5SmXcA5UeE89atq7opswepw0up52F1gWlI8KZzeV2AMot2ul2LrtoHC2TQHMVB +9HWyC0Dyy60VNEVoWtOfrVcQznZTAN1QTjCk+0clBr/eqdULt2Dv981yYf33UKvR/PP GDFbaPKDGAUkxbCpS6SC1KacPZIdDRxKyzqzajC6JtxTPaskoQjwAiit2oXxfy1cdZrQ 2+4x7NGTMA+MQOD6oSHwuOmqiFMOJi2aH7Rdc6wH9Ga+ZXI1Djs5N3e0dAzZbRQJQmpK vDCA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=R36gYrhW; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id bq17sor22167147ejb.55.2019.07.31.08.08.17 for (Google Transport Security); Wed, 31 Jul 2019 08:08:17 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=R36gYrhW; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wLPXwl8hvJobXFCl++g4aCvf+npUzZ0QqPbdONmdAQc=; b=R36gYrhWPE65DAN624GOKj6Zcvo/ac/skfKDjJ3xcAQFiNmr7dX573jmLVCRaNG72Z xcMGnyIs1LpXnhGK5JxEboIEAPxR/EeGcod/4MYW/A0bbBy9yBKnmU2CF6SqodBq1bbG 2et49Q8QeC0Gi2N/dOFWHDkpO2qo6+z6lshk3KNGVbQlqNYxKAMnCnpgag0jzwh5HEUj dMc4Sem5sBJAfoYBQzfFvzczhmipMrh7ObYbRCqFmv9xdDuVsiGlTB/dwRP9co2iZadV LxdeXO4uRP+DUWTuqbPXM46fxWLgXQuCInUrkr1thUYy5i2Mt2bnKrQGqLbEspEV6MTU W2og== X-Google-Smtp-Source: APXvYqw0oWdSxi7D+H/1P5QUyRaVYREdYgbW7LIf4XE4H22UAM6yie49PO/SDUQu/e/ngKqwbq3xkA== X-Received: by 2002:a17:906:430a:: with SMTP id j10mr10514767ejm.92.1564585696918; Wed, 31 Jul 2019 08:08:16 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id y11sm12444493ejb.54.2019.07.31.08.08.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:15 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id F174F101319; Wed, 31 Jul 2019 18:08:15 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 02/59] mm: Add helpers to setup zero page mappings Date: Wed, 31 Jul 2019 18:07:16 +0300 Message-Id: <20190731150813.26289-3-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP When kernel sets up an encrypted page mapping, encryption KeyID is derived from a VMA. KeyID is going to be part of vma->vm_page_prot and it will be propagated transparently to page table entry on mk_pte(). But there is an exception: zero page is never encrypted and its mapping must use KeyID-0, regardless VMA's KeyID. Introduce helpers that create a page table entry for zero page. The generic implementation will be overridden by architecture-specific code that takes care about using correct KeyID. Signed-off-by: Kirill A. Shutemov --- fs/dax.c | 3 +-- include/asm-generic/pgtable.h | 8 ++++++++ mm/huge_memory.c | 6 ++---- mm/memory.c | 3 +-- mm/userfaultfd.c | 3 +-- 5 files changed, 13 insertions(+), 10 deletions(-) diff --git a/fs/dax.c b/fs/dax.c index a237141d8787..6ecc9c560e62 100644 --- a/fs/dax.c +++ b/fs/dax.c @@ -1445,8 +1445,7 @@ static vm_fault_t dax_pmd_load_hole(struct xa_state *xas, struct vm_fault *vmf, pgtable_trans_huge_deposit(vma->vm_mm, vmf->pmd, pgtable); mm_inc_nr_ptes(vma->vm_mm); } - pmd_entry = mk_pmd(zero_page, vmf->vma->vm_page_prot); - pmd_entry = pmd_mkhuge(pmd_entry); + pmd_entry = mk_zero_pmd(zero_page, vmf->vma->vm_page_prot); set_pmd_at(vmf->vma->vm_mm, pmd_addr, vmf->pmd, pmd_entry); spin_unlock(ptl); trace_dax_pmd_load_hole(inode, vmf, zero_page, *entry); diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h index 75d9d68a6de7..afcfbb4af4b2 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h @@ -879,8 +879,16 @@ static inline unsigned long my_zero_pfn(unsigned long addr) } #endif +#ifndef mk_zero_pte +#define mk_zero_pte(addr, prot) pte_mkspecial(pfn_pte(my_zero_pfn(addr), prot)) +#endif + #ifdef CONFIG_MMU +#ifndef mk_zero_pmd +#define mk_zero_pmd(zero_page, prot) pmd_mkhuge(mk_pmd(zero_page, prot)) +#endif + #ifndef CONFIG_TRANSPARENT_HUGEPAGE static inline int pmd_trans_huge(pmd_t pmd) { diff --git a/mm/huge_memory.c b/mm/huge_memory.c index 1334ede667a8..e9a791413730 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -678,8 +678,7 @@ static bool set_huge_zero_page(pgtable_t pgtable, struct mm_struct *mm, pmd_t entry; if (!pmd_none(*pmd)) return false; - entry = mk_pmd(zero_page, vma->vm_page_prot); - entry = pmd_mkhuge(entry); + entry = mk_zero_pmd(zero_page, vma->vm_page_prot); if (pgtable) pgtable_trans_huge_deposit(mm, pmd, pgtable); set_pmd_at(mm, haddr, pmd, entry); @@ -2109,8 +2108,7 @@ static void __split_huge_zero_page_pmd(struct vm_area_struct *vma, for (i = 0; i < HPAGE_PMD_NR; i++, haddr += PAGE_SIZE) { pte_t *pte, entry; - entry = pfn_pte(my_zero_pfn(haddr), vma->vm_page_prot); - entry = pte_mkspecial(entry); + entry = mk_zero_pte(haddr, vma->vm_page_prot); pte = pte_offset_map(&_pmd, haddr); VM_BUG_ON(!pte_none(*pte)); set_pte_at(mm, haddr, pte, entry); diff --git a/mm/memory.c b/mm/memory.c index e2bb51b6242e..81ae8c39f75b 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -2970,8 +2970,7 @@ static vm_fault_t do_anonymous_page(struct vm_fault *vmf) /* Use the zero-page for reads */ if (!(vmf->flags & FAULT_FLAG_WRITE) && !mm_forbids_zeropage(vma->vm_mm)) { - entry = pte_mkspecial(pfn_pte(my_zero_pfn(vmf->address), - vma->vm_page_prot)); + entry = mk_zero_pte(vmf->address, vma->vm_page_prot); vmf->pte = pte_offset_map_lock(vma->vm_mm, vmf->pmd, vmf->address, &vmf->ptl); if (!pte_none(*vmf->pte)) diff --git a/mm/userfaultfd.c b/mm/userfaultfd.c index c7ae74ce5ff3..06bf4ea3ee05 100644 --- a/mm/userfaultfd.c +++ b/mm/userfaultfd.c @@ -120,8 +120,7 @@ static int mfill_zeropage_pte(struct mm_struct *dst_mm, pgoff_t offset, max_off; struct inode *inode; - _dst_pte = pte_mkspecial(pfn_pte(my_zero_pfn(dst_addr), - dst_vma->vm_page_prot)); + _dst_pte = mk_zero_pte(dst_addr, dst_vma->vm_page_prot); dst_pte = pte_offset_map_lock(dst_mm, dst_pmd, dst_addr, &ptl); if (dst_vma->vm_file) { /* the shmem MAP_PRIVATE case requires checking the i_size */ From patchwork Wed Jul 31 15:07:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068065 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D0D1913A4 for ; Wed, 31 Jul 2019 15:08:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B56CA1FFD8 for ; Wed, 31 Jul 2019 15:08:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A9B5A201B1; Wed, 31 Jul 2019 15:08:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3388E1FFD8 for ; Wed, 31 Jul 2019 15:08:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A01F78E000B; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 98B938E0009; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7669A8E000B; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 18F1D8E0009 for ; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id y15so42617757edu.19 for ; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uRHR4JyNhqg33njeUSvVGNylXkFyo7B3QnIKSQpCDwk=; b=kHt8tMSa9Z9e7bfCLLCvaU0YOL2be3RGq+zhLGKd1aApEDJNmfndyTEoZOUT714mb3 XEhYneoWdXEKc61gMl/TWK+v5KxpsLBuYLX2xcK43JPC2xpyc/zfhNi0muBRoU8tiVep dYe8sBQJ8l7HzFEUSlPUoWHg2ceLfuTe9qTSpbalQvTC+cJ9QR7pvQwKtomCLWevzlkd kAaqXUF4UwXqLH7KcBozKrn6h1X5NKFobZVjdiBHTSITLw3JLGFreI6LfQpuyF58J1XU 9Du+UPwHcJvFGB6Pkz0V71erPN6R80mPTJzTQuc421OTU86/cjDrKOnFBhBiZZBMDFrQ qKfA== X-Gm-Message-State: APjAAAX3/6MoMQiw9FD2Ws+xsRJZ/8VgnhSIPDA19r5sBhcjwRkSTiu7 VfcJkhhMNuKAIgVAU5YtvwkGutpeZPw7YTZzbPk0F52AlBOr8axpCk3UI0o3P8EGfCUwNvUeSle /kKHXmZyKyC9HvecXA53RXNkkfWbSumNkWTsi8/T6o9PRNW11QtX6t3ax1vP2pc8= X-Received: by 2002:a17:906:9385:: with SMTP id l5mr93321308ejx.8.1564585700624; Wed, 31 Jul 2019 08:08:20 -0700 (PDT) X-Received: by 2002:a17:906:9385:: with SMTP id l5mr93321166ejx.8.1564585699155; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585699; cv=none; d=google.com; s=arc-20160816; b=MhP8A4wst4wFsmc3GULyJ8TwJcRhErOnViSoSgSjMDNah7fZUITc333bdes5URJUAl p1o9cm6ckI49ys2MxkKIg2isZqMlXrlutuw5IkbV5pNvfGYSedlR0wGbJvUk3AnAFod+ PC0a6QxegXpVZ7jEQg4EwFpqW3ny5yUpLys/uMGHL0DNdZi/KBq+34fJkQdSzx4yAyfM t5ESmZ78ruhQ/dgCofoGO5K2/SPrWRgyE0FsFAzmLT027Kpc45ylIHA1x8Vx5Sw9Aqdo n8CG54/JLdvUAqzV3OnqMeQfPISq41CThJMqjGPpQYV4b/jTToYe4bw4oZ6Y+WYHWQWj ZfkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=uRHR4JyNhqg33njeUSvVGNylXkFyo7B3QnIKSQpCDwk=; b=HBC8TfEUaEk9a78KMJTGb4O7Mg5avawQ40gW4D2txHhaVcpgqI/4IWFVHxHIw1mYa8 CEv4L7FkvqmT2TPUlTKglimMmHEiMWWSeZbW+xFKngJ/EVmPfFjUlt8RZplFczczQMmF jIEAbJ02oUt3rGpRIVCVhFPic0aC/47rWg5zxSz+uBTKHYMaW7oO0WZqPH/ccfwb/bSo maM5B/yprcK8gkptv+hJd+JYRG5eE2mVdxkcknlljPes7klQiaGrBiZJ3cWAG001yAJH 6AIjyjhM62o3Sex9MMuLbHgY00+OEelSjlTZlxEQq9ZOqhXck4IzW5d6gloiLGZJZld9 CfBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Adcw5GPs; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id no5sor18519064ejb.51.2019.07.31.08.08.19 for (Google Transport Security); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Adcw5GPs; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uRHR4JyNhqg33njeUSvVGNylXkFyo7B3QnIKSQpCDwk=; b=Adcw5GPsJkn83YXVJKj7Wqwm6NwWDC1hAYaUolv28wXp+8oH0VtnaENGQuZ/0K5+Nb 4ttVuTcBuWW62tdKiOabj/bghgVhdlTVmNRPbQ83nxcV2pN29l6uGQo0wyZ/lAlhkLv5 uu88EBPXw3XRRpwEaUjPB0g7WmxNmdd7QzlE0G/0MbaOwDTTzRhC9WWYSRAeSeO7X5bx QFUzmQ84OBFGl0JYzwuDQQLD8dx+iNms4LZ5CMlKmpkkFg5rsp7bDTsd+CepoXc38t5t U6hOGTcOi/3klKmjqufRITIY89IhP2ybvsPkGFX/lxa/yb3zD0rrCBZO9eKTlKALJ6M+ k80A== X-Google-Smtp-Source: APXvYqwgh75LQw16lfxHmAAueOtxiQIAT7Hemys++oZtGs9IrW8hC3dJ4CKW+gKV4lDeffYtzg8cig== X-Received: by 2002:a17:906:6a87:: with SMTP id p7mr23487746ejr.277.1564585698812; Wed, 31 Jul 2019 08:08:18 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id o22sm17282769edc.37.2019.07.31.08.08.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:15 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 03F8F10131A; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 03/59] mm/ksm: Do not merge pages with different KeyIDs Date: Wed, 31 Jul 2019 18:07:17 +0300 Message-Id: <20190731150813.26289-4-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP KSM compares plain text. It might try to merge two pages that have the same plain text but different ciphertext and possibly different encryption keys. When the kernel encrypted the page, it promised that it would keep it encrypted with _that_ key. That makes it impossible to merge two pages encrypted with different keys. Never merge encrypted pages with different KeyIDs. Signed-off-by: Kirill A. Shutemov --- include/linux/mm.h | 7 +++++++ mm/ksm.c | 17 +++++++++++++++++ 2 files changed, 24 insertions(+) diff --git a/include/linux/mm.h b/include/linux/mm.h index 5bfd3dd121c1..af1a56ff6764 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1644,6 +1644,13 @@ static inline int vma_keyid(struct vm_area_struct *vma) } #endif +#ifndef page_keyid +static inline int page_keyid(struct page *page) +{ + return 0; +} +#endif + extern unsigned long move_page_tables(struct vm_area_struct *vma, unsigned long old_addr, struct vm_area_struct *new_vma, unsigned long new_addr, unsigned long len, diff --git a/mm/ksm.c b/mm/ksm.c index 3dc4346411e4..7d4ef634f38e 100644 --- a/mm/ksm.c +++ b/mm/ksm.c @@ -1228,6 +1228,23 @@ static int try_to_merge_one_page(struct vm_area_struct *vma, if (!PageAnon(page)) goto out; + /* + * KeyID indicates what key to use to encrypt and decrypt page's + * content. + * + * KSM compares plain text instead (transparently to KSM code). + * + * But we still need to make sure that pages with identical plain + * text will not be merged together if they are encrypted with + * different keys. + * + * To make it work kernel only allows merging pages with the same KeyID. + * The approach guarantees that the merged page can be read by all + * users. + */ + if (kpage && page_keyid(page) != page_keyid(kpage)) + goto out; + /* * We need the page lock to read a stable PageSwapCache in * write_protect_page(). We use trylock_page() instead of From patchwork Wed Jul 31 15:07:18 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068061 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B4B66746 for ; Wed, 31 Jul 2019 15:08:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A0A081FFD8 for ; Wed, 31 Jul 2019 15:08:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 94C17201B1; Wed, 31 Jul 2019 15:08:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 242401FFD8 for ; Wed, 31 Jul 2019 15:08:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 71C288E0008; Wed, 31 Jul 2019 11:08:20 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 6A9658E0001; Wed, 31 Jul 2019 11:08:20 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4F8548E0008; Wed, 31 Jul 2019 11:08:20 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 036508E0001 for ; Wed, 31 Jul 2019 11:08:20 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id c31so42646712ede.5 for ; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=884ZxbzpLr443iBBzOV7VNSITHGDDguNP5NA41SiPjs=; b=lzftaOGd7My9VFnlPNzyc0WzPZBWTelHVut7MnKV5f2bdaP1E6LpjoVGkNxk3GSwPt pCJZ5archPa8Yrw8Og7R77ebkLo/wiVDUmUPbc6XV2/XIKakyuoZTXZKZtl0h40p6hlE PEx542b6SYdH8UAoXhtzt7ue481CT1U3cDCv40BRprHZ1aqvovfGCfoEjj5CJUYhniPI LQLOk1LWS6NGKz3tQrGcU7tj8pKWGKJBvxZNwgcZzF0qtWuap5aPnWLNohU1hk752pRX kTlyssrGwstyPuaxYbyhWFEENdSTOGIJS7uC28o1ZayKYD26yzJlBB7/9ZEesB0B4nEi 2btg== X-Gm-Message-State: APjAAAWxxqHHnBks6FYyXLUDtziLfWeDP0LQxUIkTWX9EvWjlwNXVPZV GD8zkNPphCiD3bjGxM4GceZ6HeKUYDn3tcAdO9MoWJO75DBMPMyhTWbWO895ShSb/4SvsPPVHBg tFV4y2rvmu8ozsdU+RX8j9/cvTIHjqJfY/m/W61qkiWehJhbdM4bd87/GT+cHgYg= X-Received: by 2002:a17:906:b209:: with SMTP id p9mr94575545ejz.270.1564585699537; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) X-Received: by 2002:a17:906:b209:: with SMTP id p9mr94575426ejz.270.1564585698323; Wed, 31 Jul 2019 08:08:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585698; cv=none; d=google.com; s=arc-20160816; b=dOfnBF8VIWhI3EUg7ph38RA8S7jOCz8X2iutzy+H7ssFDZ0+3A9wKkdn9y1kzvOdrq B5q8yCCNvkLL+h7vV5MHEvJS+8IhAopWzVIFSiYyDSZAVjhJgO2AkyRj4Cb1pDjoMsHU LmWnhObAM0r09anxEOgyAAYlzF3COF/eHNAyn20CFe+brGdAjfaTf8NJUKlxMn+TkiZd TaGTio8uS93FSOTiJL4SZ2lom/kBuGPcSnvKeWCPPlK7aBvp9nVC768X+MsmfgIYQX/t QEKS2sI8Qh1Go+4kXhE3kiKuQ6yQStMb3X8Xngm9AhTig/UOQXD6aDm3V9lu/W0hwjxF Z8fQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=884ZxbzpLr443iBBzOV7VNSITHGDDguNP5NA41SiPjs=; b=HhcbeK5aQUu0D8wG4Zj3C14QxV/jXx58Mhtjb06rv+XK4Sghp6+Vq3jsASQcCyynLo FXdIOrYpjMXdKUCfePXLLlSyeiBypcB6uj6AC9PR9qtGDWuU2xoI2n1p+Q8rBXDbekbO cp9v6n89v4fhsfOUxC4DSWlHv4x1zDnnGB0wn9cXffDM3YXJgHzrS5/cPtWqt2NbA7vb MR8NB3wZve/LKJKsCd1KiWaYkkhm8qS46qeL19QPDV50sjx+H8eFBN0a5uSzQg9SrcEp +CEjpt8EaYmqmeRvEhMNEbqBWtJIPvHxalbHZ59MbyJEs4FHisvdPSVLUcF0AZ4jc+v8 uVBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=uapI7QfQ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y5sor52037290edv.14.2019.07.31.08.08.18 for (Google Transport Security); Wed, 31 Jul 2019 08:08:18 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=uapI7QfQ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=884ZxbzpLr443iBBzOV7VNSITHGDDguNP5NA41SiPjs=; b=uapI7QfQSFWrfufVSM7HiFX646OQeLiAul30+HPzHGLTEAyE1mlyQ4cfs8/lAJGW3W Tt7zm3MH7qjRyENcy8PkWhrnxtdtI8iaTGgI0/PL1v/DggmhR6NhObJkOFT00YyzaOrj Take1nVpfJ2NoPUc7KjzORoYT7UbY7JlN5HKiuzokOrb0OjCCFMEeDyXY9EOjEuhNnPf T/XVysxTCW8DaKpzjRLUEONeAMippaQbGF+ajea1j5fV5uemWPA4VqQFGgccNvC53hLa leX/D6UzbHLOHMfJMnrjKWDFygclW04/fSZvcc53kO9nqx0C1i5cnaESX8bXsXcjoUoD JtDg== X-Google-Smtp-Source: APXvYqzJuBbLlWsZbHVSwq33uygKwm+4dMWF6225mCqR1QI8GR+My+vRb8mmhCMTG8y6ZThSvSiS7A== X-Received: by 2002:aa7:da14:: with SMTP id r20mr107153958eds.65.1564585698000; Wed, 31 Jul 2019 08:08:18 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id by12sm12375107ejb.37.2019.07.31.08.08.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:15 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 0B25210131B; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 04/59] mm/page_alloc: Unify alloc_hugepage_vma() Date: Wed, 31 Jul 2019 18:07:18 +0300 Message-Id: <20190731150813.26289-5-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP We don't need to have separate implementations of alloc_hugepage_vma() for NUMA and non-NUMA. Using variant based on alloc_pages_vma() we would cover both cases. This is preparation patch for allocation encrypted pages. alloc_pages_vma() will handle allocation of encrypted pages. With this change we don' t need to cover alloc_hugepage_vma() separately. The change makes typo in Alpha's implementation of __alloc_zeroed_user_highpage() visible. Fix it too. Signed-off-by: Kirill A. Shutemov --- arch/alpha/include/asm/page.h | 2 +- include/linux/gfp.h | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/arch/alpha/include/asm/page.h b/arch/alpha/include/asm/page.h index f3fb2848470a..9a6fbb5269f3 100644 --- a/arch/alpha/include/asm/page.h +++ b/arch/alpha/include/asm/page.h @@ -18,7 +18,7 @@ extern void clear_page(void *page); #define clear_user_page(page, vaddr, pg) clear_page(page) #define __alloc_zeroed_user_highpage(movableflags, vma, vaddr) \ - alloc_page_vma(GFP_HIGHUSER | __GFP_ZERO | movableflags, vma, vmaddr) + alloc_page_vma(GFP_HIGHUSER | __GFP_ZERO | movableflags, vma, vaddr) #define __HAVE_ARCH_ALLOC_ZEROED_USER_HIGHPAGE extern void copy_page(void * _to, void * _from); diff --git a/include/linux/gfp.h b/include/linux/gfp.h index fb07b503dc45..3d4cb9fea417 100644 --- a/include/linux/gfp.h +++ b/include/linux/gfp.h @@ -511,21 +511,19 @@ alloc_pages(gfp_t gfp_mask, unsigned int order) extern struct page *alloc_pages_vma(gfp_t gfp_mask, int order, struct vm_area_struct *vma, unsigned long addr, int node, bool hugepage); -#define alloc_hugepage_vma(gfp_mask, vma, addr, order) \ - alloc_pages_vma(gfp_mask, order, vma, addr, numa_node_id(), true) #else #define alloc_pages(gfp_mask, order) \ alloc_pages_node(numa_node_id(), gfp_mask, order) #define alloc_pages_vma(gfp_mask, order, vma, addr, node, false)\ alloc_pages(gfp_mask, order) -#define alloc_hugepage_vma(gfp_mask, vma, addr, order) \ - alloc_pages(gfp_mask, order) #endif #define alloc_page(gfp_mask) alloc_pages(gfp_mask, 0) #define alloc_page_vma(gfp_mask, vma, addr) \ alloc_pages_vma(gfp_mask, 0, vma, addr, numa_node_id(), false) #define alloc_page_vma_node(gfp_mask, vma, addr, node) \ alloc_pages_vma(gfp_mask, 0, vma, addr, node, false) +#define alloc_hugepage_vma(gfp_mask, vma, addr, order) \ + alloc_pages_vma(gfp_mask, order, vma, addr, numa_node_id(), true) extern unsigned long __get_free_pages(gfp_t gfp_mask, unsigned int order); extern unsigned long get_zeroed_page(gfp_t gfp_mask); From patchwork Wed Jul 31 15:07:19 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068075 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7D7A313A4 for ; Wed, 31 Jul 2019 15:08:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 684301FFD8 for ; Wed, 31 Jul 2019 15:08:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5B9F7201B1; Wed, 31 Jul 2019 15:08:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 641DA1FFD8 for ; Wed, 31 Jul 2019 15:08:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DAB898E0001; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D38178E000D; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BD65C8E0001; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 60E058E000D for ; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id r21so42609762edc.6 for ; Wed, 31 Jul 2019 08:08:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=iUFTIkzD0AEWQDnWiQSmBU6zhO1n8aNV0ScoY6j3b3g=; b=nCc1HDREfF9raOycRWoS2y/8NZUlnwoFXJYQaV6bGY5BNq2pEgnDflGBypotKphvAc TxagV191Mbc6MrBnz3t4i7+AsWgGhiJoqNwykYO30FSD+AZNHXrdoVDo4TfZklTN9VqU ImM2wbh6tJ69YLhS+IPXvKFwRBnPszxsVeeevNO77SSqEOtTdQiFXdpatwxVfDyb6Cgu QhSYIniqnH4fqkn8R7si3l+BtkF71dlwmX00FXz1WtkU3DUVnvHXCBdGsDzTe05BMhXk wnylr6dfqjkDUDefDE2AUFPGYE3dnJzTx3NchTrrMLy0mmAphgVqaQ0GZza0uJntRJUm FzWA== X-Gm-Message-State: APjAAAVBKaWHGU1zX9FYJ6mNFEv/5fGqAJuSsxo9wXu3gF0Uz67UMFl4 zTxYyk/EoHqh2dQ5+4L5J4TTmzBWQx3CTkJJWQ/YJxN+/1YHbkjJ7Jh19Xtp0uOtXqpuNo+5pAg xI0PktKJ+G/ovlGSfgaN4+q2YkILhfDGOx3nlVH7/KbJXXZEI7GDju9nrlcKpY8Y= X-Received: by 2002:a05:6402:54d:: with SMTP id i13mr108399455edx.244.1564585702941; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) X-Received: by 2002:a05:6402:54d:: with SMTP id i13mr108399241edx.244.1564585700950; Wed, 31 Jul 2019 08:08:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585700; cv=none; d=google.com; s=arc-20160816; b=iRjghjM3vOMR/9o+SkzctCyXrIlwJRILCufSJlzWP73PR4ra7SN2EQmCovJfuje6v+ 1wZxclNkZAmlUxDn7YqBTNiitlqcIK1fqfxXySYPtg+/HxgHrH7bA76HVY/QRSG4b/sq KGR++RPjrQnWC5Tq/5KrcG5OfJsO34O05wlK4dCNt6sGQ786JKCrVe1hzMAjj3CwhkL3 mNKyIP4kyw4Mf7nRi5ozfZNOOK/1XLmOoegdd+oSh00qItSfEOFkuYXvmjq/sjioviMR buswJHYXr/Hhd6pnxI1Y7uFlLXmGyw5AoYAYRkjtnWf7wjJgGGFMrs4OUZe+q3oBTxX/ 3QTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=iUFTIkzD0AEWQDnWiQSmBU6zhO1n8aNV0ScoY6j3b3g=; b=kO0klm6AyD4WedfVxzdEtBHcauLleDApBXON5gMx8I0H/OnvGls5hJEEtKBmTNmWbk /qlWC3c/NdGIU8UzRY6iiQZfJ2s5zZaAFQItO6QGafepHKE/p4sY0D41SDmn1c9raZwI nFl98AWlEKbJBtjRrstc6JD2qw2XfizuNVUZkSU9Dtrmpo+9WzBh73W6qVgRi8fbPa8F hELO2M3TBG7Q/KVcA8fk1n2bXQuieZu/wd+geo+zZP78HoajoYvaZvbKBKzMaw4L5Wjq yMEfKcd3jtp1xgG0Jozsb/ovuNkET7qlZKVmVYYr6eFkbColc1JzypU0NU7SapMVGx5u TImQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=HrgukcbY; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id h14sor52292795ede.5.2019.07.31.08.08.20 for (Google Transport Security); Wed, 31 Jul 2019 08:08:20 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=HrgukcbY; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=iUFTIkzD0AEWQDnWiQSmBU6zhO1n8aNV0ScoY6j3b3g=; b=HrgukcbYAcj6z3TpaDjKhK1/cgEcnxMbqeCU6Z/toHInRTYK6v2mWxxYMVteRX1xIk H1k6zrMLrZvNf3OAcKFKHshR34yCCmm8hkHbTXc/YrWwnbcihOhBQ0QeMMCucKpTXxpJ SJC4bsE6hnX5Rp4f6xYDboqRRzvNcWl/MiRQZXEUpfajjat/tIUHsWvIPZyG+FaU+HAd 1t5RRpHWiXhY/ui/+qO7VOSTp4HsT+a5HDJIKwBC/BlgUgnjNplUOJAe8hTaTHztfKP/ QXniR7rebS1A+SHJF4GOUe6R1UGSYs9thlag8rbM3PX/uQL9LPZT7zM4jHRHS0tsN4XL rrDA== X-Google-Smtp-Source: APXvYqzYj85HAgTooG0QaW9NsjqZtZHRdbLp9Q2J1lz2TGQD3rqCjiCzCypUPluaUdrMl5P/zGF3dA== X-Received: by 2002:a50:b6ce:: with SMTP id f14mr103054546ede.236.1564585700501; Wed, 31 Jul 2019 08:08:20 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id fk15sm12674271ejb.42.2019.07.31.08.08.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 1246910131C; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 05/59] mm/page_alloc: Handle allocation for encrypted memory Date: Wed, 31 Jul 2019 18:07:19 +0300 Message-Id: <20190731150813.26289-6-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP For encrypted memory, we need to allocate pages for a specific encryption KeyID. There are two cases when we need to allocate a page for encryption: - Allocation for an encrypted VMA; - Allocation for migration of encrypted page; The first case can be covered within alloc_page_vma(). We know KeyID from the VMA. The second case requires few new page allocation routines that would allocate the page for a specific KeyID. An encrypted page has to be cleared after KeyID set. This is handled in prep_encrypted_page() that will be provided by arch-specific code. Any custom allocator that deals with encrypted pages has to call prep_encrypted_page() too. See compaction_alloc() for instance. Signed-off-by: Kirill A. Shutemov --- include/linux/gfp.h | 50 +++++++++++++++++++++++++--- include/linux/migrate.h | 14 ++++++-- mm/compaction.c | 3 ++ mm/mempolicy.c | 27 +++++++++++---- mm/migrate.c | 4 +-- mm/page_alloc.c | 74 +++++++++++++++++++++++++++++++++++++++++ 6 files changed, 155 insertions(+), 17 deletions(-) diff --git a/include/linux/gfp.h b/include/linux/gfp.h index 3d4cb9fea417..014aef082821 100644 --- a/include/linux/gfp.h +++ b/include/linux/gfp.h @@ -463,16 +463,48 @@ static inline void arch_free_page(struct page *page, int order) { } static inline void arch_alloc_page(struct page *page, int order) { } #endif +#ifndef prep_encrypted_page +/* + * An architecture may override the helper to prepare the page + * to be used for with specific KeyID. To be called on encrypted + * page allocation. + */ +static inline void prep_encrypted_page(struct page *page, int order, + int keyid, bool zero) +{ +} +#endif + +/* + * Encrypted page has to be cleared once keyid is set, not on allocation. + */ +static inline bool deferred_page_zero(int keyid, gfp_t *gfp_mask) +{ + if (keyid && (*gfp_mask & __GFP_ZERO)) { + *gfp_mask &= ~__GFP_ZERO; + return true; + } + + return false; +} + struct page * __alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid, nodemask_t *nodemask); +struct page * +__alloc_pages_nodemask_keyid(gfp_t gfp_mask, unsigned int order, + int preferred_nid, nodemask_t *nodemask, int keyid); + static inline struct page * __alloc_pages(gfp_t gfp_mask, unsigned int order, int preferred_nid) { return __alloc_pages_nodemask(gfp_mask, order, preferred_nid, NULL); } +struct page *__alloc_pages_node_keyid(int nid, int keyid, + gfp_t gfp_mask, unsigned int order); + /* * Allocate pages, preferring the node given as nid. The node must be valid and * online. For more general interface, see alloc_pages_node(). @@ -500,6 +532,19 @@ static inline struct page *alloc_pages_node(int nid, gfp_t gfp_mask, return __alloc_pages_node(nid, gfp_mask, order); } +static inline struct page *alloc_pages_node_keyid(int nid, int keyid, + gfp_t gfp_mask, unsigned int order) +{ + if (nid == NUMA_NO_NODE) + nid = numa_mem_id(); + + return __alloc_pages_node_keyid(nid, keyid, gfp_mask, order); +} + +extern struct page *alloc_pages_vma(gfp_t gfp_mask, int order, + struct vm_area_struct *vma, unsigned long addr, + int node, bool hugepage); + #ifdef CONFIG_NUMA extern struct page *alloc_pages_current(gfp_t gfp_mask, unsigned order); @@ -508,14 +553,9 @@ alloc_pages(gfp_t gfp_mask, unsigned int order) { return alloc_pages_current(gfp_mask, order); } -extern struct page *alloc_pages_vma(gfp_t gfp_mask, int order, - struct vm_area_struct *vma, unsigned long addr, - int node, bool hugepage); #else #define alloc_pages(gfp_mask, order) \ alloc_pages_node(numa_node_id(), gfp_mask, order) -#define alloc_pages_vma(gfp_mask, order, vma, addr, node, false)\ - alloc_pages(gfp_mask, order) #endif #define alloc_page(gfp_mask) alloc_pages(gfp_mask, 0) #define alloc_page_vma(gfp_mask, vma, addr) \ diff --git a/include/linux/migrate.h b/include/linux/migrate.h index 7f04754c7f2b..a68516271c40 100644 --- a/include/linux/migrate.h +++ b/include/linux/migrate.h @@ -38,9 +38,16 @@ static inline struct page *new_page_nodemask(struct page *page, unsigned int order = 0; struct page *new_page = NULL; - if (PageHuge(page)) + if (PageHuge(page)) { + /* + * HugeTLB doesn't support encryption. We shouldn't see + * such pages. + */ + if (WARN_ON_ONCE(page_keyid(page))) + return NULL; return alloc_huge_page_nodemask(page_hstate(compound_head(page)), preferred_nid, nodemask); + } if (PageTransHuge(page)) { gfp_mask |= GFP_TRANSHUGE; @@ -50,8 +57,9 @@ static inline struct page *new_page_nodemask(struct page *page, if (PageHighMem(page) || (zone_idx(page_zone(page)) == ZONE_MOVABLE)) gfp_mask |= __GFP_HIGHMEM; - new_page = __alloc_pages_nodemask(gfp_mask, order, - preferred_nid, nodemask); + /* Allocate a page with the same KeyID as the source page */ + new_page = __alloc_pages_nodemask_keyid(gfp_mask, order, + preferred_nid, nodemask, page_keyid(page)); if (new_page && PageTransHuge(new_page)) prep_transhuge_page(new_page); diff --git a/mm/compaction.c b/mm/compaction.c index 9e1b9acb116b..874af83214b7 100644 --- a/mm/compaction.c +++ b/mm/compaction.c @@ -1559,6 +1559,9 @@ static struct page *compaction_alloc(struct page *migratepage, list_del(&freepage->lru); cc->nr_freepages--; + /* Prepare the page using the same KeyID as the source page */ + if (freepage) + prep_encrypted_page(freepage, 0, page_keyid(migratepage), false); return freepage; } diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 14ee933b1ff7..f79b4fa08c30 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -961,22 +961,29 @@ static void migrate_page_add(struct page *page, struct list_head *pagelist, /* page allocation callback for NUMA node migration */ struct page *alloc_new_node_page(struct page *page, unsigned long node) { - if (PageHuge(page)) + if (PageHuge(page)) { + /* + * HugeTLB doesn't support encryption. We shouldn't see + * such pages. + */ + if (WARN_ON_ONCE(page_keyid(page))) + return NULL; return alloc_huge_page_node(page_hstate(compound_head(page)), node); - else if (PageTransHuge(page)) { + } else if (PageTransHuge(page)) { struct page *thp; - thp = alloc_pages_node(node, + thp = alloc_pages_node_keyid(node, page_keyid(page), (GFP_TRANSHUGE | __GFP_THISNODE), HPAGE_PMD_ORDER); if (!thp) return NULL; prep_transhuge_page(thp); return thp; - } else - return __alloc_pages_node(node, GFP_HIGHUSER_MOVABLE | - __GFP_THISNODE, 0); + } else { + return __alloc_pages_node_keyid(node, page_keyid(page), + GFP_HIGHUSER_MOVABLE | __GFP_THISNODE, 0); + } } /* @@ -2053,9 +2060,13 @@ alloc_pages_vma(gfp_t gfp, int order, struct vm_area_struct *vma, { struct mempolicy *pol; struct page *page; - int preferred_nid; + bool deferred_zero; + int keyid, preferred_nid; nodemask_t *nmask; + keyid = vma_keyid(vma); + deferred_zero = deferred_page_zero(keyid, &gfp); + pol = get_vma_policy(vma, addr); if (pol->mode == MPOL_INTERLEAVE) { @@ -2097,6 +2108,8 @@ alloc_pages_vma(gfp_t gfp, int order, struct vm_area_struct *vma, page = __alloc_pages_nodemask(gfp, order, preferred_nid, nmask); mpol_cond_put(pol); out: + if (page) + prep_encrypted_page(page, order, keyid, deferred_zero); return page; } EXPORT_SYMBOL(alloc_pages_vma); diff --git a/mm/migrate.c b/mm/migrate.c index 8992741f10aa..c1b88eae71d8 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -1873,7 +1873,7 @@ static struct page *alloc_misplaced_dst_page(struct page *page, int nid = (int) data; struct page *newpage; - newpage = __alloc_pages_node(nid, + newpage = __alloc_pages_node_keyid(nid, page_keyid(page), (GFP_HIGHUSER_MOVABLE | __GFP_THISNODE | __GFP_NOMEMALLOC | __GFP_NORETRY | __GFP_NOWARN) & @@ -1999,7 +1999,7 @@ int migrate_misplaced_transhuge_page(struct mm_struct *mm, int page_lru = page_is_file_cache(page); unsigned long start = address & HPAGE_PMD_MASK; - new_page = alloc_pages_node(node, + new_page = alloc_pages_node_keyid(node, page_keyid(page), (GFP_TRANSHUGE_LIGHT | __GFP_THISNODE), HPAGE_PMD_ORDER); if (!new_page) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index 272c6de1bf4e..963f959350e4 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4046,6 +4046,53 @@ should_compact_retry(struct alloc_context *ac, unsigned int order, int alloc_fla } #endif /* CONFIG_COMPACTION */ +#ifndef CONFIG_NUMA +struct page *alloc_pages_vma(gfp_t gfp_mask, int order, + struct vm_area_struct *vma, unsigned long addr, + int node, bool hugepage) +{ + struct page *page; + bool deferred_zero; + int keyid = vma_keyid(vma); + + deferred_zero = deferred_page_zero(keyid, &gfp_mask); + page = alloc_pages(gfp_mask, order); + if (page) + prep_encrypted_page(page, order, keyid, deferred_zero); + + return page; +} +#endif + +/** + * __alloc_pages_node_keyid - allocate a page for a specific KeyID with + * preferred allocation node. + * @nid: the preferred node ID where memory should be allocated + * @keyid: KeyID to use + * @gfp_mask: GFP flags for the allocation + * @order: the page order + * + * Like __alloc_pages_node(), but prepares the page for a specific KeyID. + * + * Return: pointer to the allocated page or %NULL in case of error. + */ +struct page * __alloc_pages_node_keyid(int nid, int keyid, + gfp_t gfp_mask, unsigned int order) +{ + struct page *page; + bool deferred_zero; + + VM_BUG_ON(nid < 0 || nid >= MAX_NUMNODES); + VM_WARN_ON(!node_online(nid)); + + deferred_zero = deferred_page_zero(keyid, &gfp_mask); + page = __alloc_pages(gfp_mask, order, nid); + if (page) + prep_encrypted_page(page, order, keyid, deferred_zero); + + return page; +} + #ifdef CONFIG_LOCKDEP static struct lockdep_map __fs_reclaim_map = STATIC_LOCKDEP_MAP_INIT("fs_reclaim", &__fs_reclaim_map); @@ -4757,6 +4804,33 @@ __alloc_pages_nodemask(gfp_t gfp_mask, unsigned int order, int preferred_nid, } EXPORT_SYMBOL(__alloc_pages_nodemask); +/** + * __alloc_pages_nodemask_keyid - allocate a page for a specific KeyID. + * @gfp_mask: GFP flags for the allocation + * @order: the page order + * @preferred_nid: the preferred node ID where memory should be allocated + * @nodemask: allowed nodemask + * @keyid: KeyID to use + * + * Like __alloc_pages_nodemask(), but prepares the page for a specific KeyID. + * + * Return: pointer to the allocated page or %NULL in case of error. + */ +struct page * +__alloc_pages_nodemask_keyid(gfp_t gfp_mask, unsigned int order, + int preferred_nid, nodemask_t *nodemask, int keyid) +{ + struct page *page; + bool deferred_zero; + + deferred_zero = deferred_page_zero(keyid, &gfp_mask); + page = __alloc_pages_nodemask(gfp_mask, order, preferred_nid, nodemask); + if (page) + prep_encrypted_page(page, order, keyid, deferred_zero); + return page; +} +EXPORT_SYMBOL(__alloc_pages_nodemask_keyid); + /* * Common helper functions. Never use with __GFP_HIGHMEM because the returned * address cannot represent highmem pages. Use alloc_pages and then kmap if From patchwork Wed Jul 31 15:07:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068067 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C2EF7746 for ; Wed, 31 Jul 2019 15:08:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AE1F11FFD8 for ; Wed, 31 Jul 2019 15:08:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A23FA201B1; Wed, 31 Jul 2019 15:08:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 38B5E1FFD8 for ; Wed, 31 Jul 2019 15:08:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0B9218E0009; Wed, 31 Jul 2019 11:08:22 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id F33F98E0001; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D86B88E0009; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 7ACD28E0001 for ; Wed, 31 Jul 2019 11:08:21 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id w25so42560236edu.11 for ; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=AJU4EYtP5Ndll/OqHeAitrNwzvbF49Nst5sv0orja/w=; b=JtE90EiZpLPDDAIrlHOE+aC/qyCS4gt6V1oJaLPfWmGYvUR9a11e/AEHQgJeDQiyJv hlKPfIUkv5Rqee4XstPoJgUR5aV/5+6wGEeDhaLF/y349jzQQczIaqUynjRhglym20qT e6eoFOHoEJafZeIpYVHBHcf4Ssd2a8tRGpZIHpgc9MI63/jfd2TvP0xPu20mWrg9MrJI 1RGmfyf4JNmtGr/C2EAoycbMKZNaNeh50IjBcnwRbvZtaFJTZIMUt71XSR7iLTYKuPt9 3jvb4kSn0mTwiSafnj8IAZ36V8YADaoSb/3cnxkn8SPjbCkwtNdHn3iRx4Oau0TRDDwD hUMg== X-Gm-Message-State: APjAAAW4cipr6qSKcW4dOG/sF8qPyZJSOYF5zOqf7Hb8A5ss6C2Tbfih HVAlixbP4IT3MdGbymOZmS13YfBAgHVb1bYe/IAoPIWlExzNxurNzxOO/W020EuAT6UBB8u3GQ4 sCyig4q03kmLQq9hS/lFVRvVlQN9knf/NnkuNEENyKlOBBUY989b7ArgdZqBGcBU= X-Received: by 2002:a50:95a1:: with SMTP id w30mr108194349eda.177.1564585701058; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) X-Received: by 2002:a50:95a1:: with SMTP id w30mr108194248eda.177.1564585700157; Wed, 31 Jul 2019 08:08:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585700; cv=none; d=google.com; s=arc-20160816; b=mNaIDFUGDZsBYwFNsw7AFKw8NbypUlS9ScENoU9kVw3o3jhxGG0RlVAGKJpvsRRtkt 1yN/eNVM5FYmykW7v3T19xDDq4d+a2xk6kR+4l2ouBMik+lVo0kGBYsNgSgl83lZb0fF Ph41eDwD4mkXva9j6LOElgPOMIrvpdMEnCLkYvHvNMO/30pt5w5UGivq1j0Kv3fvlRF1 pUCx/p5+FUq9800ZgTaoTZrQ7O7adqEH4Q9UATdKBz1tCGfAlFJzdoZ6Ua20skZDPz7S R33LnDE6M87zxGw0OBecwRkJQ3HooV8GKEwHj6D2eTNlSX5HZN/DLeO1+a/KlvnaKA53 m74A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=AJU4EYtP5Ndll/OqHeAitrNwzvbF49Nst5sv0orja/w=; b=rfXpZ8+3192zA0E96oQ0MTidiq9ceJh3MGzjfstrmbIFtXFnHVbc7Iz1KOzeiDsbJf 7nVLrmcbkM557zhtxTxpdLMS/Qno0Ao+S+ljtgqJoyTf+elrEiz7y2YISo+LTJ/y/Mew /tBu1SuL0hEc7LKfyNn8+Do7PkRG+DuGnjJN6oFqnAeTibHFHWGgGajAQSHKYtrUslAr HOz5fAHWz0XiPHCRPmUrvY9wI/26sZ0oa5C87UGbyHs8POlEjX6VW/p3ICKymC84xNUo H+vOds+2DRix2MxcUip0+3bkK988jh7/7rQ36hsl201efo7MhODMBJzPQpmAEpMX9Dbl Jr8Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=kKXhGbR2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y7sor51960748edd.25.2019.07.31.08.08.20 for (Google Transport Security); Wed, 31 Jul 2019 08:08:20 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=kKXhGbR2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=AJU4EYtP5Ndll/OqHeAitrNwzvbF49Nst5sv0orja/w=; b=kKXhGbR2JDGE9bSyvxgjKsfR1EooQVCxUWsDBiB/ov2JhR22a80ZVWH6hsoT5t60hW ReQlX2VuPnyHZm+ht43QCRrwOTR4FXEx8N9KLDx8PA4ydWKsR2BIUMxIijk5qFFyJWJR 2f083LoqCGdskXIuleu/ah0wA10Rm17n5y2ig4+kPBzijtTL3lkIw8/27JLPaHybuORM pzMd9bI4PnPnmBKajAUKL8D2paFeEh9jjqZZbZStBfag1gDyfG8bBCKhuARqXP5nW2Pq L1ZhDiLr0HWi2NeMxbyWk+wgHvu/5r9izvPURcblDhh/5L3ApkkaOd6gdu9AGvFSIsuM bwfA== X-Google-Smtp-Source: APXvYqwybSsBXdcn4hH+cdquBQ7naCJOKUH1HBc36wrC3gr3IAtOhb7lLrFtZj0CqBrWNvtjPSNrNw== X-Received: by 2002:aa7:da14:: with SMTP id r20mr107154184eds.65.1564585699886; Wed, 31 Jul 2019 08:08:19 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id o22sm17282787edc.37.2019.07.31.08.08.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 17B6310131D; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 06/59] mm/khugepaged: Handle encrypted pages Date: Wed, 31 Jul 2019 18:07:20 +0300 Message-Id: <20190731150813.26289-7-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP For !NUMA khugepaged allocates page in advance, before we found a VMA for collapse. We don't yet know which KeyID to use for the allocation. The page is allocated with KeyID-0. Once we know that the VMA is suitable for collapsing, we prepare the page for KeyID we need, based on vma_keyid(). Signed-off-by: Kirill A. Shutemov --- mm/khugepaged.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/mm/khugepaged.c b/mm/khugepaged.c index eaaa21b23215..ae9bd3b18aa1 100644 --- a/mm/khugepaged.c +++ b/mm/khugepaged.c @@ -1059,6 +1059,16 @@ static void collapse_huge_page(struct mm_struct *mm, */ anon_vma_unlock_write(vma->anon_vma); + /* + * At this point new_page is allocated as non-encrypted. + * If VMA's KeyID is non-zero, we need to prepare it to be encrypted + * before coping data. + */ + if (vma_keyid(vma)) { + prep_encrypted_page(new_page, HPAGE_PMD_ORDER, + vma_keyid(vma), false); + } + __collapse_huge_page_copy(pte, new_page, vma, address, pte_ptl); pte_unmap(pte); __SetPageUptodate(new_page); From patchwork Wed Jul 31 15:07:21 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068073 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C337E746 for ; Wed, 31 Jul 2019 15:08:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AC2131FFD8 for ; Wed, 31 Jul 2019 15:08:38 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 9F7DA201B1; Wed, 31 Jul 2019 15:08:38 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 308B41FFD8 for ; Wed, 31 Jul 2019 15:08:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 93E798E000E; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 8CB538E0001; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 71A558E000E; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 1E7AF8E0001 for ; Wed, 31 Jul 2019 11:08:23 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id d27so42606372eda.9 for ; Wed, 31 Jul 2019 08:08:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=mtVfWkAA6f5+WVvylDNJC/YjX6VpSH295mUWXLakGJs=; b=tJXekoIaVfF6TK7vP9X6oUZYeZEwDwhqYo9WhIdZ++PbGi5njH8p39fK4vkLaJC1+p CMig0Xe7E3U2Mi+bwjg8+KmMJ0WXGP3MkkVYECEiLvNfNG4mhofG9vFUrpX3Z1B+ViqX CrfiwVE4EF8H9k6R68GTtVMuEsB/VUj/O9BwFC8lvHCH0CMrgA7ZzNkhIS8AjvjhNs6b U72ILXXfomB1J94hzXH6MduKcVpx0OjAMDG5fJTO0V9cAjjyGURQJUSRi+iKvU9vFxBV hhy39rfB8GgZ5s6cxRqYBe1326GLZVvLxV28HoRaaEgOcUrcs64X0ywlA46Sza38iZyV BJ5Q== X-Gm-Message-State: APjAAAWx5TxvO/RpsMaTcQCrIYC/QPYjgnP7KGOld5HmSCvOuThp8VUs ywpiN3MphIZEnbZRTpn+09Dnj/cLv2oUWGhFNlWv6tdHUq/dd0L078lehwXQ7e6mq1q406tv/pT p49l7meEubRKnCQD4DzqbdHSRYsjOfA4+IQlIhINBy+M77CrtlSIqk72HCXlAFX0= X-Received: by 2002:a17:906:454d:: with SMTP id s13mr96252790ejq.255.1564585702699; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) X-Received: by 2002:a17:906:454d:: with SMTP id s13mr96252670ejq.255.1564585701374; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585701; cv=none; d=google.com; s=arc-20160816; b=EdZ7tTP6db6M184usHiwne1ktkHszZQFBdRJceK0uL6Zr3LZTl7R42FSDfoLsM6zyk 6rZmp+GYNSWHQhvH/ZTzYDfurqdUC0xgISalKR6m8ejzy/8U7p/dn4FFbGDL5rqAhilA diNLy8BblaDBSbP2CTT5h3xuzBuKcRBfvlM3sQaDkLLssh0WrHDpgV+MTyq0zz3KsAAL wGBaZxjx6wLZQI51JAJt1z9RlGAOQVrVpfUXi2onW0XObTetp/YVG7AbgwflNBeYWJc8 xhgL7/jTHOUi5qCVOi0k6xSxTv3xyF3UOfPvzKEwxXEBBCYp39pKUW6v+jdVBuqxDdyF P5Ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=mtVfWkAA6f5+WVvylDNJC/YjX6VpSH295mUWXLakGJs=; b=X46kL6vRjI1Azy+UrTIfSsiSoAJQ6/i+u2bOqcj0gKFKTBHanTwJnbKw9iz1KPeAM6 wdSTth9xOfs+kVjNYOcjUUyqANyHi1RuEMCfu8lYQfeGQc5jQbtsmvc9STFG0cmO5z4o TvIT2Yq4rCLwJNduWIEiUCHhBBS1lpe5qW6gKImJMxl1aLC5BrSXsEirywh9iMMIGSrJ x5GNNE/iRmune/QGCZ8kpNFrkCuvNmDHXeKdTkRMnI0rj9Y+ob8wY8UMqb/85sERFS54 gT/3e98fq6aQZFeae9WQZVNksCBW//ckmiPzcd3d7UKkpMEkO10lLEUZkUj7VF9Ku2gR OSKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=F6Gayf2v; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id p21sor21711136ejj.15.2019.07.31.08.08.21 for (Google Transport Security); Wed, 31 Jul 2019 08:08:21 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=F6Gayf2v; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=mtVfWkAA6f5+WVvylDNJC/YjX6VpSH295mUWXLakGJs=; b=F6Gayf2vpoXGYJV1uYsSi1oz9m/Dzpd5ss3IOuggi2htSc6htYXpy88IVTNHrSo5Kq hWpzEyAGHC2mXZ2wjIjArOS3WPtQuYHcn8nT+/O5W6T39U8KBhjxYitFwEIaU42F/UUZ MNDJaDmYDJ2rhvFYveEcpSA76sB3cuT4BXBPtSCQ2kN740Cc3sAloiWNwrNa1DM5fuLc QNavgnJR+irD1X17yEJ886mr2816CG2BFT/M05u0Cg9IRy9uHdqMz7DhseDkDzn7Vz3t VhUu8iRxDz4AskPYJARFdivUJOn42HuHlC1NNjkGej7JPSPdAEioY0xwz3pfTdTU9bkn rRzQ== X-Google-Smtp-Source: APXvYqxpbVO0IZEgbCImRCWNwH0wevZHXyUPfYVpywOy9u0W0e5mFEX3kiMgbftkDicJ8087eYkuCA== X-Received: by 2002:a17:906:7f16:: with SMTP id d22mr95105774ejr.17.1564585700959; Wed, 31 Jul 2019 08:08:20 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id d7sm16505352edr.39.2019.07.31.08.08.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 1E8B210131E; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 07/59] x86/mm: Mask out KeyID bits from page table entry pfn Date: Wed, 31 Jul 2019 18:07:21 +0300 Message-Id: <20190731150813.26289-8-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP MKTME claims several upper bits of the physical address in a page table entry to encode KeyID. It effectively shrinks number of bits for physical address. We should exclude KeyID bits from physical addresses. For instance, if CPU enumerates 52 physical address bits and number of bits claimed for KeyID is 6, bits 51:46 must not be threated as part physical address. This patch adjusts __PHYSICAL_MASK during MKTME enumeration. Signed-off-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/intel.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 8d6d92ebeb54..f03eee666761 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -616,6 +616,29 @@ static void detect_tme(struct cpuinfo_x86 *c) mktme_status = MKTME_ENABLED; } +#ifdef CONFIG_X86_INTEL_MKTME + if (mktme_status == MKTME_ENABLED && nr_keyids) { + /* + * Mask out bits claimed from KeyID from physical address mask. + * + * For instance, if a CPU enumerates 52 physical address bits + * and number of bits claimed for KeyID is 6, bits 51:46 of + * physical address is unusable. + */ + phys_addr_t keyid_mask; + + keyid_mask = GENMASK_ULL(c->x86_phys_bits - 1, c->x86_phys_bits - keyid_bits); + physical_mask &= ~keyid_mask; + } else { + /* + * Reset __PHYSICAL_MASK. + * Maybe needed if there's inconsistent configuation + * between CPUs. + */ + physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; + } +#endif + /* * KeyID bits effectively lower the number of physical address * bits. Update cpuinfo_x86::x86_phys_bits accordingly. From patchwork Wed Jul 31 15:07:22 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068147 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3DDB5746 for ; Wed, 31 Jul 2019 15:10:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2308C20500 for ; Wed, 31 Jul 2019 15:10:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2103A205F8; Wed, 31 Jul 2019 15:10:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6129320500 for ; Wed, 31 Jul 2019 15:10:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4A8D68E001D; Wed, 31 Jul 2019 11:10:17 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 4588A8E0005; Wed, 31 Jul 2019 11:10:17 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 321B58E001D; Wed, 31 Jul 2019 11:10:17 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id D5B1A8E0005 for ; Wed, 31 Jul 2019 11:10:16 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id b12so42607794eds.14 for ; Wed, 31 Jul 2019 08:10:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=2O79cZSevj0fRjj98yOOKrmJ0HJlarDgQ5rQqTlE+Vc=; b=XavWMXp737YHX0VS2z1SbdIAywcRRZi+2O+ZBx9xw87hhjHO7RS151MomdQi09Rr9J xKUjpen1s2BIuG23Ln6lf8bEAC8r9LfYfG+EMtVW9Q8TyktLWKBw39M04KXgGsQjfj80 0zdzIjnpau2wZOInr8jrVTGmkfx1lvBW2m3pjIGYkIYeVOp7bEBXmCsCOkufNJV38AYf tE2xLJO8GwmIfCoyEiFoH2LeUxMnTrLg5HDdIWStsncqVjvMCsB9xyZGtvWDfbDj/olF SIL/lVEg1IskUiIa7TcKoFSZbTFrRAP4YePT6gPtUXznJ76bHthNk1H+nKQE5ouNWUNT Z5ow== X-Gm-Message-State: APjAAAVGjK2OgaRMhuGaCRhZXsiV3qabeFlCClL3woDjg0SE8SEwuvN1 7b6ieJ+/vKTTGRnNvzv/HYCLPMnJhqKC40iQI8vrGUxPHDU6O3lr5sHVw7KrPRkRz7YoCjfO/ug PxjAY36XPuQwU+GQrdlAICnfh1KNT8Gbq6pi8brIxtqFzx9THuFRq+2YuJ27bjZQ= X-Received: by 2002:a17:906:e241:: with SMTP id gq1mr93826316ejb.265.1564585816418; Wed, 31 Jul 2019 08:10:16 -0700 (PDT) X-Received: by 2002:a17:906:e241:: with SMTP id gq1mr93816222ejb.265.1564585702933; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585702; cv=none; d=google.com; s=arc-20160816; b=rc7rt7cg5H6d7UC/d5cG8YP+gOktmoMP5lXZw7lXK5J7qHQfIX4G+Jf53LH2yDnzaO g1VtpaMwcX3y17ROTkPumF9XUFO8lyE3Y2xTIu5wsjTpmvnijWSYjDb5oi8YUk9OC23f mHgCzzkbudFewnBsxaOrx3fFNNz3BuSmnCiT2v4cWZizG7vyruLJNVMm0oRLRQe5QUxK h7F6ljk4LQJ25URWmtiufxb57D78/0YST7K4vSuENHfx7JhLHZtKcBrSv6Iqutb3K/oU CcFX09nJJBFzAjVjHgvFxLDSHByCpuFTdejl3K5CRZbUk6293nam9q17twciZmtwbUO+ goYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=2O79cZSevj0fRjj98yOOKrmJ0HJlarDgQ5rQqTlE+Vc=; b=nWkH1aoqN3RcfW25nhbjFOgN31yGNXAgMvOnhoM+ZMLpuXuia3p5yb+KMh5QluiPXN c0P1XhRDMzw7oHagr3+Zmc4H2ijjK2qtzZvPhK+nkxprRWSQ0cHbwSNy9nGSJ05vzHgE Ptk2RTcBb/oL9S2lcMBt/FSQTma3B0Z8mlmf83/g/5WHN9HPOmoSqZhQ5HTRIY7HGAK/ O3fSYo/RI7UNgoVGmb/65l8Izjnn9OovF5qCVkk3xsdNyeBud8gNWvMzi6MgUVc8F8G+ LhHXoY/3/dquvqq1i278XCgPvQhl6vLwVU6iNSQiIfevVOCuoNNsLCb7PIeHOGrLEFcI yW0g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=owT4iRH2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id m20sor22690862ejk.32.2019.07.31.08.08.22 for (Google Transport Security); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=owT4iRH2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2O79cZSevj0fRjj98yOOKrmJ0HJlarDgQ5rQqTlE+Vc=; b=owT4iRH22mETHlgcegYuhOK9u2nliY5q2VeZyUqXWoHHX/n19x6syg9GnDrIywB6W7 APi/TtXQtb/nyf25clrFAdZFZGzagMUnv2Z+2cnjWF04cbPyOCM49Gksu1AvQeUUnvR7 XUl2UNWMozLrrjHv201FJREyJgY9narxPLb1H5CawrRm8y//HMtVsyE9d/mxsDfkAKPA enOpyJ4Rl3qA1WMr8I6NZp5PsirfuPoIKC32e6w353HdSR4LEILwTFl4IFSdfBVVRSfh STKHa9Io28Fnozh/5ryrT10P9Qc9Ssl4F2PLmi5mOWUpEijdd0/vEnnTb2ET+50iJgoQ 809g== X-Google-Smtp-Source: APXvYqwVNuaD30wHzFTa+Rk9wdAadH3VZ+X69/JVMMK7ntSPJ0Jg/TWgZwrRyyNLslnPzeWxXrLqGw== X-Received: by 2002:a17:906:1105:: with SMTP id h5mr26111047eja.53.1564585702584; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k11sm16516389edq.54.2019.07.31.08.08.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 25CB810131F; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 08/59] x86/mm: Introduce helpers to read number, shift and mask of KeyIDs Date: Wed, 31 Jul 2019 18:07:22 +0300 Message-Id: <20190731150813.26289-9-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP mktme_nr_keyids() returns the number of KeyIDs available for MKTME, excluding KeyID zero which used by TME. MKTME KeyIDs start from 1. mktme_keyid_shift() returns the shift of KeyID within physical address. mktme_keyid_mask() returns the mask to extract KeyID from physical address. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 19 +++++++++++++++++++ arch/x86/kernel/cpu/intel.c | 15 ++++++++++++--- arch/x86/mm/Makefile | 2 ++ arch/x86/mm/mktme.c | 27 +++++++++++++++++++++++++++ 4 files changed, 60 insertions(+), 3 deletions(-) create mode 100644 arch/x86/include/asm/mktme.h create mode 100644 arch/x86/mm/mktme.c diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h new file mode 100644 index 000000000000..b9ba2ea5b600 --- /dev/null +++ b/arch/x86/include/asm/mktme.h @@ -0,0 +1,19 @@ +#ifndef _ASM_X86_MKTME_H +#define _ASM_X86_MKTME_H + +#include + +#ifdef CONFIG_X86_INTEL_MKTME +extern phys_addr_t __mktme_keyid_mask; +extern phys_addr_t mktme_keyid_mask(void); +extern int __mktme_keyid_shift; +extern int mktme_keyid_shift(void); +extern int __mktme_nr_keyids; +extern int mktme_nr_keyids(void); +#else +#define mktme_keyid_mask() ((phys_addr_t)0) +#define mktme_nr_keyids() 0 +#define mktme_keyid_shift() 0 +#endif + +#endif diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index f03eee666761..7ba44825be42 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -618,6 +618,9 @@ static void detect_tme(struct cpuinfo_x86 *c) #ifdef CONFIG_X86_INTEL_MKTME if (mktme_status == MKTME_ENABLED && nr_keyids) { + __mktme_nr_keyids = nr_keyids; + __mktme_keyid_shift = c->x86_phys_bits - keyid_bits; + /* * Mask out bits claimed from KeyID from physical address mask. * @@ -625,17 +628,23 @@ static void detect_tme(struct cpuinfo_x86 *c) * and number of bits claimed for KeyID is 6, bits 51:46 of * physical address is unusable. */ - phys_addr_t keyid_mask; + __mktme_keyid_mask = GENMASK_ULL(c->x86_phys_bits - 1, mktme_keyid_shift()); + physical_mask &= ~mktme_keyid_mask(); - keyid_mask = GENMASK_ULL(c->x86_phys_bits - 1, c->x86_phys_bits - keyid_bits); - physical_mask &= ~keyid_mask; } else { /* * Reset __PHYSICAL_MASK. * Maybe needed if there's inconsistent configuation * between CPUs. + * + * FIXME: broken for hotplug. + * We must not allow onlining secondary CPUs with non-matching + * configuration. */ physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; + __mktme_keyid_mask = 0; + __mktme_keyid_shift = 0; + __mktme_nr_keyids = 0; } #endif diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index 84373dc9b341..600d18691876 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -53,3 +53,5 @@ obj-$(CONFIG_PAGE_TABLE_ISOLATION) += pti.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_identity.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_boot.o + +obj-$(CONFIG_X86_INTEL_MKTME) += mktme.o diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c new file mode 100644 index 000000000000..0f48ef2720cc --- /dev/null +++ b/arch/x86/mm/mktme.c @@ -0,0 +1,27 @@ +#include + +/* Mask to extract KeyID from physical address. */ +phys_addr_t __mktme_keyid_mask; +phys_addr_t mktme_keyid_mask(void) +{ + return __mktme_keyid_mask; +} +EXPORT_SYMBOL_GPL(mktme_keyid_mask); + +/* Shift of KeyID within physical address. */ +int __mktme_keyid_shift; +int mktme_keyid_shift(void) +{ + return __mktme_keyid_shift; +} +EXPORT_SYMBOL_GPL(mktme_keyid_shift); + +/* + * Number of KeyIDs available for MKTME. + * Excludes KeyID-0 which used by TME. MKTME KeyIDs start from 1. + */ +int __mktme_nr_keyids; +int mktme_nr_keyids(void) +{ + return __mktme_nr_keyids; +} From patchwork Wed Jul 31 15:07:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068079 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8CB78746 for ; Wed, 31 Jul 2019 15:08:48 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 77AB01FFD8 for ; Wed, 31 Jul 2019 15:08:48 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6BC5C201B1; Wed, 31 Jul 2019 15:08:48 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E74BC1FFD8 for ; Wed, 31 Jul 2019 15:08:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 522008E0010; Wed, 31 Jul 2019 11:08:25 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 4A9268E000D; Wed, 31 Jul 2019 11:08:25 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D9C08E0010; Wed, 31 Jul 2019 11:08:25 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id BE0568E000D for ; Wed, 31 Jul 2019 11:08:24 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id k22so42623983ede.0 for ; Wed, 31 Jul 2019 08:08:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=L4ZEjLjovYwhlc3sfcyK0re0l8xj15Oya4gREJZsXus=; b=Placrbti/KmWfwTynnYce8OlOJqrRwXRwuuMCcRVrDFvhGGqdMdTDWUrJ8Kipze8W/ BM36uKPmdFyhCNNrMqXenr+2sr48QXfcGZ0G49MhHnGlgIy7a/sSIdJhj7mUQnqBewEj Gir2qPJckjeUPJtF57a7AxHeenNx+8PXpdJznpkLJaDxYT4ROqFQ43bsE/5lcmlwGlcc 7ARlEIyq8sXhwU+0f8ynXQH+HfBuLZSqOeP+Y72+8Coaf6ZJVaj5flWYxHMhJAjCu+RT hgaJhxfN2kHpJVGcuLqu/I4GBhSz7fw34ESknLs/SeiM2RAhBx1zhEjqdCBMNquo8xzJ WIvw== X-Gm-Message-State: APjAAAX3vjS/4xOxcuNSwFCMKI29LZpivb3i6feVytCdoy+ZuQsv8DwL LfpYVt/mlEJ+KedB++t2acDObajjWcd770eKEkJaUyKMmMnAWtlzCPZ3sGZYTQxM9gkLsg5V6FL N9b5921muVseV6r5W7VCYFzVXSU6/bfj8JN7gZVF5sHA5CxCGTwKwfgy7Y+bZCr0= X-Received: by 2002:aa7:d64f:: with SMTP id v15mr107330034edr.132.1564585704353; Wed, 31 Jul 2019 08:08:24 -0700 (PDT) X-Received: by 2002:aa7:d64f:: with SMTP id v15mr107329833edr.132.1564585702558; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585702; cv=none; d=google.com; s=arc-20160816; b=Pxh6pw4MiVBkypPPObqC/nORfQQYmqIUNsRaZd28e9dx7uiFKHm+yYRpCsBq9jEyRJ 3qhDqocnoKp+556802h5/yjXtKAjzfkYKD4p3J8XqIqPFT7TONil75e99XqL2qE5Dnx9 Lphr25/ZZ9KJqJarVgort0m96YFwVcRgR4ihtTeF9hkhKVTG9Va9NKnrvkdjFYPzadE0 W9SFGgCC33fzRoxA6pWSZAYGknRV6gcS+e97uZUeblx1AIv9u2zBPK9YcNCPbU3oIPEn hz/7PcZKmEEkNHbvsUr+FLoGKumsn2Ht+pk6iXR9ASAZQ2LDrPQmNGTSFfXjStx4G3h4 fdoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=L4ZEjLjovYwhlc3sfcyK0re0l8xj15Oya4gREJZsXus=; b=Xllj2L6UKgsqEVos5kgrSk+TnSGhxu00D62gsATByUcirjymLL0V1N6+QtNyVFFd9L h3AJr73kCcr8od/4c+5pYPZL5KkMgaWQ5Va+r580u1MExsrihSq0D4tQHyuPnR7wtQV/ ECqRX1aaOceYvCrYJ/3hmXRkmwF/TtuCCyTWd5amD8rVt0yoNJrZapYR0Oi8i0/ztfqe zRjk2SLBwvCp7wjHHkX2fLVbhv2GCMxhePwQJL/yO7sUtBnlPqA16LKCYVlT1BZu45qU wgBxL5NshCN2y6JbrDk1VuSkUdOyizDFGLUoUEYJ/Mqnod7H79abTTWJb4AhVtHbAfpd C+lA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=V5rpp3X2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id f7sor13808011ejc.31.2019.07.31.08.08.22 for (Google Transport Security); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=V5rpp3X2; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=L4ZEjLjovYwhlc3sfcyK0re0l8xj15Oya4gREJZsXus=; b=V5rpp3X2+p+VVm7FssSRodlU6DS9SwQLhXjimNRTkFMkTWsFbd7HkizFtVyE1zIrzy fPAuOPVVJeqlsLEhPRbCqOeRCbvW4JadhbicVgcow8yaygfiy6y17rqCfH03Rty6YhXj 6s+mjRzfpE3alGhAXjgL2hhfWjPdDRz/hcRhXF1/iJC59vgvEz7fzn3mLdZt0saq8R+2 YGro+1SRX76SodqfwZnA/6i9jWHWw9pBsAVy22+H2tRm7Z7bX/jkLZMKy9nrKbtBjbdn RE6jWJDgv80mFQO3CN2q3IrNNli2rX+pB/Xw9tJK/WnQpL2UfFVX1jHzcoNvANMfNeEh hhxA== X-Google-Smtp-Source: APXvYqxJ9S0tGP2IpyXLxIjktlIQlFGvLsty4aUseBEocKbxQZsdfbX5PxHe1B3ZlzdQoz5XJNRh9g== X-Received: by 2002:a17:906:4d88:: with SMTP id s8mr92464687eju.225.1564585702235; Wed, 31 Jul 2019 08:08:22 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id q11sm268380ejt.74.2019.07.31.08.08.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 2CA2A101320; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 09/59] x86/mm: Store bitmask of the encryption algorithms supported by MKTME Date: Wed, 31 Jul 2019 18:07:23 +0300 Message-Id: <20190731150813.26289-10-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Store bitmask of the supported encryption algorithms in 'mktme_algs'. This will be used by key management service. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 2 ++ arch/x86/kernel/cpu/intel.c | 6 +++++- arch/x86/mm/mktme.c | 2 ++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index b9ba2ea5b600..42a3b1b44669 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -10,6 +10,8 @@ extern int __mktme_keyid_shift; extern int mktme_keyid_shift(void); extern int __mktme_nr_keyids; extern int mktme_nr_keyids(void); +extern unsigned int mktme_algs; + #else #define mktme_keyid_mask() ((phys_addr_t)0) #define mktme_nr_keyids() 0 diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 7ba44825be42..991bdcb2a55a 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -553,6 +553,8 @@ static void detect_vmx_virtcap(struct cpuinfo_x86 *c) #define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ #define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 +#define TME_ACTIVATE_CRYPTO_KNOWN_ALGS TME_ACTIVATE_CRYPTO_AES_XTS_128 + /* Values for mktme_status (SW only construct) */ #define MKTME_ENABLED 0 #define MKTME_DISABLED 1 @@ -596,7 +598,7 @@ static void detect_tme(struct cpuinfo_x86 *c) pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); - if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { + if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_KNOWN_ALGS)) { pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", tme_crypto_algs); mktme_status = MKTME_DISABLED; @@ -631,6 +633,8 @@ static void detect_tme(struct cpuinfo_x86 *c) __mktme_keyid_mask = GENMASK_ULL(c->x86_phys_bits - 1, mktme_keyid_shift()); physical_mask &= ~mktme_keyid_mask(); + tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); + mktme_algs = tme_crypto_algs & TME_ACTIVATE_CRYPTO_KNOWN_ALGS; } else { /* * Reset __PHYSICAL_MASK. diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 0f48ef2720cc..755afc6935b5 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -25,3 +25,5 @@ int mktme_nr_keyids(void) { return __mktme_nr_keyids; } + +unsigned int mktme_algs; From patchwork Wed Jul 31 15:07:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068077 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7D12A13A4 for ; Wed, 31 Jul 2019 15:08:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 669261FFD8 for ; Wed, 31 Jul 2019 15:08:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 59F2B201B1; Wed, 31 Jul 2019 15:08:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CB2751FFD8 for ; Wed, 31 Jul 2019 15:08:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D380D8E000F; Wed, 31 Jul 2019 11:08:24 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id C982A8E0010; Wed, 31 Jul 2019 11:08:24 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AC6DE8E000F; Wed, 31 Jul 2019 11:08:24 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 4609C8E000D for ; Wed, 31 Jul 2019 11:08:24 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id w25so42560283edu.11 for ; Wed, 31 Jul 2019 08:08:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=UEVrEENQF6GgqskaCpeVIXbw1wxW9ZHP7LEfmwaIX1Y=; b=UStqyrMcYBZ7q5WeBTST26mMYNSCtdqfFfkbaAogSgGds9mlf/Vpn6pOMseeNXIR9m AUdoliUiCzRcG/q5dx/CR8sXltkn+RlcKOcoNjhGXY5O9zmTHlE+s1+YFtA4+nC5hdHC LMC+nze2LDEsJ92B9XFSNOHybEtWRcMNYv0ElmuxkzNDqOuEJ+RGdEatyEVSC06jIrdO lUq2JpjCtHaa9LrfyfytFJWa5ECJVENlNke3iSCcAQGJW2oeO3Ydmm7PVmPkN79pX5// L65ovhFoVpKP+KPWs0NtvRtY1/k7gVrIlAllfHJA+8RlVCpbdMNSw3tQ8L5kwzJLPMs5 CptA== X-Gm-Message-State: APjAAAV2dcWff4y8lD/AG8FK8SMZGP8ULLEeZSgjv7mxKdUj8spv/Lny CRdkxDWwuhv4IGn5lQ1VkhJs6h+yfjyHthKdbsADfeEWRyxTJbTV60s5mbCInewkyj4uy+EhTPk nb5+wg6CRxeqMybIQKSqq4MMNSBzlYQ8i59GTplbeUmrkbjsR0Y1bpmz4CHvR/w8= X-Received: by 2002:a17:906:a39a:: with SMTP id k26mr46259656ejz.82.1564585703499; Wed, 31 Jul 2019 08:08:23 -0700 (PDT) X-Received: by 2002:a17:906:a39a:: with SMTP id k26mr46259507ejz.82.1564585701946; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585701; cv=none; d=google.com; s=arc-20160816; b=kV97t7yTbkpF1aO2Wu/NSsZ0QFmTVfKwT2YX5WWtuyFE7qq05DAbtjnvhjEuiqNNnr iDkvU3vfdPs0UvzDgU5pLoy508+U/nFbUec9ZhaFTxYAqm9MRVxn4aMyyLrl8P2EOVIc 87xLKBjIWCD2XLf3P5K91MSdyURLNVedaYqdsFmTMkdvewdXJ03VVeeksYlNg9JzM4lz D1hUpmwEYvw3HoPHXq9VhZfXpWD6dDGHrOkuhmaFkuD/LcI8q8FW1OlK1FslKGENdjh7 Ki9GDO6edwPQyqmxIRfIBg1aVWUsKGvnxpARuJqgBmv1V91H3ViEq8R0FrLb9lqW1kEU NmDA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=UEVrEENQF6GgqskaCpeVIXbw1wxW9ZHP7LEfmwaIX1Y=; b=qsGavfxTqd6Uu4HMybF7vxElpqgywErqlJjIwp0GzkCM8s2KBJE/9EMEVAcDqMmgLX Cf+nj+ZEU/uI0meD+U+JW28eInJFfTnT8WtnvEE7IemTTPD8s6M/5CpPG51EcJDujePs CxQWETZC8irquX9GtLTJyhVWjPX5AV0bVQqQZ1T3UJl0DWFUoba7TsdDa2sa0k3Pb8wP sq197BRkBRhB9ca03/F+bS5PgSdXCazoPUr3tpRBf4au9oUu1KqG3oGJGEuxfnBA1O9u WxZ5aEbp0w5INWvxUhR1feNQ5COHPvwPbVACIZJI5JqJkORIZvd3XvzNMHrFIuR8ROM+ HbAw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=McRooZfy; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id x7sor52262615edx.26.2019.07.31.08.08.21 for (Google Transport Security); Wed, 31 Jul 2019 08:08:21 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=McRooZfy; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UEVrEENQF6GgqskaCpeVIXbw1wxW9ZHP7LEfmwaIX1Y=; b=McRooZfyR/RpXN5XMwhhQ4fnXOkpn46XyCphce8PhxPou3dx2i+zeEUPZwHp8TipgC BGI1enXNjaRfPWABi/58N/CnaStzBfe7I/sVoHLEwUVWO5RPpvbMnQlhUk+vrP5KitP0 xlN7apakZ23IIc8QM67elrLhwzfh8ZdwIfgG4AOrbh58L2rHumcrLS2HKAJ0RvRNAs4E tHD5vqNYW5h49SvrGSAt/0No/7IhX7t7K59+y1G7hgFuma9uWtGUIV6MdVueE6BaPNDj +qOFDedI65e57Y1anrGxh7x7TSxMfmTc9skU5uDbNPifz28H6hTWzz2877Q1hXd1xky2 0RXg== X-Google-Smtp-Source: APXvYqz0kJ4Lqf/rOwIPdDm01UGfUWsjDSwUjlM7k6Av4cmEuFi6nnooAYqixqH6Nb/ho2xl1lQryA== X-Received: by 2002:a50:a3ec:: with SMTP id t41mr107352548edb.43.1564585701601; Wed, 31 Jul 2019 08:08:21 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id a9sm17507685edc.44.2019.07.31.08.08.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:19 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 33AC2101321; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 10/59] x86/mm: Preserve KeyID on pte_modify() and pgprot_modify() Date: Wed, 31 Jul 2019 18:07:24 +0300 Message-Id: <20190731150813.26289-11-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP An encrypted VMA will have KeyID stored in vma->vm_page_prot. This way we don't need to do anything special to setup encrypted page table entries and don't need to reserve space for KeyID in a VMA. This patch changes _PAGE_CHG_MASK to include KeyID bits. Otherwise they are going to be stripped from vm_page_prot on the first pgprot_modify(). Define PTE_PFN_MASK_MAX similar to PTE_PFN_MASK but based on __PHYSICAL_MASK_SHIFT. This way we include whole range of bits architecturally available for PFN without referencing physical_mask and mktme_keyid_mask variables. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/pgtable_types.h | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h index b5e49e6bac63..c23793146759 100644 --- a/arch/x86/include/asm/pgtable_types.h +++ b/arch/x86/include/asm/pgtable_types.h @@ -116,12 +116,25 @@ _PAGE_ACCESSED | _PAGE_DIRTY) /* - * Set of bits not changed in pte_modify. The pte's - * protection key is treated like _PAGE_RW, for - * instance, and is *not* included in this mask since - * pte_modify() does modify it. + * Set of bits not changed in pte_modify. + * + * The pte's protection key is treated like _PAGE_RW, for instance, and is + * *not* included in this mask since pte_modify() does modify it. + * + * They include the physical address and the memory encryption keyID. + * The paddr and the keyID never occupy the same bits at the same time. + * But, a given bit might be used for the keyID on one system and used for + * the physical address on another. As an optimization, we manage them in + * one unit here since their combination always occupies the same hardware + * bits. PTE_PFN_MASK_MAX stores combined mask. + * + * Cast PAGE_MASK to a signed type so that it is sign-extended if + * virtual addresses are 32-bits but physical addresses are larger + * (ie, 32-bit PAE). */ -#define _PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \ +#define PTE_PFN_MASK_MAX \ + (((signed long)PAGE_MASK) & ((1ULL << __PHYSICAL_MASK_SHIFT) - 1)) +#define _PAGE_CHG_MASK (PTE_PFN_MASK_MAX | _PAGE_PCD | _PAGE_PWT | \ _PAGE_SPECIAL | _PAGE_ACCESSED | _PAGE_DIRTY | \ _PAGE_SOFT_DIRTY | _PAGE_DEVMAP) #define _HPAGE_CHG_MASK (_PAGE_CHG_MASK | _PAGE_PSE) From patchwork Wed Jul 31 15:07:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068083 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 09D5F13A4 for ; Wed, 31 Jul 2019 15:08:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E8F1E1FFD8 for ; Wed, 31 Jul 2019 15:08:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DC51A201B1; Wed, 31 Jul 2019 15:08:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6D1631FFD8 for ; Wed, 31 Jul 2019 15:08:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 423468E000D; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 375588E0014; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E474E8E000D; Wed, 31 Jul 2019 11:08:27 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 8CDFB8E0011 for ; Wed, 31 Jul 2019 11:08:27 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id b33so42576189edc.17 for ; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=D3iLJ7KF8Vm9odDmu+BTFZ/KOQRQtwHyPsHUVXUW2iI=; b=bPxJ3U+RjGWbx3hoopWb/KLcpAQQ0tRKdy6hpLxq7F7r516f20R11rd6IjwBTnw9QS OnLjN14+791kLSMajISl7llTA3jqUoqnKZ/6CF8xcA8Tv9V4xHKqcFrMqF4XCLqNUk2D 0aKI6JrxvUvsD/L2kIxKrJFliKygbxF6ITqjjUBQVR/LZ1f5bUmzEd/HR7FFBVYVw6GE LRIXDIF5vKG2oXWCeLl2aCkG+RBnWqneRgZQYsnXYZAj5BhRvByQIzWCMd0uKx1b8myY lJmfDEWIObudy+kDnX7SVZXPgVg/zMWmm2Y9kH8yWqF+KWdKtPQDhMSoojfMo741BX12 MSLA== X-Gm-Message-State: APjAAAVOlaumTMWCCvfns8D53LhaGZFT6CAyzykhmvmnnbhwG0KUf93I vR21bwHwdnGzGB5C5eT9myfGGuY/Jl9eghRu/2gnn5Z5lP3u4eF6A457NgAKB+UnPevS1saPHkS HA5y+5km/qDvf9TQlvFVQUzkguJ7TExvWJorf/7R/wKA8yPmwAx27dNIxGmMfVfM= X-Received: by 2002:a50:f781:: with SMTP id h1mr110193205edn.240.1564585707151; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) X-Received: by 2002:a50:f781:: with SMTP id h1mr110193074edn.240.1564585705957; Wed, 31 Jul 2019 08:08:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585705; cv=none; d=google.com; s=arc-20160816; b=v03vnfy/TrSWs+S2tfUoyn8IhLlVI8Z1St2wuJQ6mRmVQ4FN7mxfSNyvMi1Mc78edl vuyWavr3thHezxcYaO+UFGtbtzzEjrl0OzMI4si9Ro4+PgWI5GwPAznqkYWLD+Z+tIQu tVaFbZNjhtDSKRzRwo9Z0SWGN75iCHwDyA/CSUoqiJwodo2F/pjRODnB26EhsFKXNHNu FVVf6AkmaTefFV4Het+d85SRbL1kH6F33TqstBs2kmaIMxTvFBrplaOcERKglvDbpARi W7ekJjhHx1kh9W7RMAfK55/uYQgkcdA/n4J1ZtASdxnnPxXjs7G3uk+d00hIg25vdqhZ ZIyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=D3iLJ7KF8Vm9odDmu+BTFZ/KOQRQtwHyPsHUVXUW2iI=; b=z60W6zwRW1JaHCdWLHVd+TN1CsE/w3ITXX3vN51wAVmnEd2uUv8TH3PUlixvtpY2Nu idy9pkwm//Yaw0M6qqs6yzZQIYiDKQ8gvB+q2UMahU4qIz6UfiV5lndNhXbMQ237Yth0 P1cL+VAVwynkYI795pJ5EStZUfpeD/iiJaalZ56PDB9Rhctt7/wL4SLaZVQYMbDWYW84 TQmTx5exaPk3UtZRWOSAX1ID6QrLIQ9ND8EsrsFRkJlPDg9FcquF0gWJIPrwD3F43cFg m7/boCL2AUFYThcQliRMlnW22tvVbe6McBKsUI43vrJqvQNd/ELG+BBX9tHUKclwzZ2s M12w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=kM1i0F40; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id bq17sor22167287ejb.55.2019.07.31.08.08.25 for (Google Transport Security); Wed, 31 Jul 2019 08:08:25 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=kM1i0F40; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=D3iLJ7KF8Vm9odDmu+BTFZ/KOQRQtwHyPsHUVXUW2iI=; b=kM1i0F40FYXfEMcdQiR9VUZLV2aBUr0DIlco9iB3hlWgYlqGoH3YhFqThyiuG3GlhU MICJOrT8oqR+53hRqgv3cF8csRqL1xVpyX6tD/ZJaUBHXHN9slodEDUAQFc2ndeYmsWR WW3A0qapPQ7CP1xULEMwz3e4zS5z/Rmun6q/0nEmdJiaXIJHY6yN81AnytapRernvBrE raTbz2gJS/FTTNoeLLnIs+MXpv+7iucyiiIu1zFPo09iRbaEfSGAfhH+M11KFAhMEC6e NwTMUxuK0IGQ7DtfynJRVOV/piQIKxKjIlGe+MhgETY+7kSa+fXty72q0sWznKXB/EmX L2Jw== X-Google-Smtp-Source: APXvYqzHXFkffBxAenDjJHEoVzdmjQiN5+u8mCxxAUf8k5rkMpqzlIwg7G5dir5Kcyl0q83T3wGkPw== X-Received: by 2002:a17:906:1496:: with SMTP id x22mr96005472ejc.191.1564585705643; Wed, 31 Jul 2019 08:08:25 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id u7sm12521820ejm.48.2019.07.31.08.08.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 3A8CF101322; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 11/59] x86/mm: Detect MKTME early Date: Wed, 31 Jul 2019 18:07:25 +0300 Message-Id: <20190731150813.26289-12-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP We need to know the number of KeyIDs before page_ext is initialized. We are going to use page_ext to store KeyID and it would be handly to avoid page_ext allocation if there's no MKMTE in the system. page_ext initialization happens before full CPU initizliation is complete. Move detect_tme() call to early_init_intel(). Signed-off-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/intel.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 991bdcb2a55a..4c2d70287eb4 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -187,6 +187,8 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 *c) return false; } +static void detect_tme(struct cpuinfo_x86 *c); + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; @@ -338,6 +340,9 @@ static void early_init_intel(struct cpuinfo_x86 *c) */ if (detect_extended_topology_early(c) < 0) detect_ht_early(c); + + if (cpu_has(c, X86_FEATURE_TME)) + detect_tme(c); } #ifdef CONFIG_X86_32 @@ -793,9 +798,6 @@ static void init_intel(struct cpuinfo_x86 *c) if (cpu_has(c, X86_FEATURE_VMX)) detect_vmx_virtcap(c); - if (cpu_has(c, X86_FEATURE_TME)) - detect_tme(c); - init_intel_misc_features(c); } From patchwork Wed Jul 31 15:07:26 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068081 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 17E6813A4 for ; Wed, 31 Jul 2019 15:08:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F1B921FFD8 for ; Wed, 31 Jul 2019 15:08:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E5E27201B1; Wed, 31 Jul 2019 15:08:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 509331FFD8 for ; Wed, 31 Jul 2019 15:08:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0C0A18E0012; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 0180D8E0011; Wed, 31 Jul 2019 11:08:27 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D86158E0012; Wed, 31 Jul 2019 11:08:27 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id 803648E000D for ; Wed, 31 Jul 2019 11:08:27 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id b3so42557328edd.22 for ; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=q8h8DuVZ5xqSTX4iLf3cQ6iXDhp5mBASA+A6l/JBLBE=; b=P1j9DZYSMSbPf2bbaqord/CMP3favkR65Gglfruu9qTlJhIwb0i9d1iQe2uJqNs8N4 SpNPzi0WQQg2KkyAK16Mu43V8AdIVRBk6cJi+ga1fPAMwvHEPVsKtHSLFChO/o27pl7e YNVbre8MNwDzX5gUV7jB984ijZnG/W+A/kQTHAz6RBzy8jSb75hFsI5AcaYIgSUhsNec Zyvn1js8XEXgAbHLNGW4Hl+vIkywl1TWiYs7rpKOBCYkHt6ut9KJNRi58MB1mE+do/f7 NR85DDm2KKUSdxTabLgkC/kpPAtKH6Yl3mJ3u7kiTsKJUStGMhPlfNMivWbwFfg/Phqv 2L1w== X-Gm-Message-State: APjAAAW52YLJ/4CzsR1z4jFsfKHRkgDic6FCA8nMUGYKUrhgkJoG43Et qYKOOmRNsHl8WRYMj6fm8zPjScnUr/JMsMiXXDEPFVeYdst6h2BWx7XuSNcN9LOQwMGJLi1eRuL nZYcEngDB0kltDFouE/RfjhMOB4YO6jgTG75werGzoqyseVFaIT/FhIKSKzzxKxA= X-Received: by 2002:a17:906:4e8f:: with SMTP id v15mr93496281eju.47.1564585707048; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) X-Received: by 2002:a17:906:4e8f:: with SMTP id v15mr93496143eju.47.1564585705491; Wed, 31 Jul 2019 08:08:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585705; cv=none; d=google.com; s=arc-20160816; b=DtaPS00jvPRllFC8gCoPKmdeOw3Old7sFd40dd7bPUoJx7c6VG5ad7Ux/T8fJTU+Bc GeTy0c3b+cLetd93wRvZEm6ATYxV8wqhm6YIUoQvwLmWAy3TOQbcbR8hJlUV5FjFcfPw RgtEestheIRXwIkL59d4hQ0m1WpW3Ca3RkqCgvyLwqGF74Gw//doSA7Y3/Vsgau6TDCv JLOS59R+12xJ/AlkxGUL9d/soGHnLNaBJYP7Xnm5biTWrM8leF6/8NEaBKQTwweah6ps bSHigPRegnfp5nUKyk0GeZWeFnOe2XJjXb72cBnDf5c6pP0kpD1qtWcdYwHM8WruDy9h XV0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=q8h8DuVZ5xqSTX4iLf3cQ6iXDhp5mBASA+A6l/JBLBE=; b=Vfsea1Gbkxue4Ks0nhGH/Tk+aHC1RFI7qKsKXTZ2x4SfgY+AdA71/iyBxWnZljNnDY kssnV/pw7usavUu9RHJjGPe46IBs7AMUMLm8Ema8y2isJPdad8e07plb05oCs9AE4blm sLsYRS0QwSCgDbkWuSi45pQkINWaAa3lwQ021er3urisXCRZJiP/W02qGXHo4LI/Rg2y MJqnxFsm4KKq3C8xutUBqBtUCPBGg4AIiXpVd/0E2h0Kuo2KAdwKDFzKS98mTriCR7lp hj032pCTeJgbwHAEA7nA2CD9QyytYRTKhyKoWjEL9PtE3ONUtVB+60w7s2a7tcqWXn25 pILg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=xxeSkAF5; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y5sor52037564edv.14.2019.07.31.08.08.25 for (Google Transport Security); Wed, 31 Jul 2019 08:08:25 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=xxeSkAF5; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=q8h8DuVZ5xqSTX4iLf3cQ6iXDhp5mBASA+A6l/JBLBE=; b=xxeSkAF5F8BawgLqggNa1C7KQakAR8Gv8h1EsF9xRhmGHNoCGehH3y2hhSqsXfI5VJ 3IilhUftK/xfQ1BnFLgLdvpKCmJ3WwNKEewuA5okNvH6OWLT4DheVpmjwRezMEp1EoLb cEOJRnsObjp7GY+LhQc917g8k4Smbt70KSqtn9oRD2tQKIfdLXGCKJvqAZsVJ9RWw2dO ThOpF2m3RrB6lsEasxt939gWNpmK3KvPm+ql5vM7ySNsmqzc+R1EUB7t2y4I3fIGrrXW rrTV6R88NJzTEBXXBTrSYqX77BfI78EbIRJPLpACwzuWGMppXW6XpW/8jy6s4yZRv03P xuRA== X-Google-Smtp-Source: APXvYqykMoqa/jurqmu5qCOTL3FrslOXZsy/cIIViiTktYJvWElboFgFu3JaIVvQUCRpd7Slsk2q4Q== X-Received: by 2002:aa7:ce91:: with SMTP id y17mr36108223edv.56.1564585705169; Wed, 31 Jul 2019 08:08:25 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id z40sm17288443edb.61.2019.07.31.08.08.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 41A93101323; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 12/59] x86/mm: Add a helper to retrieve KeyID for a page Date: Wed, 31 Jul 2019 18:07:26 +0300 Message-Id: <20190731150813.26289-13-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP page_ext allows to store additional per-page information without growing main struct page. The additional space can be requested at boot time. Store KeyID in bits 31:16 of extended page flags. These bits are unused. page_keyid() returns zero until page_ext is ready. page_ext initializer enables a static branch to indicate that page_keyid() can use page_ext. The same static branch will gate MKTME readiness in general. We don't yet set KeyID for the page. It will come in the following patch that implements prep_encrypted_page(). All pages have KeyID-0 for now. page_keyid() will be used by KVM which can be built as a module. We need to export mktme_enabled_key to be able to inline page_keyid(). Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 26 ++++++++++++++++++++++++++ arch/x86/include/asm/page.h | 1 + arch/x86/mm/mktme.c | 21 +++++++++++++++++++++ include/linux/mm.h | 2 +- include/linux/page_ext.h | 11 ++++++++++- mm/page_ext.c | 3 +++ 6 files changed, 62 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index 42a3b1b44669..46041075f617 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -2,6 +2,8 @@ #define _ASM_X86_MKTME_H #include +#include +#include #ifdef CONFIG_X86_INTEL_MKTME extern phys_addr_t __mktme_keyid_mask; @@ -12,10 +14,34 @@ extern int __mktme_nr_keyids; extern int mktme_nr_keyids(void); extern unsigned int mktme_algs; +DECLARE_STATIC_KEY_FALSE(mktme_enabled_key); +static inline bool mktme_enabled(void) +{ + return static_branch_unlikely(&mktme_enabled_key); +} + +extern struct page_ext_operations page_mktme_ops; + +#define page_keyid page_keyid +static inline int page_keyid(const struct page *page) +{ + if (!mktme_enabled()) + return 0; + + return lookup_page_ext(page)->keyid; +} + #else #define mktme_keyid_mask() ((phys_addr_t)0) #define mktme_nr_keyids() 0 #define mktme_keyid_shift() 0 + +#define page_keyid(page) 0 + +static inline bool mktme_enabled(void) +{ + return false; +} #endif #endif diff --git a/arch/x86/include/asm/page.h b/arch/x86/include/asm/page.h index 7555b48803a8..39af59487d5f 100644 --- a/arch/x86/include/asm/page.h +++ b/arch/x86/include/asm/page.h @@ -19,6 +19,7 @@ struct page; #include +#include extern struct range pfn_mapped[]; extern int nr_pfn_mapped; diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 755afc6935b5..48c2d4c97356 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -27,3 +27,24 @@ int mktme_nr_keyids(void) } unsigned int mktme_algs; + +DEFINE_STATIC_KEY_FALSE(mktme_enabled_key); +EXPORT_SYMBOL_GPL(mktme_enabled_key); + +static bool need_page_mktme(void) +{ + /* Make sure keyid doesn't collide with extended page flags */ + BUILD_BUG_ON(__NR_PAGE_EXT_FLAGS > 16); + + return !!mktme_nr_keyids(); +} + +static void init_page_mktme(void) +{ + static_branch_enable(&mktme_enabled_key); +} + +struct page_ext_operations page_mktme_ops = { + .need = need_page_mktme, + .init = init_page_mktme, +}; diff --git a/include/linux/mm.h b/include/linux/mm.h index af1a56ff6764..3f9640f388ac 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1645,7 +1645,7 @@ static inline int vma_keyid(struct vm_area_struct *vma) #endif #ifndef page_keyid -static inline int page_keyid(struct page *page) +static inline int page_keyid(const struct page *page) { return 0; } diff --git a/include/linux/page_ext.h b/include/linux/page_ext.h index 09592951725c..a9fa95ae9847 100644 --- a/include/linux/page_ext.h +++ b/include/linux/page_ext.h @@ -22,6 +22,7 @@ enum page_ext_flags { PAGE_EXT_YOUNG, PAGE_EXT_IDLE, #endif + __NR_PAGE_EXT_FLAGS }; /* @@ -32,7 +33,15 @@ enum page_ext_flags { * then the page_ext for pfn always exists. */ struct page_ext { - unsigned long flags; + union { + unsigned long flags; +#ifdef CONFIG_X86_INTEL_MKTME + struct { + unsigned short __pad; + unsigned short keyid; + }; +#endif + }; }; extern void pgdat_page_ext_init(struct pglist_data *pgdat); diff --git a/mm/page_ext.c b/mm/page_ext.c index 5f5769c7db3b..c52b77c13cd9 100644 --- a/mm/page_ext.c +++ b/mm/page_ext.c @@ -65,6 +65,9 @@ static struct page_ext_operations *page_ext_ops[] = { #if defined(CONFIG_IDLE_PAGE_TRACKING) && !defined(CONFIG_64BIT) &page_idle_ops, #endif +#ifdef CONFIG_X86_INTEL_MKTME + &page_mktme_ops, +#endif }; static unsigned long total_usage; From patchwork Wed Jul 31 15:07:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068097 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9BAF013A4 for ; Wed, 31 Jul 2019 15:09:06 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8498D1FFD8 for ; Wed, 31 Jul 2019 15:09:06 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 78A58201B1; Wed, 31 Jul 2019 15:09:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 053C91FFD8 for ; Wed, 31 Jul 2019 15:09:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 374098E0015; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2FF728E0013; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 178FF8E0018; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id A5A898E0013 for ; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id d27so42606570eda.9 for ; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=JEZNWwFcWS55jw+6SIN48eCAvZTaxQLDv71jatzDjOE=; b=II7PWekQWL3OKBC62Wy0DOyq3B3kOancNt6A6h2k76fwVPlLM3rmd4OJ8xTZk74djx KwNss+RvAmFKbBVPYEmOG3r2or6NaRVaGg+782/t9VR6+4WmI70zT+L3jJVvS/M4auZD PRJds+sj90WDii+NLJNkbOrqpa6GfCy/opQkMR7AundayzYzfEicftaXws4SmKrtnzjK oFtBF0T7sPbO62mGL82wqDqu9GCEv7yj05PdH+vVbO0j0+HMCNn//eOoJyfGBHp3v1Po sVlsm0hboWJ2Ir8GTUnxNwrRvySW21S9o6khyNX39kjVCdLPi4c9TUyyJWLzNTHP3QAf +zuA== X-Gm-Message-State: APjAAAWT0PM9Cv7kUclBi0Kro/NMUomRzclSZxgZJISD52JjjYdjlWjm aejp68gGm9s86G06ALWeCw2Yfg2QPK4TLJ9dk3SxP0bmE5fFx1uh4zC1VreOuAmh30tpFrNu53k LZ8OGte6eqECK8XMuhkmyVWYYKI8FHAPwKm/03zO0Ykpl0bk0mIxbjvUaQHZ/WG8= X-Received: by 2002:a50:b343:: with SMTP id r3mr104743404edd.16.1564585708378; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) X-Received: by 2002:a50:b343:: with SMTP id r3mr104743054edd.16.1564585705106; Wed, 31 Jul 2019 08:08:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585705; cv=none; d=google.com; s=arc-20160816; b=R3C6CVDkbTBxU+yQjsHGvRDs/AGiSVoQixPjTd6Ngwl10YmPuPsMlYFtAfr6r1QXuE ZxqPNmAsUWqEhvWsmNjHzqWS8Z2x06rl4y5CNvLKmA7PKwoP/zeYDE8hzN+loTI/0ps/ FUm4fx54xqBecaMnaKQrID7tMUhdYrma/yF7KKRpZfmkHrpW0uglt7TtONUXo2AAvybk jUE1yI8Q8pMSjRfxuVzJ/Yc0oCPZwYDCeXfx0tIP3qHS9cJCrrIMUzQueLAwqHH46t3f oe1K/6Ya0ld4dP5zYBaiFg6l/eDgVjVxXG3YZs4dD3lL7qA9zJKW/q/KjVoAhOFfmiuy OrFA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=JEZNWwFcWS55jw+6SIN48eCAvZTaxQLDv71jatzDjOE=; b=oytFYyRoztV4I926Vl5q8mr1asyajNmrRC2KrE6jSlh0ZnQ2GpkmuOwb5G+DgsC2jN H+9a5st30FEDoV9csoRfms59GCJKrrXiQgtsKaGNZhfimT5ayYxP6opEMTXJqTQJFrQb xXpTTpMVQ84szmJQuvyeHwLpmLpjV73bD83+d2Bv5lHADw2TeTVq6SN7/VwQY/Um8p60 DlB2FZ9KvLlALwviVCxtBGGMkLpBW8MrafkANnn7oNrcKrYXg+foWs9HSsInmC/cMLBV hn+n1TLnoE10hK7Dy/YLQwc7+F3Gzv6oRVg2qvbNjR6NF41pBrUmGBZ+zQqZOMbqbES2 uCiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=BHAeXd7g; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id g25sor52126592edc.19.2019.07.31.08.08.24 for (Google Transport Security); Wed, 31 Jul 2019 08:08:25 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=BHAeXd7g; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JEZNWwFcWS55jw+6SIN48eCAvZTaxQLDv71jatzDjOE=; b=BHAeXd7gVXgBxYu3UUq38JWfB9LxZIY8nRNcqLidTcyniNbN1kGL7m8gr0DYCgHyfo bYCkEUg7twHqYl9//YYyF3oRucuIzp6d8krWu5AXZuwBtWBWqFWBt/UfnX3pxSNussqT vPwPX9shBW0HElOKWXJF5lb9bZsc1LRrg5iG4cMsZyUylv9NMvgzxJC+ak2MqH41uDGx kDLz4WiHVp5dMULHZ0AJck/7y17op+S1LY4RIr4iUP8aw3l+KaMe13SwSVOBLq30rQZD RxmVZou3sCnH16cwB+iAELC3TlHF1bUMdJfNLvVlBfrQL9P/s9szyRTBQ5Oj+oYcjPpJ mDPQ== X-Google-Smtp-Source: APXvYqwrlyk+jtOIzcQNAVf6976bJtJVVuXE4BPNEUU4FrC1EBQZ1KrsVfR+sDVvD7XGNJvKjIp/UA== X-Received: by 2002:a05:6402:1212:: with SMTP id c18mr108401816edw.7.1564585704701; Wed, 31 Jul 2019 08:08:24 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id w14sm17419509eda.69.2019.07.31.08.08.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 48F28101324; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 13/59] x86/mm: Add a helper to retrieve KeyID for a VMA Date: Wed, 31 Jul 2019 18:07:27 +0300 Message-Id: <20190731150813.26289-14-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP We store KeyID in upper bits for vm_page_prot that match position of KeyID in PTE. vma_keyid() extracts KeyID from vm_page_prot. With KeyID in vm_page_prot we don't need to modify any page table helper to propagate the KeyID to page table entires. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 12 ++++++++++++ arch/x86/mm/mktme.c | 7 +++++++ 2 files changed, 19 insertions(+) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index 46041075f617..52b115b30a42 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -5,6 +5,8 @@ #include #include +struct vm_area_struct; + #ifdef CONFIG_X86_INTEL_MKTME extern phys_addr_t __mktme_keyid_mask; extern phys_addr_t mktme_keyid_mask(void); @@ -31,6 +33,16 @@ static inline int page_keyid(const struct page *page) return lookup_page_ext(page)->keyid; } +#define vma_keyid vma_keyid +int __vma_keyid(struct vm_area_struct *vma); +static inline int vma_keyid(struct vm_area_struct *vma) +{ + if (!mktme_enabled()) + return 0; + + return __vma_keyid(vma); +} + #else #define mktme_keyid_mask() ((phys_addr_t)0) #define mktme_nr_keyids() 0 diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 48c2d4c97356..d02867212e33 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,3 +1,4 @@ +#include #include /* Mask to extract KeyID from physical address. */ @@ -48,3 +49,9 @@ struct page_ext_operations page_mktme_ops = { .need = need_page_mktme, .init = init_page_mktme, }; + +int __vma_keyid(struct vm_area_struct *vma) +{ + pgprotval_t prot = pgprot_val(vma->vm_page_prot); + return (prot & mktme_keyid_mask()) >> mktme_keyid_shift(); +} From patchwork Wed Jul 31 15:07:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068091 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4007B13A4 for ; Wed, 31 Jul 2019 15:09:02 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B82231FFD8 for ; Wed, 31 Jul 2019 15:09:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AC02A201B1; Wed, 31 Jul 2019 15:09:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 144091FFD8 for ; Wed, 31 Jul 2019 15:09:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 596CD8E0014; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 51DE18E0013; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 371DE8E0014; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) by kanga.kvack.org (Postfix) with ESMTP id D18D68E0013 for ; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) Received: by mail-wr1-f70.google.com with SMTP id l24so33842226wrb.0 for ; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=BL5Bv5lW/jYayEJoRe2+9QezMkCC+60ESskc5jI43rc=; b=le1J/d63aAt1Lkx0RUHQbnvozs4lkZN/jqR4Facye04FWKP6Goeka7smlzdZ4zQtjw JQfgZ1lXs/y1/WIG6JhmfWnARWnbkYoUCuNZ2OJznrUDOQbDNuL3yqa4wwiMqWtpBCf2 rsUcO/ghvXepUeGyq3CTK1UuHkZpe6PaLDKleHhc9gqPCFNYgkALs5BYB6gaMOU0O3dR 11C3Hl22+cJnhpafuzTjMnd/GZmEkw2o6X6FWdrt757RLKZPB0QXpUYJn+c0YJPGvUDG YJF4EVL1x0WCZcjE8qN535m2/hcWe3R7dZLrWR0Lc50w2T2HAg3bC/5i56z03tXsBg+9 txrg== X-Gm-Message-State: APjAAAW++79EyI31Io3UYs2Z6oxoGSv0YpifHPL6KhAaPqHhR6HNJGNf M7svwaEzwv2lmBAgZC19Q8y2Hj/v0KtKTWV99JdqZNzxAlSiRPHOdGLOzBGoKx5luj6OVuLgjiF Z8+8MLSHG39I3/z7NPqX3VD+zt14+2GFrNs3fWxWu2Q2j4BpKF74mjLvW5VS9a/4= X-Received: by 2002:adf:f206:: with SMTP id p6mr63698389wro.216.1564585708423; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) X-Received: by 2002:adf:f206:: with SMTP id p6mr63698291wro.216.1564585707063; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585707; cv=none; d=google.com; s=arc-20160816; b=qt1e6KtiWl4rhaAVSOVO71uNRZ6LMvg9BTVPHi/hMlKL2Nf++52mj2bWijTawh38sr 725KV1W7LlcYlFlfcQXy5UPvCLW9FGnju2pQ794zG4PeQqoWL2Z9InNfNhVh5RsVGeSa eKaOLmi+tDUXzV7nD6QI8Ovg1m8D2PcXVrcxOdnkIXSaIppECXxTiXZZJ2ryjnLkTvqL xBttd+0fhnGvi8SCJZg0Itgc0EZJVKZYCBNJVkecbcjkZmJ82zYMKXwOLy122iYrkdSb tPVOLTn2OCYopG2n6YuaUsTAP64Sjs4oWGMKgFV6gR76pJJ4ivPnpMmSrEteGXT4mViO dr1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=BL5Bv5lW/jYayEJoRe2+9QezMkCC+60ESskc5jI43rc=; b=dputc4W/uheZ8rQJ7sFYZo2hZSXWazTYB3L2EBGD3z0N66z+2N6fWXLIlFPXH26YVU lQsIxq+w4bKUcatCHGa1N9Y7EzgDVSxPo94mK6ARMcsyVN/pyL09MM0BYG3hAc1nSPL/ SC5wPf/SBw35myfrO3ghAOZicRa8SuYupbKmkAF/xJbpt1XeAPfoMU+W97dLXelpmBAZ pgVHgBYDY/lnJL/2mmKp8eptw+vpGv0uWgARyNb+HFSTrUOB3VoIiUa0Z3c880l6fdvD xxgNddPRmlPDWEtvaYSn97g4qd+mK/FegNzfQEUK4UQE7rYn/+Dm6e2O0vhCaMz0hRRH g7xQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Z+QZrz8R; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id b24sor22638971ejp.1.2019.07.31.08.08.26 for (Google Transport Security); Wed, 31 Jul 2019 08:08:27 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Z+QZrz8R; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=BL5Bv5lW/jYayEJoRe2+9QezMkCC+60ESskc5jI43rc=; b=Z+QZrz8RxaQVkEmqQR+P3He1RAcsz276GYydPQCrBvVFzTQKhJYu7NE41afsSGcW6+ PEkJHs8N+UZO3AYfKlsxwVJLTOvBwiOb7PnAjByNuwdd5U2faK6XX8qM7PxvuCxO/mbu tGAo18iJgYPJ1Ot5DSRbXJIlTHuucTq2ZxCKM1dP5WZHTSE1FnneQRwt/g0J7LAxwo9y 1kEtDf3Gtz6f8i1Dcl7z5jwv2Di5k2T62pCpUzzd1Hc8x6HKFWlkGzFRwJd9NLtmsaB8 eZcrNUzOtJQwWsRlLRsolI/HegBB7F8KhoBR5T1awdNiOE/MGBOV2CCucAo20gDECZFx G0pA== X-Google-Smtp-Source: APXvYqznZSrsxmfkB4pexMYFvT9i/MDUnejlA2skN/Nit1TPuevFqcmrEwStP937D+YpXbOTCbclHw== X-Received: by 2002:a17:906:604c:: with SMTP id p12mr94494193ejj.26.1564585706687; Wed, 31 Jul 2019 08:08:26 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id t16sm8546953ejr.83.2019.07.31.08.08.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 5011C101C44; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 14/59] x86/mm: Add hooks to allocate and free encrypted pages Date: Wed, 31 Jul 2019 18:07:28 +0300 Message-Id: <20190731150813.26289-15-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Hook up into page allocator to allocate and free encrypted page properly. The hardware/CPU does not enforce coherency between mappings of the same physical page with different KeyIDs or encryption keys. We are responsible for cache management. Flush cache on allocating encrypted page and on returning the page to the free pool. prep_encrypted_page() also takes care about zeroing the page. We have to do this after KeyID is set for the page. The patch relies on page_address() to return virtual address of the page mapping with the current KeyID. It will be implemented later in the patchset. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 17 ++++++++ arch/x86/mm/mktme.c | 83 ++++++++++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index 52b115b30a42..a61b45fca4b1 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -43,6 +43,23 @@ static inline int vma_keyid(struct vm_area_struct *vma) return __vma_keyid(vma); } +#define prep_encrypted_page prep_encrypted_page +void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero); +static inline void prep_encrypted_page(struct page *page, int order, + int keyid, bool zero) +{ + if (keyid) + __prep_encrypted_page(page, order, keyid, zero); +} + +#define HAVE_ARCH_FREE_PAGE +void free_encrypted_page(struct page *page, int order); +static inline void arch_free_page(struct page *page, int order) +{ + if (page_keyid(page)) + free_encrypted_page(page, order); +} + #else #define mktme_keyid_mask() ((phys_addr_t)0) #define mktme_nr_keyids() 0 diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index d02867212e33..8015e7822c9b 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,4 +1,5 @@ #include +#include #include /* Mask to extract KeyID from physical address. */ @@ -55,3 +56,85 @@ int __vma_keyid(struct vm_area_struct *vma) pgprotval_t prot = pgprot_val(vma->vm_page_prot); return (prot & mktme_keyid_mask()) >> mktme_keyid_shift(); } + +/* Prepare page to be used for encryption. Called from page allocator. */ +void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) +{ + int i; + + /* + * The hardware/CPU does not enforce coherency between mappings + * of the same physical page with different KeyIDs or + * encryption keys. We are responsible for cache management. + * + * Flush cache lines with KeyID-0. page_address() returns virtual + * address of the page mapping with the current (zero) KeyID. + */ + clflush_cache_range(page_address(page), PAGE_SIZE * (1UL << order)); + + for (i = 0; i < (1 << order); i++) { + /* All pages coming out of the allocator should have KeyID 0 */ + WARN_ON_ONCE(lookup_page_ext(page)->keyid); + + /* + * Change KeyID. From now on page_address() will return address + * of the page mapping with the new KeyID. + * + * We don't need barrier() before the KeyID change because + * clflush_cache_range() above stops compiler from reordring + * past the point with mb(). + * + * And we don't need a barrier() after the assignment because + * any future reference of KeyID (i.e. from page_address()) + * will create address dependency and compiler is not allow to + * mess with this. + */ + lookup_page_ext(page)->keyid = keyid; + + /* Clear the page after the KeyID is set. */ + if (zero) + clear_highpage(page); + + page++; + } +} + +/* + * Handles freeing of encrypted page. + * Called from page allocator on freeing encrypted page. + */ +void free_encrypted_page(struct page *page, int order) +{ + int i; + + /* + * The hardware/CPU does not enforce coherency between mappings + * of the same physical page with different KeyIDs or + * encryption keys. We are responsible for cache management. + * + * Flush cache lines with non-0 KeyID. page_address() returns virtual + * address of the page mapping with the current (non-zero) KeyID. + */ + clflush_cache_range(page_address(page), PAGE_SIZE * (1UL << order)); + + for (i = 0; i < (1 << order); i++) { + /* Check if the page has reasonable KeyID */ + WARN_ON_ONCE(!lookup_page_ext(page)->keyid); + WARN_ON_ONCE(lookup_page_ext(page)->keyid > mktme_nr_keyids()); + + /* + * Switch the page back to zero KeyID. + * + * We don't need barrier() before the KeyID change because + * clflush_cache_range() above stops compiler from reordring + * past the point with mb(). + * + * And we don't need a barrier() after the assignment because + * any future reference of KeyID (i.e. from page_address()) + * will create address dependency and compiler is not allow to + * mess with this. + */ + lookup_page_ext(page)->keyid = 0; + page++; + } +} From patchwork Wed Jul 31 15:07:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068095 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AF77113A4 for ; Wed, 31 Jul 2019 15:09:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B11B1FFD8 for ; Wed, 31 Jul 2019 15:09:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8E5BF201B1; Wed, 31 Jul 2019 15:09:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 20B331FFD8 for ; Wed, 31 Jul 2019 15:09:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DF9998E0016; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id D87BC8E0015; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B877C8E0016; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 6788E8E0015 for ; Wed, 31 Jul 2019 11:08:29 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id b12so42546561ede.23 for ; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=3Khe0ucVPgmVgmnJxVPmTI2qFbR46a/XU3GbaeIl9uc=; b=o8pNKTFX70Le8eKmPSCRaPgkjaQ3UbX6uzugicDt6ou8ySqswashzeENu0UHO0JA3d v81w6BgFByxh1VWwJTOiZ7/HrX//u4Smn+5r7fU/wQ1cCdrRhUfDZIJ5FVcdcqltvcF+ 8JWtu7Jm9dMS3wTWRi5iowd6KZhPytT3g8lyLp5hhA6sP9QCIukG75eDbSr00q6p12xp R2LIb5DcOTzuy+L+hqBhD65oyZp22rUHl4nKt2W9OwQTpk7Zk2NEYsBEnWaMY9arx5XB vrGEjFFpPNrCgZhHVDRcsM2cq8uuiWtRI0xRquGZIl8lmtPUErRZljX/802bSK71sHQN FIww== X-Gm-Message-State: APjAAAUMPIjiJ0TGuH7JZpH6F0EPDwTnR8nwnKAfipCthiPszkIyvjo1 SnXPDw2QdfdQhs+0kVINzULcT5rNvJj3S+Fjt4GQut5epFXDfg/PjW0XB/EQzZ1XlItRTYsa8GC 2BIpLUNZvC7fv4Bw7rUArz3k4SUp9vWS6leGVanVjq6tBy3V5j9I6V0QYAY5cLIY= X-Received: by 2002:a50:b803:: with SMTP id j3mr105078544ede.208.1564585709004; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) X-Received: by 2002:a50:b803:: with SMTP id j3mr105078410ede.208.1564585707763; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585707; cv=none; d=google.com; s=arc-20160816; b=YeGS6yFMAO8Pq9VYaoXX8yWBGdxK4Nky2fSmrQrVIq8bI21RTDCIxqLV685kWuEfNd aOX13ak4FXV7Pyjgtcn6nLWFgJRJ8rdY/7LvJGUnwBgvaBjdxUCq2HzetaVnzPUwLn8B YJ1RnqcVqEmBE1to4n+WRE8H1/yveZ96qQnnFF3jFUirOkSLMjdn/Gx+6wqSrboTaPHq dyxev0Y2zVfFmvlamPOUaPcNftEnOefzVgcM7F77arLzKejklVv1mlqObhHaveBaE9b5 pQxyDZUeWa2TKyMiMLVTh7u5eVmTovX0Oqg6adKxkpqKbFnfQ/kQXdMzSTst7q6ZlR14 37tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=3Khe0ucVPgmVgmnJxVPmTI2qFbR46a/XU3GbaeIl9uc=; b=g9TvYCIrjiHDWcS/FRxX/efiXzKW/oYkQ1IDVbcT5MfFAmNj+pWNghO5YphlzHkLio IgAP7jS2MU1hBYLkyUl5vk6Ky3IBxKS/ZK0RGlpFXCu4+BPH3u+a8lGlbWc1b7U+TAY0 RqUhTAZJ7K0z5OZAmeK7/ZyETcfqBqBPHuvSe+ldJpumJKWU1cRuXqXgGXU6ANkaelGF QOVILdgxlYL/VWYY/Shvl93WFkuCuDicvHBvQhqHndEDcPevr1JMbpVsnvxDe4EWeDCn MBtcAY2a5BFH+uoG04u88PMIGKhC+Msc8tPs+kS95JGPhDcAQU/KZJkcwDAi1SXl8fV9 FHBw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="gQI/TJw+"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y14sor52038568edu.28.2019.07.31.08.08.27 for (Google Transport Security); Wed, 31 Jul 2019 08:08:27 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="gQI/TJw+"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3Khe0ucVPgmVgmnJxVPmTI2qFbR46a/XU3GbaeIl9uc=; b=gQI/TJw+wOqQw6LekNivfnNF6fibSqE/4WRzpwQ/xFvdfdzWIOKXpHhUn1bQVL5jdd s8R19Qps0QXcAPV0lO52UPBPITRDjAjDh/SdNDwu3XRjm5lsTT8qIamQcIZguTQYJIiB yIDfiSG+yNKGj0VjCG1RwhE4MWsax7zVXdKlnNwaiqDH/+nGjkdysfv6DFMPxlgpyJ3M o4jOiLhIl2Dn3zA6LPYDjCqNEtUQXPdGkN8q+07zTnoXPf13J7sXjetyVxHr4kSOq0fX pfmdMsUgm3rA6XWvbZ6saiZTASDDzRaVlogKfpNeKQARtiXGKhBjMKlIiR+9TtiOMwHK UhzQ== X-Google-Smtp-Source: APXvYqyYETJB0gBc/rsdzF8ujwDgg52+44KLAYVNOsjGpZelFLVDgZMEkF6ZatMWv69FcpZwOd/juw== X-Received: by 2002:a50:ad2c:: with SMTP id y41mr105394092edc.300.1564585707403; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id b30sm17643661ede.88.2019.07.31.08.08.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 56F3C1023AA; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 15/59] x86/mm: Map zero pages into encrypted mappings correctly Date: Wed, 31 Jul 2019 18:07:29 +0300 Message-Id: <20190731150813.26289-16-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Zero pages are never encrypted. Keep KeyID-0 for them. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/pgtable.h | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index 0bc530c4eb13..f0dd80a920a9 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -820,6 +820,19 @@ static inline unsigned long pmd_index(unsigned long address) */ #define mk_pte(page, pgprot) pfn_pte(page_to_pfn(page), (pgprot)) +#define mk_zero_pte mk_zero_pte +static inline pte_t mk_zero_pte(unsigned long addr, pgprot_t prot) +{ + extern unsigned long zero_pfn; + pte_t entry; + + prot.pgprot &= ~mktme_keyid_mask(); + entry = pfn_pte(zero_pfn, prot); + entry = pte_mkspecial(entry); + + return entry; +} + /* * the pte page can be thought of an array like this: pte_t[PTRS_PER_PTE] * @@ -1153,6 +1166,12 @@ static inline void ptep_set_wrprotect(struct mm_struct *mm, #define mk_pmd(page, pgprot) pfn_pmd(page_to_pfn(page), (pgprot)) +#define mk_zero_pmd(zero_page, prot) \ +({ \ + prot.pgprot &= ~mktme_keyid_mask(); \ + pmd_mkhuge(mk_pmd(zero_page, prot)); \ +}) + #define __HAVE_ARCH_PMDP_SET_ACCESS_FLAGS extern int pmdp_set_access_flags(struct vm_area_struct *vma, unsigned long address, pmd_t *pmdp, From patchwork Wed Jul 31 15:07:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068099 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 821FF746 for ; Wed, 31 Jul 2019 15:09:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6C7551FFD8 for ; Wed, 31 Jul 2019 15:09:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 600BF201B1; Wed, 31 Jul 2019 15:09:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EB66E1FFD8 for ; Wed, 31 Jul 2019 15:09:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 87F078E0017; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 794D78E0013; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 596BC8E0018; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id 053178E0017 for ; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id f3so42564587edx.10 for ; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=h0//8b8JhmDYiWR+Ncdp81M8YpF3RR/HYJneA6rLbBE=; b=LCGMICBjVH53PrRdNlmSPxS1rTy49gwNGrIpW9IqWWlFI7UFq+Ch1ZW0Axfa3Vg/95 iKNJN5fY3fi93w6bIFTZmtqk/EEE03NX43YWu8x9+dibDaeewHC+Gd+DD9ThQIRwkKyq 2h/HoHg9taSM3kgD3AwJLTYSzm59Ie62iKnj7oZHtD7QqWsyoUuMB04YHsRU73GH4uTR /2AiIqM7XfP11JdIbuypmGGf/57IaWaBL4DuPWgMKCxIxFeB3TfVFN28E5zpsv0cMK17 pckJuJa1BdmP7+pimtR1o6otJN9VZV2H1qSAoDQG7aJyODLhCluvA/Y4qfeVejtOaQOG lrsQ== X-Gm-Message-State: APjAAAXYruNsGrEeX2wV6pFeeY2VRv/1DhlbSzKfhRbLxtBtDUVFYbFM y/OepPZUj3BfHO3YScSWG1LM6SOyiwyEgaKz647h73QRbfQt9PmXOfylG0IvFUiibIQ+m7PfjS5 +6FwEaUHrAjNne28hhskRBSY14ucUgw9auWS0fpfu4Z6U++u20tIbsEfg/wTlcvk= X-Received: by 2002:a17:907:20b7:: with SMTP id pw23mr96116102ejb.127.1564585709588; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) X-Received: by 2002:a17:907:20b7:: with SMTP id pw23mr96115982ejb.127.1564585708328; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585708; cv=none; d=google.com; s=arc-20160816; b=rY59B3vn8zMK77XlRqEsZDXZN2s2GkJYX9LkvpI4ejj5Y1gTOOQZlvpJ0uX4QgCF/d +pDUemn4JRBBSH9lJ5YUIdileuOYJpOanSY+NPbadxV4pyS9XBauS5kQ4XhWKgVaNk5Y 1Gxa3+2t6iS2ajuTwl5E0calTGvlsI96+d8IUigdMuzWkpCcLbmGPviUcps5G1fFkk42 OOAsvALB5uwx+mO16APK3p00Bjw89vz3bVpthn01/ncZnDFxrpXzRYk1Nr8hsvDXPcNB QVyj/nCZTTfH1ilFKg73Bk32s5UBpVJ0wOna9nqiuip2cDRWWgkcsR/LfNcM/Lyu/se5 9rAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=h0//8b8JhmDYiWR+Ncdp81M8YpF3RR/HYJneA6rLbBE=; b=gmFGk+3X6379W1S6blDLaId+LHTCU1xAdzMqbtOLxDgu4Ndcy9C/VArLeQKhfkl99a K+k5HRohtbXXid/ZT4N50Lw9bD5ZqfCqQgV6phv0OWgVbORr+pGF6WHIj7YNSPfgAX4H AlQcH7ByyGnG3nTWfzaws/nFP1PUckYx8ZGBDVI/rtDVgUthvSLoCaYQovyly4a9hSA7 7POBpXNchtSYE1CApT1/iN1CNIUw6B6oem5BrIPPYEAZlv73c/uOs8gTQ2fKAPEG8vCo MKzsRA8yw0TCUCcJRkFrXTeg9bei3tQrGrVbYGufz+nIjDHYqfSuXBMwDJgJi5NVG6ie 2b0A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="kpoM7/cz"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id jt17sor21767905ejb.23.2019.07.31.08.08.28 for (Google Transport Security); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="kpoM7/cz"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=h0//8b8JhmDYiWR+Ncdp81M8YpF3RR/HYJneA6rLbBE=; b=kpoM7/czG2vuCwsXq98nirdJYBOwr8KtzxM9+afNHenqhKIfVEFjDG3vbbM89v9hU6 YMAzAAX30FdCqCWqUZzuyEQfYHEZ5SGXYXGaTc/RfM7vFtD/yULcwWNLageDoX/8krFH n4QKoyHVqCbs14roQ7VJaujfaJiV2Mk09sz0OeErJzlvISCfVQW2kNTXy8w9Gxm3/IwU dcejxnmJWBrLcdeNajBBaL1AUmO1liY5yMiINB1/ytr9VKZzK36rf3vWWCycIhQ15tIE DSLnTwriWXZKdOs1A4sQUyGiM4P5PvUWt23VhEqgSeYDF0Ha/yNAfcCo2u0r6R6Yiip8 wAXQ== X-Google-Smtp-Source: APXvYqxzkJr6sogcwi+BoQU+16q789SLZB/aHhQhjukCfnhAW3wOEpwRSp2oNCYJ50Xj+teIukdhFg== X-Received: by 2002:a17:906:c315:: with SMTP id s21mr93121050ejz.238.1564585708018; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id q56sm17019541eda.28.2019.07.31.08.08.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 5DF9E102772; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 16/59] x86/mm: Rename CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING Date: Wed, 31 Jul 2019 18:07:30 +0300 Message-Id: <20190731150813.26289-17-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Rename the option to CONFIG_MEMORY_PHYSICAL_PADDING. It will be used not only for KASLR. Signed-off-by: Kirill A. Shutemov --- arch/x86/Kconfig | 2 +- arch/x86/mm/kaslr.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 222855cc0158..2eb2867db5fa 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2214,7 +2214,7 @@ config RANDOMIZE_MEMORY If unsure, say Y. -config RANDOMIZE_MEMORY_PHYSICAL_PADDING +config MEMORY_PHYSICAL_PADDING hex "Physical memory mapping padding" if EXPERT depends on RANDOMIZE_MEMORY default "0xa" if MEMORY_HOTPLUG diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c index dc6182eecefa..580b82c2621b 100644 --- a/arch/x86/mm/kaslr.c +++ b/arch/x86/mm/kaslr.c @@ -104,7 +104,7 @@ void __init kernel_randomize_memory(void) */ BUG_ON(kaslr_regions[0].base != &page_offset_base); memory_tb = DIV_ROUND_UP(max_pfn << PAGE_SHIFT, 1UL << TB_SHIFT) + - CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING; + CONFIG_MEMORY_PHYSICAL_PADDING; /* Adapt phyiscal memory region size based on available memory */ if (memory_tb < kaslr_regions[0].size_tb) From patchwork Wed Jul 31 15:07:31 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068333 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0E73413A4 for ; Wed, 31 Jul 2019 15:24:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EF15D205A4 for ; Wed, 31 Jul 2019 15:24:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E31B220223; Wed, 31 Jul 2019 15:24:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 610B5209CE for ; Wed, 31 Jul 2019 15:24:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BA4CF8E003B; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B2CAB8E003F; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9345D8E003B; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 39CA68E003D for ; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id r21so42638016edc.6 for ; Wed, 31 Jul 2019 08:23:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=XA7E5KeaJUbYeM2K2rhZVp4Ezd7kZRGT8yUA9YU5Vno=; b=ZkHHPuWKzGBGY7cP8il2+v7vf8lgtebw3cDX7dBuYIc/qmIq4vFDySnghP3yOAHW3g 4UcKvsHCPLqbyIYYzC8XoNldsMM16SX9DKFdzpRjYextyl2Sg0ERDnMXFzTfEFN/pvd8 313+nnvqkfxH5U5aXHTz9oJpXsfSXL8o8c4mLV+j7c0MzbBylfjlp6O0bNWaNHW6xPFR BUpM6ZIL2YknzYm8T7VodHFmw6WEk+ZMOyyt8MDELf7riWAwEBX8iYr4DbNU+u5G+Mfb dOmF5p4fPC6GNK11ney5EPsvsbP/TOoqAQ5s6zG7MJ2WcYsT0m3cvN4nTphHdqNH412U BZ3A== X-Gm-Message-State: APjAAAWy3aUCyIzjRGvJWRZIfYvdJiEvDTai3mq2tUJyyf8f/5XvPz4e OEeogscolnqRsYDcJEsC3Emm/KOKb3CbOej+InkbAIEUbvh/4VfU5PIqk+WQi9p9iLZ12dR5Lhj vinstnUZTbZv6zE+rmRVF2GJco5ubvAq8AccOWnvXoFRRaNOyR50At0OBrxEDYvM= X-Received: by 2002:a50:8974:: with SMTP id f49mr105463421edf.95.1564586631804; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) X-Received: by 2002:a50:8974:: with SMTP id f49mr105463322edf.95.1564586630626; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586630; cv=none; d=google.com; s=arc-20160816; b=NyuKSAFuvJWFqyOZycPBL4h7GPZsXuFPDhYQJl1CFcQR8aTx7TVDfgrOk5saT5ezSF ivG09gUkGy0XzHObuMw3StjMXu7LBCvLBl/TyiBsf3pmOmkOuw8WiGWJby0n3IXigF9W gvhhldc1QYQC76sxcshH8m3aLGIzLLop8ir/PUAaRPUkJVym7ZfDQsYDGfLECPuIz16y FiFnPoT5a5zh+p734YVal4dJhvVPF6pnT9GOBQB6lulBWuR1vcuZrLcR2Q59oaYgjtR7 dbtbyw5IfcPlFwEK+7kQdFHIiAkvOWDFMXUkV4Z8eS6QLQXzoS78Tw7AQGw1D2R+XIyy oDQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=XA7E5KeaJUbYeM2K2rhZVp4Ezd7kZRGT8yUA9YU5Vno=; b=vyKxzgyPtYRoWy5JeeIR+FpGPeT8J4O+YSdfT9tD/0d90TKoso6FokBW8r3X9bhzP9 vhdYU777DCSCPuXc2QnuA4vjGGIaJjuIhWSMudX2wCHIDQ4uFYAOvoo+yIhdZJ1EHabt WqApLaKxPDzLXyQL6P7MFd5UZUx3umB0dsoGhvB/975VKuzWwz+07WozLA8mk+81sGGc S/A8tPafWU/+vT/KxAczXg4cc9jmMnnI8otKnBx8NkANgO7kQ+WkA7A7RLJ2CGshD3QL Zp1qWUCOHg/L1L26uyO4De7vbesYgQmkOJVDMix/MYYmMYo4POmwC6l7KLdCvto2t2pI 3fLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=JWeiHziH; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id c4sor52376319edn.29.2019.07.31.08.23.50 for (Google Transport Security); Wed, 31 Jul 2019 08:23:50 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=JWeiHziH; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=XA7E5KeaJUbYeM2K2rhZVp4Ezd7kZRGT8yUA9YU5Vno=; b=JWeiHziHkn6XUi3iIplmGfT52a/0zxqWGFzXmszrNQRkV2LwyrAs/kin1BCvzl8D2g yPo5Vx4EKfuDM4BYN6yW2Wq+cCpZxizYwv7iwcWbuGnSIxyXHRUGoae6uIuCDrK7mVIH xzTngkApmdVD8IRLep9RK8d9L9t//qm1rGPEilmeOZ4y8P3K0gF5VP3e4kA4nP4Iu/SI H3wU+PfBV2o5YEK4noOFw3jff/xt6DObnFczx9D9SKtfMQvKeaTS3TZeAEnh1z2iouOI znt+q/4tcd/EsPVDW/3K93NZpgDh60EwOqhnnuSAuZpsWbtKZkMkfICwoaZYcdqaS/CB gGRw== X-Google-Smtp-Source: APXvYqygZ5MBpQtdpZUq0Kg4NNTneIlpIbVYF7hlIaO8yQtO6FOtK69pmeSCoz1g6SVwfQ5huucSCQ== X-Received: by 2002:a50:b1db:: with SMTP id n27mr108755394edd.62.1564586630295; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id j7sm17555887eda.97.2019.07.31.08.23.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 64D3C1028A2; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 17/59] x86/mm: Allow to disable MKTME after enumeration Date: Wed, 31 Jul 2019 18:07:31 +0300 Message-Id: <20190731150813.26289-18-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The new helper mktme_disable() allows to disable MKTME even if it's enumerated successfully. MKTME initialization may fail and this functionality allows system to boot regardless of the failure. MKTME needs per-KeyID direct mapping. It requires a lot more virtual address space which may be a problem in 4-level paging mode. If the system has more physical memory than we can handle with MKTME the feature allows to fail MKTME, but boot the system successfully. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 5 +++++ arch/x86/kernel/cpu/intel.c | 5 +---- arch/x86/mm/mktme.c | 10 ++++++++++ 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index a61b45fca4b1..3fc246acc279 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -22,6 +22,8 @@ static inline bool mktme_enabled(void) return static_branch_unlikely(&mktme_enabled_key); } +void mktme_disable(void); + extern struct page_ext_operations page_mktme_ops; #define page_keyid page_keyid @@ -71,6 +73,9 @@ static inline bool mktme_enabled(void) { return false; } + +static inline void mktme_disable(void) {} + #endif #endif diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 4c2d70287eb4..9852580340b9 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -650,10 +650,7 @@ static void detect_tme(struct cpuinfo_x86 *c) * We must not allow onlining secondary CPUs with non-matching * configuration. */ - physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; - __mktme_keyid_mask = 0; - __mktme_keyid_shift = 0; - __mktme_nr_keyids = 0; + mktme_disable(); } #endif diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 8015e7822c9b..1e8d662e5bff 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -33,6 +33,16 @@ unsigned int mktme_algs; DEFINE_STATIC_KEY_FALSE(mktme_enabled_key); EXPORT_SYMBOL_GPL(mktme_enabled_key); +void mktme_disable(void) +{ + physical_mask = (1ULL << __PHYSICAL_MASK_SHIFT) - 1; + __mktme_keyid_mask = 0; + __mktme_keyid_shift = 0; + __mktme_nr_keyids = 0; + if (mktme_enabled()) + static_branch_disable(&mktme_enabled_key); +} + static bool need_page_mktme(void) { /* Make sure keyid doesn't collide with extended page flags */ From patchwork Wed Jul 31 15:07:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068157 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1FD4013A4 for ; Wed, 31 Jul 2019 15:10:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0AFEB201F5 for ; Wed, 31 Jul 2019 15:10:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id F313B1FF14; Wed, 31 Jul 2019 15:10:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2A11620243 for ; Wed, 31 Jul 2019 15:10:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 481A78E001E; Wed, 31 Jul 2019 11:10:39 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 432318E0005; Wed, 31 Jul 2019 11:10:39 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D2758E001E; Wed, 31 Jul 2019 11:10:39 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id CF5178E0005 for ; Wed, 31 Jul 2019 11:10:38 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id o13so42620463edt.4 for ; Wed, 31 Jul 2019 08:10:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=lUZ5o3KyzJhrWdCGYLPb2yVyWjyFss5E3sxw1k1xFj4=; b=cOQkMff9Ix1gaRx8WfaGj3a6t2FX6lZI7mcWA7bVuXcM+VyiRQ9+m/+UBZXVHZ/Nkt ddAy1nznzzUW7dl3iXehtfsFUgY+84UMvDTHkZpthpF03A+OJYfbNlFmiFJ990zee+5R dEL7ujSSszz2gGtCyF0hnZjyWawe7aDH/do6DMWribxxq54f/mG5BArnKk5x7dberrQA 1Pk8jG+Oe/5si9/VmkbbeAyvigJh8SCRE69Z6b/vIXhDe5lIAAerXkuW8wRN07lVQag5 ziSEoWwHGBkl52zDeYi8v2KaUPSrIpDlrb0NzL2cGQoMY1tvUEAfbEeCCw8tetkB13Ho DLQg== X-Gm-Message-State: APjAAAWIrViL19XTpMYHq1hr2LssfUn1ZW0LZlmOV3DFRtS8lqHtwHNF +EMuH2ljonq5YOxjRbyXLykWNVVjeKQCP5FTiDdmtZ9kKCAyeXawD8/IzNfEFuygUmxkvsC/idh wx0GGF7Sg2kr0wMUkFRKeW6WWL82MKlMBbN5DnAYDyOSjsmsZHkDLfet5XDKiwf0= X-Received: by 2002:a17:906:f2d0:: with SMTP id gz16mr2101746ejb.21.1564585838188; Wed, 31 Jul 2019 08:10:38 -0700 (PDT) X-Received: by 2002:a17:906:f2d0:: with SMTP id gz16mr2089966ejb.21.1564585706691; Wed, 31 Jul 2019 08:08:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585706; cv=none; d=google.com; s=arc-20160816; b=RoUUhQcQJB0YXp95U1+7Pzu+w3zXWz/ls21/PJWQNzYwklRiQ6yrNaiSuNDf8R5oZJ fqrdfLBPO6jBpWOXwRajt9CDPZ1BO8CXDdJVl2aHJ0ked5Ioefu//TkAY8CvOWNij3/Y 2aA4UZs3zmkllreA+3e1rKLJjKtuDWSmhzwtA5MR+Vpdoo6LdKynoELTIieyEhkcZoqO shtjnl64ID9o4n48luxh/eCTJh8p4eZCUdxFqeEGZ3drsnPR8GoRc3pJz9Ynga8pfE1u 8Zcs0d5CEUPdKiO7tDE90DH656SryHe7yocWoMAAF5736xJ2HLB1ssm22EhKXK2aLnSh NGDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=lUZ5o3KyzJhrWdCGYLPb2yVyWjyFss5E3sxw1k1xFj4=; b=YDHyDBhZEwWsQyJ+u0xLMJdiTJqTfBGsfhg5Tpb4zrZHYuhPQ7YWWJZeYnARv543OC 14763R3OGHLB0wME6Km/6QnA9JqxqkNFou+Mq3s0pZEZ67UuxvDMB7rrBT1iWRLRFMBl 7FJMaC/KzceUSwsqeDm+uzAaYDqJm99G2lwsyHY8AJmXxrJYCKIJQzuMMfPrGP9veVM2 cWmejI+prEpbp9DAU/REVLG69hpZysvTsCgSHCrlnz7kuw9m9kgCjc8EpWjavCMBjGDi SzJyuSPuqQjGA2RuASCN1HUtepvNQuE8j6BpH7TzOlOi4bEmLWzfH2fT7EvmTPHAjzCO vp5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=f87cDXaJ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id e1sor22572743ejc.8.2019.07.31.08.08.26 for (Google Transport Security); Wed, 31 Jul 2019 08:08:26 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=f87cDXaJ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=lUZ5o3KyzJhrWdCGYLPb2yVyWjyFss5E3sxw1k1xFj4=; b=f87cDXaJ8tGVJamu+eP2PyzCUG+ZqKOVZGcAGMCXDWHjkJRyvJrzvQl3kbA74mRwxX OqfZG5qQ+bo+nU4FmQUQEfW8xtRk3mQqCOhXO4ONCK2ETh94d3kePxhHQni0xuu74lB4 Y20jFqWjk03QJHsbAjUW4+PFAHLmrv0r6qgsbOO6Jd3/C5xW3cbTj34qRDlJTmRtO5jx RWRM2zh83FmKCv2tiLddj/gDtFIbBkm3P+F0EW4xaKzZM7lJSg8hSxUFcFFMufgrsNgt eaUf+JW89LkyPwaNnhVGpOMNBErtkA5zeIGuiR/MLONHF6hagKmRxYvFL5eQn9P8H2G7 0/oQ== X-Google-Smtp-Source: APXvYqwFfmfqoKDjr35+pHqpLUwSHQdO/AlnABQJgMuN58XW0JuVzWoIJ2kNgFPcROx7eyZq64QKqA== X-Received: by 2002:a17:906:489a:: with SMTP id v26mr95592305ejq.234.1564585706213; Wed, 31 Jul 2019 08:08:26 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id b53sm17306948edd.45.2019.07.31.08.08.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:22 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 6BDC6102993; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 18/59] x86/mm: Calculate direct mapping size Date: Wed, 31 Jul 2019 18:07:32 +0300 Message-Id: <20190731150813.26289-19-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP The kernel needs to have a way to access encrypted memory. We have two option on how approach it: - Create temporary mappings every time kernel needs access to encrypted memory. That's basically brings highmem and its overhead back. - Create multiple direct mappings, one per-KeyID. In this setup we don't need to create temporary mappings on the fly -- encrypted memory is permanently available in kernel address space. We take the second approach as it has lower overhead. It's worth noting that with per-KeyID direct mappings compromised kernel would give access to decrypted data right away without additional tricks to get memory mapped with the correct KeyID. Per-KeyID mappings require a lot more virtual address space. On 4-level machine with 64 KeyIDs we max out 46-bit virtual address space dedicated for direct mapping with 1TiB of RAM. Given that we round up any calculation on direct mapping size to 1TiB, we effectively claim all 46-bit address space for direct mapping on such machine regardless of RAM size. Increased usage of virtual address space has implications for KASLR: we have less space for randomization. With 64 TiB claimed for direct mapping with 4-level we left with 27 TiB of entropy to place page_offset_base, vmalloc_base and vmemmap_base. 5-level paging provides much wider virtual address space and KASLR doesn't suffer significantly from per-KeyID direct mappings. It's preferred to run MKTME with 5-level paging. A direct mapping for each KeyID will be put next to each other in the virtual address space. We need to have a way to find boundaries of direct mapping for particular KeyID. The new variable direct_mapping_size specifies the size of direct mapping. With the value, it's trivial to find direct mapping for KeyID-N: PAGE_OFFSET + N * direct_mapping_size. Size of direct mapping is calculated during KASLR setup. If KALSR is disabled it happens during MKTME initialization. With MKTME size of direct mapping has to be power-of-2. It makes implementation of __pa() efficient. Signed-off-by: Kirill A. Shutemov --- Documentation/x86/x86_64/mm.rst | 4 +++ arch/x86/include/asm/page_32.h | 1 + arch/x86/include/asm/page_64.h | 2 ++ arch/x86/include/asm/setup.h | 6 ++++ arch/x86/kernel/head64.c | 4 +++ arch/x86/kernel/setup.c | 3 ++ arch/x86/mm/init_64.c | 58 +++++++++++++++++++++++++++++++++ arch/x86/mm/kaslr.c | 11 +++++-- 8 files changed, 86 insertions(+), 3 deletions(-) diff --git a/Documentation/x86/x86_64/mm.rst b/Documentation/x86/x86_64/mm.rst index 267fc4808945..7978afe6c396 100644 --- a/Documentation/x86/x86_64/mm.rst +++ b/Documentation/x86/x86_64/mm.rst @@ -140,6 +140,10 @@ The direct mapping covers all memory in the system up to the highest memory address (this means in some cases it can also include PCI memory holes). +With MKTME, we have multiple direct mappings. One per-KeyID. They are put +next to each other. PAGE_OFFSET + N * direct_mapping_size can be used to +find direct mapping for KeyID-N. + vmalloc space is lazily synchronized into the different PML4/PML5 pages of the processes using the page fault handler, with init_top_pgt as reference. diff --git a/arch/x86/include/asm/page_32.h b/arch/x86/include/asm/page_32.h index 94dbd51df58f..8bce788f9ca9 100644 --- a/arch/x86/include/asm/page_32.h +++ b/arch/x86/include/asm/page_32.h @@ -6,6 +6,7 @@ #ifndef __ASSEMBLY__ +#define direct_mapping_size 0 #define __phys_addr_nodebug(x) ((x) - PAGE_OFFSET) #ifdef CONFIG_DEBUG_VIRTUAL extern unsigned long __phys_addr(unsigned long); diff --git a/arch/x86/include/asm/page_64.h b/arch/x86/include/asm/page_64.h index 939b1cff4a7b..f57fc3cc2246 100644 --- a/arch/x86/include/asm/page_64.h +++ b/arch/x86/include/asm/page_64.h @@ -14,6 +14,8 @@ extern unsigned long phys_base; extern unsigned long page_offset_base; extern unsigned long vmalloc_base; extern unsigned long vmemmap_base; +extern unsigned long direct_mapping_size; +extern unsigned long direct_mapping_mask; static inline unsigned long __phys_addr_nodebug(unsigned long x) { diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h index ed8ec011a9fd..d2861074cf83 100644 --- a/arch/x86/include/asm/setup.h +++ b/arch/x86/include/asm/setup.h @@ -62,6 +62,12 @@ extern void x86_ce4100_early_setup(void); static inline void x86_ce4100_early_setup(void) { } #endif +#ifdef CONFIG_MEMORY_PHYSICAL_PADDING +void calculate_direct_mapping_size(void); +#else +static inline void calculate_direct_mapping_size(void) { } +#endif + #ifndef _SETUP #include diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 29ffa495bd1c..006d3ff46afe 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -60,6 +60,10 @@ EXPORT_SYMBOL(vmalloc_base); unsigned long vmemmap_base __ro_after_init = __VMEMMAP_BASE_L4; EXPORT_SYMBOL(vmemmap_base); #endif +unsigned long direct_mapping_size __ro_after_init = -1UL; +EXPORT_SYMBOL(direct_mapping_size); +unsigned long direct_mapping_mask __ro_after_init = -1UL; +EXPORT_SYMBOL(direct_mapping_mask); #define __head __section(.head.text) diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index bbe35bf879f5..d12431e20876 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -1077,6 +1077,9 @@ void __init setup_arch(char **cmdline_p) */ init_cache_modes(); + /* direct_mapping_size has to be initialized before KASLR and MKTME */ + calculate_direct_mapping_size(); + /* * Define random base addresses for memory sections after max_pfn is * defined and before each memory section base is used. diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c index a6b5c653727b..4c1f93df47a5 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -1440,6 +1440,64 @@ unsigned long memory_block_size_bytes(void) return memory_block_size_probed; } +#ifdef CONFIG_MEMORY_PHYSICAL_PADDING +void __init calculate_direct_mapping_size(void) +{ + unsigned long available_va; + + /* 1/4 of virtual address space is didicated for direct mapping */ + available_va = 1UL << (__VIRTUAL_MASK_SHIFT - 1); + + /* How much memory the system has? */ + direct_mapping_size = max_pfn << PAGE_SHIFT; + direct_mapping_size = round_up(direct_mapping_size, 1UL << 40); + + if (!mktme_nr_keyids()) + goto out; + + /* + * For MKTME we need direct_mapping_size to be power-of-2. + * It makes __pa() implementation efficient. + */ + direct_mapping_size = roundup_pow_of_two(direct_mapping_size); + + /* + * Not enough virtual address space to address all physical memory with + * MKTME enabled. Even without padding. + * + * Disable MKTME instead. + */ + if (direct_mapping_size > available_va / (mktme_nr_keyids() + 1)) { + pr_err("x86/mktme: Disabled. Not enough virtual address space\n"); + pr_err("x86/mktme: Consider switching to 5-level paging\n"); + mktme_disable(); + goto out; + } + + /* + * Virtual address space is divided between per-KeyID direct mappings. + */ + available_va /= mktme_nr_keyids() + 1; +out: + /* Add padding, if there's enough virtual address space */ + direct_mapping_size += (1UL << 40) * CONFIG_MEMORY_PHYSICAL_PADDING; + if (mktme_nr_keyids()) + direct_mapping_size = roundup_pow_of_two(direct_mapping_size); + + if (direct_mapping_size > available_va) + direct_mapping_size = available_va; + + /* + * For MKTME, make sure direct_mapping_size is still power-of-2 + * after adding padding and calculate mask that is used in __pa(). + */ + if (mktme_nr_keyids()) { + direct_mapping_size = rounddown_pow_of_two(direct_mapping_size); + direct_mapping_mask = direct_mapping_size - 1; + } +} +#endif + #ifdef CONFIG_SPARSEMEM_VMEMMAP /* * Initialise the sparsemem vmemmap using huge-pages at the PMD level. diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c index 580b82c2621b..83af41d289ed 100644 --- a/arch/x86/mm/kaslr.c +++ b/arch/x86/mm/kaslr.c @@ -103,10 +103,15 @@ void __init kernel_randomize_memory(void) * add padding if needed (especially for memory hotplug support). */ BUG_ON(kaslr_regions[0].base != &page_offset_base); - memory_tb = DIV_ROUND_UP(max_pfn << PAGE_SHIFT, 1UL << TB_SHIFT) + - CONFIG_MEMORY_PHYSICAL_PADDING; - /* Adapt phyiscal memory region size based on available memory */ + /* + * Calculate space required to map all physical memory. + * In case of MKTME, we map physical memory multiple times, one for + * each KeyID. If MKTME is disabled mktme_nr_keyids() is 0. + */ + memory_tb = (direct_mapping_size * (mktme_nr_keyids() + 1)) >> TB_SHIFT; + + /* Adapt physical memory region size based on available memory */ if (memory_tb < kaslr_regions[0].size_tb) kaslr_regions[0].size_tb = memory_tb; From patchwork Wed Jul 31 15:07:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068185 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DFFD2746 for ; Wed, 31 Jul 2019 15:14:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CA61B20134 for ; Wed, 31 Jul 2019 15:14:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BE487203B9; Wed, 31 Jul 2019 15:14:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 58B13205FB for ; Wed, 31 Jul 2019 15:14:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DE8DE8E0029; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B14D48E002C; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7B13E8E0029; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id E8C318E0022 for ; Wed, 31 Jul 2019 11:13:55 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id i9so42591655edr.13 for ; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=6dcOutisXa7w0OA/k2AObJgMHjT+CIuNqnczE3/DBrQ=; b=qVVdOWqB8PvXf5R7ai/IlfpdOr8HL4rWmy21Rw6QQb0pUTbuZVK2DYGhakMNH6GdV5 OQPLqTCbjRuEDud1bdmOMevIJproozBSEgjUgJXbbl4UBhrJ9gphA0GSVSqqmeX0VWAy b7QzFCV132A/9+7xF7F9Q9q2Ho6VXQQP8QwKuZaXZG/bWNnObRCuuTJn4y94iuORawc0 KDUDTLKQHvA6/GlBvkYbEwCRqUWUoMhON/RDfI+eUvEn+a18sbvjUmRn2hYa15DtrNle 0dmbnBamj4aPxYV7XH78QPj9BOMUxc+phFs3Tn/h9c13Tg5KzhA7AMi1LxFqe/2Ui5N0 8Ihw== X-Gm-Message-State: APjAAAX1wlh/TkIjpSl92/jfwB4iETHAcsRBOv77RFkX48ZpslBDgMov UwyXoob1GeL50Dag/9xlsGwcYRCwYH51kEw9spgC8NuLyU52Xov5aLpla0fcezIRDq6YZNXt1T6 PdrbvexIvcBZe/qlvp4SeQ1Jl0+yHOubHyQUXi75eubEGpBH14FPpwFbn8FL1NuM= X-Received: by 2002:a17:906:418:: with SMTP id d24mr96713192eja.258.1564586035434; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) X-Received: by 2002:a17:906:418:: with SMTP id d24mr96713032eja.258.1564586033415; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586033; cv=none; d=google.com; s=arc-20160816; b=GJTMWYj3ElLZfmxx9syfqn7PDxc35isX4a2X7bfYp89DSAC8+TS3axNAQT0gG/0MpO O/O8m7QEOUGCCid2crGz8C7LgtSicDo6Dfj2F0YOHhG1EnTTEG9VFN7T6w7u+CwKKLAv HaFkbMO+ZH3a3LsZfnjAaT77j4ExkNCLV66ZDSg9VQN/nTuckQohQLi4Y2TT0GNwynXq 1V8eIl99vto3mo+wPlVQQ96n85XSjxPYScmCxkQgtGgBE8SUxoCm64oRG3vHXUrlOS7u Wn1zD9+o2zY1bg6mIA+YjurSzDzUXhxBoVW8WkrZYhcLed6kuG7YmH6JcjaOH6husnBr oNvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=6dcOutisXa7w0OA/k2AObJgMHjT+CIuNqnczE3/DBrQ=; b=xNiiToZISoHYm1HwWPoRCWNpEVlZhU+fVi6gkMSm1rU3xnLHXS3aAfyhh58Ec7TR4d LD85/bQKfcbACYPYrrcNJr5LUh69+XYXQZiLwFy20FGVU5GYSjeq/wl6HbneeEli8FwK p1OVjjdkvxl1SaswfQftcApkc9coJUxtfjqORY8zE1+QAg4nEzIk51wXVRKinepCPXbl Q1S2CghnSiDZ7l61kLioe27P9K335BZXZeGG2Gcvmx81GTOt/S/x5KalZjQeogWEkRnk gCKveV7yw2l7l882sqUsGR8GWv5Oc1EV7yOJ/Pcd/HgukEMA0wXZDwOzuHqQZ2bi4jkw tKWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=uMkV7dlR; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l22sor52317993eda.1.2019.07.31.08.13.53 for (Google Transport Security); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=uMkV7dlR; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6dcOutisXa7w0OA/k2AObJgMHjT+CIuNqnczE3/DBrQ=; b=uMkV7dlRYvyMPJSqXwVLQaxh1SbMKWA/rm406Ydz9eGRvi8Ft4SJy+9nN22gWE9nDd ukzSoH56vPyqxpbLxjXEVQdYrRICJ3eXKLrgBvRFBms4X0n7IZ+ZkDfkegruHN6WvVvT VYHq1kwbDORHQTBggf4gpsC2HkGEb8Xme0eLM5kcOMkZ+Lj0L0oK5rV1zYjDMJNxRWjh kE59Netr4gNuDmfTCZsRVwCmyv9aL6liFd+uDsoGPs3jxtHmkwXPkxqd+N1WdLw441rw xLD919fxfFbemgAuXp6p/VFQr+63k3I4lodcy1I8OZYnfLHOvaaxOAO79aSd/92Ov9k0 Pn/A== X-Google-Smtp-Source: APXvYqzT/aiiyEFc/2CsYYWiqLLTpjVrXs9HBollStS9amsquCg5LbgKvTyLrvlJSZnlDsAlK0g/mw== X-Received: by 2002:a50:90c5:: with SMTP id d5mr109797190eda.28.1564586032900; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id g7sm16945082eda.52.2019.07.31.08.13.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 733161030BA; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 19/59] x86/mm: Implement syncing per-KeyID direct mappings Date: Wed, 31 Jul 2019 18:07:33 +0300 Message-Id: <20190731150813.26289-20-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP For MKTME we use per-KeyID direct mappings. This allows kernel to have access to encrypted memory. sync_direct_mapping() sync per-KeyID direct mappings with a canonical one -- KeyID-0. The function tracks changes in the canonical mapping: - creating or removing chunks of the translation tree; - changes in mapping flags (i.e. protection bits); - splitting huge page mapping into a page table; - replacing page table with a huge page mapping; The function need to be called on every change to the direct mapping: hotplug, hotremove, changes in permissions bits, etc. The function is nop until MKTME is enabled. Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 6 + arch/x86/mm/init_64.c | 7 + arch/x86/mm/mktme.c | 439 +++++++++++++++++++++++++++++++++++ arch/x86/mm/pageattr.c | 27 +++ 4 files changed, 479 insertions(+) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index 3fc246acc279..d26ada6b65f7 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -62,6 +62,8 @@ static inline void arch_free_page(struct page *page, int order) free_encrypted_page(page, order); } +int sync_direct_mapping(unsigned long start, unsigned long end); + #else #define mktme_keyid_mask() ((phys_addr_t)0) #define mktme_nr_keyids() 0 @@ -76,6 +78,10 @@ static inline bool mktme_enabled(void) static inline void mktme_disable(void) {} +static inline int sync_direct_mapping(unsigned long start, unsigned long end) +{ + return 0; +} #endif #endif diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c index 4c1f93df47a5..6769650ad18d 100644 --- a/arch/x86/mm/init_64.c +++ b/arch/x86/mm/init_64.c @@ -726,6 +726,7 @@ __kernel_physical_mapping_init(unsigned long paddr_start, { bool pgd_changed = false; unsigned long vaddr, vaddr_start, vaddr_end, vaddr_next, paddr_last; + int ret; paddr_last = paddr_end; vaddr = (unsigned long)__va(paddr_start); @@ -762,6 +763,9 @@ __kernel_physical_mapping_init(unsigned long paddr_start, pgd_changed = true; } + ret = sync_direct_mapping(vaddr_start, vaddr_end); + WARN_ON(ret); + if (pgd_changed) sync_global_pgds(vaddr_start, vaddr_end - 1); @@ -1201,10 +1205,13 @@ void __ref vmemmap_free(unsigned long start, unsigned long end, static void __meminit kernel_physical_mapping_remove(unsigned long start, unsigned long end) { + int ret; start = (unsigned long)__va(start); end = (unsigned long)__va(end); remove_pagetable(start, end, true, NULL); + ret = sync_direct_mapping(start, end); + WARN_ON(ret); } void __ref arch_remove_memory(int nid, u64 start, u64 size, diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 1e8d662e5bff..ed13967bb543 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,6 +1,8 @@ #include #include #include +#include +#include /* Mask to extract KeyID from physical address. */ phys_addr_t __mktme_keyid_mask; @@ -54,6 +56,8 @@ static bool need_page_mktme(void) static void init_page_mktme(void) { static_branch_enable(&mktme_enabled_key); + + sync_direct_mapping(PAGE_OFFSET, PAGE_OFFSET + direct_mapping_size); } struct page_ext_operations page_mktme_ops = { @@ -148,3 +152,438 @@ void free_encrypted_page(struct page *page, int order) page++; } } + +static int sync_direct_mapping_pte(unsigned long keyid, + pmd_t *dst_pmd, pmd_t *src_pmd, + unsigned long addr, unsigned long end) +{ + pte_t *src_pte, *dst_pte; + pte_t *new_pte = NULL; + bool remove_pte; + + /* + * We want to unmap and free the page table if the source is empty and + * the range covers whole page table. + */ + remove_pte = !src_pmd && PAGE_ALIGNED(addr) && PAGE_ALIGNED(end); + + /* + * PMD page got split into page table. + * Clear PMD mapping. Page table will be established instead. + */ + if (pmd_large(*dst_pmd)) { + spin_lock(&init_mm.page_table_lock); + pmd_clear(dst_pmd); + spin_unlock(&init_mm.page_table_lock); + } + + /* Allocate a new page table if needed. */ + if (pmd_none(*dst_pmd)) { + new_pte = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); + if (!new_pte) + return -ENOMEM; + dst_pte = new_pte + pte_index(addr + keyid * direct_mapping_size); + } else { + dst_pte = pte_offset_map(dst_pmd, addr + keyid * direct_mapping_size); + } + src_pte = src_pmd ? pte_offset_map(src_pmd, addr) : NULL; + + spin_lock(&init_mm.page_table_lock); + + do { + pteval_t val; + + if (!src_pte || pte_none(*src_pte)) { + set_pte(dst_pte, __pte(0)); + goto next; + } + + if (!pte_none(*dst_pte)) { + /* + * Sanity check: PFNs must match between source + * and destination even if the rest doesn't. + */ + BUG_ON(pte_pfn(*dst_pte) != pte_pfn(*src_pte)); + } + + /* Copy entry, but set KeyID. */ + val = pte_val(*src_pte) | keyid << mktme_keyid_shift(); + val &= __supported_pte_mask; + set_pte(dst_pte, __pte(val)); +next: + addr += PAGE_SIZE; + dst_pte++; + if (src_pte) + src_pte++; + } while (addr != end); + + if (new_pte) + pmd_populate_kernel(&init_mm, dst_pmd, new_pte); + + if (remove_pte) { + __free_page(pmd_page(*dst_pmd)); + pmd_clear(dst_pmd); + } + + spin_unlock(&init_mm.page_table_lock); + + return 0; +} + +static int sync_direct_mapping_pmd(unsigned long keyid, + pud_t *dst_pud, pud_t *src_pud, + unsigned long addr, unsigned long end) +{ + pmd_t *src_pmd, *dst_pmd; + pmd_t *new_pmd = NULL; + bool remove_pmd = false; + unsigned long next; + int ret = 0; + + /* + * We want to unmap and free the page table if the source is empty and + * the range covers whole page table. + */ + remove_pmd = !src_pud && IS_ALIGNED(addr, PUD_SIZE) && IS_ALIGNED(end, PUD_SIZE); + + /* + * PUD page got split into page table. + * Clear PUD mapping. Page table will be established instead. + */ + if (pud_large(*dst_pud)) { + spin_lock(&init_mm.page_table_lock); + pud_clear(dst_pud); + spin_unlock(&init_mm.page_table_lock); + } + + /* Allocate a new page table if needed. */ + if (pud_none(*dst_pud)) { + new_pmd = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); + if (!new_pmd) + return -ENOMEM; + dst_pmd = new_pmd + pmd_index(addr + keyid * direct_mapping_size); + } else { + dst_pmd = pmd_offset(dst_pud, addr + keyid * direct_mapping_size); + } + src_pmd = src_pud ? pmd_offset(src_pud, addr) : NULL; + + do { + pmd_t *__src_pmd = src_pmd; + + next = pmd_addr_end(addr, end); + if (!__src_pmd || pmd_none(*__src_pmd)) { + if (pmd_none(*dst_pmd)) + goto next; + if (pmd_large(*dst_pmd)) { + spin_lock(&init_mm.page_table_lock); + set_pmd(dst_pmd, __pmd(0)); + spin_unlock(&init_mm.page_table_lock); + goto next; + } + __src_pmd = NULL; + } + + if (__src_pmd && pmd_large(*__src_pmd)) { + pmdval_t val; + + if (pmd_large(*dst_pmd)) { + /* + * Sanity check: PFNs must match between source + * and destination even if the rest doesn't. + */ + BUG_ON(pmd_pfn(*dst_pmd) != pmd_pfn(*__src_pmd)); + } else if (!pmd_none(*dst_pmd)) { + /* + * Page table is replaced with a PMD page. + * Free and unmap the page table. + */ + __free_page(pmd_page(*dst_pmd)); + spin_lock(&init_mm.page_table_lock); + pmd_clear(dst_pmd); + spin_unlock(&init_mm.page_table_lock); + } + + /* Copy entry, but set KeyID. */ + val = pmd_val(*__src_pmd) | keyid << mktme_keyid_shift(); + val &= __supported_pte_mask; + spin_lock(&init_mm.page_table_lock); + set_pmd(dst_pmd, __pmd(val)); + spin_unlock(&init_mm.page_table_lock); + goto next; + } + + ret = sync_direct_mapping_pte(keyid, dst_pmd, __src_pmd, + addr, next); +next: + addr = next; + dst_pmd++; + if (src_pmd) + src_pmd++; + } while (addr != end && !ret); + + if (new_pmd) { + spin_lock(&init_mm.page_table_lock); + pud_populate(&init_mm, dst_pud, new_pmd); + spin_unlock(&init_mm.page_table_lock); + } + + if (remove_pmd) { + spin_lock(&init_mm.page_table_lock); + __free_page(pud_page(*dst_pud)); + pud_clear(dst_pud); + spin_unlock(&init_mm.page_table_lock); + } + + return ret; +} + +static int sync_direct_mapping_pud(unsigned long keyid, + p4d_t *dst_p4d, p4d_t *src_p4d, + unsigned long addr, unsigned long end) +{ + pud_t *src_pud, *dst_pud; + pud_t *new_pud = NULL; + bool remove_pud = false; + unsigned long next; + int ret = 0; + + /* + * We want to unmap and free the page table if the source is empty and + * the range covers whole page table. + */ + remove_pud = !src_p4d && IS_ALIGNED(addr, P4D_SIZE) && IS_ALIGNED(end, P4D_SIZE); + + /* + * P4D page got split into page table. + * Clear P4D mapping. Page table will be established instead. + */ + if (p4d_large(*dst_p4d)) { + spin_lock(&init_mm.page_table_lock); + p4d_clear(dst_p4d); + spin_unlock(&init_mm.page_table_lock); + } + + /* Allocate a new page table if needed. */ + if (p4d_none(*dst_p4d)) { + new_pud = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); + if (!new_pud) + return -ENOMEM; + dst_pud = new_pud + pud_index(addr + keyid * direct_mapping_size); + } else { + dst_pud = pud_offset(dst_p4d, addr + keyid * direct_mapping_size); + } + src_pud = src_p4d ? pud_offset(src_p4d, addr) : NULL; + + do { + pud_t *__src_pud = src_pud; + + next = pud_addr_end(addr, end); + if (!__src_pud || pud_none(*__src_pud)) { + if (pud_none(*dst_pud)) + goto next; + if (pud_large(*dst_pud)) { + spin_lock(&init_mm.page_table_lock); + set_pud(dst_pud, __pud(0)); + spin_unlock(&init_mm.page_table_lock); + goto next; + } + __src_pud = NULL; + } + + if (__src_pud && pud_large(*__src_pud)) { + pudval_t val; + + if (pud_large(*dst_pud)) { + /* + * Sanity check: PFNs must match between source + * and destination even if the rest doesn't. + */ + BUG_ON(pud_pfn(*dst_pud) != pud_pfn(*__src_pud)); + } else if (!pud_none(*dst_pud)) { + /* + * Page table is replaced with a pud page. + * Free and unmap the page table. + */ + __free_page(pud_page(*dst_pud)); + spin_lock(&init_mm.page_table_lock); + pud_clear(dst_pud); + spin_unlock(&init_mm.page_table_lock); + } + + /* Copy entry, but set KeyID. */ + val = pud_val(*__src_pud) | keyid << mktme_keyid_shift(); + val &= __supported_pte_mask; + spin_lock(&init_mm.page_table_lock); + set_pud(dst_pud, __pud(val)); + spin_unlock(&init_mm.page_table_lock); + goto next; + } + + ret = sync_direct_mapping_pmd(keyid, dst_pud, __src_pud, + addr, next); +next: + addr = next; + dst_pud++; + if (src_pud) + src_pud++; + } while (addr != end && !ret); + + if (new_pud) { + spin_lock(&init_mm.page_table_lock); + p4d_populate(&init_mm, dst_p4d, new_pud); + spin_unlock(&init_mm.page_table_lock); + } + + if (remove_pud) { + spin_lock(&init_mm.page_table_lock); + __free_page(p4d_page(*dst_p4d)); + p4d_clear(dst_p4d); + spin_unlock(&init_mm.page_table_lock); + } + + return ret; +} + +static int sync_direct_mapping_p4d(unsigned long keyid, + pgd_t *dst_pgd, pgd_t *src_pgd, + unsigned long addr, unsigned long end) +{ + p4d_t *src_p4d, *dst_p4d; + p4d_t *new_p4d_1 = NULL, *new_p4d_2 = NULL; + bool remove_p4d = false; + unsigned long next; + int ret = 0; + + /* + * We want to unmap and free the page table if the source is empty and + * the range covers whole page table. + */ + remove_p4d = !src_pgd && IS_ALIGNED(addr, PGDIR_SIZE) && IS_ALIGNED(end, PGDIR_SIZE); + + /* Allocate a new page table if needed. */ + if (pgd_none(*dst_pgd)) { + new_p4d_1 = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); + if (!new_p4d_1) + return -ENOMEM; + dst_p4d = new_p4d_1 + p4d_index(addr + keyid * direct_mapping_size); + } else { + dst_p4d = p4d_offset(dst_pgd, addr + keyid * direct_mapping_size); + } + src_p4d = src_pgd ? p4d_offset(src_pgd, addr) : NULL; + + do { + p4d_t *__src_p4d = src_p4d; + + next = p4d_addr_end(addr, end); + if (!__src_p4d || p4d_none(*__src_p4d)) { + if (p4d_none(*dst_p4d)) + goto next; + __src_p4d = NULL; + } + + ret = sync_direct_mapping_pud(keyid, dst_p4d, __src_p4d, + addr, next); +next: + addr = next; + dst_p4d++; + + /* + * Direct mappings are 1TiB-aligned. With 5-level paging it + * means that on PGD level there can be misalignment between + * source and distiantion. + * + * Allocate the new page table if dst_p4d crosses page table + * boundary. + */ + if (!((unsigned long)dst_p4d & ~PAGE_MASK) && addr != end) { + if (pgd_none(dst_pgd[1])) { + new_p4d_2 = (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); + if (!new_p4d_2) + ret = -ENOMEM; + dst_p4d = new_p4d_2; + } else { + dst_p4d = p4d_offset(dst_pgd + 1, 0); + } + } + if (src_p4d) + src_p4d++; + } while (addr != end && !ret); + + if (new_p4d_1 || new_p4d_2) { + spin_lock(&init_mm.page_table_lock); + if (new_p4d_1) + pgd_populate(&init_mm, dst_pgd, new_p4d_1); + if (new_p4d_2) + pgd_populate(&init_mm, dst_pgd + 1, new_p4d_2); + spin_unlock(&init_mm.page_table_lock); + } + + if (remove_p4d) { + spin_lock(&init_mm.page_table_lock); + __free_page(pgd_page(*dst_pgd)); + pgd_clear(dst_pgd); + spin_unlock(&init_mm.page_table_lock); + } + + return ret; +} + +static int sync_direct_mapping_keyid(unsigned long keyid, + unsigned long addr, unsigned long end) +{ + pgd_t *src_pgd, *dst_pgd; + unsigned long next; + int ret = 0; + + dst_pgd = pgd_offset_k(addr + keyid * direct_mapping_size); + src_pgd = pgd_offset_k(addr); + + do { + pgd_t *__src_pgd = src_pgd; + + next = pgd_addr_end(addr, end); + if (pgd_none(*__src_pgd)) { + if (pgd_none(*dst_pgd)) + continue; + __src_pgd = NULL; + } + + ret = sync_direct_mapping_p4d(keyid, dst_pgd, __src_pgd, + addr, next); + } while (dst_pgd++, src_pgd++, addr = next, addr != end && !ret); + + return ret; +} + +/* + * For MKTME we maintain per-KeyID direct mappings. This allows kernel to have + * access to encrypted memory. + * + * sync_direct_mapping() sync per-KeyID direct mappings with a canonical + * one -- KeyID-0. + * + * The function tracks changes in the canonical mapping: + * - creating or removing chunks of the translation tree; + * - changes in mapping flags (i.e. protection bits); + * - splitting huge page mapping into a page table; + * - replacing page table with a huge page mapping; + * + * The function need to be called on every change to the direct mapping: + * hotplug, hotremove, changes in permissions bits, etc. + * + * The function is nop until MKTME is enabled. + */ +int sync_direct_mapping(unsigned long start, unsigned long end) +{ + int i, ret = 0; + + if (!mktme_enabled()) + return 0; + + for (i = 1; !ret && i <= mktme_nr_keyids(); i++) + ret = sync_direct_mapping_keyid(i, start, end); + + flush_tlb_all(); + + return ret; +} diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c index 6a9a77a403c9..f4e3205d2cdd 100644 --- a/arch/x86/mm/pageattr.c +++ b/arch/x86/mm/pageattr.c @@ -347,6 +347,33 @@ static void cpa_flush(struct cpa_data *data, int cache) BUG_ON(irqs_disabled() && !early_boot_irqs_disabled); + if (mktme_enabled()) { + unsigned long start, end; + + start = PAGE_OFFSET + (cpa->pfn << PAGE_SHIFT); + end = start + cpa->numpages * PAGE_SIZE; + + /* Round to cover huge page possibly split by the change */ + start = round_down(start, direct_gbpages ? PUD_SIZE : PMD_SIZE); + end = round_up(end, direct_gbpages ? PUD_SIZE : PMD_SIZE); + + /* Sync all direct mapping for an array */ + if (cpa->flags & CPA_ARRAY) { + start = PAGE_OFFSET; + end = PAGE_OFFSET + direct_mapping_size; + } + + /* + * Sync per-KeyID direct mappings with the canonical one + * (KeyID-0). + * + * sync_direct_mapping() does full TLB flush. + */ + sync_direct_mapping(start, end); + if (!cache) + return; + } + if (cache && !static_cpu_has(X86_FEATURE_CLFLUSH)) { cpa_flush_all(cache); return; From patchwork Wed Jul 31 15:07:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068175 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 692D113A4 for ; Wed, 31 Jul 2019 15:14:06 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 55392200E7 for ; Wed, 31 Jul 2019 15:14:06 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 489FB204BE; Wed, 31 Jul 2019 15:14:06 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A500B200E7 for ; Wed, 31 Jul 2019 15:14:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1ED558E0026; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 14BAA8E0022; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F2E138E0026; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id A49868E0022 for ; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id e9so31480795edv.18 for ; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Eu+g52fZa4bEGKyIAIp4EBxePC6msthuJH3Uu+nPhTw=; b=JCzNIsXg0AyBw/TF30uwu/DrpVXt6PejjmMD6//FQCKz+4xk6ZB15/qF+LSUOISRNX tFuqHpzpn+YYiZG0UmzO2a3t05MYQkyOexJdOkxnO4Pz1Ca8yLD9wvgAMAkpJdsptREx SKTdw5Uml9xUt0WOAmD/26e6Cy6XqOYmlaCF2i2CAmeSo1WpnrPrKrkA1ZNjmX40oSih wLH8M+3i5fZhrgrEdRnxVMr/P+sURHQTwlNEdKGnIGYEXBqQojPEEBBNlofku92u0tZ9 ddjMMPNXhOc+cGBH5Q7ORc9ZYvdaMnOu9N1K2NwWIcCCeYEg0zNJi7DcFRzVO9nQ75lw f12g== X-Gm-Message-State: APjAAAVyW/4PEAR7KlPc/Ze1EaLpeeqqtVQWIIy9uB10powLjsMqPY/p YFfXsEJfWFmAMLUK/P4JvPXkHxfRu5bNg9OwxtW/SzT/6rk9oqRNulDTxyESVQcxQQy18bkFF7F FLKH2PvnMJJJxPVh/fwLA6rGu0dFCqBm6SaGepcRLwLxQlBSd6BAAo0GF43riJ20= X-Received: by 2002:a50:9646:: with SMTP id y64mr107648944eda.111.1564586033262; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) X-Received: by 2002:a50:9646:: with SMTP id y64mr107648827eda.111.1564586032190; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586032; cv=none; d=google.com; s=arc-20160816; b=Wq9JmBpDLMoz8UEyj660ZGiNd+uzbgUqBl+3FFIVg39BUQb5VZ8f3UIM6YVOgzJ2jq R/YUaQ+6ZXiGZfpsKtorIj027q52PcQJpjLvWZOHUC/csJ/SJdP5ynbAt7MEDUITic1e lP5MkgDq6x8Zke9Tal/8lmgwuQrSvQaqRkv6f/GrGpVOPENae3r9K97/yTuvI96WFusi 0Q5MDIkmgzXeL68QKW6z52We1K3+1MqWZAubOfNQA7JYYcnDto9A3NFDSyyks10y6Bir ntkjv1gTZWhHtYo9/3lOdT2U23N+p8ybYGD023Y2YNk+c3+BTdxQKIWGjbqleoT0YWL8 iopQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Eu+g52fZa4bEGKyIAIp4EBxePC6msthuJH3Uu+nPhTw=; b=THoyMWFb801ZvhwdF9WA9RSVWnLhWxPdB+CspdGTbpbx20Prs3B4lUC1YMu0RamMTG a59N/Dn94z5N2v1kfGtueD8Mp2Xv9af+HG8UwJkoCRb3t98PD6y+Hl3+qsracuen9cwM yC/Bd7RTDT7s2EQnOOZgHnO0zU8w121Cwc46F4if7gMyDSvxgqkMFlyuIfsX5Qc0rqX4 ATYRwbv3ww5gvCXke0VnFI/s9aZd0F8lbXKO76fDxTCV7KjvwuhIehmGsB5BHqpjKcBy p9UaxiuMF3QdvX/rHO3cTvfzHhqLVF/7QYmngHq94fPBqD3xgMYMSnxd9PQgnl0OBHxk 18zA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=wnJQX8mA; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id i6sor52104106edg.10.2019.07.31.08.13.52 for (Google Transport Security); Wed, 31 Jul 2019 08:13:52 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=wnJQX8mA; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Eu+g52fZa4bEGKyIAIp4EBxePC6msthuJH3Uu+nPhTw=; b=wnJQX8mAznJJYoCaujK7jTh3QOUX6PWjjuHiLLJcqeV5ss0Z+2QOjKE/V/f7i2iOiK nWVMBrRzOEuvD50CqQeMSrlLn2yn9nza0e9HYNf9Ci+gZHXztuPcnXQO8Dv/jueUicfh 7x8hxn+DoCcOemE+5xb8GVrcsoOF21pEeWL359gwrBqCcOEFkYVISmg99A9v32xeC8nY K1fXvjaKfAQ0uf1yUKgRc0FXE0a1c8GjVdeZkh9RF4YCM+ZniD98ehoTPZKfBwPrhyWd vT4LGzn8l+GiV/PrV8efZhSU7sLAmcDsKabNfPrtzDTZJ+6VtoCaBOiq1M24C/XlfUJi ySJg== X-Google-Smtp-Source: APXvYqxAI13PpDAJZQellLR+hBXyuxC6IRUxmch2g01/3TCjBtlaolRAKh1msonh8wE/v8SwQy/t/w== X-Received: by 2002:a50:addc:: with SMTP id b28mr108191573edd.174.1564586031854; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id l2sm16613746edn.59.2019.07.31.08.13.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 7A1691030BB; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 20/59] x86/mm: Handle encrypted memory in page_to_virt() and __pa() Date: Wed, 31 Jul 2019 18:07:34 +0300 Message-Id: <20190731150813.26289-21-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Per-KeyID direct mappings require changes into how we find the right virtual address for a page and virt-to-phys address translations. page_to_virt() definition overwrites default macros provided by . Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/page.h | 3 +++ arch/x86/include/asm/page_64.h | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/page.h b/arch/x86/include/asm/page.h index 39af59487d5f..aff30554f38e 100644 --- a/arch/x86/include/asm/page.h +++ b/arch/x86/include/asm/page.h @@ -72,6 +72,9 @@ static inline void copy_user_page(void *to, void *from, unsigned long vaddr, extern bool __virt_addr_valid(unsigned long kaddr); #define virt_addr_valid(kaddr) __virt_addr_valid((unsigned long) (kaddr)) +#define page_to_virt(x) \ + (__va(PFN_PHYS(page_to_pfn(x))) + page_keyid(x) * direct_mapping_size) + #endif /* __ASSEMBLY__ */ #include diff --git a/arch/x86/include/asm/page_64.h b/arch/x86/include/asm/page_64.h index f57fc3cc2246..a4f394e3471d 100644 --- a/arch/x86/include/asm/page_64.h +++ b/arch/x86/include/asm/page_64.h @@ -24,7 +24,7 @@ static inline unsigned long __phys_addr_nodebug(unsigned long x) /* use the carry flag to determine if x was < __START_KERNEL_map */ x = y + ((x > y) ? phys_base : (__START_KERNEL_map - PAGE_OFFSET)); - return x; + return x & direct_mapping_mask; } #ifdef CONFIG_DEBUG_VIRTUAL From patchwork Wed Jul 31 15:07:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068089 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CD20213A4 for ; Wed, 31 Jul 2019 15:08:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B6A821FFD8 for ; Wed, 31 Jul 2019 15:08:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A9FD1201B1; Wed, 31 Jul 2019 15:08:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 50AC1201B0 for ; Wed, 31 Jul 2019 15:08:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9DD7E8E0011; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 8EF118E0013; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 76B048E0011; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 15F608E0013 for ; Wed, 31 Jul 2019 11:08:28 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id i9so42581491edr.13 for ; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=xZeKfM6T8HTy5YM9YTF4CgvrEAh9gYOHMqOdjRE0jKs=; b=uLAS1+krQpqmiVsB+BfAcFftpVLAiC8wKvk5IYkH3opWr5j0iYgGdkRSgJ384EpS04 S03yQC/KIIXyJ5J8cSRNHsFIhA3p7FWd7eIQjQMIJ/czfYUTKvtpLNwQg5WX+KY+NCAR +NBUdflLKy+P4r0ZAWYJfWRebzl5jsvNowdK2RRPJJFreCjfjq/sYVYs7u0fR+BfliL6 87CO1xUlOhMios3jg9Soc+WDozH2rShV8eP4oEMih40fzKvD5/vp3DeY6h1jmbcnxOH9 4NJ2Zu7XZai6aAbg9A7MIETDcp6jT1wN01aa1DExCj/XkwP9UVgaZFScf/TDkvNyf0AL VZvQ== X-Gm-Message-State: APjAAAXgA9RmRLz/pbwh8tL7i9VZ7ltGRmR4T2SOR50W38bl1e377z3U oTHZkcyCAr1bGdz//ebj6+RR3B8Wp7NAimNaQ4amv0TvQbd5/hTKr+N3jhgl2AGaE8HysVwwUkN rUQ1M1No+5OAQ/eT6Ee/8Bd/4hp+U1W5uSC0KPyScFIBWor3+o/EDjS3ZIwQjPeo= X-Received: by 2002:a17:906:11d6:: with SMTP id o22mr95661164eja.60.1564585707664; Wed, 31 Jul 2019 08:08:27 -0700 (PDT) X-Received: by 2002:a17:906:11d6:: with SMTP id o22mr95661066eja.60.1564585706666; Wed, 31 Jul 2019 08:08:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585706; cv=none; d=google.com; s=arc-20160816; b=f+dM8hCxjRoto8O9g3IY+2nZcFa8OTQcekOmcTqeoMOT+uWfRwMdzoSS4gk4ALarlB 6lILt8hyxsfAQt+QhLYpAy5uw36qLmyk2oGq2K3kMENdmGHKX16CFAK5IUWeSAdoooEj 6GpK6eRmNpssG8ErDFkrW2dxqIZqKQ8x4drKbzVlNiLHjQeXYGjADlSWHqP+7QtNCnpZ 0+QLwPVxO/0hCl8vsIZS3nWM23H+jLtZ9Fdo/5rd6z6JPzekW7I0yBRw22ZblLRdatVM CTND22OfPZblMLM0YYUcub1HS8v4KVQ7vh/1Qd2BZ2Xc5AZ/ciBsR/2dC70478A0P7bb C6cA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=xZeKfM6T8HTy5YM9YTF4CgvrEAh9gYOHMqOdjRE0jKs=; b=FxZbmsqtfFa3Ma/mFN4SqnM95zNagz3irYOWbv3EatPDitk1JTLaBy2OvQt/gwzluF bNnDzSGJiIuhYCJ2ONn10j6FNmNCYEZbeJNQEkva4cViJtt7FE1YkjJH0Osf5fuppB/A RkshUnA94LvdQpI+Itv0/f8TrgXT3pneBr9rt/0+tiO4wafZcBwV1/rwMuLLS64mfW03 dsaeb0rUQB0GtLf/dzB26GDolzv6cmyYemiFLSAUgbbM+HRzCWVZ+l928NzjDNEnXOf4 mk5vmLjEru9CzU59SND5okZEAPfkfStBAFb/hsjBzNF0aSSuXLtvNWda+n8kNDw4eGek 1jqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=CKwTGfqf; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id m20sor22690931ejk.32.2019.07.31.08.08.26 for (Google Transport Security); Wed, 31 Jul 2019 08:08:26 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=CKwTGfqf; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xZeKfM6T8HTy5YM9YTF4CgvrEAh9gYOHMqOdjRE0jKs=; b=CKwTGfqftPDIaRPn/xve4w1+BQofkrfeJaRVwasir0N2gaI86NFwFxg8DcKYfpIb/T zdNo86h2blPndRDZ0oHF3nNNsbgPZ9ud4MhkHLJUh9aosb3WLdon2l9jywmf1XS3jazD g+s2wGJDplnGgg9Qx97RNw21ATe0b/cZO3XgAZrx09sWV5aW3VlaqaOo2g4JU5CT9iwW yz2yB+EFutNa/7GS4L0SAD0v5gg+PKoI8gwxEIyl2R8ZLpFFN6/9CPEQuZXLnwQfKbfG RkPDW9JM4nmysiqjOl3J1FDnQRNyj344DXF7M/ds/1YTDGBt9yWaHdPd+cmulzWlE01x 654g== X-Google-Smtp-Source: APXvYqwyxRQn953dpG335++68BakS/voatLNiC782RPJuiyRVUELnhQKN8Sxlq6UNG5ozqtqFSTkKg== X-Received: by 2002:a17:906:7013:: with SMTP id n19mr94845741ejj.65.1564585706382; Wed, 31 Jul 2019 08:08:26 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id p15sm10516388ejr.1.2019.07.31.08.08.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:26 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 80E941030BC; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 21/59] mm/page_ext: Export lookup_page_ext() symbol Date: Wed, 31 Jul 2019 18:07:35 +0300 Message-Id: <20190731150813.26289-22-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP page_keyid() is inline funcation that uses lookup_page_ext(). KVM is going to use page_keyid() and since KVM can be built as a module lookup_page_ext() has to be exported. Signed-off-by: Kirill A. Shutemov --- mm/page_ext.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/page_ext.c b/mm/page_ext.c index c52b77c13cd9..eeca218891e7 100644 --- a/mm/page_ext.c +++ b/mm/page_ext.c @@ -139,6 +139,7 @@ struct page_ext *lookup_page_ext(const struct page *page) MAX_ORDER_NR_PAGES); return get_entry(base, index); } +EXPORT_SYMBOL_GPL(lookup_page_ext); static int __init alloc_node_page_ext(int nid) { @@ -209,6 +210,7 @@ struct page_ext *lookup_page_ext(const struct page *page) return NULL; return get_entry(section->page_ext, pfn); } +EXPORT_SYMBOL_GPL(lookup_page_ext); static void *__meminit alloc_page_ext(size_t size, int nid) { From patchwork Wed Jul 31 15:07:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068189 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 24FDA174A for ; Wed, 31 Jul 2019 15:14:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 110D920134 for ; Wed, 31 Jul 2019 15:14:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0502E205AD; Wed, 31 Jul 2019 15:14:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 98EB420134 for ; Wed, 31 Jul 2019 15:14:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5BB1B8E0028; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3E1458E002E; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 25AF38E0028; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id B42228E002D for ; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id b33so42586055edc.17 for ; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=EvEqqoCYvSiaJViGsfZgvE8wYjGeg4BQWYRIZAIdYOQ=; b=MYDge2752n4xa9k5R0MimpCgRW+0jTmurKQvYafRH8NbnvGLHQ2gWph0RLlpNGSFoe rsDJjL/dC+84y+N/ou4QfUKVMj01XyWYonCnKCJ9gyF8BYGD3guoqFOxezGPkTRqr8Mk +VXtTIfsis095EsRyFFjroqr3hK19w3AEyMQIpkvgTxWTIPiR34U85yMJEAIfaQnoevo 0nNBmix3inJviaMjpl7TVW0WfPiMMJQNorq6tefIhE+ERVObzCQfRQinAS+ke+FO3aub 2dZjKpjc+UKXCsKJlbrAd8BN5p41Q+SEwNrBsdSN6HGbxl6TvN8sV5a27H4JXW0yrvCO 8RMA== X-Gm-Message-State: APjAAAUUJ3pyH5fPTQQMFZLyAn0wRYCBYUuH1iPiy8xR8AhgDfgv1Mig WdhBrA794iGZhWPxduK/7WPi990Se6iv4zBgx3aM+oAime3wivA+oqvffJqEqM1ZPBcVgryZEUF YSrXoVZWVbLlOR8qB/8Qfjz6jNYRqPqDRoIhFJvmCUe2UyTYHdcFp8EbTk8sCvX4= X-Received: by 2002:a50:e618:: with SMTP id y24mr106992085edm.142.1564586036330; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Received: by 2002:a50:e618:: with SMTP id y24mr106991980edm.142.1564586035360; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586035; cv=none; d=google.com; s=arc-20160816; b=05DlqiGAsIu7LLoz1m6Cv4xVbIn96iY8pcafLHKh1QcvSdbDmqRWzo/87+RSsfMGqm tCpQEXgvSAvINz+Vd8slTT0SGjmDbOxqssp+LinMj2QgPxP57lT9qYlb5hr53BgVLJeA /2fjEQwTdQcCRmJ8Qc/PlrmUzA/v8/LCfSy6F+5pvQU/UZBxeFaq9c9HYe8rBVJmuKk4 D6ZuXwRYtvYqZfVCi5fd2L9NiQo5nn9ducQSC6fl/6pl2m+llcT9QSt+Km8UaVPRv7gP B75UCID9DOdTFMDEmBxEvIxKPFwI0G83AMakXr7pXUbFTCRd971+H4DEjjyVHawItuhX 6u0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=EvEqqoCYvSiaJViGsfZgvE8wYjGeg4BQWYRIZAIdYOQ=; b=PjkmDcgz78RBAF+QPpMzDqFyDUhLOx64s/Zcw50mbExU95pgqs0OE/a6yR/aqKrAD9 DzYWeBZM8jmUHHftDltUcWk2nsYUh1Ez6FpEElICGspFgDLW1EttxASjbtqkIzlGIpj/ tvxZurvJ9MbJFPEF3lsW8MHeExH6yq1T6taJOq7DOSF/IV4+6wGA7ZafICqBVy/cpdey PBpskjlOvj8zPurFkyg28PbGi6t1DcqGrQDxlVSzBYK/NlCC36G3eOslMkE1ZHpWYgGt sCkOnaK2e6rb6k+GSz9nAttUZmQpDFE+IjXbjD2SG6w9nKLtcfFmHBCW43hWeX7xQLw1 mNJg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bZcGmOHw; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id z1sor21736638ejm.5.2019.07.31.08.13.55 for (Google Transport Security); Wed, 31 Jul 2019 08:13:55 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bZcGmOHw; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=EvEqqoCYvSiaJViGsfZgvE8wYjGeg4BQWYRIZAIdYOQ=; b=bZcGmOHwm0gi6j5t/BbUGsKtOCIZr4doGxyXBg+bAsntyv91YXoAwS8iK8gYH/2Rhd EZoLChmRluivD3XLirlmMT5W1vFicn0Th6yRJbjlvSCthP29u5r3kvQbgKOL0NnWdm5O z6WKnsGxsng9YOVJ6s+hk1x3ysUEVhPOmeDyo07xX324wqjHjFQ9yfcsBJPs6sEkZfG/ j1P95OYBR2KAtJYWJH/9fdcbulUD7i7ZdBv1U7AlRZ5qi7KMU65oMM+umaihE2hREq1N HFgl1iVKn4xa5Uwqe5PFQO1apPGzMbp3tx+aOQoTXOpVFI0CqNnOhoaQyl+Z3LmysdM7 SIkg== X-Google-Smtp-Source: APXvYqze/zmPMD1Bsfoldl9kgWqcWF2ltGwH8c0r7lo9vR1AXcu6XddkT5YuYdRgsgxlZcifb+OJkw== X-Received: by 2002:a17:906:4d19:: with SMTP id r25mr94272907eju.125.1564586035045; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id g7sm16945101eda.52.2019.07.31.08.13.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 874211030BD; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 22/59] mm/rmap: Clear vma->anon_vma on unlink_anon_vmas() Date: Wed, 31 Jul 2019 18:07:36 +0300 Message-Id: <20190731150813.26289-23-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP If all pages in the VMA got unmapped there's no reason to link it into original anon VMA hierarchy: it cannot possibly share any pages with other VMA. Set vma->anon_vma to NULL on unlink_anon_vmas(). With the change VMA can be reused. The new anon VMA will be allocated on the first fault. Signed-off-by: Kirill A. Shutemov --- mm/rmap.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mm/rmap.c b/mm/rmap.c index e5dfe2ae6b0d..911367b5fb40 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -400,8 +400,10 @@ void unlink_anon_vmas(struct vm_area_struct *vma) list_del(&avc->same_vma); anon_vma_chain_free(avc); } - if (vma->anon_vma) + if (vma->anon_vma) { vma->anon_vma->degree--; + vma->anon_vma = NULL; + } unlock_anon_vma_root(root); /* From patchwork Wed Jul 31 15:07:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068105 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 580E3746 for ; Wed, 31 Jul 2019 15:09:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3DCDB1FFD8 for ; Wed, 31 Jul 2019 15:09:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 312FE201B1; Wed, 31 Jul 2019 15:09:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B19B9201B0 for ; Wed, 31 Jul 2019 15:09:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B89998E0018; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id AC6828E0019; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 93C918E0018; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by kanga.kvack.org (Postfix) with ESMTP id 3AADA8E0019 for ; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) Received: by mail-wr1-f69.google.com with SMTP id j10so30806610wre.18 for ; Wed, 31 Jul 2019 08:08:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=2C449KSjT4bbSwYYn5oh0t+GvJgUUHqBrjpFSTJaVMM=; b=gfhQVD5HH58EwZsHgcPLepi0YYl8hGVoRFXDJM2/cBXd6/GKIjsd0/2PvoBpQ4dxRM OzR5gmhRoSif/R2vURAF4v9gSNxc0F/DgaPD5VmspugR1NHtoR3IjQ19KiLScrUNwi8l i9qgCZUnodpfV4Fd3cexlsHTf0jy6GETaecK0l3NkRe/zyQdHGmRFQhWr07S6dDUP8yA xX9ASPYTbD8VjhuFztaE/byA+p8c+cm/Oq55mbFWbX4JcZAmVlXdlB1lmWBQin+10Vlg k1miXB+XlOOQ2tv1YE1H5S5GHfkoOIXNq6gOLSJirciHWB4v7tArie/wIjOk1ejpQbed wTjQ== X-Gm-Message-State: APjAAAXNJ6wKYcp2wxb5HVoSeXm/1RFIaktsl1N6zHkiC+13q4aJrcf9 LChqTn0ssnt0lWGjzAI5tv+YNh+VDT2KTd65uVhldNTK29UkTFOIW+FxaSKVp9to5x2kNZ6DRGZ 9eMSVMYObaB5At8HPgb5mGvq/9CmYZnYsCHI9drSKWSWtS/lGfaaZBKnq2RXUKE0= X-Received: by 2002:a1c:a514:: with SMTP id o20mr114609088wme.149.1564585710794; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) X-Received: by 2002:a1c:a514:: with SMTP id o20mr114609005wme.149.1564585709583; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585709; cv=none; d=google.com; s=arc-20160816; b=mAAOyG9UtJBhAHYSal2FAsI6DjYfp8eyGIFeAAi5YkSOApgdtK+1V5TphqWflPJ74f vbG21reJAyaNQqu2ucNr/moRRnkSrF4MaNFRQYOWD6NsvbKgO2o0oAED1bqq+RU7FkCv dG4b0TpFgvgh4TBt6LFe5WY94TqFeVrjPSuDljhwJ86Ene3HnznpvqCHJp3MVwZBtwLH fq8LXZ+MHT4ztd9RKfK1SkPHhFx2KcFSaoCO0lyoWqeC6ul5bovSQHToeNFes2iqvoP9 hTlbYI7w5ejp0fZ5dMfLhE3eVfaZtYdSwidLaDT1erkkVT09g2x8GQsGJDXJV+W3A4Ou EFLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=2C449KSjT4bbSwYYn5oh0t+GvJgUUHqBrjpFSTJaVMM=; b=mHrC9te0E7IHYs8tBHO3B4fMXtKAJFRnW02jQiYyPbTanCVt6wWnuR6K8YqKDtNguc YI75VdY48TeWqqU2T9DbHI7DDtPhICoXH9uHfm10SfmdhCRQKY9F2xuGVvkgOtlmF8ed Wc7NBkVoeOHBdsr0iT5ii8e2jGb09NIBRCcptMZVsAoEhW5pMkZ228gHlVuRd0gnVEPJ u0rI/e0j15BBPC5W6/Z95DUl+riS6VhWOie+1LRXOyT/cafh1JdOpqddnOWE4sOQaiIS GDqo+6MusdI7+lOP/7ORzQtVzhq8dI5grbguFhOiEPN9ZyXBCzUzoO/JcaEHnkKD9Gh6 aBlQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=BRLtr4tg; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l33sor52306997edd.23.2019.07.31.08.08.29 for (Google Transport Security); Wed, 31 Jul 2019 08:08:29 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=BRLtr4tg; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=2C449KSjT4bbSwYYn5oh0t+GvJgUUHqBrjpFSTJaVMM=; b=BRLtr4tgYn50QM+JIDHN/iYJHDA/eYrOUmJYvQptXTzwrBNdmFzt8zjJULLektK/VA AL/NZPGusMjazLlBev7xe67PdKIfQ1ifpZNsX3n6tVVOa4ud/9OwxtjEEiXleT0dww34 btnUPhOQ9ej+n+IZzfuH/c2u7wLSynBdGbkIYgwm/zx9aTR7AirSR8kauZtQI1eG36ut GrY5WSOyefYNkH38KCUyy7rpU+qfA4Tow+UQHZI/00wFfW7zf53dLyFQhYvsbF2QDkKz HwKhJkV1eHDK+DsnsDoJNeFWLsnZIxfo/PjZHwoQIcsO8/FwvmZXcMuwGCHQNeY7A0V3 GE2Q== X-Google-Smtp-Source: APXvYqxMBwDpewyfIfpy++jLBpP8UloTaXPGrZ8I/eqCpEpkmrEfDx2SZR3u/YrZv24UsUCPRBrhkw== X-Received: by 2002:a05:6402:28e:: with SMTP id l14mr42072938edv.11.1564585709289; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id jt17sm12600191ejb.90.2019.07.31.08.08.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 8E3561030BE; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 23/59] x86/pconfig: Set an activated algorithm in all MKTME commands Date: Wed, 31 Jul 2019 18:07:37 +0300 Message-Id: <20190731150813.26289-24-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The Intel MKTME architecture specification requires an activated encryption algorithm for all command types. For commands that actually perform encryption, SET_KEY_DIRECT and SET_KEY_RANDOM, the user specifies the algorithm when requesting the key through the MKTME Key Service. For CLEAR_KEY and NO_ENCRYPT commands, do not require the user to specify an algorithm. Define a default algorithm, that is 'any activated algorithm' to cover those two special cases. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/intel_pconfig.h | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/intel_pconfig.h b/arch/x86/include/asm/intel_pconfig.h index 3cb002b1d0f9..4f27b0c532ee 100644 --- a/arch/x86/include/asm/intel_pconfig.h +++ b/arch/x86/include/asm/intel_pconfig.h @@ -21,14 +21,20 @@ enum pconfig_leaf { /* Defines and structure for MKTME_KEY_PROGRAM of PCONFIG instruction */ +/* mktme_key_program::keyid_ctrl ENC_ALG, bits [23:8] */ +#define MKTME_AES_XTS_128 (1 << 8) +#define MKTME_ANY_ACTIVATED_ALG (1 << __ffs(mktme_algs) << 8) + /* mktme_key_program::keyid_ctrl COMMAND, bits [7:0] */ #define MKTME_KEYID_SET_KEY_DIRECT 0 #define MKTME_KEYID_SET_KEY_RANDOM 1 -#define MKTME_KEYID_CLEAR_KEY 2 -#define MKTME_KEYID_NO_ENCRYPT 3 -/* mktme_key_program::keyid_ctrl ENC_ALG, bits [23:8] */ -#define MKTME_AES_XTS_128 (1 << 8) +/* + * CLEAR_KEY and NO_ENCRYPT require the COMMAND in bits [7:0] + * and any activated encryption algorithm, ENC_ALG, in bits [23:8] + */ +#define MKTME_KEYID_CLEAR_KEY (2 | MKTME_ANY_ACTIVATED_ALG) +#define MKTME_KEYID_NO_ENCRYPT (3 | MKTME_ANY_ACTIVATED_ALG) /* Return codes from the PCONFIG MKTME_KEY_PROGRAM */ #define MKTME_PROG_SUCCESS 0 From patchwork Wed Jul 31 15:07:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068321 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A403E1399 for ; Wed, 31 Jul 2019 15:23:53 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8F1E61FF73 for ; Wed, 31 Jul 2019 15:23:53 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7B4B2209CD; Wed, 31 Jul 2019 15:23:53 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0534E205A4 for ; Wed, 31 Jul 2019 15:23:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9A79E8E0007; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 90AD88E003A; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7D3528E0007; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id 2579C8E003A for ; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id l14so42650465edw.20 for ; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=a18UOZt3FCDvDMvgP9zldJLt6lTKwFfHbu73YInWFn4=; b=pep7ReqfdJvJ5apIpitAW/dw8zCYtGK5A6R7rzHc6krBOuK/eGwcvX1KQZa5GFOQUj fBTyakhtO48YZptOb+LgSwh+FVcLlulGV7IUrNjMaaYJ5PG29E5cFf6GgeV5rulYeHlJ cCRcjADc1P0hgh1vPJST+xsv7L4xFzk+a4jUxrUAfC/qKQ3bPJQngrlvDyQWAvpmog+w fKHxU8VA7RI2iJEMgRHttPyfYMnz2FiqFWt6tZcQ55lgDbyIWpRZUIizdB6rtcmANdsx c4jtDaQXX8g7sNEOtJGVrsqKuPXMRk9xQMjRxM5lQObXE9n7vMzkYKElCiWndy5H0tFc wOTA== X-Gm-Message-State: APjAAAWgGBOFDPTpCdHLvHoRvQ5g5Z/F3VXZO/Sx5Pjnd7gvsLBvJ2+X TDmzv9jPLMcJoj1OGZ/WFUiNOcoEgG2dCfCRUUGM4RxaT/1cmFqmvKOgYX07nfY0NpNL1f9uQ6O w6Y3PNMw99rBf6LkLwVCpSgBpN9GoUiohNFsNiXxgYJUfbTtNli+qpTgPKccJNAw= X-Received: by 2002:a17:906:7e4b:: with SMTP id z11mr96941081ejr.214.1564586629693; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) X-Received: by 2002:a17:906:7e4b:: with SMTP id z11mr96940988ejr.214.1564586628305; Wed, 31 Jul 2019 08:23:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586628; cv=none; d=google.com; s=arc-20160816; b=uUUDKOCKGXKGLpiNJpIkGfUYTXJ1zR0d/p4ug5uHtcrfqMI6IGdp/kD8iY10mbRNlU EDcQpEqGZ2lZpk/9ycZpj9pqbBJCLMbLAKEC7+XZZj8qmwtQB7Uttlc53Y1asp3r6aEK QUmF4P9RuetRlSWlRAZ/Jio7J9wx69/E+cMZ4cE+sTXf2fAXEQMRYsTDuZjPj3A8l0lW KmU0vhhdqfrQMrCjXyp0ehmHV/mR74ocAHuvqb4OPct9eClMniBr/2J7sYBMj/wmvod1 4TB+AjzmbnswbVjJeCrNx+mv8TxENDOUr0CIHnzLL3btP4FCUkQi+yOL7Y8h1gqDX8g/ 1xWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=a18UOZt3FCDvDMvgP9zldJLt6lTKwFfHbu73YInWFn4=; b=S1G8tSAAaDMWe2CNIR9PLJHbT/n/H7zGFUyQzgMfB1cIJC4+WGA7U+LXEE8lXdVspD 8RDCNKZ4SQ5Bu/BWA3+Bbvkk4cFyXDQyGvtuqs+edo/BApF+OGDCP3wY4HpZ7uNVHgd0 B9XHrXg2bcvmDQvVcXF9yTrg7ALL5y+Ym1NhmApOB22wn7VPtc6pH0zl3Q1kD8Yg5zHn 8cOgF1ni1Lp9DkBU93FmjQsadX+2BXzdKe+7K6u9KljFeDcVnj2BfkXtMjRUz5F+1ptv 0sWAfyF8fa8Dz4Wr0I24s7R/h4z640igg6DMh1edqE9+0EALJiaoxk2vnEVBb2ARCtHm pk4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=NRoJL3bi; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id h14sor52333488ede.5.2019.07.31.08.23.48 for (Google Transport Security); Wed, 31 Jul 2019 08:23:48 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=NRoJL3bi; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=a18UOZt3FCDvDMvgP9zldJLt6lTKwFfHbu73YInWFn4=; b=NRoJL3bi5X5MHI+UHT7B1S62Fze3JOWhyFVaj3bzy32xghKUPsGgZO7GdGj/I+MGwQ IcszjXoHkHLCYl9E9+S0TVZkBMexB6yUan+V+lOdKu1ZTL//k329IuqiUOHsMZt8zobx DpyOBiRYKgBlkPN70qU0UyV4A9sw+9NOai6RD5k+KXVTchojnkBQ/9wvCG9xsOR3lQJH 25Orq3JTmZBnhwFdJDSLbIjUUACw24Q/2V5Z/1iDJXDUwr6CPtjVVjX8EN+dRQ/iWt3F ajr2K45loyNYVlzJu2bXoVrUmjOiINR3+Zakf9U0MEFo74tWWpXOujPELeLbtPwG7Bf+ 4HTA== X-Google-Smtp-Source: APXvYqz4eqsH2iJwU1tjXfKb0+/bNd+u2NkjVb8FXDZ8ZsSkbsVxoPTi6IlMDOoUIFCjKkMNnj7bMA== X-Received: by 2002:a50:b87c:: with SMTP id k57mr105890483ede.226.1564586627977; Wed, 31 Jul 2019 08:23:47 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id f24sm17482856edf.30.2019.07.31.08.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 953461030BF; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 24/59] keys/mktme: Introduce a Kernel Key Service for MKTME Date: Wed, 31 Jul 2019 18:07:38 +0300 Message-Id: <20190731150813.26289-25-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield MKTME (Multi-Key Total Memory Encryption) is a technology that allows transparent memory encryption in upcoming Intel platforms. MKTME will support multiple encryption domains, each having their own key. The MKTME key service will manage the hardware encryption keys. It will map Userspace Keys to Hardware KeyIDs and program the hardware with the user requested encryption options. Here the mapping structure is introduced, as well as the key service initialization and registration. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/Makefile | 1 + security/keys/mktme_keys.c | 60 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) create mode 100644 security/keys/mktme_keys.c diff --git a/security/keys/Makefile b/security/keys/Makefile index 9cef54064f60..28799be801a9 100644 --- a/security/keys/Makefile +++ b/security/keys/Makefile @@ -30,3 +30,4 @@ obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += keyctl_pkey.o obj-$(CONFIG_BIG_KEYS) += big_key.o obj-$(CONFIG_TRUSTED_KEYS) += trusted.o obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys/ +obj-$(CONFIG_X86_INTEL_MKTME) += mktme_keys.o diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c new file mode 100644 index 000000000000..d262e0f348e4 --- /dev/null +++ b/security/keys/mktme_keys.c @@ -0,0 +1,60 @@ +// SPDX-License-Identifier: GPL-3.0 + +/* Documentation/x86/mktme/ */ + +#include +#include +#include +#include +#include + +#include "internal.h" + +static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ + +enum mktme_keyid_state { + KEYID_AVAILABLE, /* Available to be assigned */ + KEYID_ASSIGNED, /* Assigned to a userspace key */ + KEYID_REF_KILLED, /* Userspace key has been destroyed */ + KEYID_REF_RELEASED, /* Last reference is released */ +}; + +/* 1:1 Mapping between Userspace Keys (struct key) and Hardware KeyIDs */ +struct mktme_mapping { + struct key *key; + enum mktme_keyid_state state; +}; + +static struct mktme_mapping *mktme_map; + +struct key_type key_type_mktme = { + .name = "mktme", + .describe = user_describe, +}; + +static int __init init_mktme(void) +{ + int ret; + + /* Verify keys are present */ + if (mktme_nr_keyids() < 1) + return 0; + + mktme_available_keyids = mktme_nr_keyids(); + + /* Mapping of Userspace Keys to Hardware KeyIDs */ + mktme_map = kvzalloc((sizeof(*mktme_map) * (mktme_nr_keyids() + 1)), + GFP_KERNEL); + if (!mktme_map) + return -ENOMEM; + + ret = register_key_type(&key_type_mktme); + if (!ret) + return ret; /* SUCCESS */ + + kvfree(mktme_map); + + return -ENOMEM; +} + +late_initcall(init_mktme); From patchwork Wed Jul 31 15:07:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068107 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 58CC3746 for ; Wed, 31 Jul 2019 15:09:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 427DB201B1 for ; Wed, 31 Jul 2019 15:09:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 35C10201BC; Wed, 31 Jul 2019 15:09:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7CB641FFD8 for ; Wed, 31 Jul 2019 15:09:17 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7B8A68E0019; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 768F68E001A; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 593B98E0019; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 035F98E0003 for ; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id k22so42624210ede.0 for ; Wed, 31 Jul 2019 08:08:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=p3ZdWpQd4xgv1kA6jDtn8atrxpLedHc/tVwU2ev+R3g=; b=soN3ffNhMTMz6O0h551B6GwS2dh5Jda89JvQlDL4tpf5Ye/dbHCXwiFxKeNGADvSdp 7IT6fYNubKDhJ57WcUE/AijxUEnMf8gvnrR68uTVQ/Z+EloITGkCRx5zWTZQIyjAAsNR DXNq1Y+7Cl/JgFErXCQp6el3KpnA0bMkvIsXdVSoOpgmwG3bmnEVZWN77Zq0etvS8hrh bV44Q+17Ul0Dan/oR/g1gdXrH4IrLNjuYlNHOTxrkMXNsOEnUK6lBsk7yvb8otsyk19+ Alo44DfdCR6AKQCzx28d/jwZfGmfPDkN+QFgOmfiBj59DyfDaiYvbFhzRs8TK9ldEGrl Eumg== X-Gm-Message-State: APjAAAU5TuzBSFCIO+5B8zLJ48TTLaGNRL+Z7EeuV0rtaEvJcnDbh36P DgPN+ZB7hmgRguEYKASk4/Arb2r0UfwyZlbLcu6nbVM18hGd39a8I0ws9lA5zTVGf3GLHpfgtwp ZB0aJV8OzQS73sfCHoPLwC0AY39+VzMRu8rl5rzY3NTEMgJArV3rPpDU0YlGqCGc= X-Received: by 2002:a17:906:4e92:: with SMTP id v18mr98197439eju.57.1564585711550; Wed, 31 Jul 2019 08:08:31 -0700 (PDT) X-Received: by 2002:a17:906:4e92:: with SMTP id v18mr98197297eju.57.1564585710074; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585710; cv=none; d=google.com; s=arc-20160816; b=VA8n5kUIIToN3rJa17LmOxbmEMJNuwFsLSJHF1B123nYCtNNeswAKmxMzXUyElIzl6 G0lDtvg0HLwuPRxgyklXLtsOgjsXuICwIAeXDtc2zvN/5nrmmJj2mfbXgX3NPYyJnost PUkmxbnIscG2bN0LVLg51R15MU1yfZHnNHSBKsIaDi8XSNtTZE3IzEPUiUqR9bkURwMC 1Tq91LraLrr8468uNtJN998hiqyTXlGkWNS+L8V83uliJ9pjG/h+86MtiYfNSq3jICNh 1kHpyVrkgpLE/WOxcTLnWQ75pRWovknzICxXAp6Gb+Pacq27g0tT9tTe48CzGJSdLh0M Qzgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=p3ZdWpQd4xgv1kA6jDtn8atrxpLedHc/tVwU2ev+R3g=; b=GZRA0+cX7EUU4r01tIOiR3gnpvLl60vdsmrq1gOLnr5ZVtjH5nsvBNcHYiPCuAMKVa fj+rqYGyOOmFOaeLUNoKCroOPw19AccDyCZroDCT5AlNdqrKezd2FaPWmU5eIFVTjv5b N8aZoG03W1Hsg7LTfm6IVfwex+DOZa+0kuwf7YlJL/QifpXokqgHyNi78G2xGEcPT4hH oad6rA3s7OnY+Gw4ydfe+b08RDAbJNNK1vBciS0plshaHpM6uB4I9tTSrHmsqal3X25F SN4XmV2jNXW4LnaCOvqsiKxbcTao9cmbBgbGW6Eax2DtB3EiebHkQwe4KyLsfSSwEFCc eZvw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=UeQPYBDU; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id g6sor52316454edf.15.2019.07.31.08.08.29 for (Google Transport Security); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=UeQPYBDU; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=p3ZdWpQd4xgv1kA6jDtn8atrxpLedHc/tVwU2ev+R3g=; b=UeQPYBDUV35JfXNrT+d/+kITJnfTYOBQ1jtvX2JvqFbwVh/IeIZ2iI0ZXO91FPn9Ce GW/w3MO7sHLXXgtgE2TaPrzyGuhNw243bGm6o/iGuQwYW66FhRrCIaqTdHAHoNMlPwIJ eWN5hgS1key/lsY2Gpyw1STp4427doI388pSYFCLVQEjOIiGXT+TkZloJYN6tjzrbOyJ vcQMkjiEs7M6OXH8+Lpe0TAD2Ou/D+uu+KPrBcug6Q74tQXQEJs+TqHWk3omP9QV64d8 7zAhZGz4EvgStlF3Md21t/Dhxvi9IqnlZrJdrf/4i/NIcNvgXhFuAzIO3cs7qe9OAhQP jyqw== X-Google-Smtp-Source: APXvYqwkQSn37lZ2YK2K4kR+zMFHwX+ELvbrlQTI82djGKjlx/y1EvYEwBEFV4qd/VWbyn8Xl7msnw== X-Received: by 2002:a50:a943:: with SMTP id m3mr105292611edc.190.1564585709728; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id y11sm12444539ejb.54.2019.07.31.08.08.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 9EFEC1030C0; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 25/59] keys/mktme: Preparse the MKTME key payload Date: Wed, 31 Jul 2019 18:07:39 +0300 Message-Id: <20190731150813.26289-26-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield It is a requirement of the Kernel Keys subsystem to provide a preparse method that validates payloads before key instantiate methods are called. Verify that userspace provides valid MKTME options and prepare the payload for use at key instantiate time. Create a method to free the preparsed payload. The Kernel Key subsystem will that to clean up after the key is instantiated. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov Reviewed-by: Ben Boeckel --- include/keys/mktme-type.h | 31 +++++++++ security/keys/mktme_keys.c | 134 +++++++++++++++++++++++++++++++++++++ 2 files changed, 165 insertions(+) create mode 100644 include/keys/mktme-type.h diff --git a/include/keys/mktme-type.h b/include/keys/mktme-type.h new file mode 100644 index 000000000000..9dad92f17179 --- /dev/null +++ b/include/keys/mktme-type.h @@ -0,0 +1,31 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +/* Key service for Multi-KEY Total Memory Encryption */ + +#ifndef _KEYS_MKTME_TYPE_H +#define _KEYS_MKTME_TYPE_H + +#include + +enum mktme_alg { + MKTME_ALG_AES_XTS_128, +}; + +const char *const mktme_alg_names[] = { + [MKTME_ALG_AES_XTS_128] = "aes-xts-128", +}; + +enum mktme_type { + MKTME_TYPE_ERROR = -1, + MKTME_TYPE_CPU, + MKTME_TYPE_NO_ENCRYPT, +}; + +const char *const mktme_type_names[] = { + [MKTME_TYPE_CPU] = "cpu", + [MKTME_TYPE_NO_ENCRYPT] = "no-encrypt", +}; + +extern struct key_type key_type_mktme; + +#endif /* _KEYS_MKTME_TYPE_H */ diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index d262e0f348e4..fe119a155235 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -6,6 +6,10 @@ #include #include #include +#include +#include +#include +#include #include #include "internal.h" @@ -27,8 +31,138 @@ struct mktme_mapping { static struct mktme_mapping *mktme_map; +enum mktme_opt_id { + OPT_ERROR, + OPT_TYPE, + OPT_ALGORITHM, +}; + +static const match_table_t mktme_token = { + {OPT_TYPE, "type=%s"}, + {OPT_ALGORITHM, "algorithm=%s"}, + {OPT_ERROR, NULL} +}; + +/* Make sure arguments are correct for the TYPE of key requested */ +static int mktme_check_options(u32 *payload, unsigned long token_mask, + enum mktme_type type, enum mktme_alg alg) +{ + if (!token_mask) + return -EINVAL; + + switch (type) { + case MKTME_TYPE_CPU: + if (test_bit(OPT_ALGORITHM, &token_mask)) + *payload |= (1 << alg) << 8; + else + return -EINVAL; + + *payload |= MKTME_KEYID_SET_KEY_RANDOM; + break; + + case MKTME_TYPE_NO_ENCRYPT: + *payload |= MKTME_KEYID_NO_ENCRYPT; + break; + + default: + return -EINVAL; + } + return 0; +} + +/* Parse the options and store the key programming data in the payload. */ +static int mktme_get_options(char *options, u32 *payload) +{ + enum mktme_alg alg = MKTME_ALG_AES_XTS_128; + enum mktme_type type = MKTME_TYPE_ERROR; + substring_t args[MAX_OPT_ARGS]; + unsigned long token_mask = 0; + char *p = options; + int token; + + while ((p = strsep(&options, " \t"))) { + if (*p == '\0' || *p == ' ' || *p == '\t') + continue; + token = match_token(p, mktme_token, args); + if (token == OPT_ERROR) + return -EINVAL; + if (test_and_set_bit(token, &token_mask)) + return -EINVAL; + + switch (token) { + case OPT_TYPE: + type = match_string(mktme_type_names, + ARRAY_SIZE(mktme_type_names), + args[0].from); + if (type < 0) + return -EINVAL; + break; + + case OPT_ALGORITHM: + /* Algorithm must be generally supported */ + alg = match_string(mktme_alg_names, + ARRAY_SIZE(mktme_alg_names), + args[0].from); + if (alg < 0) + return -EINVAL; + + /* Algorithm must be activated on this platform */ + if (!(mktme_algs & (1 << alg))) + return -EINVAL; + break; + + default: + return -EINVAL; + } + } + return mktme_check_options(payload, token_mask, type, alg); +} + +void mktme_free_preparsed_payload(struct key_preparsed_payload *prep) +{ + kzfree(prep->payload.data[0]); +} + +/* + * Key Service Method to preparse a payload before a key is created. + * Check permissions and the options. Load the proposed key field + * data into the payload for use by the instantiate method. + */ +int mktme_preparse_payload(struct key_preparsed_payload *prep) +{ + size_t datalen = prep->datalen; + u32 *mktme_payload; + char *options; + int ret; + + if (datalen <= 0 || datalen > 1024 || !prep->data) + return -EINVAL; + + options = kmemdup_nul(prep->data, datalen, GFP_KERNEL); + if (!options) + return -ENOMEM; + + mktme_payload = kzalloc(sizeof(*mktme_payload), GFP_KERNEL); + if (!mktme_payload) { + ret = -ENOMEM; + goto out; + } + ret = mktme_get_options(options, mktme_payload); + if (ret < 0) { + kzfree(mktme_payload); + goto out; + } + prep->quotalen = sizeof(mktme_payload); + prep->payload.data[0] = mktme_payload; +out: + kzfree(options); + return ret; +} + struct key_type key_type_mktme = { .name = "mktme", + .preparse = mktme_preparse_payload, + .free_preparse = mktme_free_preparsed_payload, .describe = user_describe, }; From patchwork Wed Jul 31 15:07:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068101 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 970DE13A4 for ; Wed, 31 Jul 2019 15:09:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7FFA51FFD8 for ; Wed, 31 Jul 2019 15:09:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 73842201B1; Wed, 31 Jul 2019 15:09:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DCB2C1FFD8 for ; Wed, 31 Jul 2019 15:09:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2D6C58E0013; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2873C8E0018; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 152B38E0013; Wed, 31 Jul 2019 11:08:31 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id B144D8E0018 for ; Wed, 31 Jul 2019 11:08:30 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id w25so42560466edu.11 for ; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=LSpLd4hZuC7djly8qH62+kJZqlzlyenE+/UQYliczqM=; b=mxgGz2AWDSZ0zgOyBa21D4e8/nTAUy1F33lWspmEkkWUEIJ3GtFBvgwtJTH3iwo2cs thEEdsrg0PcK90HJbltApDylQp5fMhNpTTdS4DPCpQMKiRkz87g1Gy5EpqQU64sJEOBh 0kfEoTR10dFqCJwbuvWN9QJ5TOwc34s2H7M4rfThcpR5DJHihoQyJS1GoeTxFe3hyeV/ H8h0H/sG27Ycyerlf+1MNrSDRf1IQzTpHJ+UntqqgSEh0x0hCnOoBHr7zlAM4chDrYBk yug+QDnFVroMhhEN8GazYA6PI0qv8oz62NPGFyx/XUEY5/HnscqDDD4PGd9D6Gz8Qf3u ybvQ== X-Gm-Message-State: APjAAAUBwWhBRGy37PmReYPe3MyyJOiVh3ZYKcjcfFdjJ8YJhr43+5ii wQ8eO7s+kxEUzvxfjj9IzYK9VeIngXGWnUxlEftf76lBoo7vLIsa48SEvwCTks6KBAWFh2keB0k qMKbii3Yaz64keV9r3S97cHGKD3Nm+W73xrSt0mMJgmOFbHWz067hnJ4Y7ekWaJQ= X-Received: by 2002:a17:906:2797:: with SMTP id j23mr79708720ejc.50.1564585710266; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) X-Received: by 2002:a17:906:2797:: with SMTP id j23mr79708623ejc.50.1564585709174; Wed, 31 Jul 2019 08:08:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585709; cv=none; d=google.com; s=arc-20160816; b=W664FQwm5lRLynnWtUy6UuUo+LiGd3eyUsVcK4zavhYpBV0k55wNo2ly9ZQFOFf4Un df4pu7jFKbYpBbN10fLhd2UzZYbwBP7sQLkuRZ6nw7FTPe9F6EsfitTma8QqNqGJWRqq u8cOS4izGmbt11Koo7bXhIYO6xnTdojupxx/ThD0Q8x0ROZbzn0+0XOp56VhmtmmIJfR GvUyfTYerXsFRhk10nsA2hXT1LoClf3hhuWela4oKNWUOfrk+OHWDAT+wweEjcHZDG9I l4r+X06pIcBIorOkt925OHATDM3vU/7ioZjNDiIw0NNor+2C1Sdvk2Iajqra96cYqV/+ RbNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=LSpLd4hZuC7djly8qH62+kJZqlzlyenE+/UQYliczqM=; b=RYD6+96Mj7oNyOI1geWS977WhzvVNo7UHcSUqyooRUS54rZa4znTnKvAGfPZxiUlmv bKWED4jq4SDv7On5KWHAIvbK0Aa9UuOBADupH7Y08UdILPhMXsH4wQlM/PqDg9pmJc4c re3qFbj/tvJoYEz9wHZ/lTlUyEvax9Bif31/2PYd+BzKdbYXV+8G6GxV+8PtLH99ZZ63 da/nH8ipewYKmb57siJUFtNfdCbypW2sB+2p4IlvW1WS9dfiDeRJFlFRSTTAW4TgdlMn 5d5uT81WZ7aWGIdWeSR8J+g1NFpXjMqUJ5JGOBf091INKWn2ZOkm3/u2z1E5qiHKNBaM 6RFQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="GZAidz/Y"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id d16sor52279223eda.20.2019.07.31.08.08.29 for (Google Transport Security); Wed, 31 Jul 2019 08:08:29 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="GZAidz/Y"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=LSpLd4hZuC7djly8qH62+kJZqlzlyenE+/UQYliczqM=; b=GZAidz/YZr5AJC6YjcivhC/xqBVAms+Bun6/vc7F/gyEggHe0hZuW419LPz4dWQdJT vjHvZ3FQT2pTLNYI8+diNtZJ4Mxf5qQsCaz8bhGx2tJou3Mvi7Xln9rS3xcAAjGFrppw gW+UH+S5g+sAHB/UB1hV0L34nZqdQDFvZLBbqH54Bn/Rwmq9aj94nYVe/7QXryCOhcoD vwwLv3UG02KHn4tO4cYfAr/TC4lta3wpVG9Dtv+I97XG9iONckyaqQzJX2KNv21wwD/S NQJW0wh9O3kxFRnoNJn38/KJX15ote/7R4K6CnTOCcK6umCWPj89ZozJSoXMwY2epZJk nulg== X-Google-Smtp-Source: APXvYqxfkW3YmNbFSguKjUSffCBIjlvJw7vj1+8RS/D77djY6uAKTxwgECDWxNVy5ZuTfly0BeWccg== X-Received: by 2002:a50:c35b:: with SMTP id q27mr108087273edb.98.1564585708851; Wed, 31 Jul 2019 08:08:28 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k5sm12233535eja.41.2019.07.31.08.08.22 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id A370B1030C1; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 26/59] keys/mktme: Instantiate MKTME keys Date: Wed, 31 Jul 2019 18:07:40 +0300 Message-Id: <20190731150813.26289-27-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Instantiate is a Kernel Key Service method invoked when a key is added (add_key, request_key) by the user. During instantiation, MKTME allocates an available hardware KeyID and maps it to the Userspace Key. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index fe119a155235..beca852db01a 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -14,6 +14,7 @@ #include "internal.h" +static DEFINE_SPINLOCK(mktme_lock); static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ enum mktme_keyid_state { @@ -31,6 +32,24 @@ struct mktme_mapping { static struct mktme_mapping *mktme_map; +int mktme_reserve_keyid(struct key *key) +{ + int i; + + if (!mktme_available_keyids) + return 0; + + for (i = 1; i <= mktme_nr_keyids(); i++) { + if (mktme_map[i].state == KEYID_AVAILABLE) { + mktme_map[i].state = KEYID_ASSIGNED; + mktme_map[i].key = key; + mktme_available_keyids--; + return i; + } + } + return 0; +} + enum mktme_opt_id { OPT_ERROR, OPT_TYPE, @@ -43,6 +62,20 @@ static const match_table_t mktme_token = { {OPT_ERROR, NULL} }; +/* Key Service Method to create a new key. Payload is preparsed. */ +int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) +{ + unsigned long flags; + int keyid; + + spin_lock_irqsave(&mktme_lock, flags); + keyid = mktme_reserve_keyid(key); + spin_unlock_irqrestore(&mktme_lock, flags); + if (!keyid) + return -ENOKEY; + return 0; +} + /* Make sure arguments are correct for the TYPE of key requested */ static int mktme_check_options(u32 *payload, unsigned long token_mask, enum mktme_type type, enum mktme_alg alg) @@ -163,6 +196,7 @@ struct key_type key_type_mktme = { .name = "mktme", .preparse = mktme_preparse_payload, .free_preparse = mktme_free_preparsed_payload, + .instantiate = mktme_instantiate_key, .describe = user_describe, }; From patchwork Wed Jul 31 15:07:41 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068195 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C620313A4 for ; Wed, 31 Jul 2019 15:14:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B1F2520415 for ; Wed, 31 Jul 2019 15:14:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A62E620881; Wed, 31 Jul 2019 15:14:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 16AE120415 for ; Wed, 31 Jul 2019 15:14:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BAE298E002E; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B5B948E002A; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A03E78E0030; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id 3E8AE8E002E for ; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id b3so42567451edd.22 for ; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=c5WMXVoIZssEiK4OS2ZsI14EAD5bwwEyXB7tLs9S9Os=; b=gtlcKDtX9c3ytcy+6JbJiDfl0hVTWvPjb8QKzebXComV6F4mHIhjchYftqmWrtW4Tu udG3+QhsY6fmz/5o2vRieo2BprxdMNm6R47FANMtDu6i4MYWfUMxerQEeHLc4YwtrzOB 0lhCHNcmV9t3uEEPlPGoVmbLCqswNgR/YPSgqbG0TIrS5xvAPatHMIteDAu1BqKcwk9f ELbX/QOB1lznNV4X+0a7uXwULXBGc4AfrZHUSqgLsKiE4I9/IwnAupGr0IO7JIeiAaf4 IA1H6bT0oUkpeFcNwfqKSQWaISlHXbUBbQ774Q0OrT6JgPWzu1jVoWu/JBX22TCFM89R yDuQ== X-Gm-Message-State: APjAAAW6/g0hP5xUl3ywp+H8o/TacmMUtq23Ip8zmJLhJxNr1nc9MrrO 5Dezi1Oa2zFduthuSkxnYZT/jwhqRpSPl8WM4v5o5H5gy1tHPY8Q9S8jOID5TOWljG4e7iyMs6b u02HTKZyYnKpmYrjicm4TmeMpYJFZZt97ANS3mvRXXU6gW35KtDEnkKJl4CrgmRk= X-Received: by 2002:a50:9167:: with SMTP id f36mr107716954eda.297.1564586037850; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) X-Received: by 2002:a50:9167:: with SMTP id f36mr107716844eda.297.1564586036776; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586036; cv=none; d=google.com; s=arc-20160816; b=EbXkD4bqNQvLKHwmQKmlZON1pFE/NlmNp3Zf7P01v4r6z1k64M/C+0ENT2cIhpPVE0 HV2NcdgMbqFwku0euSEPr+487DXO/pA/RdOcz6HAiZz8xe8sJhdrz9SEF2HaEztbtEz2 LgaJZhJgPBj6bCtDP8p8QBwjAv7+rGW1K2fOzLxcugaw08NjvGcU88RpIlxO57tCqPr7 GwVUdxkMObCVfQgERQXrnLwmtAjEcG3i/kV62bKG73Bw6vU9n8DrpmqmKjUPwLSKBb5D UzZK7uvc0ZalglmNYA/sJ1hojZ+72zE+VXJXq6vivv5dpp8YrEaf/iM1w+uduseCtQOg 4uIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=c5WMXVoIZssEiK4OS2ZsI14EAD5bwwEyXB7tLs9S9Os=; b=PFf3oAn6XP1dzFyF9pr/f3jC7WcT3EKJ00j904BslanuEOGiBZx5jd01BfEnK2nCjk kgFCt67uyoNcbwJoXmGXsYSsUFb4pAlqHJb4AO9wtGNzqyTSIFhHr8hD9Grn8Kug2q4L 6/83X6PaK4uq8FLmdYxl30pdJwaA7sIQ8+mi3YnHIK+J/Y4YX7Ep5L8nQfVtQg2gdAVR Qc4zuRxm+pzvhqaJ2B5OXMMFwR5odvylLJMZaFUHwz/Hb4C5XAETrOQIT39+5tmAVFkR UAXj1xZ5khb7TIZacaHfHH3um89iE5Aqhv7DHXbJt4XWRCeGG0kj4Wcy6kw4p4zLuP0b 8FXg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=GgMDYljg; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id q27sor16474852eji.6.2019.07.31.08.13.56 for (Google Transport Security); Wed, 31 Jul 2019 08:13:56 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=GgMDYljg; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=c5WMXVoIZssEiK4OS2ZsI14EAD5bwwEyXB7tLs9S9Os=; b=GgMDYljgt69NuT2KJuOpsbtMf2bZflY04jkdcsb64J58gp3TxiHEEkOrT1ozLhakGl 94A0Aqkr8JolguUGlRobFPi57btYrwT3g8MYH4q5fgBYWQAov6IpM5yec8GdWQhRD5tC 0Ax6JsB0ooIwmT4n5nblwvmWo7thAMBxnFrHSP9RfZBW9LLERr65CaaolDQ48tv/CAKX l2OBdufhK2nJeUB9MMPZPdYfYOqpvH6oRpIZCUxqhsrsgYyEegj1/UXzCzFcS0ucxo4Z EdcRyeDiAndnOaS1LNOs83hgApICxD3lTMqnXM53LXOsfL7gbP+s6/BUFBXV4t3iCpQw uzGw== X-Google-Smtp-Source: APXvYqwYMqulY0Xx64lB5aqfOhV4++kQN1Oobfks3JeYhOF1doEtw6JzyLb48pAr8c5dYOSv/qswsA== X-Received: by 2002:a17:906:e204:: with SMTP id gf4mr92542915ejb.302.1564586036461; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id d7sm16507912edr.39.2019.07.31.08.13.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id AA55A1030C2; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 27/59] keys/mktme: Destroy MKTME keys Date: Wed, 31 Jul 2019 18:07:41 +0300 Message-Id: <20190731150813.26289-28-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Destroy is a method invoked by the kernel key service when a userspace key is being removed. (invalidate, revoke, timeout). During destroy, MKTME wil returned the hardware KeyID to the pool of available keyids. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index beca852db01a..10fcdbf5a08f 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -50,6 +50,23 @@ int mktme_reserve_keyid(struct key *key) return 0; } +static void mktme_release_keyid(int keyid) +{ + mktme_map[keyid].state = KEYID_AVAILABLE; + mktme_available_keyids++; +} + +int mktme_keyid_from_key(struct key *key) +{ + int i; + + for (i = 1; i <= mktme_nr_keyids(); i++) { + if (mktme_map[i].key == key) + return i; + } + return 0; +} + enum mktme_opt_id { OPT_ERROR, OPT_TYPE, @@ -62,6 +79,17 @@ static const match_table_t mktme_token = { {OPT_ERROR, NULL} }; +/* Key Service Method called when a Userspace Key is garbage collected. */ +static void mktme_destroy_key(struct key *key) +{ + int keyid = mktme_keyid_from_key(key); + unsigned long flags; + + spin_lock_irqsave(&mktme_lock, flags); + mktme_release_keyid(keyid); + spin_unlock_irqrestore(&mktme_lock, flags); +} + /* Key Service Method to create a new key. Payload is preparsed. */ int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) { @@ -198,6 +226,7 @@ struct key_type key_type_mktme = { .free_preparse = mktme_free_preparsed_payload, .instantiate = mktme_instantiate_key, .describe = user_describe, + .destroy = mktme_destroy_key, }; static int __init init_mktme(void) From patchwork Wed Jul 31 15:07:42 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068171 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4E64A13A4 for ; Wed, 31 Jul 2019 15:14:00 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 392F620243 for ; Wed, 31 Jul 2019 15:14:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2CFFF205AD; Wed, 31 Jul 2019 15:14:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9174720243 for ; Wed, 31 Jul 2019 15:13:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D853F8E0021; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id CBE108E0024; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A72918E0021; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 53DD38E0022 for ; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id l14so42632175edw.20 for ; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=1BQJGkT0s+shkdXKpDMkrADfSTioqQt/ZZz1bLqTUmQ=; b=SrUHwLCZzlgFzlAq1yyo24AlHOpjjCi7mE162kvP7d+J4OHpLxO+2gGeE43TQ4hkE+ 7g8cKQhWQPijGEijMX2e/0CmvKhgpCf+/tn/bwmtRPGqNEbQFtGKvk2QQ6j0SGJPX9t1 DX9eEghWcfp+DESHjt5Qv9G0r1HOhmgF/SU8cGcbSOjJAkvWjRb2vV9NFQkSkwU2bVzc b/hLQ5N6bdgCCkQ/Zti7MxNWPiGRnX17EwdX/JZ19hlDHSUkSRXxlKWh8vJyVb/YJ0WA Sr5fHT2sq3SyJju/5nO2Cy8UWytj4zkWLftmWkzAj88+4EVXIoXQIxIYVSgpxCNFEbBK 0D5w== X-Gm-Message-State: APjAAAWbpGHo9c9lLO9Po842LS77pBRUu8+NiuGbfuhFGwmI99xsk2eO SfuvWhNbipOpWlqUhnso21D9/dWwMt/UibpIHMMsgDboWyAqYWFdAgaVMohbOFUsvXcqmeWAAdn tH5ftepY52f69g+O2mIkWS373vgAsHukzBLr9Js598HXFs5t9qfEJSF8vuDrQBqw= X-Received: by 2002:a50:ac46:: with SMTP id w6mr111922326edc.238.1564586031914; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) X-Received: by 2002:a50:ac46:: with SMTP id w6mr111922188edc.238.1564586030664; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586030; cv=none; d=google.com; s=arc-20160816; b=b1/rK3DToRZjlAUxYCnAgboHoc7gRUTme4ZKJzyPqmHF8dpPrYA8nulfpumcTKG8ty TUE6GOuxrqYp2Xy/6zUx4rMaKQzKIb/eRKqDsfqEDRE+TEVk+qbgN/DEuuiRheGKSW6H WfY9vDo4Mxuaw9QO/jxXxBvfkXHuk+AwQo+qBcuCZsM3qAx7khTW0fKnUXZqqH4yMeCM wNmqzsyEuySrL2OjPEVaiEQ8ICuwrVQ3TxvFUf6cu+bzi67JwvvmKQ3rIAc+qI7PkiLo ydKuuVxtFmAX2xtXf2HmCqNufeCYHkLymuUgLa8HCmkVqpQ2R9UwrKOr/kM/uwjh/0D4 Kkvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=1BQJGkT0s+shkdXKpDMkrADfSTioqQt/ZZz1bLqTUmQ=; b=Yxy3XcB0qWkBiMhV3ezBwj6H5z+O55ASQFuodOYWyeQ97GSR/DnFL/3EnDa1SMUaJ7 cOziDGuoNGMrJUkGNcJ7Yz4E0r5Q4wW2dnT//cAoDCLd7Y6i3G+qNh7Yr3n2wenY6wzN 74qByDnFvATI8Z0X8WqfnYqjDV+PI3j73mMUbUpTY5g+zSQAKljeBXInpv4k7muDTZmv z/6j2RqT8Wv4JpeXIedwwl6/rmyYqH+z+0//S7tFAGNs4PLq6zk/kp4RyAr2J/oVwqB8 VjwVqS1uOId3D7dyeYJACRZTevTirQP6aUqZuhiC/lpjAi9018GBsi2jF7/bANUF0w/s n59g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=F0MT0Anr; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id d23sor22165404ejb.63.2019.07.31.08.13.50 for (Google Transport Security); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=F0MT0Anr; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=1BQJGkT0s+shkdXKpDMkrADfSTioqQt/ZZz1bLqTUmQ=; b=F0MT0AnrCovBczYaK6YHDuFLb0wBcNajj6NHjl7jAd1Y6o1sz/pNiCycggcpbm6sR3 dDEawPYmizqxf+941dOmoLsE0S6Q6h1HQDO131T53iZuuKNPHzVa3IPL9WD/cAQThRxW 19GfKEGA+MvSm2zoe3KKZc/IX3XQ6h9saIaqsaf2Cv3IGGslYpWhz/Y2aQxDBt3NfhUb w/gBHQa/MfFXThu2xMpIdQZhfx6ijjecuKQ3SRFmAoT48fh5DVqlO0eNkdkALj71DjZx huhf1zc3aR8yYQEOtkcgzJ7LoEXxQCLmXSefv3Umpu1K5rbidj3HWE72bSF4c6y4iBlq mv+Q== X-Google-Smtp-Source: APXvYqy+sAZ1XO5Dthl6XVadxh27450cRd8oWJweimgbdsPH0ca3T6NWosb4Y5aumCe01jgo510kdA== X-Received: by 2002:a17:906:2555:: with SMTP id j21mr96482359ejb.231.1564586030314; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id s2sm5404851ejf.11.2019.07.31.08.13.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id B152E1030C3; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 28/59] keys/mktme: Move the MKTME payload into a cache aligned structure Date: Wed, 31 Jul 2019 18:07:42 +0300 Message-Id: <20190731150813.26289-29-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield In preparation for programming the key into the hardware, move the key payload into a cache aligned structure. This alignment is a requirement of the MKTME hardware. Use the slab allocator to have this structure readily available. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 10fcdbf5a08f..8ac75b1e6188 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -16,6 +16,7 @@ static DEFINE_SPINLOCK(mktme_lock); static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ +static struct kmem_cache *mktme_prog_cache; /* Hardware programming cache */ enum mktme_keyid_state { KEYID_AVAILABLE, /* Available to be assigned */ @@ -79,6 +80,25 @@ static const match_table_t mktme_token = { {OPT_ERROR, NULL} }; +/* Copy the payload to the HW programming structure and program this KeyID */ +static int mktme_program_keyid(int keyid, u32 payload) +{ + struct mktme_key_program *kprog = NULL; + int ret; + + kprog = kmem_cache_zalloc(mktme_prog_cache, GFP_KERNEL); + if (!kprog) + return -ENOMEM; + + /* Hardware programming requires cached aligned struct */ + kprog->keyid = keyid; + kprog->keyid_ctrl = payload; + + ret = MKTME_PROG_SUCCESS; /* Future programming call */ + kmem_cache_free(mktme_prog_cache, kprog); + return ret; +} + /* Key Service Method called when a Userspace Key is garbage collected. */ static void mktme_destroy_key(struct key *key) { @@ -93,6 +113,7 @@ static void mktme_destroy_key(struct key *key) /* Key Service Method to create a new key. Payload is preparsed. */ int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) { + u32 *payload = prep->payload.data[0]; unsigned long flags; int keyid; @@ -101,7 +122,14 @@ int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) spin_unlock_irqrestore(&mktme_lock, flags); if (!keyid) return -ENOKEY; - return 0; + + if (!mktme_program_keyid(keyid, *payload)) + return MKTME_PROG_SUCCESS; + + spin_lock_irqsave(&mktme_lock, flags); + mktme_release_keyid(keyid); + spin_unlock_irqrestore(&mktme_lock, flags); + return -ENOKEY; } /* Make sure arguments are correct for the TYPE of key requested */ @@ -245,10 +273,15 @@ static int __init init_mktme(void) if (!mktme_map) return -ENOMEM; + /* Used to program the hardware key tables */ + mktme_prog_cache = KMEM_CACHE(mktme_key_program, SLAB_PANIC); + if (!mktme_prog_cache) + goto free_map; + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ - +free_map: kvfree(mktme_map); return -ENOMEM; From patchwork Wed Jul 31 15:07:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068173 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6B814746 for ; Wed, 31 Jul 2019 15:14:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5739920415 for ; Wed, 31 Jul 2019 15:14:03 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 4B4F120246; Wed, 31 Jul 2019 15:14:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AC7A6201B0 for ; Wed, 31 Jul 2019 15:14:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A17F8E0024; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 653E08E0022; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4CCC98E0024; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id F11598E0022 for ; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id w25so42570433edu.11 for ; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Sg6bxLoMlRes885QhQrq9mVE221k6YoeytqqLikFglU=; b=V3RQLDJnwdxlHfDXIaQiCT3pcbn9CCLt8ThSLeWza9/6tgiQ37eID6lS3SyitCbU0y jSs1PYIaIx3rSZm3kFnQGHbpNMsOpcyZKGGJ1Cvt1sJJcYEHJOflWr1oYsjs9MiqUJGh z4u9nh1AVh/zLwpF1JKEsGigN692BTuYaMp/EElCX6Exnj3vyJ+/2dkMUuskjRUMBhbX 0VAPhlVJ9UsNGCoKfETCe8CYvG6V6Zr3i2a77RcPaXRS9bMlcZcrdGIv93ziIr2uHCwl U4wpfDctzlckY9Pnx+ZLlEJr43CFCGO88cVM+jC3PxzozaGP7DqjMdz4oN8SjtFl5IQ8 zLgA== X-Gm-Message-State: APjAAAVN6OmxEN3zE7MuTUlzh51ZXXzByhUGQZByeKuR9pJsxR8qQClk hIMg4pjvSw6YNHHYk3APp6VzNdbVgnvRsGSIg/fVpMnUq02yUdlrJMZ7VTBtLVSCZ+WH8NjYxmV pzGz/a2yLHz8bnmxomW6E6i7R4zaSticsovcmV47bClXIVy0QD/I8oW7yMPYrY/Y= X-Received: by 2002:aa7:d985:: with SMTP id u5mr106095318eds.222.1564586032559; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) X-Received: by 2002:aa7:d985:: with SMTP id u5mr106095159eds.222.1564586031029; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586031; cv=none; d=google.com; s=arc-20160816; b=XNNsaBLvacQ+P+UJml7LwSTZlx6x5KC2rbpOFJsEtpzTAFxqElmTWdMrrsWjuQ8wsK bYZreQKfTTGy/cV6S35AEDFeQYe1d19unxC3hLMuA/qE7TEX7iE3buiCTdQ2hj3I4USL cbp2KTayeiA3Qh5VvfKo8JnJ2wJPDP3F8hmsl7k1LdlZ4JLlmPei9ZmlRQhNxpKQaPpK G/YUtlBhTGo4Hj1mjqoNOXL9PJgglhBfZ06gdCpFO/QGwP3WTc5pG+M+50mufW3jJ8tY SMxoSleaJ6mdkeWWn96a820zlyEKOlxgo5hlKIsE8XcDyVIud1EprQu+JgLO2oUrPCZQ 61yg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Sg6bxLoMlRes885QhQrq9mVE221k6YoeytqqLikFglU=; b=R2X1Jgm4FGo92BQGrQN4gJgXbQmbBegw8+jopq+UG5YRCjbStT8gAB+INr7GFHYrGb AA/pH2IYy6En2rtFpP7ECVDt5lAkir3oYlUEqKj7pHOZlUVovAReTCvZoFpT81Bmz9Lq Vw09fW7mkW6jXBcIRLldUAqyomYz323zloz5nziNwPLx64mScWk791UaP2qIIbXLdUAu NahARX1iOhSuKQkWqJJPP6kZJpg6r1Z4XVUIwn6/C0vKTnnj38/pPSTd7T5ahkpRQPdR GwOA7duY5c+mmttDC3hw5RC0wldWU4AFBFQHdcdoJLGTpgaz/mUI2M+mCWTnt+jf/4vh Bq+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=IXEicb9B; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id t1sor18065153ejg.7.2019.07.31.08.13.50 for (Google Transport Security); Wed, 31 Jul 2019 08:13:51 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=IXEicb9B; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Sg6bxLoMlRes885QhQrq9mVE221k6YoeytqqLikFglU=; b=IXEicb9BiLYExfvQdFk4yaWrUYrtPs2P+FQ3xbHGAjJqFjc/Tjuex7il/QhhrAU3gJ 1B0zMUjyCzuoPb2CGvJQ7dAtThjRe7D5+pWm017eXRhJ5OYV8RCaNICnYmJ009+sfvzW 5NUoC3YokyUZoQB7sHYWULxV/2/f9TOcZ1/gPkf55duPH15/Vc4B/k9Omnv9/9Yv3CZU SeCOWTrZNYeWEwYFisHEi4GPFxy3g1PXFpyNHAYa2qaeY0jn6aM8/D2yPWi1YGyBcl0J 4Kakk20YFCj7A+Ev81808+OjXvvP+eFNT1KH0KoZhORiukznX+DHLEGwFZnttRXtl3Xg KF/A== X-Google-Smtp-Source: APXvYqzUHszTMCf0FqL0C12el1+4vYG6LYW8ml5drC1eMYBiTn4AhQh509XXdc2m4fyznpBj9tVZ/g== X-Received: by 2002:a17:906:d052:: with SMTP id bo18mr88285067ejb.311.1564586030665; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id u9sm17451892edm.71.2019.07.31.08.13.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id B852D103C08; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 29/59] keys/mktme: Set up PCONFIG programming targets for MKTME keys Date: Wed, 31 Jul 2019 18:07:43 +0300 Message-Id: <20190731150813.26289-30-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield MKTME Key service maintains the hardware key tables. These key tables are package scoped per the MKTME hardware definition. This means that each physical package on the system needs its key table programmed. These physical packages are the targets of the new PCONFIG programming command. So, introduce a PCONFIG targets bitmap as well as a CPU mask that includes the lead CPUs capable of programming the targets. The lead CPU mask will be used every time a new key is programmed into the hardware. Keep the PCONFIG targets bit map around for future use during CPU hotplug events. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 42 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 8ac75b1e6188..272bff8591b7 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -2,6 +2,7 @@ /* Documentation/x86/mktme/ */ +#include #include #include #include @@ -17,6 +18,8 @@ static DEFINE_SPINLOCK(mktme_lock); static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ static struct kmem_cache *mktme_prog_cache; /* Hardware programming cache */ +static unsigned long *mktme_target_map; /* PCONFIG programming target */ +static cpumask_var_t mktme_leadcpus; /* One CPU per PCONFIG target */ enum mktme_keyid_state { KEYID_AVAILABLE, /* Available to be assigned */ @@ -257,6 +260,33 @@ struct key_type key_type_mktme = { .destroy = mktme_destroy_key, }; +static void mktme_update_pconfig_targets(void) +{ + int cpu, target_id; + + cpumask_clear(mktme_leadcpus); + bitmap_clear(mktme_target_map, 0, sizeof(mktme_target_map)); + + for_each_online_cpu(cpu) { + target_id = topology_physical_package_id(cpu); + if (!__test_and_set_bit(target_id, mktme_target_map)) + __cpumask_set_cpu(cpu, mktme_leadcpus); + } +} + +static int mktme_alloc_pconfig_targets(void) +{ + if (!alloc_cpumask_var(&mktme_leadcpus, GFP_KERNEL)) + return -ENOMEM; + + mktme_target_map = bitmap_alloc(topology_max_packages(), GFP_KERNEL); + if (!mktme_target_map) { + free_cpumask_var(mktme_leadcpus); + return -ENOMEM; + } + return 0; +} + static int __init init_mktme(void) { int ret; @@ -278,9 +308,21 @@ static int __init init_mktme(void) if (!mktme_prog_cache) goto free_map; + /* Hardware programming targets */ + if (mktme_alloc_pconfig_targets()) + goto free_cache; + + /* Initialize first programming targets */ + mktme_update_pconfig_targets(); + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + + free_cpumask_var(mktme_leadcpus); + bitmap_free(mktme_target_map); +free_cache: + kmem_cache_destroy(mktme_prog_cache); free_map: kvfree(mktme_map); From patchwork Wed Jul 31 15:07:44 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068165 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EBF96746 for ; Wed, 31 Jul 2019 15:13:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D6D55201BD for ; Wed, 31 Jul 2019 15:13:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id CA82A205F8; Wed, 31 Jul 2019 15:13:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2B7132022C for ; Wed, 31 Jul 2019 15:13:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 31F3A8E0020; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2CFB88E0005; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1BED48E0020; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id C3E638E0005 for ; Wed, 31 Jul 2019 11:13:50 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id f19so42620124edv.16 for ; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=PzedmcWsRc3DhudY/wiWcVyq0AAagaASN0DGAs1EUfk=; b=R8RzN1CKnHaZIhUVqSMMCHTUEMYgB12cMCMfyZr7kFIsClKmm14vKFFQZ8yfOMrzh3 jLXMICM39wOwKmTwf9VG11btw2v2L5vckqUk00oIKkFMggDAPhalYDkaLlcFCwfM26ka npnIfaDo8Npm4FwCyjRL/82obmOI2PctCOyPTnDIxkVBxjQoH8uXNbuWPq7K2WuI7nVH Zl61y1M2ZFDSta1XclRqhoXmYAaBfTkBNxrYh1CwPXxDQfqqeqZX0sVCd2GFpku8lQZM 5isDJSMnbme9/TYCpvEhOSIUc1i8ngDbF3rrX5IUmfqMCdumCQfu9ojAum+OAGLreSG5 g3Nw== X-Gm-Message-State: APjAAAWL7/60RhknERL/4Y3V2CBoaHno4bA1FJ+n9Mzfb3sDsTNxoHXq NFXztp7mc21uC3gpdoKWQ4Q470kqF/Ic8RYAibKO8ZGagA6UZhv9iZmTsQ+DykJPdqV4Aanity6 dVZnIQHynG8av5awiir9O7cpIhwSU43FnEmyqlQ32VriYb61quZwnFd/Oa3IXack= X-Received: by 2002:aa7:dd09:: with SMTP id i9mr109849273edv.193.1564586030332; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) X-Received: by 2002:aa7:dd09:: with SMTP id i9mr109849142edv.193.1564586029040; Wed, 31 Jul 2019 08:13:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586029; cv=none; d=google.com; s=arc-20160816; b=tlhCHIilpx/OPSkykDMYCDKW9aLUNlglZTZOfUo7wXdZ+F2YxIhlsmaxgMkc+SF+cm I1PPkbMldDM91hMd1nd5bJPiXHHDHRtPk4shyMCiBXe5rdHVWpvZR2Y2L998fu/oFDTz PZnweN9EQ+LWf22t+M48Xu1aEJfMX51N5XV6GQMjXopVhvHr0QW4MZZ2fTgkIkMg7Mom psYCBeYNQfabKYaE2xf/qZF65WfHVppBBxTjGOlsv3LyD0FhJWlY7Nq4P74k+ehdsPLw xPSIdVzcsjm5Mzlf+UUB91yOHqEZ67CEH+Ryzn4AGGrZZGVc4MxR0EajIRSrxZRYuvoK 2U1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=PzedmcWsRc3DhudY/wiWcVyq0AAagaASN0DGAs1EUfk=; b=s/Ewn/qepdjFUnS+RiaNb8qj4sQwilpo5C4qioS3QG/zfQaC9HRam64KHbu2Ys408z 0eIHln1moIQ732ccM7O9q5XuFFnKw5cgMmkSrJ9ACUjDHC9i493GZBA3AhaEUmqmUqIy bdOWLTdUJhppuYhgzrUZj06xQ9qDen4wAOE8+foYlIcKHUrD7QB4JB2U2r/+DDXX/YgB 1YG7X+Mei4mxttvaMBlKSa65yknjVJzySJCXDlIdzUCIG1c8e921zqsUyP72L7dxfLDP BjN6/3bYUMRIIQ+KQedzTCGSJYQ2MiJL89KbtRc9lFMikbAXWwuCDkwOlxWNSsHiCC1l f5Pg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=oLYDLyPe; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id f3sor18863803ejq.0.2019.07.31.08.13.48 for (Google Transport Security); Wed, 31 Jul 2019 08:13:49 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=oLYDLyPe; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=PzedmcWsRc3DhudY/wiWcVyq0AAagaASN0DGAs1EUfk=; b=oLYDLyPe+JzY2m1J7wjX7AgBe2E4rUQv0fXNMOTxiG0nu3Kabo9U15Ufg7K6WUQgmi RNNtxu0DlWJ+voFj2zV59ecQN7UXfIGdJz6l2QQg7hl1DF1htbBcFoFM/zAI2mPjcI1U l3fEHvv0/1gka708wHD2qXwLZrc051+nm/YjhW0tIhCa72L/Tien3Zer+cqAIsJMVqNK L0WPnYRQdIixCyrAGbQRcVHhSuhtXWLR41Rx6IQOFrIz+x0hmONqrQ/gZtqcXxab8960 yeuaFiFWFODRPxwK1POFLi1ZUqFHAQQefGlgCb9xVI6pv/BL6bFoNByecBEofA/OdSSY 7nrg== X-Google-Smtp-Source: APXvYqzcJGczjYcDRUjZLltV4/L8von3YErmNZFFERlXjz5jyiPEJ/PtKIEf2ACHSo4AM9+ctzEY3w== X-Received: by 2002:a17:906:c2c9:: with SMTP id ch9mr2839424ejb.167.1564586028666; Wed, 31 Jul 2019 08:13:48 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id a18sm9661518ejp.2.2019.07.31.08.13.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id BF3F9103FDC; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 30/59] keys/mktme: Program MKTME keys into the platform hardware Date: Wed, 31 Jul 2019 18:07:44 +0300 Message-Id: <20190731150813.26289-31-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Finally, the keys are programmed into the hardware via each lead CPU. Every package has to be programmed successfully. There is no partial success allowed here. Here a retry scheme is included for two errors that may succeed on retry: MKTME_DEVICE_BUSY and MKTME_ENTROPY_ERROR. However, it's not clear if even those errors should be retried at this level. Perhaps they too, should be returned to user space for handling. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 92 +++++++++++++++++++++++++++++++++++++- 1 file changed, 91 insertions(+), 1 deletion(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 272bff8591b7..3c641f3ee794 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -83,6 +83,96 @@ static const match_table_t mktme_token = { {OPT_ERROR, NULL} }; +struct mktme_hw_program_info { + struct mktme_key_program *key_program; + int *status; +}; + +struct mktme_err_table { + const char *msg; + bool retry; +}; + +static const struct mktme_err_table mktme_error[] = { +/* MKTME_PROG_SUCCESS */ {"KeyID was successfully programmed", false}, +/* MKTME_INVALID_PROG_CMD */ {"Invalid KeyID programming command", false}, +/* MKTME_ENTROPY_ERROR */ {"Insufficient entropy", true}, +/* MKTME_INVALID_KEYID */ {"KeyID not valid", false}, +/* MKTME_INVALID_ENC_ALG */ {"Invalid encryption algorithm chosen", false}, +/* MKTME_DEVICE_BUSY */ {"Failure to access key table", true}, +}; + +static int mktme_parse_program_status(int status[]) +{ + int cpu, sum = 0; + + /* Success: all CPU(s) programmed all key table(s) */ + for_each_cpu(cpu, mktme_leadcpus) + sum += status[cpu]; + if (!sum) + return MKTME_PROG_SUCCESS; + + /* Invalid Parameters: log the error and return the error. */ + for_each_cpu(cpu, mktme_leadcpus) { + switch (status[cpu]) { + case MKTME_INVALID_KEYID: + case MKTME_INVALID_PROG_CMD: + case MKTME_INVALID_ENC_ALG: + pr_err("mktme: %s\n", mktme_error[status[cpu]].msg); + return status[cpu]; + + default: + break; + } + } + /* + * Device Busy or Insufficient Entropy: do not log the + * error. These will be retried and if retries (time or + * count runs out) caller will log the error. + */ + for_each_cpu(cpu, mktme_leadcpus) { + if (status[cpu] == MKTME_DEVICE_BUSY) + return status[cpu]; + } + return MKTME_ENTROPY_ERROR; +} + +/* Program a single key using one CPU. */ +static void mktme_do_program(void *hw_program_info) +{ + struct mktme_hw_program_info *info = hw_program_info; + int cpu; + + cpu = smp_processor_id(); + info->status[cpu] = mktme_key_program(info->key_program); +} + +static int mktme_program_all_keytables(struct mktme_key_program *key_program) +{ + struct mktme_hw_program_info info; + int err, retries = 10; /* Maybe users should handle retries */ + + info.key_program = key_program; + info.status = kcalloc(num_possible_cpus(), sizeof(info.status[0]), + GFP_KERNEL); + + while (retries--) { + get_online_cpus(); + on_each_cpu_mask(mktme_leadcpus, mktme_do_program, + &info, 1); + put_online_cpus(); + + err = mktme_parse_program_status(info.status); + if (!err) /* Success */ + return err; + else if (!mktme_error[err].retry) /* Error no retry */ + return -ENOKEY; + } + /* Ran out of retries */ + pr_err("mktme: %s\n", mktme_error[err].msg); + return err; +} + /* Copy the payload to the HW programming structure and program this KeyID */ static int mktme_program_keyid(int keyid, u32 payload) { @@ -97,7 +187,7 @@ static int mktme_program_keyid(int keyid, u32 payload) kprog->keyid = keyid; kprog->keyid_ctrl = payload; - ret = MKTME_PROG_SUCCESS; /* Future programming call */ + ret = mktme_program_all_keytables(kprog); kmem_cache_free(mktme_prog_cache, kprog); return ret; } From patchwork Wed Jul 31 15:07:45 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068199 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 26AFB746 for ; Wed, 31 Jul 2019 15:14:42 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1258D20246 for ; Wed, 31 Jul 2019 15:14:42 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 06B66205F6; Wed, 31 Jul 2019 15:14:42 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6BBC820246 for ; Wed, 31 Jul 2019 15:14:41 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CBDDA8E002A; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id BD32F8E0030; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9FC268E002A; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 4238E8E0030 for ; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id i44so42652135eda.3 for ; Wed, 31 Jul 2019 08:13:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=bD/5ZInA5DBfNF/OoolUD2uLCIaOC1DGsUwSCxp+njs=; b=VIzL4VAPT63JmqODvU+FF2JFcKiMBCtmRAmZFGS2xI5pAdiaxUNLXAnxhv8tvgAWiC 1i0nIiBDGIP9cmj9tqSwkz9cq8GEgpuI/Mhl4xXEiLk0PDFxVEZdQnxGQqRyRp0Ej+tA naml+my21KzhEIiIvmFO/st1YgA31LbV1Me8Pi2O6xK16JAnquOuQM97cpqnbz89RHel P3aduIjAjpHySwDw+IQInqslxOsI+zrTyjjApoCWBB82WcTToZmTpzrGL5pl3d62aSgF 4cLLBvU7u2QlZyIrp6FdTeSODZpf3GgB8pvRONgz5UxoS/93bo4+zb5gnfT9XKJDZP0g ntcg== X-Gm-Message-State: APjAAAUS04WwyCmBsCnZNYjDDy4TLJVGXeZ1fHIeYVJJJyZp5yMaIiRS GTooqkvt55MqBytJuVKYjGF8F+2LiLTBEGlObSc3Tg8Ah9Ej2ZbRbvRY2lUi+inkpZvqK6ANsGF D1QJeBu8iRVVRgE25VZ9F2OWQgTEYLitHoiq+NPb2hF/0F82Gg+XtAdwHgKrSWBs= X-Received: by 2002:a50:e718:: with SMTP id a24mr106273300edn.91.1564586038834; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) X-Received: by 2002:a50:e718:: with SMTP id a24mr106273185edn.91.1564586037618; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586037; cv=none; d=google.com; s=arc-20160816; b=NmC8724Zj/0RlCcCjVwJz0WHV2EY4X2DUznZDkQzjC84ZMk37P2cEo6x0ICZwAl9YA cMos8UrEqm+/UydvU1yU0rvg+6ogIlJoL6QhJ4+EU6wqlR8TQT73/cAlh9bFarbQlPe9 EX2ZvBsBOekQpxcHYbEJ4fjWAbmMkfbNJFJDjBS+SSXFsbpbFFWN1C+osQfTzpndrJ4U JvRV1xmmwF7CuZdxoMgexUfpB5flluKGdp0RaLSCnC5NLGGo5l6NIgJPFoe2rhuroTBG jrodVms/0T8YWSjZ1rYnvWoLeoo/1yhn/Q4AjzMiGfES0eexVUM2Hj73phWe9jSAPauY XaZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=bD/5ZInA5DBfNF/OoolUD2uLCIaOC1DGsUwSCxp+njs=; b=Uzt0iMYvhfeAiXBipuOSIpzBUA8PBj/aI7+qUmLqnEHxs93X7YFULz8NgH+1mnzc5R 8VPa3FtxeywTbgoUPLoKamQb6zf+dRjwgzF+uBaBCub0XQSpZgyHBIETSjYbC9pd8EYe T7WEHtJqmYuvgoKtU1eldOHSuvVUAX48kqk7/PX7QidYjeF667Hj9460wgzqf6ub0HoH 57goKO2OR85rMU8AdLI49NLs3tlAb54Ye6TFW+ot4HZ5L9OKPa+g3ctPFPE89osJvSkS qn4DkNUrUFofaU3OQZbNTZquTvBwtNY51A9ZF4eXST4B60bHHJNvM20SRr6Tcd1CRGck T37w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=nvqdVZ7h; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id c38sor51978791eda.0.2019.07.31.08.13.57 for (Google Transport Security); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=nvqdVZ7h; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bD/5ZInA5DBfNF/OoolUD2uLCIaOC1DGsUwSCxp+njs=; b=nvqdVZ7hy8prTTJcbUZBwkmbx2dG13l4tJOjU/HGiWPNPCIzhkiP7BT5p8Q5xWDndr 7DeAzS8uAbr6+O45Oq+aNxw5yIDCtTUXGB0id3g7Z8mpUiISvVh8+Qdpp6w9Mrz78JiC 0VezF9Twz7YfGrVqrIO2CaQOxV5IahFa9jvmh6yBk00rx18AqNPPp2V83WMw5/RHJxZK V7Ij2TTHXT4PuakKHcAQZMB0LBshUp7ZbQOCUWMzIrguS1msbfDi5NilYa6XZJJc6A82 xAVNYZPhVRKGVGB4dKsMF59lYW4aPwm4ovfr9mL7D2xAkl0s4z/mmm5UiL+UO1fObzyu 5wPg== X-Google-Smtp-Source: APXvYqxJIvkHF7kejGb362uxw7wEOxIDocRJ4jXYfh9K6XIBqdmcEBR8hDmMszbdv7iLHfJZFlKGzw== X-Received: by 2002:a05:6402:6d0:: with SMTP id n16mr25572624edy.168.1564586037300; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id t2sm17397627eda.95.2019.07.31.08.13.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:54 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id C65041044A6; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 31/59] keys/mktme: Set up a percpu_ref_count for MKTME keys Date: Wed, 31 Jul 2019 18:07:45 +0300 Message-Id: <20190731150813.26289-32-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The MKTME key service needs to keep usage counts on the encryption keys in order to know when it is safe to free a key for reuse. percpu_ref_count applies well here because the key service will take the initial reference and typically hold that reference while the intermediary references are get/put. The intermediaries in this case will be encrypted VMA's, Align the percpu_ref_init and percpu_ref_kill with the key service instantiate and destroy methods respectively. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 39 +++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 3c641f3ee794..18cb57be5193 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -71,6 +72,26 @@ int mktme_keyid_from_key(struct key *key) return 0; } +struct percpu_ref *encrypt_count; +void mktme_percpu_ref_release(struct percpu_ref *ref) +{ + unsigned long flags; + int keyid; + + for (keyid = 1; keyid <= mktme_nr_keyids(); keyid++) { + if (&encrypt_count[keyid] == ref) + break; + } + if (&encrypt_count[keyid] != ref) { + pr_debug("%s: invalid ref counter\n", __func__); + return; + } + percpu_ref_exit(ref); + spin_lock_irqsave(&mktme_lock, flags); + mktme_release_keyid(keyid); + spin_unlock_irqrestore(&mktme_lock, flags); +} + enum mktme_opt_id { OPT_ERROR, OPT_TYPE, @@ -199,8 +220,10 @@ static void mktme_destroy_key(struct key *key) unsigned long flags; spin_lock_irqsave(&mktme_lock, flags); - mktme_release_keyid(keyid); + mktme_map[keyid].key = NULL; + mktme_map[keyid].state = KEYID_REF_KILLED; spin_unlock_irqrestore(&mktme_lock, flags); + percpu_ref_kill(&encrypt_count[keyid]); } /* Key Service Method to create a new key. Payload is preparsed. */ @@ -216,9 +239,15 @@ int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) if (!keyid) return -ENOKEY; + if (percpu_ref_init(&encrypt_count[keyid], mktme_percpu_ref_release, + 0, GFP_KERNEL)) + goto err_out; + if (!mktme_program_keyid(keyid, *payload)) return MKTME_PROG_SUCCESS; + percpu_ref_exit(&encrypt_count[keyid]); +err_out: spin_lock_irqsave(&mktme_lock, flags); mktme_release_keyid(keyid); spin_unlock_irqrestore(&mktme_lock, flags); @@ -405,10 +434,18 @@ static int __init init_mktme(void) /* Initialize first programming targets */ mktme_update_pconfig_targets(); + /* Reference counters to protect in use KeyIDs */ + encrypt_count = kvcalloc(mktme_nr_keyids() + 1, sizeof(encrypt_count[0]), + GFP_KERNEL); + if (!encrypt_count) + goto free_targets; + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + kvfree(encrypt_count); +free_targets: free_cpumask_var(mktme_leadcpus); bitmap_free(mktme_target_map); free_cache: From patchwork Wed Jul 31 15:07:46 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068329 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AD03D1399 for ; Wed, 31 Jul 2019 15:24:00 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 922E0204BE for ; Wed, 31 Jul 2019 15:24:00 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 85999204C1; Wed, 31 Jul 2019 15:24:00 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0DA8B204FD for ; Wed, 31 Jul 2019 15:23:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3E00D8E003E; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2CC028E003B; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0827A8E003D; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 903F08E003B for ; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id n3so42606428edr.8 for ; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=4nUUGiekxDXyLHELJNk1/crPjGXFhQCWsxTcExxSHys=; b=J50sPXb6tYsT5r+ttNWDkHpzcl2zeG6p727NHGFI553LoM/p8z1xSHamHQO3PImw9x T4Ib3vSKgm4LqO994eyuq6kNHYrrPZTcoVA7pUm+VRqcaoRvfll3bnMwHqXRJ3k2Q+6L G3bSLc3c5S9/tQ4hQBE0NScWkdSGHRa5o9ctnTgLcD5hQxfmeKFQBm5AcVLvTsXXtSYv VNkoGAQJsAp2fQaTAwZiMfiMcRfOjfgexchYBkzUhKX8ON/4Vw2wqwBQGsmS7142PJFt NcvYwE3X0QrRCIJ2zpaNaoWgVpSBzUTcXWVRZTSskJYzc3lZwbLNxIfu+wvHD2KCH7w6 rD1A== X-Gm-Message-State: APjAAAURUIsK2SHbO7Pz7ssTTYn1OMbiE2jSv1tjjfYAEQrV7WMW7fuE YIP95b7ZDa0cwPxEhLuBsz46pdLPj9N3crcZxBvvCeYwlw4sq+YMcacqpuWw60aCQA+hnLxje6U bF+I3aS6qxh3GI0x9yNcobBEaCbtIASsRQqRbhNxMr/d05w+PQay6DT93lU5JVUI= X-Received: by 2002:a17:906:4694:: with SMTP id a20mr96567156ejr.67.1564586631149; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) X-Received: by 2002:a17:906:4694:: with SMTP id a20mr96567061ejr.67.1564586629865; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586629; cv=none; d=google.com; s=arc-20160816; b=qcjXOM5Y4HR5q8EsFHMLyqFhEHLOWUKY/PXOWqPYmFqsBOr4Fs/m3Mk61AfD1FWgE1 TtgmABRb13gy57C9l4OTnW8q/RM7lsMsMUwpE1n9APqE1ZEP1S54qqK0DJpWjN/4K9lL pgfFuYBWOEGWdJsk5PNM9OHk06wlS4dA0cTUrpWBUVCgHjyhw49XlWSDCsSWVSMw9LdM 5FvsAzcFXeIAv1aaUSbrDn6/yUzc6TyGcsFjNCsI+30H8AUdAGwntj1tV1T6tbPBCdYC dMFpXfRlJ0wBAEkVO2WdCJceSWfJcwTU3eWtxAxaXkqwmu4wh4CO1P+kZJTb50aEcMNh hGyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=4nUUGiekxDXyLHELJNk1/crPjGXFhQCWsxTcExxSHys=; b=YZRZ8dxha07X/ZP7rZ4SDoFQEzjCOBFRswAMy865Umi1/bgLKCrgNChEfUYRXBgLuT uE4Mg+JA8DboTDxs7oNtrCZ0/6d7zQkQsMKVcInPVQITp3bPMXmcvSP8LAtTOj2sqzf9 fzfQQCMOWSUvyDyvcoSlzCTpKkw/BMI3Pvme7rYjBHTKSQV4yuQSDiF3SO/f0UJxqBAl LGjpXyLJ8KMOyblDAKa2+NE90F8SY0q6z2kExgHVlN94MWeGs30y3sRqUIGQtrwUTsGU 8t07fN4I6jNjVf/ZChvBc4ICbrsdnACssizQ9l+8p/CuzhVVrUOIBcKqTyZjBYViaRm1 ksjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=IOKuLaqn; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id ck15sor22693715ejb.58.2019.07.31.08.23.49 for (Google Transport Security); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=IOKuLaqn; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4nUUGiekxDXyLHELJNk1/crPjGXFhQCWsxTcExxSHys=; b=IOKuLaqnLIIvDxh8sGiA5Ti1EgZD/pb+tvmY2A/5Qcpvrnrj/8Q6+39fm9WysKchIW hxGKfQI/tErC99xqo32YRJXMLxuXvw7D5FxRJcrBpR8LO7tBGljabTEW8R9zvaZ7Gtu/ 5JhEe4A5G3i8YpbuhOwyBAKNi3WqHjxlhczPzXXfzxS1YgpNI6CrX/YkA/t7pf+O56zg jZvbsgItFZICFlQrj2qkMS9K0sSkOv6pJAFh7XH0Y/DNZ6ULvgHOHCZfkaErZTNsmjQb h2tqUsjMeDmKdo4PyoPbBB79hWABkWEqSQS6tHXaEaeEcq0q3LGFncuHeCOpiPphT7io M6bA== X-Google-Smtp-Source: APXvYqyocU9LaLEieM1frl2MdSDXaIV0gvyho3ioPkKIqAAuamyJHGIwJo2jc8AHxo4CrQ5fTnM4cQ== X-Received: by 2002:a17:906:9711:: with SMTP id k17mr96659095ejx.298.1564586629507; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id 9sm8073168ejw.63.2019.07.31.08.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id CD18F1044A7; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 32/59] keys/mktme: Clear the key programming from the MKTME hardware Date: Wed, 31 Jul 2019 18:07:46 +0300 Message-Id: <20190731150813.26289-33-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Send a request to the MKTME hardware to clear a previously programmed key. This will be used when userspace keys are destroyed and the key slot is no longer in use. No longer in use means that the reference has been released, and its usage count has returned to zero. This clear command is not offered as an option to userspace, since the key service can execute it automatically, and at the right time, safely. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 18cb57be5193..1e2afcce7d85 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -72,6 +72,9 @@ int mktme_keyid_from_key(struct key *key) return 0; } +static void mktme_clear_hardware_keyid(struct work_struct *work); +static DECLARE_WORK(mktme_clear_work, mktme_clear_hardware_keyid); + struct percpu_ref *encrypt_count; void mktme_percpu_ref_release(struct percpu_ref *ref) { @@ -88,8 +91,9 @@ void mktme_percpu_ref_release(struct percpu_ref *ref) } percpu_ref_exit(ref); spin_lock_irqsave(&mktme_lock, flags); - mktme_release_keyid(keyid); + mktme_map[keyid].state = KEYID_REF_RELEASED; spin_unlock_irqrestore(&mktme_lock, flags); + schedule_work(&mktme_clear_work); } enum mktme_opt_id { @@ -213,6 +217,27 @@ static int mktme_program_keyid(int keyid, u32 payload) return ret; } +static void mktme_clear_hardware_keyid(struct work_struct *work) +{ + u32 clear_payload = MKTME_KEYID_CLEAR_KEY; + unsigned long flags; + int keyid, ret; + + for (keyid = 1; keyid <= mktme_nr_keyids(); keyid++) { + if (mktme_map[keyid].state != KEYID_REF_RELEASED) + continue; + + ret = mktme_program_keyid(keyid, clear_payload); + if (ret != MKTME_PROG_SUCCESS) + pr_debug("mktme: clear key failed [%s]\n", + mktme_error[ret].msg); + + spin_lock_irqsave(&mktme_lock, flags); + mktme_release_keyid(keyid); + spin_unlock_irqrestore(&mktme_lock, flags); + } +} + /* Key Service Method called when a Userspace Key is garbage collected. */ static void mktme_destroy_key(struct key *key) { From patchwork Wed Jul 31 15:07:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068339 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1339113A4 for ; Wed, 31 Jul 2019 15:24:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F220A1FF87 for ; Wed, 31 Jul 2019 15:24:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E5B0321FAC; Wed, 31 Jul 2019 15:24:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 89BD8209CD for ; Wed, 31 Jul 2019 15:24:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 848E98E003D; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 7D2BE8E003F; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5D7518E003D; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 06B4C8E003F for ; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id a5so42624794edx.12 for ; Wed, 31 Jul 2019 08:23:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Pyaxzbpsx58odlzi9CMlCU1WWA9qqTOgEqw5C9FEBVg=; b=g5cW1IJa1P3cDre+G4O5twYGhOFfP6Ldch8er8p/20JYtofXc7L0TSBfD0x0p3142L KduA8ZEWRBhjJNFDOWacXR/TDhelZxQc7Le0UoT0RfSW3nz/rzLEJgHSZ33FbW1fVp8Z dqmz058j25F0thA5bwvFxVTDZYSSG5p5Hgm2eSi/9ilXtj18Vm72tlv40R1EM4TxBdt7 QnKMtxeBWEBfcJbFICsC1wTCXj2JiQuh28Hn4+0J9+VYqcBu+nPbkWmbL9u2wEePcEZi Gs7rs5aRLK1VyY5UgVEjSf0FygF7Ks4oU4HxT7ExVqV65u0RGzN5qGOKoooU3DTC35aE IitQ== X-Gm-Message-State: APjAAAUOtWQm2JWKESeb70y3RAviCj+Ihvfp2o3gVngH3g1+4j9roRse CDQ62SPyUz99aBEWYUsWfMThy0wYE+q/omZH/sEF/USdZiuv/lnVMs9R4xcM17tzLAHP4ycWCXY a5+1vNrAKqUW2FNxwq1ySF30iL87pQceIksvatJBXF4oKEc/9+bzBujYy1I48/gk= X-Received: by 2002:a17:906:229b:: with SMTP id p27mr93416807eja.266.1564586632597; Wed, 31 Jul 2019 08:23:52 -0700 (PDT) X-Received: by 2002:a17:906:229b:: with SMTP id p27mr93416729eja.266.1564586631580; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586631; cv=none; d=google.com; s=arc-20160816; b=zpeyE8wjsmq7NJrij1+vEizr5ARs8fTaJfloQvVa6mJtJkqNgMNstnBvQPynEGegLN DsjJGOR1dFuMNCll9fnydmqtVkiCEwEFHi/+fGlxPOeU5YA+kvgY34xCtPq1bd8kuQrA 36wEsnbPAhUpqSD49xnzrEFvySiQCx0yG8oKRUrQEL/NknZ1pp6I+2t2P0O/dIwAqIzA 1JoNFbULWoFCXoSO9ceSiQuu0j43f+zOPnImOrWvMstuCWRR54dsm5XWzzG9PmKhfktP SReq95U6gVJa9Olg1hi5RlFLGLmeDx/cVc0SPoE6Lzd2Gk3Vi3xf53fClbaxrtufuCOx /mNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Pyaxzbpsx58odlzi9CMlCU1WWA9qqTOgEqw5C9FEBVg=; b=T3sVFa2PXdU9CvJ0/EpGFP5FWhCjbYF7R9I99O5+8TtUDKJc7r4ZY/Ky5oa5x/52M4 FbC8+24y2Gr2sP5dL4RfDTACT5jIeuwm850Tnx2Czpz63a+Jy1swcpq4mN4f2egNRoqA N9D7gZ2sTPjksDUO7FTUvtZ9Mp+EzUwWZwF8ehqTXwrQl9awvSK+Wl5B0bvx6gMky8Fc MCLEHE5IxQiqbnOYzRX2SloSmLmbRmYSHfADFWflQXfi1/LSLOy+CisfOfm6eSdL1WS3 5PKGYvi49wo6+UgOrHhFD1NuKWCmDEvj0SUfGh6wYU6K5736uWfEUSOXJLBrkf2K+1+L QqOg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=TdeP43VI; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id q27sor16485395eji.6.2019.07.31.08.23.51 for (Google Transport Security); Wed, 31 Jul 2019 08:23:51 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=TdeP43VI; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Pyaxzbpsx58odlzi9CMlCU1WWA9qqTOgEqw5C9FEBVg=; b=TdeP43VIsvZBSvidBd63JYHMxnbdwhhCTLKUiBkNxJ1dN5ZesnIcrufzgwhWgQyHPq i7R3oVQxFEJynf2mhmWeT0e02bFtLfYtRn6p0VgZ/9Cfk6L2HmVLTwyWiesqSFHcOuWI C7Kd8pQSESCHFSvOb3B4KDGD0ws8qGv6qEQ5VxcXS9cAH00eVayINE6xKGf1l8i8BukU egoKu79G/bPpu3bRP9GqYkSE1/6ni+LU5rtZqvn7BKSJqvWNGHFJFeVK/BRE5mk85JT0 SAUKBlIR/5r0VZdnIOVvK9sEH41/fY04cVEyxQuZT0wYs85IiJA+jJz7ToKIsDLSVFEp FYqw== X-Google-Smtp-Source: APXvYqwvQzZ9XL8yngupcDep2q/KvYsUDRxmOX5VsyvFeZ5aPPfxl5er8kzo/CVzwYry0AvSpyXG9Q== X-Received: by 2002:a17:906:5409:: with SMTP id q9mr97412776ejo.209.1564586631213; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id u7sm12527377ejm.48.2019.07.31.08.23.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id D3EBD1045F6; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 33/59] keys/mktme: Require CAP_SYS_RESOURCE capability for MKTME keys Date: Wed, 31 Jul 2019 18:07:47 +0300 Message-Id: <20190731150813.26289-34-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The MKTME key type uses capabilities to restrict the allocation of keys to privileged users. CAP_SYS_RESOURCE is required, but the broader capability of CAP_SYS_ADMIN is accepted. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 1e2afcce7d85..2d90cc83e5ce 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -2,6 +2,7 @@ /* Documentation/x86/mktme/ */ +#include #include #include #include @@ -371,6 +372,9 @@ int mktme_preparse_payload(struct key_preparsed_payload *prep) char *options; int ret; + if (!capable(CAP_SYS_RESOURCE) && !capable(CAP_SYS_ADMIN)) + return -EACCES; + if (datalen <= 0 || datalen > 1024 || !prep->data) return -EINVAL; From patchwork Wed Jul 31 15:07:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068203 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 6B93F746 for ; Wed, 31 Jul 2019 15:14:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5607920415 for ; Wed, 31 Jul 2019 15:14:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 53C42205A9; Wed, 31 Jul 2019 15:14:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C2A6120415 for ; Wed, 31 Jul 2019 15:14:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CE41F8E0033; Wed, 31 Jul 2019 11:14:01 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id C6E438E0030; Wed, 31 Jul 2019 11:14:01 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A49ED8E0033; Wed, 31 Jul 2019 11:14:01 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 53A428E0030 for ; Wed, 31 Jul 2019 11:14:01 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id y15so42628178edu.19 for ; Wed, 31 Jul 2019 08:14:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=3zVMT74rDUltFrg5s5cNC7M6LQV7b9+aLo+/S3q5hiw=; b=BSm8BqMbV2DBNT8SUkMyfJOrg8Ckt4px/eHpxAhTH6fPn0rUM1RBFWuFToM7N2l1iY w8MMpapc9BfJchKU7q/i1BJ2ingHlWBzsdaXoVRrICuimSi2W0PFc0vi0CXm0dDRqDhn EhnntH+sA6k2fgBC+hFtATE776MsJJ9gdDUC1j+Y2WZ9rd5RgV//v0XovXizIdd/Nymu PV6d5N0kqIDRZMqhSw3EK18iNy8obiyWOS6XhrGomuRNy41qvlS6lfRDVK+X7nES9KbE /Zp14I47iZwEDvNmDPVT1iTN02mEvw992+Pq1zBtzoJ77+3Qp+bU7KWo09djmrTn6G0U LrvA== X-Gm-Message-State: APjAAAXXk966F/a/iZOYmtnfY0Z93i5sLBwRRyzyzepDoE3gvk/mHcuj aCSa2VUre9Bw5gNsY6oD4uxXMwIASVPf5YiIoerVZ4Rrrm1FRae53XCySNVBimV3Z3Lp7s7GSoL 2QxfTnzd91jsOyOFGDc6wA9im/gPTyqXMLpeIuNBopru4u7485uzKJT963KADeww= X-Received: by 2002:a50:b4cb:: with SMTP id x11mr109667775edd.284.1564586040914; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) X-Received: by 2002:a50:b4cb:: with SMTP id x11mr109667636edd.284.1564586039565; Wed, 31 Jul 2019 08:13:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586039; cv=none; d=google.com; s=arc-20160816; b=xsCbz8skRRf72SqUwRQv7zwcSJw1Y6UOnLZQ5xYNwVR2RCxSzvjlGwzSLjQlFQGSBs Qx4jEKzwklPR0n+m8DQpopSM5TXt84cG5MCAV8cR4DDSTP5d9TSUITk1BJMwQigAsqDs lYVlqBHlWxtVYQLG8TGnbRO/rJVVKIPGId9DGGhu8YUu6Ys5W5E/pEQutGtyBRVy+9Ok 4VsQ09FfIbJJiwmFnBZHHxOoNICf+byrub3MSdIg7APrnRFBYcBlSv49s6aZwDF1aZCe +3J4rDj6fRdE/JqBUt2/hfGdTQeKhFtLlPrZ+tesXuWmFjGfma0d+JW9JuE7RRQnFDd1 Lt4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=3zVMT74rDUltFrg5s5cNC7M6LQV7b9+aLo+/S3q5hiw=; b=Z7946y8HraD7O/By8+KjBVoerExkDuu5iWgrb7+KFHQhgWPXJqChx+vQT20CwFZInT hW2rqO88DCWCsBSt7/jJsaojIZB5WvQcd2sPNYQ4cBQqVJJYxVtqGcVxnomYlgCfCdMw j8lNIvvW4huq4aBdO5BkS94/V69T560bmUlqKF5hMUKN5x1VAU40GPziXu49OlNqFgCb DupCEzFgCCa0oSrRqYtxiqHrud5bs+6fY8xBUwmgyLB+P1COgxpwV90ScVIc1fEENVfQ /SdFVtZgdXHRT6iB4VTnkMb6NvhFdagVP7XSQf3Rwmp7qTMqow/ZUq77q9ZMyZRdFRSO QTqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=GisN2VOH; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id y5sor52051868edv.14.2019.07.31.08.13.59 for (Google Transport Security); Wed, 31 Jul 2019 08:13:59 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=GisN2VOH; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3zVMT74rDUltFrg5s5cNC7M6LQV7b9+aLo+/S3q5hiw=; b=GisN2VOHWd3D2xd2nqgN/O4RiDCWZV8MPtYrQVY6TlWY8EHqrabeuC1r3NX9u0NUOO BH2o2lVkrCrb9gk1MKTOTG948p8DjJmLwuCxvSnHSCG2lQ5LlWSSW0TudDJxop3vUybS iS5zXgJkjFJwjSE1VsEQrLIg9PkOFtoA/PrYofcbBQsb/QBWbIN8wq9TtqNGnZW57NXu FygrvM5q/WyuM25UdOJmx6Q3wWqh1eJzizEsGx5+xS2vf/v8J+0H+RHMoHy2oBvIHwmm KlIaNODZHWgCOQ3B780DUv+UnF1kRJdgXgyEo5fMmqmMlzcNCEgAUZoRuuxXG8JEW+4G Cplw== X-Google-Smtp-Source: APXvYqwlNY51UchCswKgnSs9+WfX2oW8BlZl27GF1PmsG2m8MqrdBgD47IA24LwOZbfQr2I0vImeXg== X-Received: by 2002:a50:8b9c:: with SMTP id m28mr109889326edm.53.1564586039271; Wed, 31 Jul 2019 08:13:59 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id ns22sm12486254ejb.9.2019.07.31.08.13.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id DAD501045F8; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 34/59] acpi: Remove __init from acpi table parsing functions Date: Wed, 31 Jul 2019 18:07:48 +0300 Message-Id: <20190731150813.26289-35-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield ACPI table parsing functions are useful after init time. For example, the MKTME (Multi-Key Total Memory Encryption) key service will evaluate the ACPI HMAT table when the first key creation request occurs. This will happen after init time. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- drivers/acpi/tables.c | 10 +++++----- include/linux/acpi.h | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/acpi/tables.c b/drivers/acpi/tables.c index b32327759380..9d40af7f07fb 100644 --- a/drivers/acpi/tables.c +++ b/drivers/acpi/tables.c @@ -33,7 +33,7 @@ static char *mps_inti_flags_trigger[] = { "dfl", "edge", "res", "level" }; static struct acpi_table_desc initial_tables[ACPI_MAX_TABLES] __initdata; -static int acpi_apic_instance __initdata; +static int acpi_apic_instance; enum acpi_subtable_type { ACPI_SUBTABLE_COMMON, @@ -49,7 +49,7 @@ struct acpi_subtable_entry { * Disable table checksum verification for the early stage due to the size * limitation of the current x86 early mapping implementation. */ -static bool acpi_verify_table_checksum __initdata = false; +static bool acpi_verify_table_checksum = false; void acpi_table_print_madt_entry(struct acpi_subtable_header *header) { @@ -280,7 +280,7 @@ acpi_get_subtable_type(char *id) * On success returns sum of all matching entries for all proc handlers. * Otherwise, -ENODEV or -EINVAL is returned. */ -static int __init acpi_parse_entries_array(char *id, unsigned long table_size, +static int acpi_parse_entries_array(char *id, unsigned long table_size, struct acpi_table_header *table_header, struct acpi_subtable_proc *proc, int proc_num, unsigned int max_entries) @@ -355,7 +355,7 @@ static int __init acpi_parse_entries_array(char *id, unsigned long table_size, return errs ? -EINVAL : count; } -int __init acpi_table_parse_entries_array(char *id, +int acpi_table_parse_entries_array(char *id, unsigned long table_size, struct acpi_subtable_proc *proc, int proc_num, unsigned int max_entries) @@ -386,7 +386,7 @@ int __init acpi_table_parse_entries_array(char *id, return count; } -int __init acpi_table_parse_entries(char *id, +int acpi_table_parse_entries(char *id, unsigned long table_size, int entry_id, acpi_tbl_entry_handler handler, diff --git a/include/linux/acpi.h b/include/linux/acpi.h index 9426b9aaed86..fc1e7d4648bf 100644 --- a/include/linux/acpi.h +++ b/include/linux/acpi.h @@ -228,11 +228,11 @@ int acpi_numa_init (void); int acpi_table_init (void); int acpi_table_parse(char *id, acpi_tbl_table_handler handler); -int __init acpi_table_parse_entries(char *id, unsigned long table_size, +int acpi_table_parse_entries(char *id, unsigned long table_size, int entry_id, acpi_tbl_entry_handler handler, unsigned int max_entries); -int __init acpi_table_parse_entries_array(char *id, unsigned long table_size, +int acpi_table_parse_entries_array(char *id, unsigned long table_size, struct acpi_subtable_proc *proc, int proc_num, unsigned int max_entries); int acpi_table_parse_madt(enum acpi_madt_type id, From patchwork Wed Jul 31 15:07:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068325 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 2379E13A4 for ; Wed, 31 Jul 2019 15:23:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 116F9212D5 for ; Wed, 31 Jul 2019 15:23:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 05761209CE; Wed, 31 Jul 2019 15:23:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9B40C212D5 for ; Wed, 31 Jul 2019 15:23:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A6F918E003C; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 9A8968E003D; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6EA428E003C; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 1190A8E003B for ; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id f3so42592560edx.10 for ; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=fyWNol/pClGETI/+3Fy8S0o8APly1L7wYaUOInJ7cro=; b=Mr/GWQdR11/SISd1xnmKxBpvnu5H+u4844PUQ0TU2C9mGtkVT+PG7kY6Ow9hf4aEQ4 0OgQiyu+kNge8cOy8ZkUMqC1DX3llQo2R8ajWwGDIWKgBJSJ0t9F8NZzn1X9iHabaO+Q mfNehv13UVJUEO0JtXvDhVUj/8nfgMmLvkRedJohBUZFO0KnymI0UfT7jHeVunWeXAfH EoMnnvnwc+4Ls7a27LXiIGPEBcLZCV8EWPP2MDDS6+t9YFQiU6bngajPLo+zJKmOLt2U AhAE+/lKCP5C8MYnNowvSU+YiOGo93TKYb9gviIPVdGPH5a2/EV8yQC4mY6IXksEuVOu ClmA== X-Gm-Message-State: APjAAAWl2CrD5kejNo/kWTAS1nz1ylYNZIpiTACkTKwGjDrcpkbJPFHa l/ptGa2PgKF3GpuyvrZaj02dYQSjqIL8OgpeJJsJvZ57SD+qtHZLBIGcm3t874k6YdoY3ueCGZk umKZ4KR0Y1sEh9DfkOkEWz+NkBxb02RmqsVsFUuVLY0JWOm61UjcU+lyqZK6W2OM= X-Received: by 2002:a17:906:81cb:: with SMTP id e11mr93820237ejx.37.1564586630593; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) X-Received: by 2002:a17:906:81cb:: with SMTP id e11mr93820158ejx.37.1564586629365; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586629; cv=none; d=google.com; s=arc-20160816; b=QJcZ5r25CRPgyh9FCmmmudfliszrZhoX2zz5+53jyjD7waXWgGdWi5N6MB/2TtRZm7 9O3Uwoj/gAuS/3GtosSUjKXmiocs6mF2r1pmj92Fl1t1t52m4UZea4A33/TBmBEcmOE4 SoGuiBSObauk331AXyhb5nGv3vISydHLXufenuMtqo62tph2KycxuPkHEjQa31cN/gm7 HV8glQU735UxWM7kKC1FZQSp/hSghFgeIhN6xNZ1TFXxFlak6SCMCcgWd6Y18OQVq0a4 hQbuYTnB9J7aZxgw4C33QQdUkgYlqlml4WvcvCQiz1G4y8MZ5c9Mm0Wf1IbTcwhB2ZIl RrTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=fyWNol/pClGETI/+3Fy8S0o8APly1L7wYaUOInJ7cro=; b=wb4L+CiuplBqIw0v7ecdPCzMMmK8D8ODKNeUMYYeKQ3a0pTXDtsEkjp/lUgmjadP1f HROt7ulLswCot98W5w615UAJxWBmSUgjZdOeUuv9tX04XldA0+i0uPfB+MJXOHclhbuP YYMLLfW1CTnJikBMZnMwmIl/2ofZUBPjLyGUwuG3MDLiKYxVSRCYYetAGVug4G54OWnw Hdgp0KA+JMPwo6rLzA4Z9BnAMv1ffIo0yNBfykPRWRG7SGLYGy3JRKk7gf/F4gDojvvE oH21g2p9ryQ/EvXlByJVM2vBE4IyEWVTxlVuvpOA6A83HOLIBAiQojd4xanLIgjz7iqG +OTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=0D+e9OKI; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id b56sor52198994edb.9.2019.07.31.08.23.49 for (Google Transport Security); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=0D+e9OKI; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fyWNol/pClGETI/+3Fy8S0o8APly1L7wYaUOInJ7cro=; b=0D+e9OKImyb4sTdS3DaGli2ESSvrhwMepoaeber6sOi6xNQeOXqjqOnb/1KIv5eA0x eNNtaJSwMUTdya3x65wpEduqQWVFqNJxowmsYurkJg6idVmOJAgynHTMtURvl6pRH+lp /AXQs/PGw3QMUYeGMcitYEalW7K8jjmrvIDBQFxHoyvKOlQjQp1wt8RvB40She7x5nMN Km17y2HW/2HnGsAkyXDWsXdzi+suKv/3bNL7rEATTZ6hOD/1GmoI3RxM+fG1oxMgjoTb i0NcERRrgjS3qiNo560qZowGrKNWVHk2bwOr/TVDT1ncGB5cnkrBEBAJUPDEPQtBhvsJ S6vA== X-Google-Smtp-Source: APXvYqwsOKPemvbbrapjzGTexE0e+E42HWLS7Zg61PJSi6P6DFE4jdPIWGYYycTh80vcUaFlClexVw== X-Received: by 2002:a50:b388:: with SMTP id s8mr106143247edd.15.1564586629069; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id f24sm16699742edt.82.2019.07.31.08.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id E1BE61045F9; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 35/59] acpi/hmat: Determine existence of an ACPI HMAT Date: Wed, 31 Jul 2019 18:07:49 +0300 Message-Id: <20190731150813.26289-36-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Platforms that need to confirm the presence of an HMAT table can use this function that simply reports the HMATs existence. This is added in support of the Multi-Key Total Memory Encryption (MKTME), a feature on future Intel platforms. These platforms will need to confirm an HMAT is present at init time. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- drivers/acpi/hmat/hmat.c | 13 +++++++++++++ include/linux/acpi.h | 4 ++++ 2 files changed, 17 insertions(+) diff --git a/drivers/acpi/hmat/hmat.c b/drivers/acpi/hmat/hmat.c index 96b7d39a97c6..38e3341f569f 100644 --- a/drivers/acpi/hmat/hmat.c +++ b/drivers/acpi/hmat/hmat.c @@ -664,3 +664,16 @@ static __init int hmat_init(void) return 0; } subsys_initcall(hmat_init); + +bool acpi_hmat_present(void) +{ + struct acpi_table_header *tbl; + acpi_status status; + + status = acpi_get_table(ACPI_SIG_HMAT, 0, &tbl); + if (ACPI_FAILURE(status)) + return false; + + acpi_put_table(tbl); + return true; +} diff --git a/include/linux/acpi.h b/include/linux/acpi.h index fc1e7d4648bf..d27f4d17dfb3 100644 --- a/include/linux/acpi.h +++ b/include/linux/acpi.h @@ -1335,4 +1335,8 @@ acpi_platform_notify(struct device *dev, enum kobject_action action) } #endif +#ifdef CONFIG_X86_INTEL_MKTME +extern bool acpi_hmat_present(void); +#endif /* CONFIG_X86_INTEL_MKTME */ + #endif /*_LINUX_ACPI_H*/ From patchwork Wed Jul 31 15:07:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068119 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A4B2313A4 for ; Wed, 31 Jul 2019 15:09:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 91035201B0 for ; Wed, 31 Jul 2019 15:09:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 85464201BC; Wed, 31 Jul 2019 15:09:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7B711201B0 for ; Wed, 31 Jul 2019 15:09:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E207A8E001B; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id DAD0B8E0003; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BFC0E8E001B; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 7273E8E0003 for ; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id y3so42572799edm.21 for ; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=zVlcJDBaDTqmSz97nQxl4DvHh1B1aL9m42IztWqYpgk=; b=TmByCOrRsm5qYDKS0I9NxDKd9Ta4lNKFzml6OS7T+sPAT5Wr/OKztjxSDDYp5eYk/9 JjrvhB+7ZLzFGdEOLOF4VOgrXd/1rYVxYVzuaqh2JYUYPW8QwcpVfGHPRvwUuoVK3wZi LK+GG49azhJt4rlIaVTWb4ltZKvnCUnqoIxml7s+/Mds9u8gt6ZykPGqdIqhXVkwcuBl c4uBqN0mBsBBrQONysuJG06xUrxApYDg1irDNtdsmfJCqp0VHRdtDV2k3RSuo6GDsvgm 5lwX9wPcDJVatfwrovosyu846HhKKbIOh2p23klpHneo+gdPlvyeUebHBgTMZoGhXU/D ywSw== X-Gm-Message-State: APjAAAU93P0sUmurnhg3fT4IPbvHmHHWnV6z5plSe79z+XY2Ej1gyBXz IhuVkCdWnN6hEYHrKHgJ3yYRFehQQ0mnA31L8WZEuO0Lxqc6t319XPS9WYiRGE00fQZ8k3i/oxP y40OcrCi4diQ5iPXIHzV/N2R98OO7ydMPQmVlwGz5s+YUWVY9VnxNSbrMG39BFv8= X-Received: by 2002:a17:906:f742:: with SMTP id jp2mr2568625ejb.87.1564585711997; Wed, 31 Jul 2019 08:08:31 -0700 (PDT) X-Received: by 2002:a17:906:f742:: with SMTP id jp2mr2568496ejb.87.1564585710527; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585710; cv=none; d=google.com; s=arc-20160816; b=jKZ/znf9fqYFvyvAo1HwqD1axA6647F5YhYZNOOUzrxL+JX4DXW1gQp4JNMPkXkOHQ RQJy45Ox4EvNWrOaiKAUp4FRLROR8FwAgShzPZukS8tkSNlKGO062gdRH6ObMUHE85KZ JbMcofogd7ZFKo7CYKfN3oMXHAFJ4NE8RzYgCa+Cpcx30eP4Ly9iUftId458/5RE4qTi OatsWynis+QnuDLUi4XJLgLXLGfpc/B2eGa7T9sZnWzJXMbldOGkuYXyy6XLCQQ6jlxh cv7GwVuptxFd9IIpcKmC+Ex7bnu9JR3OxR5jPAiuerIAxJU+dPdFpaz8heCYZy35fiYH ISlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=zVlcJDBaDTqmSz97nQxl4DvHh1B1aL9m42IztWqYpgk=; b=JB95Kh7xVvzu2AIVi2Q0cB8t9H6/JY9VqCkOUpb+dBhQr8OQJxGMAajV16ncLkv1tz 54qWwSTI164JphJKKs2Nq7fi2VrM7Uk5mPcmb6GFIkBrGVVfe8cWZ7Br9oTryW1yGApg neIAthrkOx8Yb8lF23rOJ8G5O9kDyX22Vzjt1E+tstNAaT5cWd1cmb9ece31k0IL17T5 PIaQghWwYJ3aCTPYHutmdJq6CB29iUJ3pwt3VW2qJhwaeYkPr9LJ5EO+oeQj2e97hXNS jJVDziDJfGrC9CAZQpJl8fI3mnj53yQDeRNs8DPSjk6XO2ZmdZE0DxUSkJYmKjk0uWoL h0GQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=MLb+AaSc; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id g25sor52126822edc.19.2019.07.31.08.08.30 for (Google Transport Security); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=MLb+AaSc; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zVlcJDBaDTqmSz97nQxl4DvHh1B1aL9m42IztWqYpgk=; b=MLb+AaScf0hGsrpPSDd87+yWF18Ne5YphyrJDosl5qgEGBpjx5dqprcz8D6TDurakx v7dksS8vdyH98KwRfDrtg/ZbAe6E5vhUhxog7UiBo5/z7ZxDluJryzZrq7ii40mFem3i jMx9cmbPY8ZVw9geHuaHGUyOzRRTLmVrMwDlEzypgFsoq1OKR/Xmb+uMJ6IghodwNO1n RZiP1ftmR0Lj/uf8ewWim1E6GUd1B5u7cpUbveVRjMCNi8uIaEVIr/L9O6TQUka6NeYB zDwBJBoONjQlX/jht6jQVRNO6og/Cy7j8akyt5hXZpmDzorFoOnlfMMXa/CagiuWGoH+ adxA== X-Google-Smtp-Source: APXvYqyr56BhZiXrSd8f2fq+Z375JbAoHMRws8MKCqxmheMr9Uoh5vHG5eCnsq/pE6efizao1axriw== X-Received: by 2002:a05:6402:3d5:: with SMTP id t21mr107048118edw.13.1564585710210; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id s2sm5403001ejf.11.2019.07.31.08.08.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id E8A5B1045FA; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 36/59] keys/mktme: Require ACPI HMAT to register the MKTME Key Service Date: Wed, 31 Jul 2019 18:07:50 +0300 Message-Id: <20190731150813.26289-37-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The ACPI HMAT will be used by the MKTME key service to identify topologies that support the safe programming of encryption keys. Those decisions will happen at key creation time and during hotplug events. To enable this, we at least need to have the ACPI HMAT present at init time. If it's not present, do not register the type. If the HMAT is not present, failure looks like this: [ ] MKTME: Registration failed. ACPI HMAT not present. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 2d90cc83e5ce..6265b62801e9 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -2,6 +2,7 @@ /* Documentation/x86/mktme/ */ +#include #include #include #include @@ -445,6 +446,12 @@ static int __init init_mktme(void) mktme_available_keyids = mktme_nr_keyids(); + /* Require an ACPI HMAT to identify MKTME safe topologies */ + if (!acpi_hmat_present()) { + pr_warn("MKTME: Registration failed. ACPI HMAT not present.\n"); + return -EINVAL; + } + /* Mapping of Userspace Keys to Hardware KeyIDs */ mktme_map = kvzalloc((sizeof(*mktme_map) * (mktme_nr_keyids() + 1)), GFP_KERNEL); From patchwork Wed Jul 31 15:07:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068207 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 256EA746 for ; Wed, 31 Jul 2019 15:14:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0D95C201BC for ; Wed, 31 Jul 2019 15:14:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 011B2205A4; Wed, 31 Jul 2019 15:14:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 743F1201BC for ; Wed, 31 Jul 2019 15:14:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B3E338E0030; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id A71808E0036; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 84D938E0035; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 3319E8E0034 for ; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id c31so42657164ede.5 for ; Wed, 31 Jul 2019 08:14:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=0SvRw1bdF/wj1/uPaALpB1mJItIzSwaE2+8pgarmj/0=; b=XTM2o66kjbKeKoFbTuxtbrCDdNTydLDSSktlOqiCkroUjVX8Ikkt6R03pUod862zpi 0EN/XJSmygvA3w3XpkUyaTyP+Z7f8o6Bw3OVPDwfQtB8+kj8328EaYBXyA43xXkldE2X 1vjSribnQhRo7U/urNYfGYV93Olp1aqq70GWA5BYHm4uR4nqGFmhCG5nGzGttSf7y6jq xEtEbsOcjQ9UYkkezzzjmsqapUyrYP4KRJywSznxhFKngsgz2PQKIkKPSqAm7PQjjJrs fBrPilhMDGpE/auOEXeDhbf95dx9VXrC7Umar28BKC+/zSYoSjIJ5cVmVw74kKaIzU9w 0gcw== X-Gm-Message-State: APjAAAVoEIu3LkOP3YlChT/pMhdEecMNDFtB91Y0usReuNo/795TT0HK WSCkHQcSPrUGoXZp6FG3e6Kk/gwhd7hW3TGp0TdTC1hpyjJDWAzo1QWT3psMeSLB81MJw5x/yTM RZLkVLDzh068WdBNmQm9h8iIPwpbb0mu+ystQ0WKefLBO7/sjOuSiAclhZhpZ1bw= X-Received: by 2002:a50:9263:: with SMTP id j32mr106969576eda.121.1564586041786; Wed, 31 Jul 2019 08:14:01 -0700 (PDT) X-Received: by 2002:a50:9263:: with SMTP id j32mr106969445eda.121.1564586040430; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586040; cv=none; d=google.com; s=arc-20160816; b=p3KNYuHxm78EelTTgYw9fHMjoC1TLnEWXCHrVGVPurNBRqCIF36D5uVIhFF/IERHTs uo8FNJldy1e/dBOdtKWo4/Tbkgm83KJ/Q12fkKaYuk4yV3dYhgbfKMRwm24uUsb+e6Hk qUjlnhfvKK3YeUGb5EP8ps+gEGDMzl1/WQVt4xEPZF8ON0TaRcQfHDPhJK8yX8PWdn21 UzQ3cJt/fY6m0P/28JDiIQAyOeINhqnQk3lBfqs3ixvg2kudctZtngJjrEQGyYni15/d 7A/l3GIDKA4OnmVrOTTLTKpqq8w1PAY6IblUk3k3vcg2qSUrPe1XRrqNeuxCY53KF2RS Sm1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=0SvRw1bdF/wj1/uPaALpB1mJItIzSwaE2+8pgarmj/0=; b=qasuvPRuaZqPBr766PK6JzcjgQjAEq0udpWIpPuPlXUUeOYtwmceUhiBuiK7dQclsm wOUpsaGyPvd1b9aMbHzAuXhEcU8K+JHLLxojmVnTMImHCJ4hBP3mmjPGacHetLYOHGkw xkEA0Pjh5lmMaWE+Gm64nvGwLEDn2hQLsUX93mUSBUotLZ/Fjmwn8KMEVlMD1nuiv13b 717XUaorAWAjeCg1eR1njavUXmYiK07cAzoMyenSvhVgwxxH6p13FfkcwCrOqnqRKcA9 KlnPIjKNERYGu1+88FtDZuhM2dXXbQGwPA/VcqLlBgZOBiWZcaeZloNeid0ncg4QGAk4 PnHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=K8GSlHVy; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id x8sor22155844eju.28.2019.07.31.08.14.00 for (Google Transport Security); Wed, 31 Jul 2019 08:14:00 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=K8GSlHVy; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=0SvRw1bdF/wj1/uPaALpB1mJItIzSwaE2+8pgarmj/0=; b=K8GSlHVyaCoX6eoUymMD8WNd8fo5NWDf75jpRiOk+1zSA+MpR6EfH2u4sq/cei0nEX o80zJP8en7QDpE5vzs8O5n4LrgF22geCbTMxZs9xW/Bw6G07hLfzIVGyGKyQoxIOnZBD YFtORfTsEPttMMQotUKNiwrIP4HCJfUjTSf2by1YSPzvrtnfC1aL0Dv/WEnFMeyqvoSY 1yZ+xCdOLBGgiLW+bKu/YcS0pacqJtrPn8i6k/jyqe3Rz1jF3T9VOENF63nv+EydMMBy h8eN884I5s73CM7fbg8Lu/9/FG0L4WKxt0gSlNtUkWxzIvuA+TNSCpjkFO+PNMv3SZs9 BR7A== X-Google-Smtp-Source: APXvYqwDDDPlNwfBHKIOlIbyqYdy0UrYvh8zFar3DZnhvZm8R0JCleo52KdoWAHk4ZEHWuudYw10ag== X-Received: by 2002:a17:906:e11a:: with SMTP id gj26mr95741299ejb.95.1564586040068; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id qq13sm12564390ejb.27.2019.07.31.08.13.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id EF8F91045FB; Wed, 31 Jul 2019 18:08:16 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 37/59] acpi/hmat: Evaluate topology presented in ACPI HMAT for MKTME Date: Wed, 31 Jul 2019 18:07:51 +0300 Message-Id: <20190731150813.26289-38-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield MKTME, Multi-Key Total Memory Encryption, is a feature on Intel platforms. The ACPI HMAT table can be used to verify that the platform topology is safe for the usage of MKTME. The kernel must be capable of programming every memory controller on the platform. This means that there must be a CPU online, in the same proximity domain of each memory controller. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- drivers/acpi/hmat/hmat.c | 54 ++++++++++++++++++++++++++++++++++++++++ include/linux/acpi.h | 1 + 2 files changed, 55 insertions(+) diff --git a/drivers/acpi/hmat/hmat.c b/drivers/acpi/hmat/hmat.c index 38e3341f569f..936a403c0694 100644 --- a/drivers/acpi/hmat/hmat.c +++ b/drivers/acpi/hmat/hmat.c @@ -677,3 +677,57 @@ bool acpi_hmat_present(void) acpi_put_table(tbl); return true; } + +static int mktme_parse_proximity_domains(union acpi_subtable_headers *header, + const unsigned long end) +{ + struct acpi_hmat_proximity_domain *mar = (void *)header; + struct acpi_hmat_structure *hdr = (void *)header; + + const struct cpumask *tmp_mask; + + if (!hdr || hdr->type != ACPI_HMAT_TYPE_PROXIMITY) + return -EINVAL; + + if (mar->header.length != sizeof(*mar)) { + pr_warn("MKTME: invalid header length in HMAT\n"); + return -1; + } + /* + * Require a valid processor proximity domain. + * This will catch memory only physical packages with + * no processor capable of programming the key table. + */ + if (!(mar->flags & ACPI_HMAT_PROCESSOR_PD_VALID)) { + pr_warn("MKTME: no valid processor proximity domain\n"); + return -1; + } + /* Require an online CPU in the processor proximity domain. */ + tmp_mask = cpumask_of_node(pxm_to_node(mar->processor_PD)); + if (!cpumask_intersects(tmp_mask, cpu_online_mask)) { + pr_warn("MKTME: no online CPU in proximity domain\n"); + return -1; + } + return 0; +} + +/* Returns true if topology is safe for MKTME key creation */ +bool mktme_hmat_evaluate(void) +{ + struct acpi_table_header *tbl; + bool ret = true; + acpi_status status; + + status = acpi_get_table(ACPI_SIG_HMAT, 0, &tbl); + if (ACPI_FAILURE(status)) + return -EINVAL; + + if (acpi_table_parse_entries(ACPI_SIG_HMAT, + sizeof(struct acpi_table_hmat), + ACPI_HMAT_TYPE_PROXIMITY, + mktme_parse_proximity_domains, 0) < 0) { + ret = false; + } + acpi_put_table(tbl); + return ret; +} diff --git a/include/linux/acpi.h b/include/linux/acpi.h index d27f4d17dfb3..8854ae942e37 100644 --- a/include/linux/acpi.h +++ b/include/linux/acpi.h @@ -1337,6 +1337,7 @@ acpi_platform_notify(struct device *dev, enum kobject_action action) #ifdef CONFIG_X86_INTEL_MKTME extern bool acpi_hmat_present(void); +extern bool mktme_hmat_evaluate(void); #endif /* CONFIG_X86_INTEL_MKTME */ #endif /*_LINUX_ACPI_H*/ From patchwork Wed Jul 31 15:07:52 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068167 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 25B8B746 for ; Wed, 31 Jul 2019 15:13:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 11051203B9 for ; Wed, 31 Jul 2019 15:13:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 04EBD206AF; Wed, 31 Jul 2019 15:13:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 77A5A20453 for ; Wed, 31 Jul 2019 15:13:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9D61A8E0005; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 9865F8E0021; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 827498E0005; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 36E828E0021 for ; Wed, 31 Jul 2019 11:13:51 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id l14so42632154edw.20 for ; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=ukIFHDJenwkznoJ0S+ycGyH8eEeHrvR6n2ACiYDuDdk=; b=o5R3hHqw1fTuZ/lhYR3VGcnPnW56TtUbjJrw1Ww7u5aCUH76iXKSugvsJhrzECwW0d bFMbgTCIm53FFvb19Au1A3jzo6r3eH3tmA5runmHO2elXFJ1LWm76zOKOpc9kAh/S97x J8mCqzBrAnAOW81WPs5ValERmpLEEBo8Q0uSbMCES/94Zt1PM+BUNVoUEKyoOFbxI+dq 9B98FSiWlJ2DUPqfPS+VzqPL3CnNIm6v3VWyBCHQwc4ZGyPY8R+YkNOLK22rBnyuW6mV cufJ/xvuKNypEY6pagd/vrReGv4srqq2Yd6MEbLs5Yb9TxbVPOlveghLlhZ+1SLIFxoh PqZg== X-Gm-Message-State: APjAAAU+hpXrgAfa9blN10Vsc3K5FwBb23b56KpMY/e/9TnMns1tdcmV HFSOW6AmDOzeoSQxOHoeDwADS2tyo45Xo/y8iVeFx2mB/6Tkm9Q3R0ZwDG4rPTSPW+/ZV5RAIJy kruEnMuk8TgHVg/C+sP53C5VQKcDt+GsjD3Z7uKqn2KwQfm3vRRiS31YdyVxmn+Q= X-Received: by 2002:a17:906:fae0:: with SMTP id lu32mr8621420ejb.283.1564586030760; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) X-Received: by 2002:a17:906:fae0:: with SMTP id lu32mr8621306ejb.283.1564586029372; Wed, 31 Jul 2019 08:13:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586029; cv=none; d=google.com; s=arc-20160816; b=iqCQw/0mHgV6YB/Ibi6eq9/vpLHFfmeSYs2RGGio8WHtm/QqwWUtPladWnW92raXfZ n9+P1Ub3OWTjBU0hoN4pQsyY+iybwwKRj0VoF0wz1y6PaCSKX+j+0Sv+Ggjw/WDihk8E yjXJZ03J1s/rPkWaxFAm65tcjkq/z7++oZQcGuEM6+YR0p2KkSzghWYkJtnwmEYuAB1P l7WyVhSO9/C8KqIHcZHiTPvcuW3UayfXFsy1EqM4/CjYRhgbzg2DqwO+YHuHxKZypaYd AM6NYP6QemEoa5dtYFM6lJ0SA+9yZnxVJKmcVk7uNDY27LeY+oSjxWeYbRzwNDFzWz3r gZzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=ukIFHDJenwkznoJ0S+ycGyH8eEeHrvR6n2ACiYDuDdk=; b=a9XcscBYMygxxLcnDfwk7Ke6omVXTmJkJBt5UoPO+7C+meRANJabitl66ydHLsC2QZ 163TQ/BICMvr6eXyYBuWowcKBVPtkvAOuFjaIkXwAHweZo6fPgYWHlMZq/ysyIsgQRXq vjEQld/VuPSayeT5gL8Sfyon38en6KMmIX0ZwFsxTndhPhg9pYHxi41phJ+c8P/rwyF3 ixq3umod6z7jmW4WCH2/PkbHLNrbawQybAA23fcMd5+YyLMbF9Gxqrpg9rKrS/cCkFu6 DiWdpVhYsI4G+JJJTSqKGNoC2cw6Xkc6mIOn+DKDvtaU9ljTq2CB+J8lkrmcjkaJbSiV HhhQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=AOy2CWLX; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id q27sor16474736eji.6.2019.07.31.08.13.49 for (Google Transport Security); Wed, 31 Jul 2019 08:13:49 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=AOy2CWLX; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ukIFHDJenwkznoJ0S+ycGyH8eEeHrvR6n2ACiYDuDdk=; b=AOy2CWLXXb5HmAhiEuMvNlpAfvbzvVTmBhdFbnfbTg/elp4wHPlGZlanZYYDI/FrxG XR1qjn43zM5orBwV4t3lyE99FyrF9PkSX5oImrC331w0Zqkq8aM4qZ7W1MIsKYtR1Iq+ R9RJkh8iSQEpA340quOn7TlujXd6hrIkjm5Jm0Xb21fUTBV8fnmRZXlmIojL8rcIgjCU PUTp3qDE06KwYQHnhsuC+tatmmIbYIQBPxFpZQsboYojGA8UMc7qiPLpOzuIoc1jePqI mj+jOHlIVv7dZaf23nr1b3w0Wc5cWJIlxSvk362WiEcqLVDtgLk3XpruSZHTCkoabCWN v2Aw== X-Google-Smtp-Source: APXvYqySwhWDf4JA3GLQlNS2pqACUoF55kJ2wCVDTSRm+FoPw2vi1mKPJsOuuhC2eFbEA1+1nD2ApQ== X-Received: by 2002:a17:906:1e85:: with SMTP id e5mr94007378ejj.200.1564586029031; Wed, 31 Jul 2019 08:13:49 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id v6sm12580413ejx.28.2019.07.31.08.13.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 025681045FC; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 38/59] keys/mktme: Do not allow key creation in unsafe topologies Date: Wed, 31 Jul 2019 18:07:52 +0300 Message-Id: <20190731150813.26289-39-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield MKTME depends upon at least one online CPU capable of programming each memory controller in the platform. An unsafe topology for MKTME is a memory only package or a package with no online CPUs. Key creation with unsafe topologies will fail with EINVAL and a warning will be logged one time. For example: [ ] MKTME: no online CPU in proximity domain [ ] MKTME: topology does not support key creation These are recoverable errors. CPUs may be brought online that are capable of programming a previously unprogrammable memory controller. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 6265b62801e9..70662e882674 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -23,6 +23,7 @@ static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ static struct kmem_cache *mktme_prog_cache; /* Hardware programming cache */ static unsigned long *mktme_target_map; /* PCONFIG programming target */ static cpumask_var_t mktme_leadcpus; /* One CPU per PCONFIG target */ +static bool mktme_allow_keys; /* HW topology supports keys */ enum mktme_keyid_state { KEYID_AVAILABLE, /* Available to be assigned */ @@ -253,32 +254,55 @@ static void mktme_destroy_key(struct key *key) percpu_ref_kill(&encrypt_count[keyid]); } +static void mktme_update_pconfig_targets(void); /* Key Service Method to create a new key. Payload is preparsed. */ int mktme_instantiate_key(struct key *key, struct key_preparsed_payload *prep) { u32 *payload = prep->payload.data[0]; unsigned long flags; + int ret = -ENOKEY; int keyid; spin_lock_irqsave(&mktme_lock, flags); + + /* Topology supports key creation */ + if (mktme_allow_keys) + goto get_key; + + /* Topology unknown, check it. */ + if (!mktme_hmat_evaluate()) { + ret = -EINVAL; + goto out_unlock; + } + + /* Keys are now allowed. Update the programming targets. */ + mktme_update_pconfig_targets(); + mktme_allow_keys = true; + +get_key: keyid = mktme_reserve_keyid(key); spin_unlock_irqrestore(&mktme_lock, flags); if (!keyid) - return -ENOKEY; + goto out; if (percpu_ref_init(&encrypt_count[keyid], mktme_percpu_ref_release, 0, GFP_KERNEL)) - goto err_out; + goto out_free_key; - if (!mktme_program_keyid(keyid, *payload)) - return MKTME_PROG_SUCCESS; + ret = mktme_program_keyid(keyid, *payload); + if (ret == MKTME_PROG_SUCCESS) + goto out; + /* Key programming failed */ percpu_ref_exit(&encrypt_count[keyid]); -err_out: + +out_free_key: spin_lock_irqsave(&mktme_lock, flags); mktme_release_keyid(keyid); +out_unlock: spin_unlock_irqrestore(&mktme_lock, flags); - return -ENOKEY; +out: + return ret; } /* Make sure arguments are correct for the TYPE of key requested */ From patchwork Wed Jul 31 15:07:53 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068169 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C6B0113A4 for ; Wed, 31 Jul 2019 15:13:57 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B305520246 for ; Wed, 31 Jul 2019 15:13:57 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A6359209CD; Wed, 31 Jul 2019 15:13:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 11E07206AF for ; Wed, 31 Jul 2019 15:13:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B0F1C8E0023; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id AE8CB8E0022; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 912088E0023; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 41FD58E0021 for ; Wed, 31 Jul 2019 11:13:52 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id r21so42620012edc.6 for ; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=uIXZ0F8v9y0X5Vlr65FlBUe43ILwGFJ310V1qk1n87Y=; b=TGJIYCVaC5e4y2oxMu6TcvezqOdlle09Cuq8RwMMF4hyH2+LzO8fuimGky5C+AroIL FxtHT3qVcidir/YPkF/um0l1DrGD3moQmBh7hz8DoCsZM54TldENvaSP87ksjtLdoG43 BasC9W9YLl00ibsBQGgVbH+XUQCJGSLYLIiqIRfWTQ1aRUIFb6wzRLKUpuLj3hzU5cQh yO1/wTt+iwkNm0K8XV70EmmMJAL3elCYzO8WbtuHTP7wEfMnzH8pFB3ozQI90kkNGj+X lLJ1x0KrG94KxiReHsEQJZMn6G2g3j/xa6lBFuhwMksKaYg8JsWcQ9thBUn38mcZDfvf f5Yg== X-Gm-Message-State: APjAAAUOc8Q20ghQrdQW6YUqu+UGCA/izSACXSjt71WmgzI/0j6atTkR DVVWZkpigSniv3jSAU7QnjLdqxaoF0LRG7NuZzlOHNOvB/W3p9PPuCOqIniCjanHbyKmQZkpxRy UlFUgSMQo7vhnFx2Skj002G63yl15mDule88A6CdpyVoHnUcP828RbT68a8VLyfE= X-Received: by 2002:a17:906:2555:: with SMTP id j21mr96482485ejb.231.1564586031811; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) X-Received: by 2002:a17:906:2555:: with SMTP id j21mr96482352ejb.231.1564586030232; Wed, 31 Jul 2019 08:13:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586030; cv=none; d=google.com; s=arc-20160816; b=sLjudbY6SXJr/jNTxxZjxwnT3/s8MSPLV5oqi7lAWUlfHhrYQc5H0O5Q/e7JRu9BT9 GE9Ymv5p51Jkt5srwpi0/bWd2IjWBNcACd/xtub9jjwn9Uof1xU7AeJ6s0QKBOECKZd6 Sw8m9fkqROBuccfoOq+1ZWQdoXIGo0aZ/KvaLfZlOtbqvv+uI9CJjqq5hzLYuCDP9O15 bhQ4jl7V8+uXf12XHT+pvpoH03go5GPMcZz4vgI1ZeEtZznQDJTIEMCNaScI89Ufu4xO +jj86gvo0FmQsSkgwURbIfKuAS2apKAL/SsKHDEteSKBrEoMcNzo4Ff9LhTb1VeSKMxO CjEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=uIXZ0F8v9y0X5Vlr65FlBUe43ILwGFJ310V1qk1n87Y=; b=HC3vl6vjcG8XGwXJmznTQevNxofRW6UW1HJB0JvhIm/wDt+WGHdZBVef4v9XP/J4sb ItISXVfRYSTUlncZRV7N31KFRli8XhIdtLJbA6Q70Fz9hHGxAnAbRHg3W+/n06bUsDs2 7VZe1AFPLNjPMy7i2wZ8wspKpYEvTKR/bt7Ypxy40NqYM6v6m+A+6Odx902+12L9nKBu J8ST8luEgMG3gvewVAOxfWFtAAn7UcHnV6BLsjlBoxGVRqr+qMmUH3q20NGR5nGPenRG Q8r2Wq1CfNNoWRLqLxH/uen+qXnDuZN83vWO5rrd0j4NMSHfVqGx5zTRSpqswSKx8vmT 9qBA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=vfdW7e5V; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l22sor52317825eda.1.2019.07.31.08.13.50 for (Google Transport Security); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=vfdW7e5V; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uIXZ0F8v9y0X5Vlr65FlBUe43ILwGFJ310V1qk1n87Y=; b=vfdW7e5VZM1NTRsW9Qj9s3ymywg9Z9eZf0L8H23FhduBuIwBKrkUvK2YDh7+VgvO2z 3q9p0yQ2/EX6CTrY+uDCaCJl6TyJDc+BnE2CZKywXpecMsM8Q5tNHXv9bcx8OOj8tnBm QH3O/qxckPbmTmy4X1F0rKZmU1UXd0VSYVNKsK+ChAul5R8pVMmYFyXbEmcIU9HHfUbN frKzsjweIKsQ0mnZrk/2o3FUXu9XTU+CZ3leIN6sTXmycUuVIoqiQg6NFsv1CV7J2zOR MHvIFNk9NC4quOBkwU2rhdIHH54BaXnZovl+oi4BNME3i/u2OjU/uJHdK2YV59LnCg7W X1VQ== X-Google-Smtp-Source: APXvYqwYeWMLltpEBPBckLNCM+g7S+IY4Us955LLaX0vHxxronyzv/ZLKgeH3uRrChjLLmvrEg+r8g== X-Received: by 2002:a50:c28a:: with SMTP id o10mr105376291edf.182.1564586029913; Wed, 31 Jul 2019 08:13:49 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id j10sm12539092ejk.23.2019.07.31.08.13.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 095281045FD; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 39/59] keys/mktme: Support CPU hotplug for MKTME key service Date: Wed, 31 Jul 2019 18:07:53 +0300 Message-Id: <20190731150813.26289-40-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The MKTME encryption hardware resides on each physical package. The encryption hardware includes 'Key Tables' that must be programmed identically across all physical packages in the platform. Although every CPU in a package can program its key table, the kernel uses one lead CPU per package for programming. CPU Hotplug Teardown -------------------- MKTME manages CPU hotplug teardown to make sure the ability to program all packages is preserved when MKTME keys are present. When MKTME keys are not currently programmed, simply allow the teardown, and set "mktme_allow_keys" to false. This will force a re-evaluation of the platform topology before the next key creation. If this CPU teardown mattered, MKTME key service will report an error and fail to create the key. (User can online that CPU and try again) When MKTME keys are currently programmed, allow teardowns of non 'lead CPU's' and of CPUs where another, core sibling CPU, can take over as lead. Do not allow teardown of any lead CPU that would render a hardware key table unreachable! CPU Hotplug Startup ------------------- CPUs coming online are of interest to the key service, but since the service never needs to block a CPU startup event, nor does it need to prepare for an onlining CPU, a callback is not implemented. MKTME will catch the availability of the new CPU, if it is needed, at the next key creation time. If keys are not allowed, that new CPU will be part of the topology evaluation to determine if keys should now be allowed. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 47 +++++++++++++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 70662e882674..b042df73899d 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -460,9 +460,46 @@ static int mktme_alloc_pconfig_targets(void) return 0; } +static int mktme_cpu_teardown(unsigned int cpu) +{ + int new_leadcpu, ret = 0; + unsigned long flags; + + /* Do not allow key programming during cpu hotplug event */ + spin_lock_irqsave(&mktme_lock, flags); + + /* + * When no keys are in use, allow the teardown, and set + * mktme_allow_keys to FALSE. That forces an evaluation + * of the topology before the next key creation. + */ + if (mktme_available_keyids == mktme_nr_keyids()) { + mktme_allow_keys = false; + goto out; + } + /* Teardown CPU is not a lead CPU. Allow teardown. */ + if (!cpumask_test_cpu(cpu, mktme_leadcpus)) + goto out; + + /* Teardown CPU is a lead CPU. Look for a new lead CPU. */ + new_leadcpu = cpumask_any_but(topology_core_cpumask(cpu), cpu); + + if (new_leadcpu < nr_cpumask_bits) { + /* New lead CPU found. Update the programming mask */ + __cpumask_clear_cpu(cpu, mktme_leadcpus); + __cpumask_set_cpu(new_leadcpu, mktme_leadcpus); + } else { + /* New lead CPU not found. Do not allow CPU teardown */ + ret = -1; + } +out: + spin_unlock_irqrestore(&mktme_lock, flags); + return ret; +} + static int __init init_mktme(void) { - int ret; + int ret, cpuhp; /* Verify keys are present */ if (mktme_nr_keyids() < 1) @@ -500,10 +537,18 @@ static int __init init_mktme(void) if (!encrypt_count) goto free_targets; + cpuhp = cpuhp_setup_state_nocalls(CPUHP_AP_ONLINE_DYN, + "keys/mktme_keys:online", + NULL, mktme_cpu_teardown); + if (cpuhp < 0) + goto free_encrypt; + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + cpuhp_remove_state_nocalls(cpuhp); +free_encrypt: kvfree(encrypt_count); free_targets: free_cpumask_var(mktme_leadcpus); From patchwork Wed Jul 31 15:07:54 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068187 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 84B8E746 for ; Wed, 31 Jul 2019 15:14:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6F7DC20453 for ; Wed, 31 Jul 2019 15:14:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6D522205E9; Wed, 31 Jul 2019 15:14:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 98DC7205FC for ; Wed, 31 Jul 2019 15:14:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3C6298E002D; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2F79A8E002C; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1C2058E002A; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id B11868E0028 for ; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id c31so42657011ede.5 for ; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=vwkKEN+NO/42LLW7V4MVtQKdg9NG9HC4dwr+b7oU7/A=; b=ftsIkHDZw8mLoks1TNmGIWWqjcfmdAR1anzGHBwaQXJbYZ0l4vUCxGCj+BIc2aiO/E Fj5JricjB5277M1lvlB0ClpvIjYOkOD0wgU2zhbjlO5YSQoDYavLjfL/WtNOtsnE+oYr FDeSj1Nnk6dxp1oiIc3YtnsmMy2RFl3VBX8y6YcnSnOQ1sAZmRyM5zGcpf0jEPcOBbyq LRmLRIhBx0dwka06RWA7bEAOEWynyA8MNp0RGhAHJYb4/3lAioIzSU6DeqIdbHgxNWMi sTZTuCo2Jx9Mn7neH2YslTt9w4LgfKlJiu/qK44413cAeBtpaBAoDBJxgM62L7wVOCaz 4Sag== X-Gm-Message-State: APjAAAU2/KMIrGYq3JxVsgqCS5q0MmfDeHsAAIs40tMQgWmznPzJXRI+ iDTl8aSRnjoOpOm9Bfq3c5Sj8QU+qxZaj83GKH0u7cUm3VwmyBGw6w0lqmsN2gaudrzwp1uXz/u +h2x9kEe/qM2ed5diEmUyuFHtb1a63Z+4kpCiHQ3KSzOBBr3/dp9yQL+LyoqW29Y= X-Received: by 2002:a50:ad01:: with SMTP id y1mr105214758edc.180.1564586036281; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Received: by 2002:a50:ad01:: with SMTP id y1mr105214629edc.180.1564586035006; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586035; cv=none; d=google.com; s=arc-20160816; b=d9E0SfMgS3I1iiMckVmD3ZAojOmIfUZqsQSNhtcJ8uRiyXVjDlnWMhCdNaRJnRYmpa eQ0FyYpyZZaz5WAJT5Lh7eYnHnaCRPveqCbwudrzrSsMEgKCFshFdpQKZW+M5l0Ptoaz R3rw7uRrwjvSEqu7gpKv6hu6pPTYzXudEhh3H5nkVoavmbuepJPWcP9z04m4JHkeC2lS r3kcgmNqfnrC6GLIXY9INgHBB15mmLemzZ7hYf8KaodenhS2XYmYmzgzULSZlCU64xKq To/Q7Eb+YcvuOE+4ZrjpCQMypmXsTUOJnfJCfzR+J6/2gkJbXXMA01fKIXx7nV6Mkz67 cVJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=vwkKEN+NO/42LLW7V4MVtQKdg9NG9HC4dwr+b7oU7/A=; b=jVyA8WD6VODXV9ZvZxiBf3J1rsiqiqk+Kfj0YqokSsJsZ3FLI91/Qor9ETve6Rukyo M/anHpkwKaIMx38DCvnlHgi2MHGJHk8ctf9qQ9J5fXz8aiDWx2EZdfM4zUrz3M3kDSff OuHXGFX3dc4D+KXor2sxcqWPjAPOd3/kXJfyLryyPYN1/1N6B0MVnANlYJTCMNDLqzxa kWQoXANlj7aYtMGaTgzYwV8ihSO+48SICwUvLyAqgYvLIFLwKUmeC/LHMy1WmzHdbsdL hg/GqX5kJtYnRjY+zAk45VmWiNUCSnMVnp0lh0hSG6/CXbABSBi3+sXHJxdb+CGDr2r0 +SjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Uf1FCuDX; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id p21sor21716655ejj.15.2019.07.31.08.13.54 for (Google Transport Security); Wed, 31 Jul 2019 08:13:54 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Uf1FCuDX; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vwkKEN+NO/42LLW7V4MVtQKdg9NG9HC4dwr+b7oU7/A=; b=Uf1FCuDX52sEvKUCsJficveOp2kKNYX4EUGxdRJNZykLCtDIIDHpegDxYsp6cPe5pW EAoTzT/6HRwwAnq5QnSYpAtuKu32nvYS2kUdpN1mP4PQQ10UlxLyuA/tskPf2FIwxPud pUuxivdUf/yz+Tp+pjhIEiW+/6YgFS3K9zGL+Qh3OQ4/mioDDDPpCShm0v2J1MgLE8ff LAdvm4H5jX3b3WNwtdu5V9RM3W2HZGEtg1DkZ1XkWQ5ltdRlOKm5W2OJllK1ZO7oeFpf AvmUIe2HLJhkTNVz6b9FQaFDlX7qZyFGnnid7IyU8Nt0XiTLAB+dX1L/C7HwTI3yhcZW +xaA== X-Google-Smtp-Source: APXvYqzBhlGdHrkZxNCta+YbwIpYcpSQldx/aTh7wiP6WOvFi0hxTn7lmyACen/6coFCsBG0rQq5SQ== X-Received: by 2002:a17:906:43c9:: with SMTP id j9mr92667128ejn.248.1564586034633; Wed, 31 Jul 2019 08:13:54 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k10sm17260344eda.9.2019.07.31.08.13.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 103E71045FE; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 40/59] keys/mktme: Block memory hotplug additions when MKTME is enabled Date: Wed, 31 Jul 2019 18:07:54 +0300 Message-Id: <20190731150813.26289-41-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Intel platforms supporting MKTME need the ability to evaluate the memory topology before allowing new memory to go online. That evaluation would determine if the kernel can program the memory controller. Every memory controller needs to have a CPU online, capable of programming its MKTME keys. The kernel uses the ACPI HMAT at boot time to determine a safe MKTME topology, but at run time, there is no update to the HMAT. That run time support will come in the future with platform and kernel support for the _HMA method. Meanwhile, be safe, and do not allow any MEM_GOING_ONLINE events when MKTME is enabled. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- security/keys/mktme_keys.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index b042df73899d..f804d780fc91 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -497,6 +498,26 @@ static int mktme_cpu_teardown(unsigned int cpu) return ret; } +static int mktme_memory_callback(struct notifier_block *nb, + unsigned long action, void *arg) +{ + /* + * Do not allow the hot add of memory until run time + * support of the ACPI HMAT is available via an _HMA + * method. Without it, the new memory cannot be + * evaluated to determine an MTKME safe topology. + */ + if (action == MEM_GOING_ONLINE) + return NOTIFY_BAD; + + return NOTIFY_OK; +} + +static struct notifier_block mktme_memory_nb = { + .notifier_call = mktme_memory_callback, + .priority = 99, /* priority ? */ +}; + static int __init init_mktme(void) { int ret, cpuhp; @@ -543,10 +564,15 @@ static int __init init_mktme(void) if (cpuhp < 0) goto free_encrypt; + if (register_memory_notifier(&mktme_memory_nb)) + goto remove_cpuhp; + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + unregister_memory_notifier(&mktme_memory_nb); +remove_cpuhp: cpuhp_remove_state_nocalls(cpuhp); free_encrypt: kvfree(encrypt_count); From patchwork Wed Jul 31 15:07:55 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068183 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A2BCB13A4 for ; Wed, 31 Jul 2019 15:14:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8E3DB20415 for ; Wed, 31 Jul 2019 15:14:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 829F1205E9; Wed, 31 Jul 2019 15:14:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0C05E205A4 for ; Wed, 31 Jul 2019 15:14:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BC84A8E0022; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 988518E002A; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6F0A98E0028; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 132648E0029 for ; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id z20so42642186edr.15 for ; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Qu4eqa88cl7hA3fQdb28KWqV5w4hCLiKuLbYR7iJuDE=; b=sA+EbHXj4owAMxLGYxcqAbi3WSBX/I4Ya4WAZJ2Yrnr+01Hbut1j9oHi542/zDqPjS L60B1w2uY/w/n/yG4B9awfPlrNmK+y3RnFqu1T1adRRwh/dIusj1IabNNNqr8vRaPs+k h/r6jJ38Jmt33ffegoR/BQJLHCjkNlh3rFOXdxEwjKN0TmstMA26t0N1EyhTjdEW/Epg tnNB2929UBgxqsCJDGPOXiBFxYgZRAWMpiJQEKyetyEbwDJdNPOaFUN+t4zjyFQQKqf4 PysBqNKcaeBYTV4Fd+ITj/hCKBW+PKzPeA76h3WQeVapCY3O+ARTAIZe22PFOC5s7quf XtqQ== X-Gm-Message-State: APjAAAUAd72ZFMLhWKSinRPvzrfNMIadcfXlf3tjI0vAoPclJVXnFbqT cGD6jU5EBilSnGTtVnv7zwrnG86UN0BLVJIB9Xz4delxoT2JR0nSZMFQ4ftemrDLRMgszoRZNmt sf7Y65l0yy7RtgFAc8y/FX++GXVw7CyoP7jMQAvLE1M1DocFTjyIqV/wKI/BbKzE= X-Received: by 2002:a17:906:7f01:: with SMTP id d1mr91677079ejr.310.1564586035640; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) X-Received: by 2002:a17:906:7f01:: with SMTP id d1mr91676981ejr.310.1564586034414; Wed, 31 Jul 2019 08:13:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586034; cv=none; d=google.com; s=arc-20160816; b=H2yAgZQVolyR5ewfE1gJTyuWfJb16OFKvkRBA1LYkbXY4iZvs+ifrVIuBaPr8NMHYE go2H7X2QkKZfZk9MbBjZ5fEKR51RgsIxUkY7yKD4ozHN969HnUQpcIYxyYzm94S74gQt FxwUPkFGp1S+f+CMwTh66ehA/5XU+WKYX/HOAslhP9GckSv8uqYnI7QmLsPU+pKGPTMC wTzvhx15bTDZVmLPdpHQRzVpri4LLqQdmJToUlKSbFawsgotBIGjiuLHQNQs4n+yZ6YC aYS4V0bXSlfHhSk7ikevtKVipfhtSqH79XjAWb0c8jYz8SqdNVyV6Er7NOTJk+4XAxXl fPCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Qu4eqa88cl7hA3fQdb28KWqV5w4hCLiKuLbYR7iJuDE=; b=VTKl2sEzoDu1W/CiCZf6ZiTLu7v3VD5HsQMgrOMXF/F0BhJyG8rEFYCg+JzdtvXl8q OGRRMi9brhJpy8XsDo8QwK1f1ggv75fdhblxjkOo0KHF7HqHec5qOth8C24XTZj0hXpb Dxns4VPmf9e2kJcc7irUFN3Sj42vxLfex24vzUXiC/6I2AJNyuuz0lWxUzHXwWdfJ76N s0NJVOrmYhKk7kXB8p04mXf2VY68sSVyTveq8k5EqcXL9/Bh37xdmvOQTbb4gigB+6E1 wArFsJI45rygmWvXYdQyrAaCadoxkEC7NXXAbqHuUgxcEbKbAPZfc6Y3WHEe30ygugSS KCzg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=EapzB6nV; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id e25sor52257906edb.8.2019.07.31.08.13.54 for (Google Transport Security); Wed, 31 Jul 2019 08:13:54 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=EapzB6nV; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Qu4eqa88cl7hA3fQdb28KWqV5w4hCLiKuLbYR7iJuDE=; b=EapzB6nV2zuG3XXqORhtOg865rDFWXiiuUO8FpJLb/h1WDao3VpOzWeFDmaFbxm/XL 47TBQ8nUUTf9qkmZiYlrYuMBsFG5TIn6RKRtGHhdoEi679Dd/WD/MF4HtnmQP59r+ZVS lWZPfIfuMFEgQo4Y3mbUEU6Vw4ZKVnL+c9FxScjZKMpMrPiR+cuZijKKGYKRXfElKJqa Xlf/ibW3jXNNJBvLlFTHpGgT5lOrKP+W2Zir2emFXNHQgTL1ugZEAXaNqYvDXjvvf1sY eVxqaYVdOcCPAQPOF9hrrzA0BOHPgcYf40DmCzESR4BUuRMyXnjNV9lnjdj/b1tOOPp+ BzBA== X-Google-Smtp-Source: APXvYqx2zTJL6YB+Gc6tZHir/y3NwypWB6AAdiaRHKrntm3SVSrSWzIlrCWGYk+WyVgbmkUaGcUHkg== X-Received: by 2002:a50:acc6:: with SMTP id x64mr110288029edc.100.1564586034088; Wed, 31 Jul 2019 08:13:54 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id oe21sm11729742ejb.44.2019.07.31.08.13.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:52 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 172081045FF; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 41/59] mm: Generalize the mprotect implementation to support extensions Date: Wed, 31 Jul 2019 18:07:55 +0300 Message-Id: <20190731150813.26289-42-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Today mprotect is implemented to support legacy mprotect behavior plus an extension for memory protection keys. Make it more generic so that it can support additional extensions in the future. This is done is preparation for adding a new system call for memory encyption keys. The intent is that the new encrypted mprotect will be another extension to legacy mprotect. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- mm/mprotect.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/mm/mprotect.c b/mm/mprotect.c index 82d7b194a918..4d55725228e3 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -35,6 +35,8 @@ #include "internal.h" +#define NO_KEY -1 + static unsigned long change_pte_range(struct vm_area_struct *vma, pmd_t *pmd, unsigned long addr, unsigned long end, pgprot_t newprot, int dirty_accountable, int prot_numa) @@ -453,9 +455,9 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, } /* - * pkey==-1 when doing a legacy mprotect() + * When pkey==NO_KEY we get legacy mprotect behavior here. */ -static int do_mprotect_pkey(unsigned long start, size_t len, +static int do_mprotect_ext(unsigned long start, size_t len, unsigned long prot, int pkey) { unsigned long nstart, end, tmp, reqprot; @@ -579,7 +581,7 @@ static int do_mprotect_pkey(unsigned long start, size_t len, SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, unsigned long, prot) { - return do_mprotect_pkey(start, len, prot, -1); + return do_mprotect_ext(start, len, prot, NO_KEY); } #ifdef CONFIG_ARCH_HAS_PKEYS @@ -587,7 +589,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, SYSCALL_DEFINE4(pkey_mprotect, unsigned long, start, size_t, len, unsigned long, prot, int, pkey) { - return do_mprotect_pkey(start, len, prot, pkey); + return do_mprotect_ext(start, len, prot, pkey); } SYSCALL_DEFINE2(pkey_alloc, unsigned long, flags, unsigned long, init_val) From patchwork Wed Jul 31 15:07:56 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068115 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 53DEC174A for ; Wed, 31 Jul 2019 15:09:24 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 403971FFD8 for ; Wed, 31 Jul 2019 15:09:24 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 33B72201BC; Wed, 31 Jul 2019 15:09:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5386A201B1 for ; Wed, 31 Jul 2019 15:09:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 45CA98E0003; Wed, 31 Jul 2019 11:08:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 40ED88E001A; Wed, 31 Jul 2019 11:08:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 212A68E0003; Wed, 31 Jul 2019 11:08:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f69.google.com (mail-ed1-f69.google.com [209.85.208.69]) by kanga.kvack.org (Postfix) with ESMTP id A7F008E001A for ; Wed, 31 Jul 2019 11:08:32 -0400 (EDT) Received: by mail-ed1-f69.google.com with SMTP id b3so42557473edd.22 for ; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=IPsK2XRosHpKRDn42pkA1hocZnIJH8axKf5oqIqvF+0=; b=amRsmvFs0S4XhSpax78buvgeCNnbWvfXiQZweekF50QtGUYDn1831SsSuKbzp0jXEJ IJ8oiY69hFO1A24aViEOBeM+VvslJhH9wEcFnJbJl3AjVYj2NpXWDPR9/G6UeT3ZgIBv 6g7X6K4CdQeaeFH3jd9uLst0+E+x+XcnEKDf9i6FsRi6RhRp2x9LAGCbWoECx5vgkwub aBTMuk3FdVcE/Y6XVBolPK7EG6vS1wTgWQqjHug4Ot0IwMY5xIpAdKypMDUu20qypR1d 4twzsXImqRzXfKdweNTKuY1+fNxTBgmdWb9b6Po2DWY3fLFKlVVO92dx6nf33C2gmr2W McTQ== X-Gm-Message-State: APjAAAVM7Kex9VSr6EJwq+HdXPudXlgmELAuL8Z5H0TP+nOxfPr3UTsY QL1UKecw9OBef7rHneH2/h6n6TW1MyMle0xo5jwwM9wMD8enAh4ippw+/f7grE0tvUlHCmO5Dmt 5K4uv1cGyiwxLm8ihePwFxRFv4BLkCniIiEcJM5xJw4TLsom6c/UIGWpD6V43RBY= X-Received: by 2002:a50:ec0e:: with SMTP id g14mr68176220edr.210.1564585712195; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) X-Received: by 2002:a50:ec0e:: with SMTP id g14mr68176086edr.210.1564585710989; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585710; cv=none; d=google.com; s=arc-20160816; b=tNV646nl0sfW/VO154c9gL7lTmVRwj9SzeZ1xgUumIqrz5jF5kTF+h23v5vZ3o6DQR mRhwK3RgENThaIIeeITSocLHBjwyWViA3+uCSaNWOCBvE7iHTabywTvkKy4MD04Fj3pl P+Y+zLH0XHmCFPdQHbIsV6B5QU/tje+3eUS/MMM/As5Rauf10oRyM4HBcsMtmSk2ZO2U kUYhk5FfAq8jv6tdD+tBcbktrj3sHNMzh1lWYoHhN+5/kiaWoG1TkTUorqP4f19470Eo amEgyTFZXzvShd2qvR0shwV1jjgd0jl20g62Rf2RFjwqvT2tJkKLNxXN6Ckgvm9vAL1E Hzgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=IPsK2XRosHpKRDn42pkA1hocZnIJH8axKf5oqIqvF+0=; b=Rg5AkPYqCUsR05GoMs2LlDh9TZ9HCMFIxjPVepWczXTOaKZL1ZOtoEjQTtFTx8EgtA mjVwYVu2FbyWYzuQP4Tnx1j7yJofG8bxOkCZEBX9jrGOPaMB1Ucmi035fr3YB72xbNoe NW3wdrcy6fMyCSUOMmhUT7Dpit7H+ZhempwxAmBnTJ3rEv1A6Hlt127jCrIAL+B6fqVx 1bPsX+aEXAtWsGDgtJgbILcIw6vKjTaubfAX2NVpx9koBz3kRFHX+HCAH4xGr+uFG2Ad ybIyVIpcDXAF3lFXwtesVmEaEXOFjXSp5eMCoZMgZS4LjoI0gFI6TiL0YLJWQQxzqoCT 3+QQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=RoXYiUX1; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id h12sor22491441ejc.9.2019.07.31.08.08.30 for (Google Transport Security); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=RoXYiUX1; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=IPsK2XRosHpKRDn42pkA1hocZnIJH8axKf5oqIqvF+0=; b=RoXYiUX1XnPhAzuEc/754GCS7jv20HjdtnuA0D6/z6EQWRYWWlJYLUmYCp5A9gF6t0 xmdTvGf/RDPJGsWdvfduqJSiPxD1iQy03XbdfaIQyAILVGsn2EfooQl1HvX68XEmvKvE YLVQ2+mjfACH42lwtOVvTBDcZBjRVOCatWgbntGFkKnEMI7/phw5FB2FZk9Pt9J7I72/ XSOCXiRLBenu+N9P+C9H7h3JIHVw5uD4w9ATyXvDePOwu1HaCpJlCNydaVH+dgiEvjFc icfbQU69vCZT3uQOtoM3gTX73RLNevnI2i7LMnV1I9DzMb0PsfE3TEa5CJMzEo4Nvk/X DA6w== X-Google-Smtp-Source: APXvYqw++kl/s7OZc/atZ5tqKoJq5up6RoggcbrTF/G7ZR/ZGQU8Rbyr5OdWAhG3JNmHVdhx6GXBWA== X-Received: by 2002:a17:906:914:: with SMTP id i20mr28046601ejd.213.1564585710645; Wed, 31 Jul 2019 08:08:30 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id uz27sm12533468ejb.24.2019.07.31.08.08.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:28 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 1E0E2104600; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 42/59] syscall/x86: Wire up a system call for MKTME encryption keys Date: Wed, 31 Jul 2019 18:07:56 +0300 Message-Id: <20190731150813.26289-43-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield encrypt_mprotect() is a new system call to support memory encryption. It takes the same parameters as legacy mprotect, plus an additional key serial number that is mapped to an encryption keyid. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- arch/x86/entry/syscalls/syscall_32.tbl | 1 + arch/x86/entry/syscalls/syscall_64.tbl | 1 + include/linux/syscalls.h | 2 ++ include/uapi/asm-generic/unistd.h | 4 +++- kernel/sys_ni.c | 2 ++ 5 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/entry/syscalls/syscall_32.tbl b/arch/x86/entry/syscalls/syscall_32.tbl index c00019abd076..1b30cd007a6a 100644 --- a/arch/x86/entry/syscalls/syscall_32.tbl +++ b/arch/x86/entry/syscalls/syscall_32.tbl @@ -440,3 +440,4 @@ 433 i386 fspick sys_fspick __ia32_sys_fspick 434 i386 pidfd_open sys_pidfd_open __ia32_sys_pidfd_open 435 i386 clone3 sys_clone3 __ia32_sys_clone3 +436 i386 encrypt_mprotect sys_encrypt_mprotect __ia32_sys_encrypt_mprotect diff --git a/arch/x86/entry/syscalls/syscall_64.tbl b/arch/x86/entry/syscalls/syscall_64.tbl index c29976eca4a8..716d8a89159b 100644 --- a/arch/x86/entry/syscalls/syscall_64.tbl +++ b/arch/x86/entry/syscalls/syscall_64.tbl @@ -357,6 +357,7 @@ 433 common fspick __x64_sys_fspick 434 common pidfd_open __x64_sys_pidfd_open 435 common clone3 __x64_sys_clone3/ptregs +436 common encrypt_mprotect __x64_sys_encrypt_mprotect # # x32-specific system call numbers start at 512 to avoid cache impact diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h index 88145da7d140..4494b1d9c85a 100644 --- a/include/linux/syscalls.h +++ b/include/linux/syscalls.h @@ -1000,6 +1000,8 @@ asmlinkage long sys_fspick(int dfd, const char __user *path, unsigned int flags) asmlinkage long sys_pidfd_send_signal(int pidfd, int sig, siginfo_t __user *info, unsigned int flags); +asmlinkage long sys_encrypt_mprotect(unsigned long start, size_t len, + unsigned long prot, key_serial_t serial); /* * Architecture-specific system calls diff --git a/include/uapi/asm-generic/unistd.h b/include/uapi/asm-generic/unistd.h index 1be0e798e362..7c1cd13f6aaf 100644 --- a/include/uapi/asm-generic/unistd.h +++ b/include/uapi/asm-generic/unistd.h @@ -850,9 +850,11 @@ __SYSCALL(__NR_pidfd_open, sys_pidfd_open) #define __NR_clone3 435 __SYSCALL(__NR_clone3, sys_clone3) #endif +#define __NR_encrypt_mprotect 436 +__SYSCALL(__NR_encrypt_mprotect, sys_encrypt_mprotect) #undef __NR_syscalls -#define __NR_syscalls 436 +#define __NR_syscalls 437 /* * 32 bit systems traditionally used different diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c index 34b76895b81e..84c8c47cf9d6 100644 --- a/kernel/sys_ni.c +++ b/kernel/sys_ni.c @@ -349,6 +349,8 @@ COND_SYSCALL(pkey_mprotect); COND_SYSCALL(pkey_alloc); COND_SYSCALL(pkey_free); +/* multi-key total memory encryption keys */ +COND_SYSCALL(encrypt_mprotect); /* * Architecture specific weak syscall entries. From patchwork Wed Jul 31 15:07:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068177 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 266E213A4 for ; Wed, 31 Jul 2019 15:14:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 127BC200E7 for ; Wed, 31 Jul 2019 15:14:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 06AF7201B0; Wed, 31 Jul 2019 15:14:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 74D9A2022C for ; Wed, 31 Jul 2019 15:14:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6548C8E0025; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 591D88E0022; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3E6548E0028; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id CB5A48E0025 for ; Wed, 31 Jul 2019 11:13:53 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id w25so42570457edu.11 for ; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=ZkftAsGdSxojE0fJOOOF/MZdp7LK73Cocd1bOG6H+X8=; b=BbCW7s26ZHt7E6sBLz4U7oHLI3yD3yPSR4XehKTUGfzPdAVVxf8zDFvhBdeDLpq/RF wOfyOCFibJEqlbypMG69B5RCiZxAP32aJEj4P0/7Fcpi1qptOoFemDKJ47bsN/8EaZDN eN+MNs/GYuKk5VmZUOGEgVRiIKDeVjVXM3qywXqaLEfwL8WuCPOrC4PXMgwgd2siH7+6 R2sqpLxMeZGzTu756WsL3+CENzdSPNmEa2nHQDdL2//ejawtPAO67G8Asr5Qq+48/Yvn L1J1xNDiFokO8QUfQsHTru7M75uCbfNXT15jk1ZAcQ2DitO7gk1FZ9ZUJnjBSZxitnYo h3Jg== X-Gm-Message-State: APjAAAUHr6MiaOHmxazFPTaUr7yjBRF2b/kYFjACdDN9py/0CTmQb6NK ohjG+lvfHKFblbyLNIf9gD5Pq8jXiNVu0cuavXtiDe8tmP63cAaevXwu6tbXD5/granchInisgj nytluawxbriNg8cIwK/VzGc7Z+tE65ZTzOv13yHNRP+h+nAE80tbxRrzm2mjGeqI= X-Received: by 2002:a50:b566:: with SMTP id z35mr110218097edd.129.1564586033376; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) X-Received: by 2002:a50:b566:: with SMTP id z35mr110217952edd.129.1564586031850; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586031; cv=none; d=google.com; s=arc-20160816; b=lc66uVx0frc943fBhNeE0yV5ijpjp9p4dNMQLnxhIIr6s40q2Q9KktyIZZPwQzqG57 aBHwsS7gpolPi1jw0pTzrx9bZmuRZbVWyWFOPhL3vnwHdsP+MGa4LVirpQdFntj7drbJ bwkNHB3Bq7fZFMcqNV+ujZIevSwM0uDl/KZ2UcJ19hHocbN2bfbechr7QofEqpbLS+yh lH3s8xzw+M6O93ZzdEOuhxrw8qySYsJXWyuHdmDDTTPhvNFk8JvzkQ4qRrq687Ng2t05 9FsUWzgPupBLUObyJZxIn6FY+Di0glS0Uo2JX8An0etBf+H5/dcwrhiY+iIEyNxFisN+ FLLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=ZkftAsGdSxojE0fJOOOF/MZdp7LK73Cocd1bOG6H+X8=; b=kEVxJLvF9z0S8geLTW/HlO9jQeiIIFNvGDhkruOswxTF1hTeyf9M5btg6T7MwHOFbn zpoeA8eNRDNaeBBIvMXUWUK/Tvpa3M3GwFZql5l4WMEymMHx+4q86oYz9fK+78IhiF3V RDkSEv53kf1oiE6J6Lbrz8L/jZNTzEAeYouN6dM+oOYzg7NusaVbhP3yme7feeRaXPOn 7iU7FL5Wx/2xPImgLrA1ClB9b1yBvvRV72CNpDxNhTxiqC9JGsZMYoUOD5LSAjU2Eo1f f/JLguc+yL/u8XRWKixzCa0MK3fdX6AlVVne6s1onGH1gnDEb1hDIe/wtaLMir7mbPz0 Gbww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=yNcUiWdQ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id oy17sor22054001ejb.16.2019.07.31.08.13.51 for (Google Transport Security); Wed, 31 Jul 2019 08:13:51 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=yNcUiWdQ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ZkftAsGdSxojE0fJOOOF/MZdp7LK73Cocd1bOG6H+X8=; b=yNcUiWdQFKls9CJ+s1kmqNYTq4HAt/+z4PQnyTb2R/O/QG4HejvHYbZEnDpZkx4u6m rYryPmrZZw5X0yVl9cqTObJ/vAbi3N2kcWUJTn/nS5m7u0j1NeO76bPx86u5y6/FFXzG GwvkGwtp3dVrAmLGNQwceerYEf8lbhe3A3hpQ9jH6pM/+5oR2hB1poc9BJZ/qpFk3lFg AVoV+a8D/wx7gKubBM5x0ly/CpnY4m7riIc5gECoUZ1ttMWB61O3sn/gxcaUYdZYR3rm riJBLh8bckwgmhvRhWjFVk43K9z3429hxlIIgWZDxIvHcCVj0zmgN7kgBdEg+aubIbZF aYoA== X-Google-Smtp-Source: APXvYqxlBWhD79QJcY6LnrhxwdW4BCeLIylkUAMRGP9j6V32DYMCll5/WusJdm6IK3xrXEoHhQo02A== X-Received: by 2002:a17:906:94ce:: with SMTP id d14mr97075606ejy.251.1564586031480; Wed, 31 Jul 2019 08:13:51 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id j37sm17791942ede.23.2019.07.31.08.13.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 251F0104601; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 43/59] x86/mm: Set KeyIDs in encrypted VMAs for MKTME Date: Wed, 31 Jul 2019 18:07:57 +0300 Message-Id: <20190731150813.26289-44-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield MKTME architecture requires the KeyID to be placed in PTE bits 51:46. To create an encrypted VMA, place the KeyID in the upper bits of vm_page_prot that matches the position of those PTE bits. When the VMA is assigned a KeyID it is always considered a KeyID change. The VMA is either going from not encrypted to encrypted, or from encrypted with any KeyID to encrypted with any other KeyID. To make the change safely, remove the user pages held by the VMA and unlink the VMA's anonymous chain. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 4 ++++ arch/x86/mm/mktme.c | 26 ++++++++++++++++++++++++++ include/linux/mm.h | 6 ++++++ 3 files changed, 36 insertions(+) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index d26ada6b65f7..e8f7f80bb013 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -16,6 +16,10 @@ extern int __mktme_nr_keyids; extern int mktme_nr_keyids(void); extern unsigned int mktme_algs; +/* Set the encryption keyid bits in a VMA */ +extern void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, + unsigned long start, unsigned long end); + DECLARE_STATIC_KEY_FALSE(mktme_enabled_key); static inline bool mktme_enabled(void) { diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index ed13967bb543..05bbf5058ade 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,5 +1,6 @@ #include #include +#include #include #include #include @@ -71,6 +72,31 @@ int __vma_keyid(struct vm_area_struct *vma) return (prot & mktme_keyid_mask()) >> mktme_keyid_shift(); } +/* Set the encryption keyid bits in a VMA */ +void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, + unsigned long start, unsigned long end) +{ + int oldkeyid = vma_keyid(vma); + pgprotval_t newprot; + + /* Unmap pages with old KeyID if there's any. */ + zap_page_range(vma, start, end - start); + + if (oldkeyid == newkeyid) + return; + + newprot = pgprot_val(vma->vm_page_prot); + newprot &= ~mktme_keyid_mask(); + newprot |= (unsigned long)newkeyid << mktme_keyid_shift(); + vma->vm_page_prot = __pgprot(newprot); + + /* + * The VMA doesn't have any inherited pages. + * Start anon VMA tree from scratch. + */ + unlink_anon_vmas(vma); +} + /* Prepare page to be used for encryption. Called from page allocator. */ void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) { diff --git a/include/linux/mm.h b/include/linux/mm.h index 3f9640f388ac..98a6d2bd66a6 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2905,5 +2905,11 @@ void __init setup_nr_node_ids(void); static inline void setup_nr_node_ids(void) {} #endif +#ifndef CONFIG_X86_INTEL_MKTME +static inline void mprotect_set_encrypt(struct vm_area_struct *vma, + int newkeyid, + unsigned long start, + unsigned long end) {} +#endif /* CONFIG_X86_INTEL_MKTME */ #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */ From patchwork Wed Jul 31 15:07:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068121 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id DA987746 for ; Wed, 31 Jul 2019 15:09:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C6BA51FFD8 for ; Wed, 31 Jul 2019 15:09:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B8576201B1; Wed, 31 Jul 2019 15:09:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0DEA81FFD8 for ; Wed, 31 Jul 2019 15:09:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 225FA8E001A; Wed, 31 Jul 2019 11:08:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id F32F08E001E; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D0F988E001A; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 782978E001C for ; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id a5so42596442edx.12 for ; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=WXT2KCVQy2E86WIHV388gpcH/h/cqapkcTgzB8ITRTY=; b=N9gamUZ+/DQUQrnfaFZz6wcyMRJX10DsN/Hlkn1pXa9a0aGEo54BwY71zu3aKXqt0Z PJI0Ae8YvIlv30sMY5EjlJkRBCGsg9OEfnPxM6T8k4Ye5008a2uPp1pJ+kA8B3NX/xv6 vtjTzYIM1a0e2x05VKeFHX8+IStXff1hNYZkL5LtBYAR4ypZV9zFdu95dTIM/Cerhff4 IJgjc2SYiB9zBJHzd6+eQ9VnuVhbpsPalVtA9pZg4DL6GyjTaUR3Q31Guf8AyNWY/swi 82jzGJiehOXd+UiMtcaMpmrSUrUNHTyUBPVn7TYiQ9DfCa7R6K2MXLcWu8acG8Q3TRcj CGbA== X-Gm-Message-State: APjAAAVS6pEw3eb2/j67Sqe95MosEogPXgC39EdAOW6yedRvxeceMTDW 0eaHPd91OlP15J2W06q2VpoufqNk4gNBJWsbf9sl57EqXHzqZpK3F9+i9P+5tF6G4yJuQ0CmXgi DYHzPdtlzXWmei2PZr+n8AKLwyPaYVqRMMPjWL9MTDUJITzy/LRA/JBdoSpfOxUA= X-Received: by 2002:aa7:ca41:: with SMTP id j1mr109791867edt.149.1564585714043; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Received: by 2002:aa7:ca41:: with SMTP id j1mr109791677edt.149.1564585712403; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585712; cv=none; d=google.com; s=arc-20160816; b=l+UfXVkKVEowfyGPDB2l23mSCD8GuMQqsxG7v7C5KhIPtb5dNRX8ov0bj89S5W+PQn bWxoG6Hd3+2vG1o8cOd/UHur+LOplR2H3tvcMNIw2gOOaujw8M222oZBKO2GjnyoCPTJ kybzwSp+ImTUuPBH8GMLWzkZ1ghAblw7yYEOSTaj6Omdxy+Do2ikL397PfpVK50otYGR keE7vt0vUdfC1aSGAo+7kv2octSgP1xpkNFFgYtvRS2ddbV/nNw7u6Yo9WDApHHKZHt5 y09SLzUthhWIX0x40B2v5AQ1R1NUJ+22F5irNnwCwoPW2MHahCL2cSML264o7I6cVygx 8oOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=WXT2KCVQy2E86WIHV388gpcH/h/cqapkcTgzB8ITRTY=; b=eib3nVt9LOxSUDY9Hi9Hh6cpO3LEuH03ovHRC7cklr6CIOu/uiL9vadwz3BEQ+gV89 rp+avCnHLuQkJbVVOpTt/VQxNEt+6CvLkjLcfanYVV7StbfbT9aZVhDy9H9TCGTLOZzT YhMdc8SkA92HkbkYDV8UFJPj7UzH6TNET4fNsrVGAZsm4fhxk0Fd/4FWLT6WEjRJAZo8 I7X5czITYgCQLXs6CHdnoHXrSIuiwcJK6bbDK9GR6zzaX//DVHIqx6XzgGlv/RPJ7qU7 MBEF2sg3LdQZbhJDBeZ9szU6ZkFAG8fV3HrCNlh3jbTYskDUgc9/ba9eigDNKnPuYV+i r8Yw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=gbgwfZZp; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id h14sor52293247ede.5.2019.07.31.08.08.32 for (Google Transport Security); Wed, 31 Jul 2019 08:08:32 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=gbgwfZZp; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WXT2KCVQy2E86WIHV388gpcH/h/cqapkcTgzB8ITRTY=; b=gbgwfZZpKF7Zw4y/Cy0+El8MhN5OgIgEsj0rN2nkj9PakelkWIC/N62lsNpt78P51H jvP8xx7Juipvx0RgC4SB4vNCw1P4PSVg2b2+doiEir7dfWiW3vsGXqpbQGM6KNexQSTP r3fNkw3L7doZwwJenk62AM3aDDoLUPKu0t7NkU1I3mRXbo3XJ9NXobg93l8rusAKYuRo dypVLFF2TyUrUJhBYMTvoExAgOrk1M4x1MfzcZx90KOF0LZV+HC3Q1R85RN5+Yd5tXFt ULtpKhZLGf3u8jhLzjctfNyP1AJ1tjB1U+mn3PJugnraGtaxozLw2DlDsbKDrENsFSdN bcCQ== X-Google-Smtp-Source: APXvYqwiaqlBMCu7NWbE38q/iVndeTnZvf7qpo+nZ6NbB+Pm6uXYyVJ+okRcWjQSuw2bxKJtzce2+A== X-Received: by 2002:a50:f70c:: with SMTP id g12mr108973248edn.139.1564585712069; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id b15sm5578799ejj.5.2019.07.31.08.08.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 2C437104602; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 44/59] mm: Add the encrypt_mprotect() system call for MKTME Date: Wed, 31 Jul 2019 18:07:58 +0300 Message-Id: <20190731150813.26289-45-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Implement memory encryption for MKTME (Multi-Key Total Memory Encryption) with a new system call that is an extension of the legacy mprotect() system call. In encrypt_mprotect the caller must pass a handle to a previously allocated and programmed MKTME encryption key. The key can be obtained through the kernel key service type "mktme". The caller must have KEY_NEED_VIEW permission on the key. MKTME places an additional restriction on the protected data: The length of the data must be page aligned. This is in addition to the existing mprotect restriction that the addr must be page aligned. encrypt_mprotect() will lookup the hardware keyid for the given userspace key. It will use previously defined helpers to insert that keyid in the VMAs during legacy mprotect() execution. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- fs/exec.c | 4 +-- include/linux/mm.h | 3 +- mm/mprotect.c | 68 +++++++++++++++++++++++++++++++++++++++++----- 3 files changed, 65 insertions(+), 10 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index c71cbfe6826a..261e81b7e3a4 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -756,8 +756,8 @@ int setup_arg_pages(struct linux_binprm *bprm, vm_flags |= mm->def_flags; vm_flags |= VM_STACK_INCOMPLETE_SETUP; - ret = mprotect_fixup(vma, &prev, vma->vm_start, vma->vm_end, - vm_flags); + ret = mprotect_fixup(vma, &prev, vma->vm_start, vma->vm_end, vm_flags, + -1); if (ret) goto out_unlock; BUG_ON(prev != vma); diff --git a/include/linux/mm.h b/include/linux/mm.h index 98a6d2bd66a6..8551b5ebdedf 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -1660,7 +1660,8 @@ extern unsigned long change_protection(struct vm_area_struct *vma, unsigned long int dirty_accountable, int prot_numa); extern int mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, unsigned long start, - unsigned long end, unsigned long newflags); + unsigned long end, unsigned long newflags, + int newkeyid); /* * doesn't attempt to fault and will return short. diff --git a/mm/mprotect.c b/mm/mprotect.c index 4d55725228e3..518d75582e7b 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include #include @@ -348,7 +349,8 @@ static int prot_none_walk(struct vm_area_struct *vma, unsigned long start, int mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, - unsigned long start, unsigned long end, unsigned long newflags) + unsigned long start, unsigned long end, unsigned long newflags, + int newkeyid) { struct mm_struct *mm = vma->vm_mm; unsigned long oldflags = vma->vm_flags; @@ -358,7 +360,14 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, int error; int dirty_accountable = 0; - if (newflags == oldflags) { + /* + * Flags match and Keyids match or we have NO_KEY. + * This _fixup is usually called from do_mprotect_ext() except + * for one special case: caller fs/exec.c/setup_arg_pages() + * In that case, newkeyid is passed as -1 (NO_KEY). + */ + if (newflags == oldflags && + (newkeyid == vma_keyid(vma) || newkeyid == NO_KEY)) { *pprev = vma; return 0; } @@ -424,6 +433,8 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, } success: + if (newkeyid != NO_KEY) + mprotect_set_encrypt(vma, newkeyid, start, end); /* * vm_flags and vm_page_prot are protected by the mmap_sem * held in write mode. @@ -455,10 +466,15 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, } /* - * When pkey==NO_KEY we get legacy mprotect behavior here. + * do_mprotect_ext() supports the legacy mprotect behavior plus extensions + * for Protection Keys and Memory Encryption Keys. These extensions are + * mutually exclusive and the behavior is: + * (pkey==NO_KEY && keyid==NO_KEY) ==> legacy mprotect + * (pkey is valid) ==> legacy mprotect plus Protection Key extensions + * (keyid is valid) ==> legacy mprotect plus Encryption Key extensions */ static int do_mprotect_ext(unsigned long start, size_t len, - unsigned long prot, int pkey) + unsigned long prot, int pkey, int keyid) { unsigned long nstart, end, tmp, reqprot; struct vm_area_struct *vma, *prev; @@ -556,7 +572,8 @@ static int do_mprotect_ext(unsigned long start, size_t len, tmp = vma->vm_end; if (tmp > end) tmp = end; - error = mprotect_fixup(vma, &prev, nstart, tmp, newflags); + error = mprotect_fixup(vma, &prev, nstart, tmp, newflags, + keyid); if (error) goto out; nstart = tmp; @@ -581,7 +598,7 @@ static int do_mprotect_ext(unsigned long start, size_t len, SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, unsigned long, prot) { - return do_mprotect_ext(start, len, prot, NO_KEY); + return do_mprotect_ext(start, len, prot, NO_KEY, NO_KEY); } #ifdef CONFIG_ARCH_HAS_PKEYS @@ -589,7 +606,7 @@ SYSCALL_DEFINE3(mprotect, unsigned long, start, size_t, len, SYSCALL_DEFINE4(pkey_mprotect, unsigned long, start, size_t, len, unsigned long, prot, int, pkey) { - return do_mprotect_ext(start, len, prot, pkey); + return do_mprotect_ext(start, len, prot, pkey, NO_KEY); } SYSCALL_DEFINE2(pkey_alloc, unsigned long, flags, unsigned long, init_val) @@ -638,3 +655,40 @@ SYSCALL_DEFINE1(pkey_free, int, pkey) } #endif /* CONFIG_ARCH_HAS_PKEYS */ + +#ifdef CONFIG_X86_INTEL_MKTME + +extern int mktme_keyid_from_key(struct key *key); + +SYSCALL_DEFINE4(encrypt_mprotect, unsigned long, start, size_t, len, + unsigned long, prot, key_serial_t, serial) +{ + key_ref_t key_ref; + struct key *key; + int ret, keyid; + + /* MKTME restriction */ + if (!PAGE_ALIGNED(len)) + return -EINVAL; + + /* + * key_ref prevents the destruction of the key + * while the memory encryption is being set up. + */ + + key_ref = lookup_user_key(serial, 0, KEY_NEED_VIEW); + if (IS_ERR(key_ref)) + return PTR_ERR(key_ref); + + key = key_ref_to_ptr(key_ref); + keyid = mktme_keyid_from_key(key); + if (!keyid) { + key_ref_put(key_ref); + return -EINVAL; + } + ret = do_mprotect_ext(start, len, prot, NO_KEY, keyid); + key_ref_put(key_ref); + return ret; +} + +#endif /* CONFIG_X86_INTEL_MKTME */ From patchwork Wed Jul 31 15:07:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068341 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 54DF413A4 for ; Wed, 31 Jul 2019 15:24:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 42CCD20223 for ; Wed, 31 Jul 2019 15:24:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 36DBA204C1; Wed, 31 Jul 2019 15:24:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A301B20223 for ; Wed, 31 Jul 2019 15:24:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 33FAE8E003F; Wed, 31 Jul 2019 11:23:54 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2CD858E0041; Wed, 31 Jul 2019 11:23:54 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0A6288E003F; Wed, 31 Jul 2019 11:23:54 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id A5C938E0041 for ; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id b12so42575232ede.23 for ; Wed, 31 Jul 2019 08:23:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Sk1PpCuzqYjEJOS8AE7r4czQNGxEA2XkbZsiPBCfi34=; b=aPNaM5Lb8NMtVXsNJvrf3lkMrzyuqtBGfcgeKcjsg/ZIE4QbhWcLRytTfWS6Tp4JNx f4vp+y6ukyCzqB+oALZqY+AKT2evB8DbNU4VNwshet6eY5Ss7Apr2m/Zvo/LoRQsn03i RMTcSVAKsf1cxmU8KMAagci9azqyCsda4ScsxkHoNroQCR1dAZC506iCMpFyAE9s31TP g6EBNfv2xhg/vAEOeZpvaifA7PfzNFFn6zEPvhpYoxi/maSWNIjaNsnkCmlP0JRQdKLy LLyfFw0HxYKlgqlCaxf1zCEncNATqWBZZDwLLyelrEvS+THFYdIwyFLWoUFxpPk6BeRz wQUQ== X-Gm-Message-State: APjAAAWvr5R3Mh6JbE1CLbpbyAjffnbsxOX9CFAM3JO+Hm2guyDp4QxN ZYrZuaSUiquvWCauqHG6lxo+rLD/EQap6jo3mJdtBfT4r8I4ip5wpWgSH7Xd5XnMW2lm2DGBWU7 wvRdGdSABrs6ouyY54ucyHiVmC5P7AuCuBwkp5z1uAVMAvIKMsLm8iBKDG336J2k= X-Received: by 2002:aa7:d28a:: with SMTP id w10mr107641995edq.251.1564586633242; Wed, 31 Jul 2019 08:23:53 -0700 (PDT) X-Received: by 2002:aa7:d28a:: with SMTP id w10mr107641883edq.251.1564586631922; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586631; cv=none; d=google.com; s=arc-20160816; b=rgtaMsiFuKdtV5Wl2vul0Amh7UBu8UKk4vvmplYr+x31Y867xnGo5id43nmSnMZrZz FC4d1x7Enwwvi4a/EggIyxq8IGqMBQ1I0mwYTo9SeKMpfipe+QhVRkH8hWu4v8+CFKj9 baaJb3D8uUZpmRlN1aJGSbT4SjjzCGHAnVfjA+ujPSMOnen5KFMnPwaR22S5fhDyYRb2 TN+pZryNc4QXs3MEMt3FzuJPVaFYNDL9hFnUgsKZ6ou2lI2kx5yhLtChDfVnyT5gL+GC B/+o+yM+6iZ7iDGtGxgoKFMoAiBB67gi3Sk87fJrxB0pkJL/zma0NBYq7iAt7d9zsYcS JOWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=Sk1PpCuzqYjEJOS8AE7r4czQNGxEA2XkbZsiPBCfi34=; b=BaLhGlKGU2SsBmRolGw/LhhFDtfIxaCquyH7Qg1hMXqedORmHAOr35quRkjZz/oYwX gUlqTLp8bhus6A9vmvMUzBwgPSeEJ2lvvwYsOYADKDfW+98+wzQv4446csfGwSGj/+86 RJwXzn3bS6Zzrl98otpzjXbsWawz3mkIPD9tDLbBwNCKoJp4sRrDh0hT+7pGuQ9U9qkP iXPS7JZUIXQ3LLuJQ1oMPuXmMqvdCwDA7op2ROWxv7zFge2x4/QZy2HrDj34ZyRi6lKy nHX1MVVQq2nWfjqVu6daXp1FcKmxcPPkpJrKvp6ZS/km8jeMpb5q8bbdkKyaMN/h9bZt Zt3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=zYfX+Vek; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id ob24sor12852266ejb.47.2019.07.31.08.23.51 for (Google Transport Security); Wed, 31 Jul 2019 08:23:51 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=zYfX+Vek; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Sk1PpCuzqYjEJOS8AE7r4czQNGxEA2XkbZsiPBCfi34=; b=zYfX+VekOIhFWRJ2G/0zX9v39cKod648dVL8Af3HBA6yCma0NLUJ9wn4pQd/9Jkwxo plhgwkImm7vcYtinhJSQVqk1MAoTlKk+hJnnIdkIvREU+NvQYGke8sn2GbxcPE1Uwp3e d9FLk488jkV3wDUFrH43C8fjJoatF8ApGk6f2jTHHmYUNGl3G4HSu0Rs89UZ/sZW/KTq SN8gtRY0sjPahfYQyPAezYsBjck1HMmp6Edi2x1w5HyYUVMxaFgoLCv3ml6vi5zqcbZl hC9nZo//Dc9d/32cvuxLuf0GM7cH92tu+V/365Y+aSuMJt615iXOKFwOz3OBpdQimRaz LoJg== X-Google-Smtp-Source: APXvYqweIFGj3MCq6N04mbC1BNfi3q/vQoLrR/zJQwa/pOxhj8VtISyLnD/wc39qKae2odfmqbvinQ== X-Received: by 2002:a17:906:f10d:: with SMTP id gv13mr11602301ejb.151.1564586631547; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id e3sm7174587ejm.16.2019.07.31.08.23.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 33243104603; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 45/59] x86/mm: Keep reference counts on hardware key usage for MKTME Date: Wed, 31 Jul 2019 18:07:59 +0300 Message-Id: <20190731150813.26289-46-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield The MKTME (Multi-Key Total Memory Encryption) Key Service needs a reference count the key usage. This reference count is used to determine when a hardware encryption KeyID is no longer in use and can be freed and reassigned to another Userspace Key. The MKTME Key service does the percpu_ref_init and _kill. Encrypted VMA's and encrypted pages are included in the reference counts per keyid. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mktme.h | 5 +++++ arch/x86/mm/mktme.c | 37 ++++++++++++++++++++++++++++++++++-- include/linux/mm.h | 2 ++ kernel/fork.c | 2 ++ 4 files changed, 44 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index e8f7f80bb013..a5f664d3805b 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -20,6 +20,11 @@ extern unsigned int mktme_algs; extern void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, unsigned long start, unsigned long end); +/* MTKME encrypt_count for VMAs */ +extern struct percpu_ref *encrypt_count; +extern void vma_get_encrypt_ref(struct vm_area_struct *vma); +extern void vma_put_encrypt_ref(struct vm_area_struct *vma); + DECLARE_STATIC_KEY_FALSE(mktme_enabled_key); static inline bool mktme_enabled(void) { diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 05bbf5058ade..17366d81c21b 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -84,11 +84,12 @@ void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, if (oldkeyid == newkeyid) return; - + vma_put_encrypt_ref(vma); newprot = pgprot_val(vma->vm_page_prot); newprot &= ~mktme_keyid_mask(); newprot |= (unsigned long)newkeyid << mktme_keyid_shift(); vma->vm_page_prot = __pgprot(newprot); + vma_get_encrypt_ref(vma); /* * The VMA doesn't have any inherited pages. @@ -97,6 +98,18 @@ void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, unlink_anon_vmas(vma); } +void vma_get_encrypt_ref(struct vm_area_struct *vma) +{ + if (vma_keyid(vma)) + percpu_ref_get(&encrypt_count[vma_keyid(vma)]); +} + +void vma_put_encrypt_ref(struct vm_area_struct *vma) +{ + if (vma_keyid(vma)) + percpu_ref_put(&encrypt_count[vma_keyid(vma)]); +} + /* Prepare page to be used for encryption. Called from page allocator. */ void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) { @@ -137,6 +150,22 @@ void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) page++; } + + /* + * Make sure the KeyID cannot be freed until the last page that + * uses the KeyID is gone. + * + * This is required because the page may live longer than VMA it + * is mapped into (i.e. in get_user_pages() case) and having + * refcounting per-VMA is not enough. + * + * Taking a reference per-4K helps in case if the page will be + * split after the allocation. free_encrypted_page() will balance + * out the refcount even if the page was split and freed as bunch + * of 4K pages. + */ + + percpu_ref_get_many(&encrypt_count[keyid], 1 << order); } /* @@ -145,7 +174,9 @@ void __prep_encrypted_page(struct page *page, int order, int keyid, bool zero) */ void free_encrypted_page(struct page *page, int order) { - int i; + int i, keyid; + + keyid = page_keyid(page); /* * The hardware/CPU does not enforce coherency between mappings @@ -177,6 +208,8 @@ void free_encrypted_page(struct page *page, int order) lookup_page_ext(page)->keyid = 0; page++; } + + percpu_ref_put_many(&encrypt_count[keyid], 1 << order); } static int sync_direct_mapping_pte(unsigned long keyid, diff --git a/include/linux/mm.h b/include/linux/mm.h index 8551b5ebdedf..be27cb0cc0c7 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2911,6 +2911,8 @@ static inline void mprotect_set_encrypt(struct vm_area_struct *vma, int newkeyid, unsigned long start, unsigned long end) {} +static inline void vma_get_encrypt_ref(struct vm_area_struct *vma) {} +static inline void vma_put_encrypt_ref(struct vm_area_struct *vma) {} #endif /* CONFIG_X86_INTEL_MKTME */ #endif /* __KERNEL__ */ #endif /* _LINUX_MM_H */ diff --git a/kernel/fork.c b/kernel/fork.c index d8ae0f1b4148..00735092d370 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -349,12 +349,14 @@ struct vm_area_struct *vm_area_dup(struct vm_area_struct *orig) if (new) { *new = *orig; INIT_LIST_HEAD(&new->anon_vma_chain); + vma_get_encrypt_ref(new); } return new; } void vm_area_free(struct vm_area_struct *vma) { + vma_put_encrypt_ref(vma); kmem_cache_free(vm_area_cachep, vma); } From patchwork Wed Jul 31 15:08:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068213 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AF98C13A4 for ; Wed, 31 Jul 2019 15:15:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9BFB71FFD9 for ; Wed, 31 Jul 2019 15:15:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8FD56205FC; Wed, 31 Jul 2019 15:15:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 27893209CD for ; Wed, 31 Jul 2019 15:15:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2A8058E0037; Wed, 31 Jul 2019 11:15:54 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 231C58E0035; Wed, 31 Jul 2019 11:15:54 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0D3608E0037; Wed, 31 Jul 2019 11:15:54 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id B1E548E0035 for ; Wed, 31 Jul 2019 11:15:53 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id w25so42574184edu.11 for ; Wed, 31 Jul 2019 08:15:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=dXgFqK9tRsaes8xbX8jlTX0gUbPqQYtilIkdLoU6CY4=; b=WBuc/t3iE0hZpWHukaaMWe3R8tNDIkqOmucvYPrFF9dReTQfLA+C9sKyoRaxLk5TOm 9tBFG4UV5SDIuHuNhC7xMWLeYEcKNbR5BEoglORcV8N9NMHFFtNdObY96vBOvKhMoqux zW5OYumr+NH2AslhV8hbQc8p+n1C8eayGDlcBPhuEFeLK36VcXy0OQXXVTKreJQrhbgQ xjaladVk+qxOr/98TmMkZZXvPQOdRy6LEDJoC0M5T7YHs0vqbPIy2SFOozUbfUBw+hip ntuT59hwWJ7xaXO0uQOWCdoqy82b8x/jJvn7z2WN0b8hZeiV48erHQNMoIgNx5JliJDc 0sPg== X-Gm-Message-State: APjAAAVxziVQzbg24LPMw37RxXaIuquVRSKFmPty0tuJhctqdkaevfdn wzLxBV1qPIXdvqo5xrHR02ucbSDetmJHpASzCxckssG4SJVZq3kedGO88e3lY9cFTs1xeOFjFLn VQHlfVOceZC/oSMtboN1mG3kMtdLRorYYb8dQuuZrMmgHa3+22vp5T+y3LG2q6Rk= X-Received: by 2002:a50:c35b:: with SMTP id q27mr108134600edb.98.1564586153300; Wed, 31 Jul 2019 08:15:53 -0700 (PDT) X-Received: by 2002:a50:c35b:: with SMTP id q27mr108123126edb.98.1564586038933; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586038; cv=none; d=google.com; s=arc-20160816; b=pcDzrYW36TVMJam37Kc3FFlGqOWQqPjum9hdu+CftUEbKu+IsqwC6Dsw/yZ7qNpQ7u CqE+6ZW5Zv/rVa5NCRFJwcPD7HYIOCcEkRS1azc31ClLI4xVE0vtaHcjueeDoVoGLjx2 LYBfYa8OndI2zSUxedCY6GnSWTOui2SSOYOf1D4gAMAch033NCvQ9EDn2saWrQjugIK+ beFDvs88FiZXSZifqxhJgJS+B5IlM7oLOpOeWEJjfe4XZKDWUiC9QGK0Wk2z3xSsOSCB pRtt0RyINTUTWDFEDV+C9RYpvmJbkT6zzePx05cbALesdmk9ye1oytB7BbIJ1/eLWGIX onwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=dXgFqK9tRsaes8xbX8jlTX0gUbPqQYtilIkdLoU6CY4=; b=W2UmhMmgBbtsTuQR4sgExurZdLcuUPLq1ntO7cn+/dRDku3zyHmGMojhjqWqf8akzC DswwUHAAoMb1OfKpXmuyXq7GctXviO4zfwSczINl6f2liBLMVR9t3zegv69RAVZSJOpF AVGmDP/+3zO1FV3rBwHZPmAIhLzwcqgzgzXKQirBeXqF0FQ3HkZ970pePic5Vr7/6stb q9OliB9Dtg4HzLZ0s3Sy3pJYl7aozUcOnAmBLOwhmpgbacgYImRRbAfPjbzdSk/iVWDE XsTiSKxk5DSSDQrKezPNyeLAbEayALbcD3ZUMeafI3FCCVQi4j1tmImdWR07cnBqiO7j 4Kww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="D/xOlMhr"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l33sor52321055edd.23.2019.07.31.08.13.58 for (Google Transport Security); Wed, 31 Jul 2019 08:13:58 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="D/xOlMhr"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=dXgFqK9tRsaes8xbX8jlTX0gUbPqQYtilIkdLoU6CY4=; b=D/xOlMhrdU0ZyN8+we4kbni7hHuGIfv/4U4Ig0LX9ewfIEajz0z1lI9iS5QnH6yCat sfE6Wxgj7gCcNgGeO8sqZDkOENTjXyGaq0eGqLegmkmODaaLkPBU23YDdAqvq4s4OSxZ N0A8Q4QWYpmDkk2dAzVYUHeLTCw2YmNW5FYuyTsyMmseshWxSznRJue51TmL0r+h8LG/ vb4cNBRmMjzUCNNogPHi3S31sph/SJ/M4uXMSstfF9OC/trKRR9pDG2nUWbNR9Ymsx50 ScB2FK2fZENk5csdIp1g+R48LmIGH0MJ/LiEr5bfor9Gh3Un92wYv/649p99ZIJ8QAGO S6YQ== X-Google-Smtp-Source: APXvYqyagj0pny7ZfrRGD/QMhFKklBkFWmGDfmQgFU5rbWlHF6yWjUkfAl5cJt9AcGs7WHAa7fbavg== X-Received: by 2002:a50:a485:: with SMTP id w5mr108547875edb.277.1564586038641; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id i8sm17219860edg.12.2019.07.31.08.13.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 3A5C3104604; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 46/59] mm: Restrict MKTME memory encryption to anonymous VMAs Date: Wed, 31 Jul 2019 18:08:00 +0300 Message-Id: <20190731150813.26289-47-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Memory encryption is only supported for mappings that are ANONYMOUS. Test the VMA's in an encrypt_mprotect() request to make sure they all meet that requirement before encrypting any. The encrypt_mprotect syscall will return -EINVAL and will not encrypt any VMA's if this check fails. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- mm/mprotect.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/mm/mprotect.c b/mm/mprotect.c index 518d75582e7b..4b079e1b2d6f 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -347,6 +347,24 @@ static int prot_none_walk(struct vm_area_struct *vma, unsigned long start, return walk_page_range(start, end, &prot_none_walk); } +/* + * Encrypted mprotect is only supported on anonymous mappings. + * If this test fails on any single VMA, the entire mprotect + * request fails. + */ +static bool mem_supports_encryption(struct vm_area_struct *vma, unsigned long end) +{ + struct vm_area_struct *test_vma = vma; + + do { + if (!vma_is_anonymous(test_vma)) + return false; + + test_vma = test_vma->vm_next; + } while (test_vma && test_vma->vm_start < end); + return true; +} + int mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev, unsigned long start, unsigned long end, unsigned long newflags, @@ -533,6 +551,12 @@ static int do_mprotect_ext(unsigned long start, size_t len, goto out; } } + + if (keyid > 0 && !mem_supports_encryption(vma, end)) { + error = -EINVAL; + goto out; + } + if (start > vma->vm_start) prev = vma; From patchwork Wed Jul 31 15:08:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068201 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8AC6C13A4 for ; Wed, 31 Jul 2019 15:14:46 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 76D88201BC for ; Wed, 31 Jul 2019 15:14:46 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6A4E7205F6; Wed, 31 Jul 2019 15:14:46 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3258620415 for ; Wed, 31 Jul 2019 15:14:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B36EA8E0032; Wed, 31 Jul 2019 11:14:00 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id ABF558E0030; Wed, 31 Jul 2019 11:14:00 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 988058E0032; Wed, 31 Jul 2019 11:14:00 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 4C9F38E0030 for ; Wed, 31 Jul 2019 11:14:00 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id y24so42671222edb.1 for ; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=k+U6VIHmZ/fZHykv9hSZy3hTFPe14uQwWZPNGVQf9Wg=; b=RhZxOufNCNUZwmuV6m5uq02qVaxM46Khz6Wg5Bs3JSQXmQFdDgKIVy24EoUzZnKggo 6Ga32yv/znLRw/i3xfbEBlkxt9Z8idmBjspRahB4q/DXizXeAy/BmA0msjC3xg7tRBr8 iU6+nsZldd0KJPtYuFI4ZBOLAe28O3Mj/NuK4bJ65k47ACLN0hHgxEt8W/F0wNBS3Dap AcJ936WcIoclktuAQQUicdXRA0XOY1SJNa3qQJ3xE46Q+9Bk/2IukrHStk9wxZjAEFgr rred+sHnOQWYEOOs1Bo6ulmWQ6sVBxjsuOAdRrEzMVkeFeFu1bcnK21CvhKmGx+4ay7P XIXg== X-Gm-Message-State: APjAAAVBuR99h1pffrKTNWhmQ7C6BPKXrZN5YH23vMC9dGp8j324SUNE 5xqEm/vhznnfKsk+JVagsCzmRX5GYYedNLQv2U6VAbZuRvaf3rqidNn1fI7z9KlazMFte8D38kH hxgZzh9qeT2ll5LJ+8T9Wng3fSXKnhN0rxLq+hvnGoCf195jy6O1QL1u9xpiJbHY= X-Received: by 2002:aa7:d918:: with SMTP id a24mr106262129edr.235.1564586039902; Wed, 31 Jul 2019 08:13:59 -0700 (PDT) X-Received: by 2002:aa7:d918:: with SMTP id a24mr106262030edr.235.1564586038903; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586038; cv=none; d=google.com; s=arc-20160816; b=jpZs0Fd91yEusDyeQBMN4B7szA12cDRpl/gF09kMWHWtBrS5rd/PQ5kKdKa5LJH976 2viaSj8pZWD4HS3LPfEUMMBK0GeYqfIwMXHi8q2KioN8jICX6z74OSnZ559RN/gM8SXs AOlYiNIRKdeenlODBt2QyoNCXMdon0DPzNzOSogl4JOnnuRPazXUM/WPw4iV4o6+7l35 cVirGxJnty01pYng5qsAlceWMBEpppfnrnsAzy3huh9sc/Z+vxCktCy7UToxvk0ghRK+ y8Pd4tYSJn5k3DhiwCQw3ZuizTeBkTOGH5F0BFesquuJ3PVblxW0+TPhGNoBwl4So71t 7V9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=k+U6VIHmZ/fZHykv9hSZy3hTFPe14uQwWZPNGVQf9Wg=; b=a96zW6Pox9g+KTelq6vZSawmgMBGFBlPyoKFR8HQGmP/CLFD2iR07dUc/T2UBN/OuT M/6t0AYMuZydk4WZiaOBd70Ka+ajryHy1T1BIfm8bRIwm1PhoAUFIDVfITV2XzAeXWNK SEc+9wCSnqgRArmvQI2BQfKD1sMAINGbMjrmIbHo3It0lOlObwjArCNAt0gC0SUcCxGc iEPPueA+uLimQFSqcxS4HHEr8ooJn2VDbLxGiCl+qJjSYwNQqeh3rktBjwduo9610AlJ IdWofr3awVL/aQQT93gdeqze46USvQvklXtsKtAkTf8tfQaOyuEpIu28aaV2XBQKMTkF bhsA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bRpitEYF; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id h14sor52307231ede.5.2019.07.31.08.13.58 for (Google Transport Security); Wed, 31 Jul 2019 08:13:58 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bRpitEYF; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=k+U6VIHmZ/fZHykv9hSZy3hTFPe14uQwWZPNGVQf9Wg=; b=bRpitEYFAw0iw9F4lWLWOaj8uAivovFwyv4AWNZf1NY1sGLxSiCLjNDzw6evzISUMa GHJXwwWF7WOifVXGeInd0STe8yx3ZYQIBXHrbJkyF+Rm71XJH0Uqn7KhiVn6RKSVi/NH GnIdsyLQWF+U1/Hz7RYNsNvOWkWTR+mduMkRXQK/n0AYcfSL5nkUiUeRr88V6rdddNZa NnYZWfhk4GFsXaFANiQNQQqJaMiCdDw2sC/yGDEkK8d34cXt5u306IrMfDI46uU39c0H ulh3gI4vz6iIiS8U4HduYh7aIdHho4vvV2rbd58qJxpeTNRRIu4peFugSAhril4FyF28 DzHw== X-Google-Smtp-Source: APXvYqx+v4/Pbf2jShDF7c6rephC3qv4nn7vrbh6ErmrX7qhFi1sSZ2Ot8M2CUcvWdStTREYbHHJ+Q== X-Received: by 2002:a50:9468:: with SMTP id q37mr106511363eda.163.1564586038381; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id e43sm17445027ede.62.2019.07.31.08.13.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 41659104605; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 47/59] kvm, x86, mmu: setup MKTME keyID to spte for given PFN Date: Wed, 31 Jul 2019 18:08:01 +0300 Message-Id: <20190731150813.26289-48-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Kai Huang Setup keyID to SPTE, which will be eventually programmed to shadow MMU or EPT table, according to page's associated keyID, so that guest is able to use correct keyID to access guest memory. Note current shadow_me_mask doesn't suit MKTME's needs, since for MKTME there's no fixed memory encryption mask, but can vary from keyID 1 to maximum keyID, therefore shadow_me_mask remains 0 for MKTME. Signed-off-by: Kai Huang Signed-off-by: Kirill A. Shutemov --- arch/x86/kvm/mmu.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 8f72526e2f68..b8742e6219f6 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -2936,6 +2936,22 @@ static bool kvm_is_mmio_pfn(kvm_pfn_t pfn) #define SET_SPTE_WRITE_PROTECTED_PT BIT(0) #define SET_SPTE_NEED_REMOTE_TLB_FLUSH BIT(1) +static u64 get_phys_encryption_mask(kvm_pfn_t pfn) +{ +#ifdef CONFIG_X86_INTEL_MKTME + struct page *page; + + if (!pfn_valid(pfn)) + return 0; + + page = pfn_to_page(pfn); + + return ((u64)page_keyid(page)) << mktme_keyid_shift(); +#else + return shadow_me_mask; +#endif +} + static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep, unsigned pte_access, int level, gfn_t gfn, kvm_pfn_t pfn, bool speculative, @@ -2982,7 +2998,7 @@ static int set_spte(struct kvm_vcpu *vcpu, u64 *sptep, pte_access &= ~ACC_WRITE_MASK; if (!kvm_is_mmio_pfn(pfn)) - spte |= shadow_me_mask; + spte |= get_phys_encryption_mask(pfn); spte |= (u64)pfn << PAGE_SHIFT; From patchwork Wed Jul 31 15:08:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068205 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8BC48746 for ; Wed, 31 Jul 2019 15:14:50 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 774B7205AD for ; Wed, 31 Jul 2019 15:14:50 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6BB0B20881; Wed, 31 Jul 2019 15:14:50 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 46026205AD for ; Wed, 31 Jul 2019 15:14:49 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8513A8E0034; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 7D9D08E0030; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6CA668E0035; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 17F068E0030 for ; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id n3so42588186edr.8 for ; Wed, 31 Jul 2019 08:14:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=hC2uwgXxojO8zk/Rcrr6mceJUJW70ppjchwtq4ruRCg=; b=FYpAeKIWQCEMCndPv+YnKbgZYfNQW5hYKFn6+XQm/8knomxgw7XWCxeBsUbgzdDaYI fEyryF4XUY3xENtJSA5EN8s9AZsuUnwNzmeUpQ1lB3mNRUItmOroKltUEcieycnc+C6j EWNJMoJ3NCbQW9VYjuuTz0PKWrXnaK/9Su8Gna26v+RXLVdYlV3gQ3jkYyazmHIdzBMP nw9wQpZrHVhjKnhL2hhDzmu/mtOe2F6t8sRWZXCe2LUhcVHq9NMVnZC8ZsXCteNvVYK7 El+VI8L0djyxt0N+tGJmHH69ggvLvUKDN8GyesZO3Zr8z/u7I34EXay065Z0TlUPIpto gsgA== X-Gm-Message-State: APjAAAWt6S0r7/5t7PJ59v7Vrq4DEIDJM12w1I5Y8Ufelf4JVNS40Vqv w3FS0u5Moi+dRcmeQTv5ceVIlC9wHIGiIjA0Q9/L2zNRt2+5NSAptb1Rogzd63/pmV/ufV99UzH +lnknim5ERIqquxk0SJ0M/ESZ0J9WQUFxg1ICVVWxU5l0BX03O04n7dNh8XkPxHE= X-Received: by 2002:a17:906:3f87:: with SMTP id b7mr92885567ejj.164.1564586041626; Wed, 31 Jul 2019 08:14:01 -0700 (PDT) X-Received: by 2002:a17:906:3f87:: with SMTP id b7mr92885439ejj.164.1564586040181; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586040; cv=none; d=google.com; s=arc-20160816; b=cWvMm+TmCN93Sk8DLhp+lMS+GnE7VgR/1/QLBL8kMkYKEfxABRH4prYMc0WisTPFUP x3iUCx0zM5P8E1fCGSTtDQsDCTgtAYszle+IPrIPAZwAdHOAv5o4H6ExN2DFJxq+3MCS PENNzgRuV9luRmcncXoCGULZitPnTx/OIuJJPhQFJu/u9yCEoooVX2r9ZUiNnnTTTxfl qI40Ai+aHZXN6uz8hEaCkMFq52kzlTZkY5a503NPa1j4WlQGkVWQi4ADD0AFO44r1fOz HuL5j9NIT18HnaMwBQmrEsjHpySxCxd0swX26mfcCYrDAOtobwUdZFddIWBCix13IAsA sQiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=hC2uwgXxojO8zk/Rcrr6mceJUJW70ppjchwtq4ruRCg=; b=ssvlSR//Hze1lNw4QrLD+ptIUgmUbLPaeIbcTN3EvinNPn0XKYifI2FibyuxnRGtWa zoguVAbJ+UVMPbHgqOEzDMpYiExjPetC+jQWTduNVzlO5sszLSoC6yUUTcTR8nKE648P jmpt5cT8h6dxa2wvOGxmRTSqJW+JP7v7XAWZ7jAec8nDFimZFaMYq7SCC6DUku6riUvm 65e3s2Ps9xxh0cISDI32JL0BbIn7CgkPLx8JlkxAYqeWB2qTl97TSb+2s1PJ8Z958hon 8bK7eD3GsbX8hKneHkUIS9qb0XlUdmuwPFeEu5952fSCIgOgnXDk/ML11Lq8ToyO10bh 7gTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="0XV6P/gt"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id r6sor22075013ejr.30.2019.07.31.08.13.59 for (Google Transport Security); Wed, 31 Jul 2019 08:14:00 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="0XV6P/gt"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hC2uwgXxojO8zk/Rcrr6mceJUJW70ppjchwtq4ruRCg=; b=0XV6P/gt+Sg4f27WCDZfMiz3yUD8gmqmXbpUkqw2qeKte/64P4ld/yFj9TtHQsxMva Sbd6SFVGZn15wA2StFIL5OKo0viglmdPGCy3S9nsnoLjxmIaz4pZPHVNhzJMBFiEItzK GGFxIZHfCywnX+w1VFB8az1H4FFBZ0dEp86xAnm0F7Jfw3TX8bJ2UwJ4MOp6xtqistdS ci1LlbxLwNn2UPtS72pBvzNbUsUQSbVvUvjpSYYoWOORZ9uWxZOyAGcJabNrh3zrp7Ty xsBZdp44F7iwElj0Db5RusDWd82dGLl/6L2fkZUDkulyOvXwh+aBdW95+eM1LPwVFqZZ pCfQ== X-Google-Smtp-Source: APXvYqz5v5Tv2OUvZrbCEWIRRAB8vEgVkF30Jl6xeuTpZr0HJyo73/wTXum206aQYtxXoB+6KiDpDg== X-Received: by 2002:a17:906:9447:: with SMTP id z7mr29540487ejx.165.1564586039736; Wed, 31 Jul 2019 08:13:59 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id g11sm12443173ejm.86.2019.07.31.08.13.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 488B9104606; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 48/59] iommu/vt-d: Support MKTME in DMA remapping Date: Wed, 31 Jul 2019 18:08:02 +0300 Message-Id: <20190731150813.26289-49-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Jacob Pan When MKTME is enabled, keyid is stored in the high order bits of physical address. For DMA transactions targeting encrypted physical memory, keyid must be included in the IOVA to physical address translation. This patch appends page keyid when setting up the IOMMU PTEs. On the reverse direction, keyid bits are cleared in the physical address lookup. Mapping functions of both DMA ops and IOMMU ops are covered. Signed-off-by: Jacob Pan Signed-off-by: Kirill A. Shutemov --- drivers/iommu/intel-iommu.c | 29 +++++++++++++++++++++++++++-- include/linux/intel-iommu.h | 9 ++++++++- 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c index ac4172c02244..32d22872656b 100644 --- a/drivers/iommu/intel-iommu.c +++ b/drivers/iommu/intel-iommu.c @@ -867,6 +867,28 @@ static void free_context_table(struct intel_iommu *iommu) spin_unlock_irqrestore(&iommu->lock, flags); } +static inline void set_pte_mktme_keyid(unsigned long phys_pfn, + phys_addr_t *pteval) +{ + unsigned long keyid; + + if (!pfn_valid(phys_pfn)) + return; + + keyid = page_keyid(pfn_to_page(phys_pfn)); + +#ifdef CONFIG_X86_INTEL_MKTME + /* + * When MKTME is enabled, set keyid in PTE such that DMA + * remapping will include keyid in the translation from IOVA + * to physical address. This applies to both user and kernel + * allocated DMA memory. + */ + *pteval &= ~mktme_keyid_mask(); + *pteval |= keyid << mktme_keyid_shift(); +#endif +} + static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain, unsigned long pfn, int *target_level) { @@ -893,7 +915,7 @@ static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain, break; if (!dma_pte_present(pte)) { - uint64_t pteval; + phys_addr_t pteval; tmp_page = alloc_pgtable_page(domain->nid); @@ -901,7 +923,8 @@ static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain, return NULL; domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE); - pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE; + pteval = (virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE; + set_pte_mktme_keyid(virt_to_dma_pfn(tmp_page), &pteval); if (cmpxchg64(&pte->val, 0ULL, pteval)) /* Someone else set it while we were thinking; use theirs. */ free_pgtable_page(tmp_page); @@ -2214,6 +2237,8 @@ static int __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn, } } + set_pte_mktme_keyid(phys_pfn, &pteval); + /* We don't need lock here, nobody else * touches the iova range */ diff --git a/include/linux/intel-iommu.h b/include/linux/intel-iommu.h index f2ae8a006ff8..8fbb9353d5a6 100644 --- a/include/linux/intel-iommu.h +++ b/include/linux/intel-iommu.h @@ -22,6 +22,8 @@ #include #include +#include + /* * VT-d hardware uses 4KiB page size regardless of host page size. @@ -608,7 +610,12 @@ static inline void dma_clear_pte(struct dma_pte *pte) static inline u64 dma_pte_addr(struct dma_pte *pte) { #ifdef CONFIG_64BIT - return pte->val & VTD_PAGE_MASK; + u64 addr = pte->val; + addr &= VTD_PAGE_MASK; +#ifdef CONFIG_X86_INTEL_MKTME + addr &= ~mktme_keyid_mask(); +#endif + return addr; #else /* Must have a full atomic 64-bit read */ return __cmpxchg64(&pte->val, 0ULL, 0ULL) & VTD_PAGE_MASK; From patchwork Wed Jul 31 15:08:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068209 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 98C8613A4 for ; Wed, 31 Jul 2019 15:14:54 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 84DFA203B9 for ; Wed, 31 Jul 2019 15:14:54 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 82DF120602; Wed, 31 Jul 2019 15:14:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D7CC6203B9 for ; Wed, 31 Jul 2019 15:14:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 482BE8E0036; Wed, 31 Jul 2019 11:14:03 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 3BD388E0035; Wed, 31 Jul 2019 11:14:03 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D3988E0036; Wed, 31 Jul 2019 11:14:03 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id D2AB48E0035 for ; Wed, 31 Jul 2019 11:14:02 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id b12so42556981ede.23 for ; Wed, 31 Jul 2019 08:14:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=xZCrLs3XD8OGAT3ycWjyC35TQ10BuGZLp4dKCEJJsRg=; b=biYdG+ioRHWysnMecnRvlACirQP/ziwcljMru71kVQjerakhnA4tnfFMopKJk6Utih g8OiDnYBnsXH9FxHOpgpFH02v2PbKTQLqyX5wbxcegBhQsMxM2PP6EevncXCSZzMuDkH /+ls6V55O+xrtx90FNwzLrhJjUXfLtGpus7Tg+nJjazU6TGcB1Z1riZ4JDd6KXilzJyh gvPkiSMPcojMkCelyxUCrNFPg+nwhakVt4pbstns78ApYpmA/NgbfXowaiXAMrWQn3iL TCdjb/qHYaizBtH2fqBqKoRlRoEThLK32CR5nAI+Q5qixZXrY6dRnGILBznDKf9EZnsm HxbA== X-Gm-Message-State: APjAAAUsCVXMVqK1kNNMpX8uC8KJgs22lGp6/mkW/9raAvuK2IXU6g1H xYK6KWnJCsI7X0tfZJ4TSDWH+zU4EsBeAvsgMB5kE2vRpeDs30dXGz5BMmP9nckRsJcPDe16zUF /fT3XvLL8LA86OEBY+nh0ymxJjz0HNj8anhz0eIaCeYw4eVwRAqt2n3B98JbGvZs= X-Received: by 2002:a50:9263:: with SMTP id j32mr106969636eda.121.1564586042414; Wed, 31 Jul 2019 08:14:02 -0700 (PDT) X-Received: by 2002:a50:9263:: with SMTP id j32mr106969505eda.121.1564586041083; Wed, 31 Jul 2019 08:14:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586041; cv=none; d=google.com; s=arc-20160816; b=IEH7b6zpm/VzHgWsf4XVcmUiJ6+cfFj2UYM1KsJsCe/RzIe0+8MuMeE0iV6sVCA48W WlzOfnFb6uF9EOZAX1z7WKu7/ARJOY3Env0NFwAqtYIY+AOnUMHax+l65uk3eTO+TmEQ KKhFSF+J+qN+r0JO+Q4MHev5wRmwEnl1IF6ZSJfipHnviF/JGGW7fBB8ZeX1ZJIjczwz KllixwWNV0Y0eRbM5ayaEV0NYkVyEHaMfvPIUfO3Sgow38S1hxuBo9stoiTR80h+4Ity iXSrhfwrtLDe0gcC4nHondQ8Jh/WnIPsek55OilzankVU6WLPuhHnrJNm3sM2lYGkkQJ +YJg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=xZCrLs3XD8OGAT3ycWjyC35TQ10BuGZLp4dKCEJJsRg=; b=w8TSQhoPkRPC9xpAZvwx+bMH1UlpQAyMw1Jmi70Y5kb16PKD1gYMDkdQ632ppPWczn PKcBOitp2P56XeIXzATWSGlmnB582vOMn40GUQhm9lpRPElQFxiJp46a2wL351izlV5a edmLK6RcQbP/+YBWmOqJhUMjFdMPToU1xn/GsfTTwnZbl/rSZHPhoWic/S0H2xiWSuOx Jq6siC8Z0nQpyxqkQvWyhT7EjgGunP/uBi3o57mWhRxn2aJ6lxP1PzVQAItilXx3S14f dejsgWlqvmtpAFF8fzb6vc+3zZSq38EsG2oauOYcZgIZM66/huO5HgBcqJDJ8ZtPj+JK b7tg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=ZzxPi2vB; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id no5sor18524964ejb.51.2019.07.31.08.14.00 for (Google Transport Security); Wed, 31 Jul 2019 08:14:01 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=ZzxPi2vB; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xZCrLs3XD8OGAT3ycWjyC35TQ10BuGZLp4dKCEJJsRg=; b=ZzxPi2vB6H9up8THEqzUbCNwa2E1YZmLUp1GoionKsfBr1KQUEhgprj6heyI63fXrw H+vh1QV4vFyU7pFE4ViKBgvENglga5fVeNfWMRPCrZCi98qsi+r5zk6N62pl/svz4DjD WnRM8TC+Pj61sbunfqi5fGW98WW6DAYki4QW6kO4N7z8wCx7WTMte/S7jP4fuei7n7eq Hftvw0iaa2a1kXT25K4D3+dXvLj2vwBC0o2P1NCeJjiYQsXP0Nqqds5A7BCA5ZOq7vv9 366A7NPLtjGoulNRAC6+0JGz6sJc40LnEY1OPEQYpV1Yi42ZVQe4Pz+slBHXGt07SvXV N3yg== X-Google-Smtp-Source: APXvYqzi+h2CEkJox27TxBwILuSunR6853S6mGlis2VdUPScZU2xczXssICyuyck991q2MnJokM4kQ== X-Received: by 2002:a17:906:1dd5:: with SMTP id v21mr65219317ejh.112.1564586040695; Wed, 31 Jul 2019 08:14:00 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id h10sm16374181edn.86.2019.07.31.08.13.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 4FE39104831; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 49/59] x86/mm: introduce common code for mem encryption Date: Wed, 31 Jul 2019 18:08:03 +0300 Message-Id: <20190731150813.26289-50-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Jacob Pan Both Intel MKTME and AMD SME have needs to support DMA address translation with encryption related bits. Common functions are introduced in this patch to keep DMA generic code abstracted. Signed-off-by: Jacob Pan Signed-off-by: Kirill A. Shutemov --- arch/x86/Kconfig | 8 +++-- arch/x86/mm/Makefile | 1 + arch/x86/mm/mem_encrypt.c | 30 ------------------ arch/x86/mm/mem_encrypt_common.c | 52 ++++++++++++++++++++++++++++++++ 4 files changed, 59 insertions(+), 32 deletions(-) create mode 100644 arch/x86/mm/mem_encrypt_common.c diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2eb2867db5fa..f2cc88fe8ada 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1521,12 +1521,16 @@ config X86_CPA_STATISTICS config ARCH_HAS_MEM_ENCRYPT def_bool y +config X86_MEM_ENCRYPT_COMMON + select ARCH_HAS_FORCE_DMA_UNENCRYPTED + select DYNAMIC_PHYSICAL_MASK + def_bool n + config AMD_MEM_ENCRYPT bool "AMD Secure Memory Encryption (SME) support" depends on X86_64 && CPU_SUP_AMD - select DYNAMIC_PHYSICAL_MASK select ARCH_USE_MEMREMAP_PROT - select ARCH_HAS_FORCE_DMA_UNENCRYPTED + select X86_MEM_ENCRYPT_COMMON ---help--- Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index 600d18691876..608e57cda784 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -55,3 +55,4 @@ obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_identity.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_boot.o obj-$(CONFIG_X86_INTEL_MKTME) += mktme.o +obj-$(CONFIG_X86_MEM_ENCRYPT_COMMON) += mem_encrypt_common.o diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index fece30ca8b0c..e94e0a62ba92 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -15,10 +15,6 @@ #include #include #include -#include -#include -#include -#include #include #include @@ -352,32 +348,6 @@ bool sev_active(void) } EXPORT_SYMBOL(sev_active); -/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ -bool force_dma_unencrypted(struct device *dev) -{ - /* - * For SEV, all DMA must be to unencrypted addresses. - */ - if (sev_active()) - return true; - - /* - * For SME, all DMA must be to unencrypted addresses if the - * device does not support DMA to addresses that include the - * encryption mask. - */ - if (sme_active()) { - u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask)); - u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask, - dev->bus_dma_mask); - - if (dma_dev_mask <= dma_enc_mask) - return true; - } - - return false; -} - /* Architecture __weak replacement functions */ void __init mem_encrypt_free_decrypted_mem(void) { diff --git a/arch/x86/mm/mem_encrypt_common.c b/arch/x86/mm/mem_encrypt_common.c new file mode 100644 index 000000000000..c11d70151735 --- /dev/null +++ b/arch/x86/mm/mem_encrypt_common.c @@ -0,0 +1,52 @@ +#include +#include +#include +#include + +/* + * Encryption bits need to be set and cleared for both Intel MKTME and + * AMD SME when converting between DMA address and physical address. + */ +dma_addr_t __mem_encrypt_dma_set(dma_addr_t daddr, phys_addr_t paddr) +{ + unsigned long keyid; + + if (sme_active()) + return __sme_set(daddr); + keyid = page_keyid(pfn_to_page(__phys_to_pfn(paddr))); + + return (daddr & ~mktme_keyid_mask()) | (keyid << mktme_keyid_shift()); +} + +phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) +{ + if (sme_active()) + return __sme_clr(paddr); + + return paddr & ~mktme_keyid_mask(); +} + +/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ +bool force_dma_unencrypted(struct device *dev) +{ + u64 dma_enc_mask, dma_dev_mask; + + /* + * For SEV, all DMA must be to unencrypted addresses. + */ + if (sev_active()) + return true; + + /* + * For SME and MKTME, all DMA must be to unencrypted addresses if the + * device does not support DMA to addresses that include the encryption + * mask. + */ + if (!sme_active() && !mktme_enabled()) + return false; + + dma_enc_mask = sme_me_mask | mktme_keyid_mask(); + dma_dev_mask = min_not_zero(dev->coherent_dma_mask, dev->bus_dma_mask); + + return (dma_dev_mask & dma_enc_mask) != dma_enc_mask; +} From patchwork Wed Jul 31 15:08:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068117 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 844A8746 for ; Wed, 31 Jul 2019 15:09:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 701A71FFD8 for ; Wed, 31 Jul 2019 15:09:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 636AD201BD; Wed, 31 Jul 2019 15:09:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D984D1FFD8 for ; Wed, 31 Jul 2019 15:09:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id F370E8E001F; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id DFA9D8E001C; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C4A4B8E001E; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 6D9FA8E001A for ; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id f3so42564701edx.10 for ; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=bKIWoBO1Ox9foRE7zQy0IoCXQXSDJQsZ/wpbYRrt7O8=; b=uEpxxcVcOpZvyhibNVTZComQkiv1jVYpBfA+qO93i6wfOZypr4nEcZDVpHHXTnYADg t42WDnH3jjShx92xp67zAMMIt3y0wolXhM9TLiRuiKu9zZJj8lkx8pcX64txFtiFPDTs L3TjkarPtHLzwdHUe+vBhXSkSqhwSCSiplGI4b/1oF/bFPIJr+Q4yrOhl3uKnUY8/F7+ 5YHHgnw5G4DblxvAlOsuTJwKxg2gTrgNObje5bXT4ndGdfKGeJoxcZ6Yt++WqEIhEdce NQVqcmF3B0tbwd83JrDlMBy5+Zwb8hFiBEsOE+D0jxDtcifeU6zlF7T0zkAyWt9exorv NTLw== X-Gm-Message-State: APjAAAUxkEbRywCj5lF413BCyBoTn6yeIjg3m6titDUDY9sggYde5XjV pp8N66jhRCJQnhogIzeVSrw3dmFNnbptxj3l+o5VE1Keh9gWfFv9b1XdGYbF8nDtDIoGTfVuQ/8 DbgtYw2bJ1feMXwgdR69gnXchCgyGrm6jExQn+jetBdPdxFPSTgTkMiEidHGE0Jg= X-Received: by 2002:a50:91ae:: with SMTP id g43mr107863226eda.279.1564585714030; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Received: by 2002:a50:91ae:: with SMTP id g43mr107863082eda.279.1564585712715; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585712; cv=none; d=google.com; s=arc-20160816; b=SJJiCiYxfS7zlNhYenDFgq7+o6IZeE9J9eXjjFPjlVjQREERpuHQP/DLt3zpmiqiUg di02j8ZJ8uTEwTEaQOYTZvZOjfz920n7g+RsD2SGQuYU4p2wVr/51KzJO8yK9L81Qqvb 1cPW3vmpnjbn/RtntOe6WqfOvIWT0Yu3bGXimYZCMtos6ZoCa1p30WFnzLuC1VC7RiGX fKSrZ27Sacb4GD6/Cj1aoo58NYej0Xopu+og/Vd7YYazMMFtw5aBgYomYyJ6vlw0uID3 Bs4hR78+UgYoxKmw7UC4+QrProwTyFAm7oiddqfoGihrZib1uB4P//xqoIVhXHmJOghe 7sOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=bKIWoBO1Ox9foRE7zQy0IoCXQXSDJQsZ/wpbYRrt7O8=; b=pvvCAr4L5j807dDEBpu9k0T2oP5V9Yv6ENCFA6TydO5CP3cbltWzzAAtr3DBRTUwdN SRMCNNe4mDYQo321pB0ObZxFGnpd+UMdi0gbG7thtd9c+bUBa8Zsnh05H9WDlLmZFZft kxOJiPs2sycxU1i9bdDVbLzoZG/iqFuBiqh+dJPCmSmtU83w8tSiSCSXZkbpVaEn/fAU PGRWKdSqrhf/rWB6dFiCfLBjMNxuluUW3IlPSpqjVJSZd1Ei78dfZdl6Qk5XXjA/TuMB GlG+ja6ZZaArEhRe2YLGwS0BYEawaE5CQJ35d21oPMeIhl7/KLiMX7nDvgmbNtzk++Wq mpNQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="PbSjR/3Y"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id f25sor52155385eda.21.2019.07.31.08.08.32 for (Google Transport Security); Wed, 31 Jul 2019 08:08:32 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="PbSjR/3Y"; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bKIWoBO1Ox9foRE7zQy0IoCXQXSDJQsZ/wpbYRrt7O8=; b=PbSjR/3YSpT3z0VTol0zIBTaptMjGhUYM3HUndjM3neCQkCTkww5qEep158FrhMPDB lOja6cV3oSHoyK5HuysL26jeiqkfqfvW5YCcm+LVastLopDh0evznn9Jq/ft27Nk0yls rnC1AKEeGTuwcFgRdFljMrIygrLWBDFyhvLXjbwshxlOfCLSeM8F5NTRRHEv0Ie5JSY0 b1aiesbbVNHw4aazLYgwIMzT8ab5pWkVI/0jSeHw4sNpg9XZaJV+IqQWo3AWpb2CYE/1 0iRZiF3T3Y4zZUpFAx0MzBe/Qihdixe290PHhrcx6T5Kzu6+jBCiV+w7prbZ/t0zig7E KLeA== X-Google-Smtp-Source: APXvYqxPGPCNvE23xibIXe+57N4H71XsaK3wWKF6xCUN274arFhtKnpkEJtXRg5udE0RuJ4iEKcGYA== X-Received: by 2002:a05:6402:145a:: with SMTP id d26mr107237799edx.10.1564585712394; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id g7sm16942446eda.52.2019.07.31.08.08.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 57277104836; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 50/59] x86/mm: Use common code for DMA memory encryption Date: Wed, 31 Jul 2019 18:08:04 +0300 Message-Id: <20190731150813.26289-51-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Jacob Pan Replace sme_ code with x86 memory encryption common code such that Intel MKTME can be supported underneath generic DMA code. dma_to_phys() & phys_to_dma() results will be runtime modified by memory encryption code. Signed-off-by: Jacob Pan Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/mem_encrypt.h | 29 +++++++++++++++++++++++++++++ arch/x86/mm/mem_encrypt_common.c | 2 +- include/linux/dma-direct.h | 4 ++-- include/linux/mem_encrypt.h | 23 ++++++++++------------- 4 files changed, 42 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 0c196c47d621..62a1493f389c 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -52,8 +52,19 @@ bool sev_active(void); #define __bss_decrypted __attribute__((__section__(".bss..decrypted"))) +/* + * The __sme_set() and __sme_clr() macros are useful for adding or removing + * the encryption mask from a value (e.g. when dealing with pagetable + * entries). + */ +#define __sme_set(x) ((x) | sme_me_mask) +#define __sme_clr(x) ((x) & ~sme_me_mask) + #else /* !CONFIG_AMD_MEM_ENCRYPT */ +#define __sme_set(x) (x) +#define __sme_clr(x) (x) + #define sme_me_mask 0ULL static inline void __init sme_early_encrypt(resource_size_t paddr, @@ -94,4 +105,22 @@ extern char __start_bss_decrypted[], __end_bss_decrypted[], __start_bss_decrypte #endif /* __ASSEMBLY__ */ +#ifdef CONFIG_X86_MEM_ENCRYPT_COMMON + +extern dma_addr_t __mem_encrypt_dma_set(dma_addr_t daddr, phys_addr_t paddr); +extern phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr); + +#else +static inline dma_addr_t __mem_encrypt_dma_set(dma_addr_t daddr, phys_addr_t paddr) +{ + return daddr; +} + +static inline phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) +{ + return paddr; +} +#endif /* CONFIG_X86_MEM_ENCRYPT_COMMON */ + + #endif /* __X86_MEM_ENCRYPT_H__ */ diff --git a/arch/x86/mm/mem_encrypt_common.c b/arch/x86/mm/mem_encrypt_common.c index c11d70151735..588d6ea45624 100644 --- a/arch/x86/mm/mem_encrypt_common.c +++ b/arch/x86/mm/mem_encrypt_common.c @@ -1,6 +1,6 @@ #include -#include #include +#include #include /* diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h index adf993a3bd58..6ce96b06c440 100644 --- a/include/linux/dma-direct.h +++ b/include/linux/dma-direct.h @@ -49,12 +49,12 @@ static inline bool force_dma_unencrypted(struct device *dev) */ static inline dma_addr_t phys_to_dma(struct device *dev, phys_addr_t paddr) { - return __sme_set(__phys_to_dma(dev, paddr)); + return __mem_encrypt_dma_set(__phys_to_dma(dev, paddr), paddr); } static inline phys_addr_t dma_to_phys(struct device *dev, dma_addr_t daddr) { - return __sme_clr(__dma_to_phys(dev, daddr)); + return __mem_encrypt_dma_clear(__dma_to_phys(dev, daddr)); } u64 dma_direct_get_required_mask(struct device *dev); diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h index 470bd53a89df..88724aa7c065 100644 --- a/include/linux/mem_encrypt.h +++ b/include/linux/mem_encrypt.h @@ -23,6 +23,16 @@ static inline bool sme_active(void) { return false; } static inline bool sev_active(void) { return false; } +static inline dma_addr_t __mem_encrypt_dma_set(dma_addr_t daddr, phys_addr_t paddr) +{ + return daddr; +} + +static inline phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) +{ + return paddr; +} + #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ static inline bool mem_encrypt_active(void) @@ -35,19 +45,6 @@ static inline u64 sme_get_me_mask(void) return sme_me_mask; } -#ifdef CONFIG_AMD_MEM_ENCRYPT -/* - * The __sme_set() and __sme_clr() macros are useful for adding or removing - * the encryption mask from a value (e.g. when dealing with pagetable - * entries). - */ -#define __sme_set(x) ((x) | sme_me_mask) -#define __sme_clr(x) ((x) & ~sme_me_mask) -#else -#define __sme_set(x) (x) -#define __sme_clr(x) (x) -#endif - #endif /* __ASSEMBLY__ */ #endif /* __MEM_ENCRYPT_H__ */ From patchwork Wed Jul 31 15:08:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068127 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D37A513A4 for ; Wed, 31 Jul 2019 15:09:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BF2EA201B0 for ; Wed, 31 Jul 2019 15:09:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B1AFB201F5; Wed, 31 Jul 2019 15:09:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 44806201BC for ; Wed, 31 Jul 2019 15:09:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 659958E001C; Wed, 31 Jul 2019 11:08:35 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 5E1EE8E001D; Wed, 31 Jul 2019 11:08:35 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3C2A58E001C; Wed, 31 Jul 2019 11:08:35 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id B4A888E001D for ; Wed, 31 Jul 2019 11:08:34 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id n3so42578295edr.8 for ; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=AKmba4vf/ZPJ1ANSLVq0BszaZ5EHEw0+rluolW4cNw8=; b=sOzDydW1ORpSRRSrwnhzmr30IbxkCNloiBGUd6QW1o2YwIEJzFmk22919jb7kF1XuD RrPq0MbxHOjgLKJ1OKdx3RVwFiFCE0YESskhXaBPCMYYFZbpc9m988qXxUBs1N0o9D5e FLaOWALDsDU0wLEzDE/K9gkb4RJ7ohTnGUQFiH+dZIjJZx3Qq6rp6JBZqluri/07o4eF B70q9NE8K1GRCL++1Twb1vsIdZwQe07Ony0iA46Ez/xvWk5A64vCqcNN8eZhIYTZl61R xlkPubvJxnI2bYGdgvGQSP66VpRmazQ0gT+yq6WT4mL21OzxStfd1z/8ZHMXLFTwnY7t CFoA== X-Gm-Message-State: APjAAAWL9hePXL3Hj181EznK7stLmUYGDN95PoeI6RwDTCgdpqPHPHsm vjxkVs+RRYM4oM33WwNUgBrIv74LOBN1kSNzS7qBP36R95h5Qi+x9t40TPFznzSSORSuaDJUuyy lgUsUqGA6pDNCAq4O9dtCY9xmhN+g82qUx3XQUwOsJsQYez6Kp2GICgAP+GETRsU= X-Received: by 2002:aa7:da03:: with SMTP id r3mr106995590eds.130.1564585714297; Wed, 31 Jul 2019 08:08:34 -0700 (PDT) X-Received: by 2002:aa7:da03:: with SMTP id r3mr106995419eds.130.1564585712875; Wed, 31 Jul 2019 08:08:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564585712; cv=none; d=google.com; s=arc-20160816; b=kFbcTbVPy70Trs4fHJyO741om45CUXRtjuh7NIqW6WfuYWjCrxc598jgVY0E+4w9wH Jq/VCyA/aZng9r1cRX5Mt8l9RIS/wMSOV5sFCQ8SjAmggtfeFZJK0NlHxfbrf4LJBzvR hkBQpQY1739VMalv89iekMRuAfVyer3rwYs+fr8HoI1FgiOsrVld52jHkPzwjn4oV9Q+ NUfn1cihKCjfPSGgNuw49fMAwTe/sGx0+OluYMTd7PbaQJ0Qv03Zd5Eb70FEFVpq6/rb FGlh2PHBrtauEG+8AD3mFsdmK80JHUG84npAcee46AnyXljwJGc6ArwC/pUXGMhoZZzO 4LgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=AKmba4vf/ZPJ1ANSLVq0BszaZ5EHEw0+rluolW4cNw8=; b=0A4Cq6hV4RABubi2EyTEZT+AHBUyjKPAzTLgbVUfpFIJIC6Zeto86dBJfujriI1nrd TKNjnatAqPdLepzMWg9KGgwcthQ22oAfsftgVbJcGK8IvTAZguEteh+HYMwXxkXI5KCH 8EARaYkksRUsaQEI1+DsUnPQlg2ASVC7Yb3Mp1p95C3UvT7f9y1V9mH628xdM/2x118H 4ubBJrZqNR4194qv8exXmZq/9VhAqN2q7Bm7SRYuH5MBHgVoUtsYNzJY0OCV7Tkj9btb 7TponzpuZupi8nA4OyO4UBZCsB3XTVRaZIQUx9SSodIjInHO1gLQ4CT5ahIQ+J3NgehO x6/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bo4uajak; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id x8sor22150291eju.28.2019.07.31.08.08.32 for (Google Transport Security); Wed, 31 Jul 2019 08:08:32 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=bo4uajak; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=AKmba4vf/ZPJ1ANSLVq0BszaZ5EHEw0+rluolW4cNw8=; b=bo4uajak/nrY2caCviEQ5+13QOOruKSVot/3mpFhnPUptXe8wQiI2pcggx1UFzkc+6 p2enaIZE1WQ0nur+4ojLwMmfA3mnX2TiIzq/vOH4fPX7tFzT7bwdjkaqQeNcebCtaRK2 YncpJbM19Mg+hJ0PgQoeGEunjUw6+YNXDPaFZKrtGi1suwJGSQ25iciPmh/QlVLzh68/ dFKIA5VbuTbQiB1EFWVSIRHLZOqQe4aOiF5cdzltkeIKMO93kV8/XGQs8282Dvs4jNAK r4taKwQzR2Fb1WQzuTvnWB10NdFL0EW3LOi1Sx3I7icX3Xv1+3uBneHoWO18TZnuPiw4 Xl9Q== X-Google-Smtp-Source: APXvYqwScU6xXfOXVBF3/9vB3jUnf5274LJ9+ShKG2lqwNOlRRUFmLwjUMddJUmbcRJe29HUOaEEYg== X-Received: by 2002:a17:906:b6c6:: with SMTP id ec6mr96502459ejb.183.1564585711755; Wed, 31 Jul 2019 08:08:31 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id w24sm17512065edb.90.2019.07.31.08.08.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:08:30 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 5E4AA1048A3; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 51/59] x86/mm: Disable MKTME on incompatible platform configurations Date: Wed, 31 Jul 2019 18:08:05 +0300 Message-Id: <20190731150813.26289-52-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Icelake Server requires additional check to make sure that MKTME usage is safe on Linux. Kernel needs a way to access encrypted memory. There can be different approaches to this: create a temporary mapping to access the page (using kmap() interface), modify kernel's direct mapping on allocation of encrypted page. In order to minimize runtime overhead, the Linux MKTME implementation uses multiple direct mappings, one per-KeyID. Kernel uses the direct mapping that is relevant for the page at the moment. Icelake Server in some configurations doesn't allow a page to be mapped with multiple KeyIDs at the same time. Even if only one of KeyIDs is actively used. It conflicts with the Linux MKTME implementation. OS can check if it's safe to map the same with multiple KeyIDs by examining bit 8 of MSR 0x6F. If the bit is set we cannot safely use MKTME on Linux. The user can disable the Directory Mode in BIOS setup to get the platform into Linux-compatible mode. Signed-off-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/intel.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 9852580340b9..3583bea0a5b9 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -19,6 +19,7 @@ #include #include #include +#include #ifdef CONFIG_X86_64 #include @@ -560,6 +561,16 @@ static void detect_vmx_virtcap(struct cpuinfo_x86 *c) #define TME_ACTIVATE_CRYPTO_KNOWN_ALGS TME_ACTIVATE_CRYPTO_AES_XTS_128 +#define MSR_ICX_MKTME_STATUS 0x6F +#define MKTME_ALIASES_FORBIDDEN(x) (x & BIT(8)) + +/* Need to check MSR_ICX_MKTME_STATUS for these CPUs */ +static const struct x86_cpu_id mktme_status_msr_ids[] = { + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ICELAKE_X }, + { X86_VENDOR_INTEL, 6, INTEL_FAM6_ICELAKE_XEON_D }, + {} +}; + /* Values for mktme_status (SW only construct) */ #define MKTME_ENABLED 0 #define MKTME_DISABLED 1 @@ -593,6 +604,17 @@ static void detect_tme(struct cpuinfo_x86 *c) return; } + /* Icelake Server quirk: do not enable MKTME if aliases are forbidden */ + if (x86_match_cpu(mktme_status_msr_ids)) { + u64 status; + rdmsrl(MSR_ICX_MKTME_STATUS, status); + + if (MKTME_ALIASES_FORBIDDEN(status)) { + pr_err_once("x86/tme: Directory Mode is enabled in BIOS\n"); + mktme_status = MKTME_DISABLED; + } + } + if (mktme_status != MKTME_UNINITIALIZED) goto detect_keyid_bits; From patchwork Wed Jul 31 15:08:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068323 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A72B91399 for ; Wed, 31 Jul 2019 15:23:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 93E72209CE for ; Wed, 31 Jul 2019 15:23:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 87E43200E7; Wed, 31 Jul 2019 15:23:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0702F209CE for ; Wed, 31 Jul 2019 15:23:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 317CC8E003A; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 2A1718E003C; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0A7EE8E003A; Wed, 31 Jul 2019 11:23:51 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id A38CA8E003B for ; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id f3so42592537edx.10 for ; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=UJ4hP1jpsdk64Bv8Sf387CJe/yf6g4uoo14C+HjaYmc=; b=gOwieCgGd9x+ZHQwaJfj+XiMfXNkBSxx6jqLXGy1uygu8I+wKe2sX/DHdv5Dnqw1fU CyNLBiQVEUGjiBe+dzk+eoiZjAueZxI0g1oUNB9Y1MID3bIxSOCPVTYL0S0qvrgCD8V1 Rp1NyHaST7HS1TfvSJfJlDih7tnN7pFvJHrdCP4sAOakjznMjjfVRRj8lVbBiYiewKZ4 kYDZwJ64jgSkTTL0UIhvP2+1EK454U9LtJGMLwqk/GO+uUsOFBhiuxJ/W+vQJW2gson+ mbSLVMBznZbmgAysRkk19L4E0M0VEc6IKBcdUBCy4PGHHGlQNACkF4RVYyGlfzhIQ0ee xALw== X-Gm-Message-State: APjAAAUA03U1sxQck3JbHSQC9lpXBzPYAqs1UhotVpVoDUYhj34vJbya iO2AdJJoqO7ue2jeEGlbsBFICUNVbBqmEtao24fFpnUHiCYvy0tOlYwkbUroUTyTSXKidliyVc/ ZEndhlW12V57fCjD7IAWsGduE3nBjR8OYY9U2VPmT22a0CZeKa9VSJdjeLLfmhXA= X-Received: by 2002:a17:906:a39a:: with SMTP id k26mr46335202ejz.82.1564586630179; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) X-Received: by 2002:a17:906:a39a:: with SMTP id k26mr46335105ejz.82.1564586628824; Wed, 31 Jul 2019 08:23:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586628; cv=none; d=google.com; s=arc-20160816; b=Q1GT9JGrcKMftk3efa41rbNhjUq4HAOe4g3tvS4QjnNcUblqX7ZE18jI52ua3bmIlf zPuvyxElvgBafKULc+BiVY1oej3gLFfoz1Y9XgWgcy18Kb1j35kJaLkQrSp0MnjdwOx6 3LbnBZG7nwDcuoGzEpbcC1TAPjLp/4o06C5Shiwt0VBY7LcexYm8qXKpV7o+rQPGXq/F jGvk79uScZ7eiWC7QSFX6Dxs5DATq/MucolvxhcStuygWIZjKeeiyqPUCU8Zm3w5s06b rf2IsL+53d6/VtrkgX11Z9XM5DaC3ZZQ6kCgEr9zOmp2ZxRtUXQO7GPE+HVn/dqVgu4/ VF5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=UJ4hP1jpsdk64Bv8Sf387CJe/yf6g4uoo14C+HjaYmc=; b=oU/PUK+BRjgrF9NWAPZ8nA+3dM9FTG1Rf/YnHHMFU45/MU7OYj8sW2V+6nLTl8ex7P 5xYUIg2Y0HH7ryCBTE2FAo895aqkW2PhKBHkLWjDHLf+e1V7sfa/ulOZIAFtQcwjvDmP Kjo0z/KsltyaVVogwk9oDcjx1YhvAUvtCVwWv0i+d3NQu8aTO5MTyOF6MdvEEC/qAsao I0a1OGvrYzuu9xeO8Z30F4bhugAZAvbtf0uXe1T9PE2QgmfUxtlJnA6+tlhZVo4vcXaS VWJssWO8FxbO2UsV9jOHZqs3b3t5ZIuKLGbOPIbOipSmBb07gegsJNKwgXaEO2OuB0xI QBEA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=1WGj7wJ1; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id x7sor52303209edx.26.2019.07.31.08.23.48 for (Google Transport Security); Wed, 31 Jul 2019 08:23:48 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=1WGj7wJ1; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=UJ4hP1jpsdk64Bv8Sf387CJe/yf6g4uoo14C+HjaYmc=; b=1WGj7wJ1Xlp3fgcH7vRPMztYr6U5tkfbscC1DOrRMnOQVJ19MV2EFmQ3dnX/uhMZZn +9L8x0NHV+iAuJ5WNvg45vfgpudSqJX8d/cH7WzdQ31ED8yVQqTnWs55ok0ywoT/cwgf LRqfk29P9c2a6t2n4GX6Zecm1hTDG8T8yRuJTxwS4MxO8xCaa30nlcP9NO9vMwzhD2/o jqb8W3AN4/5jM2qm735SpdYqlgeo8FHpUWhX0TEFnQDL0Nc2/fTIBdSXwohDdZnHEMKC JwVVXHl6iKII+YD7dMq1HoHGHE4mMuXMCZtypv68y+qEBnZs7tcFjmgIVrRdiTc9lYx6 gpdw== X-Google-Smtp-Source: APXvYqyzPuIoVNHRDVYCIgZPGv2mkwSHT27TYRbjUfR28hqJRIWgt4niZw9djMR/+XyBoAXfW/QEEA== X-Received: by 2002:a50:a5ec:: with SMTP id b41mr104531465edc.52.1564586628484; Wed, 31 Jul 2019 08:23:48 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id k20sm17485239ede.66.2019.07.31.08.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 6575C1048A4; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 52/59] x86/mm: Disable MKTME if not all system memory supports encryption Date: Wed, 31 Jul 2019 18:08:06 +0300 Message-Id: <20190731150813.26289-53-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP UEFI memory attribute EFI_MEMORY_CPU_CRYPTO indicates whether the memory region supports encryption. Kernel doesn't handle situation when only part of the system memory supports encryption. Disable MKTME if not all system memory supports encryption. Signed-off-by: Kirill A. Shutemov --- arch/x86/mm/mktme.c | 35 +++++++++++++++++++++++++++++++++++ drivers/firmware/efi/efi.c | 25 +++++++++++++------------ include/linux/efi.h | 1 + 3 files changed, 49 insertions(+), 12 deletions(-) diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 17366d81c21b..4e00c244478b 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,9 +1,11 @@ #include #include #include +#include #include #include #include +#include /* Mask to extract KeyID from physical address. */ phys_addr_t __mktme_keyid_mask; @@ -48,9 +50,42 @@ void mktme_disable(void) static bool need_page_mktme(void) { + int nid; + /* Make sure keyid doesn't collide with extended page flags */ BUILD_BUG_ON(__NR_PAGE_EXT_FLAGS > 16); + if (!mktme_nr_keyids()) + return 0; + + for_each_node_state(nid, N_MEMORY) { + const efi_memory_desc_t *md; + unsigned long node_start, node_end; + + node_start = node_start_pfn(nid) << PAGE_SHIFT; + node_end = node_end_pfn(nid) << PAGE_SHIFT; + + for_each_efi_memory_desc(md) { + u64 efi_start = md->phys_addr; + u64 efi_end = md->phys_addr + PAGE_SIZE * md->num_pages; + + if (md->attribute & EFI_MEMORY_CPU_CRYPTO) + continue; + if (efi_start > node_end) + continue; + if (efi_end < node_start) + continue; + if (!e820__mapped_any(efi_start, efi_end, E820_TYPE_RAM)) + continue; + + printk("Memory range %#llx-%#llx: doesn't support encryption\n", + efi_start, efi_end); + printk("Disable MKTME\n"); + mktme_disable(); + break; + } + } + return !!mktme_nr_keyids(); } diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index ad3b1f4866b3..fc19da5da3e8 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -852,25 +852,26 @@ char * __init efi_md_typeattr_format(char *buf, size_t size, if (attr & ~(EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_RO | EFI_MEMORY_WP | EFI_MEMORY_RP | EFI_MEMORY_XP | - EFI_MEMORY_NV | + EFI_MEMORY_NV | EFI_MEMORY_CPU_CRYPTO | EFI_MEMORY_RUNTIME | EFI_MEMORY_MORE_RELIABLE)) snprintf(pos, size, "|attr=0x%016llx]", (unsigned long long)attr); else snprintf(pos, size, - "|%3s|%2s|%2s|%2s|%2s|%2s|%2s|%3s|%2s|%2s|%2s|%2s]", + "|%3s|%2s|%2s|%2s|%2s|%2s|%2s|%2s|%3s|%2s|%2s|%2s|%2s]", attr & EFI_MEMORY_RUNTIME ? "RUN" : "", attr & EFI_MEMORY_MORE_RELIABLE ? "MR" : "", - attr & EFI_MEMORY_NV ? "NV" : "", - attr & EFI_MEMORY_XP ? "XP" : "", - attr & EFI_MEMORY_RP ? "RP" : "", - attr & EFI_MEMORY_WP ? "WP" : "", - attr & EFI_MEMORY_RO ? "RO" : "", - attr & EFI_MEMORY_UCE ? "UCE" : "", - attr & EFI_MEMORY_WB ? "WB" : "", - attr & EFI_MEMORY_WT ? "WT" : "", - attr & EFI_MEMORY_WC ? "WC" : "", - attr & EFI_MEMORY_UC ? "UC" : ""); + attr & EFI_MEMORY_NV ? "NV" : "", + attr & EFI_MEMORY_CPU_CRYPTO ? "CR" : "", + attr & EFI_MEMORY_XP ? "XP" : "", + attr & EFI_MEMORY_RP ? "RP" : "", + attr & EFI_MEMORY_WP ? "WP" : "", + attr & EFI_MEMORY_RO ? "RO" : "", + attr & EFI_MEMORY_UCE ? "UCE" : "", + attr & EFI_MEMORY_WB ? "WB" : "", + attr & EFI_MEMORY_WT ? "WT" : "", + attr & EFI_MEMORY_WC ? "WC" : "", + attr & EFI_MEMORY_UC ? "UC" : ""); return buf; } diff --git a/include/linux/efi.h b/include/linux/efi.h index f87fabea4a85..4ac54a168ffe 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -112,6 +112,7 @@ typedef struct { #define EFI_MEMORY_MORE_RELIABLE \ ((u64)0x0000000000010000ULL) /* higher reliability */ #define EFI_MEMORY_RO ((u64)0x0000000000020000ULL) /* read-only */ +#define EFI_MEMORY_CPU_CRYPTO ((u64)0x0000000000080000ULL) /* memory encryption supported */ #define EFI_MEMORY_RUNTIME ((u64)0x8000000000000000ULL) /* range requires runtime mapping */ #define EFI_MEMORY_DESCRIPTOR_VERSION 1 From patchwork Wed Jul 31 15:08:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068337 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A3B2413A4 for ; Wed, 31 Jul 2019 15:24:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9196F209CD for ; Wed, 31 Jul 2019 15:24:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 83F52212D5; Wed, 31 Jul 2019 15:24:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1F290209CD for ; Wed, 31 Jul 2019 15:24:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 31B8B8E0040; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 27B608E003D; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0A9B78E0040; Wed, 31 Jul 2019 11:23:53 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id A836D8E003D for ; Wed, 31 Jul 2019 11:23:52 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id b12so42633298eds.14 for ; Wed, 31 Jul 2019 08:23:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=V4Vs01tlfRxj/hdhWvsn+MzzX7wMrP0xYcTZ6W3t7PA=; b=LgUjvXtzDmik6fVNp67ej2sSen09tmuSgGRn1XG0deKe7jbrKHs6XmDl3T6OEkhC9y SMvTu1gH+gU2uAJz27M1mUp+TuZ1cuIGH0jm/jE6hQT7O/4ewUyXqHIES4n19YcFKu/S GeYXqKcZdOeZ3c7HWAGRIReG92gJgUN41UkBQog4BpRSPBXf0SBQZIHsp9eDpKXzHmgU htnohaQ9nWJtNd3wpIX8MTHnzOwLFFECQEbK2eVG5CfKdtYvoUYcZJtS36ZeAZNCvj/Q anhi2qRYRR29eP16tqFyUEy+6vu/gv46XbauvXi01ncBk3DNW+OnHYRACXfrBKjil+AV K8wA== X-Gm-Message-State: APjAAAW7n2c0QULPsY0oo6nnrqGKHWskytqbIwhloG4QN20zpu9uHX9e NdfARi7zMiKvOeX0kkIu1AUlR5hnjHiM4xHCE63TqafofZWToeYhhorsYZ0dGg/2d/nSDwmHErB 232oFZO/BEPOedL15ADRyuVPQoUHGNvTqVJkHoVC8Zq9JFyqpvH/jmvgPFCbkfKY= X-Received: by 2002:a50:f599:: with SMTP id u25mr110233055edm.195.1564586632267; Wed, 31 Jul 2019 08:23:52 -0700 (PDT) X-Received: by 2002:a50:f599:: with SMTP id u25mr110232949edm.195.1564586631069; Wed, 31 Jul 2019 08:23:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586631; cv=none; d=google.com; s=arc-20160816; b=C6SOHEn8pKjjkie/uGvVuxtHe3ZyxhROvQZ0YwTzezQTlG0x64tCdDJso1G15QMwx8 7Mms3wDAvGi8ludVhd+PgC8fCdQ2r8nNZl38NIyh2LYmt2FqJAvCG1KKgOKpZaax6kIe mB+07AGRsV1eoyoSMRwxhaEmVZLGe+Fxiz3AJexmO9pxZ16JoLFDzo/RIOxy4ivYIVwF ZxJL0ADq1BdecMByhBWzAejyMCacea31YkNbgW4ifD2uAW6ZdcT8w0weZFCeRuvocile URjk6DNQv1a4Zf9ap1Y/LIlu5noZMKAKRBQRUtb+e6pDWdabfFM/efJHMKmI+Zw5wY+H Z1Bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=V4Vs01tlfRxj/hdhWvsn+MzzX7wMrP0xYcTZ6W3t7PA=; b=o/Do23S0nmB7nY14r7HUNXOrv0T8sXyu8WBocDZ020x5qqeOCPbbmJHaNrgc9uNOJU lLN3azYM7Beaq0v2s2eZXjCqPKJ0FHMHGozzsMlLQkiM+xyoxrOP2E9Zg88VfDJW78Ca emF0PO2eivmtAgzST7H+GPoLqSGCuOj3nCSGXmF9dR12rNdizPswJEsyC1GH3XMKuuDI mx/kX2OhATUt//GBq494a6W3sEJubq8BvPtAt/410eA6GKZcANixC+dv5gvgRbSG6Qug S9TrMVXH6S6AupciTnplpxAQHoZhZt0SqhZ/U/gzK0zJ4cBYOgC1OVyE3usCNqJe4v3e nqPQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=DnqAXhTZ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id f56sor52039292edd.11.2019.07.31.08.23.50 for (Google Transport Security); Wed, 31 Jul 2019 08:23:51 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=DnqAXhTZ; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=V4Vs01tlfRxj/hdhWvsn+MzzX7wMrP0xYcTZ6W3t7PA=; b=DnqAXhTZp01yN6WSw/evIc0boNe52PO2BoJktJtMh2RgostVls+YOyjDU6sjdeAXpu pYNcxAcwMJyK9ACo0Uze5/331zleuRgZ8tdMXcyXHPouR7MjjLnzEm4vrrvRLtE8OL+z 76Cfo0xHGEhi44+MBvlBGlpc/EOvonqmzkGktFkI44+xmuDaiqapmC1Xp/Y9zTg7OInG a9YhCGJldybaRAWWZ5RBIZd3ymSs+wsjDNu5AUmyHnhmm+vat7AO8LplmVvMjX0krWt7 jQavX89FPCTjy4eg6GZ4rPAOp0XfZXIvJviPw7ZSaRn3QUgHcgBLfJ3RAn+sdl9p07vK IUrA== X-Google-Smtp-Source: APXvYqzpD06BRkFUgNWq9pUNA5hd6n+ixu+p9XWwB3ULdCfnwz/4f2lQt2Iw5Gwg1+XUTttxmbAlwg== X-Received: by 2002:a50:9116:: with SMTP id e22mr108657772eda.161.1564586630746; Wed, 31 Jul 2019 08:23:50 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id 9sm8073176ejw.63.2019.07.31.08.23.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:49 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 6C43A1048A5; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 53/59] x86: Introduce CONFIG_X86_INTEL_MKTME Date: Wed, 31 Jul 2019 18:08:07 +0300 Message-Id: <20190731150813.26289-54-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Add new config option to enabled/disable Multi-Key Total Memory Encryption support. Signed-off-by: Kirill A. Shutemov --- arch/x86/Kconfig | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index f2cc88fe8ada..d8551b612f3b 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1550,6 +1550,25 @@ config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT If set to N, then the encryption of system memory can be activated with the mem_encrypt=on command line option. +config X86_INTEL_MKTME + bool "Intel Multi-Key Total Memory Encryption" + depends on X86_64 && CPU_SUP_INTEL && !KASAN + select X86_MEM_ENCRYPT_COMMON + select PAGE_EXTENSION + select KEYS + select ACPI_HMAT + ---help--- + Say yes to enable support for Multi-Key Total Memory Encryption. + This requires an Intel processor that has support of the feature. + + Multikey Total Memory Encryption (MKTME) is a technology that allows + transparent memory encryption in upcoming Intel platforms. + + MKTME is built on top of TME. TME allows encryption of the entirety + of system memory using a single key. MKTME allows having multiple + encryption domains, each having own key -- different memory pages can + be encrypted with different keys. + # Common NUMA Features config NUMA bool "Numa Memory Allocation and Scheduler Support" @@ -2220,7 +2239,7 @@ config RANDOMIZE_MEMORY config MEMORY_PHYSICAL_PADDING hex "Physical memory mapping padding" if EXPERT - depends on RANDOMIZE_MEMORY + depends on RANDOMIZE_MEMORY || X86_INTEL_MKTME default "0xa" if MEMORY_HOTPLUG default "0x0" range 0x1 0x40 if MEMORY_HOTPLUG From patchwork Wed Jul 31 15:08:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068179 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3A969746 for ; Wed, 31 Jul 2019 15:14:12 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 23F9520246 for ; Wed, 31 Jul 2019 15:14:12 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 1846B204BF; Wed, 31 Jul 2019 15:14:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6C51B20415 for ; Wed, 31 Jul 2019 15:14:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D0BB48E0027; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id CEDDD8E0022; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BD36F8E0022; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 2E9DA8E0027 for ; Wed, 31 Jul 2019 11:13:54 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id f19so42620207edv.16 for ; Wed, 31 Jul 2019 08:13:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=rS7n4vbFz7RKbnJIWYLJ3LD2/VhASWWBXDQ1YiyXUK4=; b=bTR6K1YuJSvcIw55nF+x7OngsYbrbZiFjNqOF2PM7HLbYt3c/bTlONub7lUYZnov7V 8hzJizcgg3bRg5qjfC2M5uRJW2n2Yn6mtDvNSKTnCb2wOXdeUdKeARi6Phmgv9sTBAD8 nMtAnGwf0QqBIiWo7hk6Y1qpC7H3I6M0TbH2Z0I85HuEyU7ADTvCk3hQObKKbdC+2N8K IQoDsbMmTGYIXkpKMYq0w0nPdPG+sDmjdUtcHL6RREhFX7LNyzT35bkYy6ngHrDyPKhI wkJs/XEpEHyPSOq2iqGwDp9s3A/jXuC5UJi97jSEjSUjQfl0xKEO2q7wRnw2QkRDVEXH WlWA== X-Gm-Message-State: APjAAAXB64I8SDZoNxEaHLh+Au6cUjRAZ0N/9vtZvp2f2/7MXaxCLDlM 1VjvuLiLK2DVednHHhhqmAdIlYIzSxMjd6rMsNASmN4KRa4Nf64H8orQWVQztehKKT8XY7DcilN cMHELKYCZfsjfJQgCGR2O3XTUTjUbti7BK+DOTivX1grB7GKNlcA3KFTDJd7/sbw= X-Received: by 2002:a50:8825:: with SMTP id b34mr107697156edb.22.1564586033738; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) X-Received: by 2002:a50:8825:: with SMTP id b34mr107697065edb.22.1564586032821; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586032; cv=none; d=google.com; s=arc-20160816; b=G/zeOsj+cA8tBJIaBVWqhlEaKkz/qoxzZiJHLe0VcViVt8OCyP+Ruvb8kFpXojQSJ8 Uq6v80SfJnR7L6wQ2MwPWZDQyJq0enBddA0qTGxkqdCGAnuu+BUzsiMPusUz/TWVe/1X Ldiwn6CWVuOIKtDqyubMsKVWME1kl8tJvrSIWeLUMHzh3YYNhUIvbSLRA2GD1eye9E0p jxXoEySD6hasDhw1R/mmxW7qZunmTa3JByuSfVxGAYxlv1lVoTLMVTmS8iCJ41oq2Gm3 +hXgRrLn2OAVersNy/FQYi8eSqOrTSplUo9qmz8hfvxE7MhcdrdagkbqlA0PoYy/9a1q X0Zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=rS7n4vbFz7RKbnJIWYLJ3LD2/VhASWWBXDQ1YiyXUK4=; b=dXxBjbM7Jt9zg1a9UlkfP/mwUzf1G4vSH/AItnhMdTqdChf4S2MbiHC+NQKmKCj/CC o213MMPtg6txxibmtmlp/Z7JUbxOkhAo24p1BEYmTCIfpB7nqzWhQ64OS4DrprPdP6jY tdmNYkNMhPHErJ1cakPLt/z5KORVLukCAlA622Ql95IBrsL7cmiy4sR/qvaH1Ht5SqeV ZEY//IdWYhmGtheGCvWIQSQoLH9Pd0a8RrkOf8faZqMG+SmvoZ480qbi5fEQrAH6rATC L1x8PV76A3HQWFROME7cLxvn97zbVJlcMNvHYE35YIgR0kEhBL+3i34H5TVvuvLbXPZ6 bd/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=afbMm0Gf; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id s3sor22358058ejd.4.2019.07.31.08.13.52 for (Google Transport Security); Wed, 31 Jul 2019 08:13:52 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=afbMm0Gf; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rS7n4vbFz7RKbnJIWYLJ3LD2/VhASWWBXDQ1YiyXUK4=; b=afbMm0GfaAisY0kxZUpRSnh8R0UIgNbJC7BJabH5D9WD/FNoXqbra0An01CbRBxtGZ 6HU1X6ERvuzfNqTtDr+HgIFNQrS9uH8mDg4JioI9lUGBcB+JyiVbUiZDn49xnAK2QQn2 oQ3mhFNgfpG+AUJM6loNdB65enq3rg75smpnnn5r67isH8PNtXlUf6jqP5gfHsQbMQyF l59jSDgnvEUi9oWKOkD6rlyjzioaGiCcKXFv5vzlqChSrqbNMbLCeGEwMXmrJepCKBgI Uuo0QV/OGqvUg9Jx7SfUQ3NHZ5kkTcCYHyjFw9TFCxaRJlkdceV57/R8dgaSbT3qft98 VEWg== X-Google-Smtp-Source: APXvYqzYx7vkfK0pCreTlPXP87r4rm9+sWwDysXJ5rrTYu3XJTTOF6g20uha3nGp0gwYlH89T1Svfw== X-Received: by 2002:a17:906:6bc4:: with SMTP id t4mr97503471ejs.256.1564586032415; Wed, 31 Jul 2019 08:13:52 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id 9sm8069757ejw.63.2019.07.31.08.13.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:50 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 7337F1048A6; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 54/59] x86/mktme: Overview of Multi-Key Total Memory Encryption Date: Wed, 31 Jul 2019 18:08:08 +0300 Message-Id: <20190731150813.26289-55-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Provide an overview of MKTME on Intel Platforms. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- Documentation/x86/index.rst | 1 + Documentation/x86/mktme/index.rst | 8 +++ Documentation/x86/mktme/mktme_overview.rst | 57 ++++++++++++++++++++++ 3 files changed, 66 insertions(+) create mode 100644 Documentation/x86/mktme/index.rst create mode 100644 Documentation/x86/mktme/mktme_overview.rst diff --git a/Documentation/x86/index.rst b/Documentation/x86/index.rst index af64c4bb4447..449bb6abeb0e 100644 --- a/Documentation/x86/index.rst +++ b/Documentation/x86/index.rst @@ -22,6 +22,7 @@ x86-specific Documentation intel_mpx intel-iommu intel_txt + mktme/index amd-memory-encryption pti mds diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst new file mode 100644 index 000000000000..1614b52dd3e9 --- /dev/null +++ b/Documentation/x86/mktme/index.rst @@ -0,0 +1,8 @@ + +========================================= +Multi-Key Total Memory Encryption (MKTME) +========================================= + +.. toctree:: + + mktme_overview diff --git a/Documentation/x86/mktme/mktme_overview.rst b/Documentation/x86/mktme/mktme_overview.rst new file mode 100644 index 000000000000..64c3268a508e --- /dev/null +++ b/Documentation/x86/mktme/mktme_overview.rst @@ -0,0 +1,57 @@ +Overview +========= +Multi-Key Total Memory Encryption (MKTME)[1] is a technology that +allows transparent memory encryption in upcoming Intel platforms. +It uses a new instruction (PCONFIG) for key setup and selects a +key for individual pages by repurposing physical address bits in +the page tables. + +Support for MKTME is added to the existing kernel keyring subsystem +and via a new mprotect_encrypt() system call that can be used by +applications to encrypt anonymous memory with keys obtained from +the keyring. + +This architecture supports encrypting both normal, volatile DRAM +and persistent memory. However, persistent memory support is +not included in the Linux kernel implementation at this time. +(We anticipate adding that support next.) + +Hardware Background +=================== + +MKTME is built on top of an existing single-key technology called +TME. TME encrypts all system memory using a single key generated +by the CPU on every boot of the system. TME provides mitigation +against physical attacks, such as physically removing a DIMM or +watching memory bus traffic. + +MKTME enables the use of multiple encryption keys[2], allowing +selection of the encryption key per-page using the page tables. +Encryption keys are programmed into each memory controller and +the same set of keys is available to all entities on the system +with access to that memory (all cores, DMA engines, etc...). + +MKTME inherits many of the mitigations against hardware attacks +from TME. Like TME, MKTME does not mitigate vulnerable or +malicious operating systems or virtual machine managers. MKTME +offers additional mitigations when compared to TME. + +TME and MKTME use the AES encryption algorithm in the AES-XTS +mode. This mode, typically used for block-based storage devices, +takes the physical address of the data into account when +encrypting each block. This ensures that the effective key is +different for each block of memory. Moving encrypted content +across physical address results in garbage on read, mitigating +block-relocation attacks. This property is the reason many of +the discussed attacks require control of a shared physical page +to be handed from the victim to the attacker. + +-- +1. https://software.intel.com/sites/default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption-Spec.pdf +2. The MKTME architecture supports up to 16 bits of KeyIDs, so a + maximum of 65535 keys on top of the “TME key” at KeyID-0. The + first implementation is expected to support 6 bits, making 63 + keys available to applications. However, this is not guaranteed. + The number of available keys could be reduced if, for instance, + additional physical address space is desired over additional + KeyIDs. From patchwork Wed Jul 31 15:08:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068181 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B6FDC13A4 for ; Wed, 31 Jul 2019 15:14:15 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A1FFE201BD for ; Wed, 31 Jul 2019 15:14:15 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 94336204BF; Wed, 31 Jul 2019 15:14:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BB5CD201BD for ; Wed, 31 Jul 2019 15:14:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 98AA18E002B; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 826EB8E0022; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 653F08E002A; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) by kanga.kvack.org (Postfix) with ESMTP id 0974D8E0028 for ; Wed, 31 Jul 2019 11:13:56 -0400 (EDT) Received: by mail-ed1-f72.google.com with SMTP id b12so42614673eds.14 for ; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=igF6rwOO/MpHXaPOW5M5V10Q4NOXV533wOmvObyjS78=; b=ap0bpH16W1dO8NEZ9FM5k+cGsXowar0RW7tLOoj4p9RgAqyCvcPByA371lGwll/ePt lTO1oNdfMbZJUok2qasSUKJn588FZijpOt/QCaVeNYVItavVSg7VBC6wiUXOYJKYRn55 IXf9CWVbaGaAgbmoNIqHFGHvVmqUzkkLPW65WsPub7l4sU9NqzCQQ8dtxBJAUgWsOOqX rqKlNogHQCys363ib1+kPOn1nvEgP98QYbT6RMX3kYpymq0x2QEw/V6kDxykAj6zp8UE 1aodEzTvNYN9Z8vB3NJHwr+x/tmLM1xGMiRi6yKV6JsfP567coJKIckeGCEGsrTup64v M5fg== X-Gm-Message-State: APjAAAU/+WDmXHiFfEoBNtG5OzOeYaot00vpn9vpP7JGPzdA+eKxTYXL sr37tORYRIH41J2N0ytCuViaiioeyq3pZIDRlP/JWqS836d9nv5JtfET3ikg9VVS9ZaZ61I7KyI vF+dtx2KUS95M6nRHegXiZFNKKS8SWQ8lFvolzOZDqt+6VfvMLCY3nV+ZW5YfafI= X-Received: by 2002:aa7:df8b:: with SMTP id b11mr5269479edy.6.1564586035568; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) X-Received: by 2002:aa7:df8b:: with SMTP id b11mr5269340edy.6.1564586034071; Wed, 31 Jul 2019 08:13:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586034; cv=none; d=google.com; s=arc-20160816; b=dTNvIrAq6inAQl68w2HuSaDayfSXbrWJS9L8mkzQkR3UWP4R6P1MSE48gX3CLlU7xv nXEwc2nhjkBaPG+j/+X/Md9uc6nv6eAxeUvomwPuD5liy3T5zUA8/k8n8m7ezV2Dv7rV TpXkL1THJaPKXVtrtowkjNMcupSY4TD7Wo8vDyuWTMpTjAwTwB+ihVJn/yfCqIeTWb9c M6VWBLsS2wmaMBAS4+ZSRnRCM7qFwDkPQE8Wn6Ku/icGON3IG383y+QOhTrc0fFTNJtb v/8aRHVP5pHldnUJ+BkhV4KyhFRREmElVAzWoUdRiamvsuKa1InmaYzOKIyrQitxvP5X AUFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=igF6rwOO/MpHXaPOW5M5V10Q4NOXV533wOmvObyjS78=; b=OjwA4urPhqIPfYmoVUT12YeVVBPkcxqJaSRY6SLjrYpqREwHdNRyz9qVys+7KyHK+C QTBSWniHuPiR7nV1WKJ1C/bfG06k3P8WQksJVjC8ykJg4Zqp0yuco+Sdwtm4TdAY+53t QsjxnIYnVfxNGOHT5aaJE0N6E0clZcI3Zt507UCB1q5apMFuom/6tZ9zhHOaQwzKF59W NVZZhB0eskfEThUKQA8fLeegPKODFljAWfaDYm2Bll8Yalnd67PhFXJaBul2803mVtUF lXK+RTRLV7GlOR2p2cTNlv87NDSj0Aq6H+q/9Unc0g2p0EynpBQuR5TkUskl9inVJJsQ jYhw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=a8D1IY8W; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id pj9sor22571555ejb.22.2019.07.31.08.13.53 for (Google Transport Security); Wed, 31 Jul 2019 08:13:54 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=a8D1IY8W; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=igF6rwOO/MpHXaPOW5M5V10Q4NOXV533wOmvObyjS78=; b=a8D1IY8WQS/+pFXxx/c79xwSarq0iBdwCWmWCulUgzml4ker2LJSZneHrbBGRc9GCv H11X9TMhet9vbmINgjsTxzpQhGw8LclboXWyHT3C8sP81/lKyUEJb80FNr1Z3YxssR1s IN4FXExlSdSk1vWQd4N5Kkg511vrNfyls4pDcgm+WDjrht72CCqQslx6rnLT6w1nFhR7 qav+PNWqOr+wWtQ7MgYg1Knk12t/pP9iRkjhwnvEbWBJH7+WHTJWnfHK0vZdejGeflRe +np9WYVRO4AAyNwU58oVH7WDmV4bh3Re5u+csPI0Y37Za/tH7uxoXCEETZ2CG6GG8fvP xGJg== X-Google-Smtp-Source: APXvYqwV5kCyMozU4z2zmBu0uFZ9eCcpeUARTXuEcmuWXOI+wPOLh76dszK/1zlrOgtlJNxL8DEMmg== X-Received: by 2002:a17:906:784:: with SMTP id l4mr80515472ejc.19.1564586033595; Wed, 31 Jul 2019 08:13:53 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id c16sm17311766edc.58.2019.07.31.08.13.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:51 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 79BFF1048A7; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 55/59] x86/mktme: Document the MKTME provided security mitigations Date: Wed, 31 Jul 2019 18:08:09 +0300 Message-Id: <20190731150813.26289-56-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Describe the security benefits of Multi-Key Total Memory Encryption (MKTME) over Total Memory Encryption (TME) alone. Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- Documentation/x86/mktme/index.rst | 1 + Documentation/x86/mktme/mktme_mitigations.rst | 151 ++++++++++++++++++ 2 files changed, 152 insertions(+) create mode 100644 Documentation/x86/mktme/mktme_mitigations.rst diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst index 1614b52dd3e9..a3a29577b013 100644 --- a/Documentation/x86/mktme/index.rst +++ b/Documentation/x86/mktme/index.rst @@ -6,3 +6,4 @@ Multi-Key Total Memory Encryption (MKTME) .. toctree:: mktme_overview + mktme_mitigations diff --git a/Documentation/x86/mktme/mktme_mitigations.rst b/Documentation/x86/mktme/mktme_mitigations.rst new file mode 100644 index 000000000000..c593784851fb --- /dev/null +++ b/Documentation/x86/mktme/mktme_mitigations.rst @@ -0,0 +1,151 @@ +MKTME-Provided Mitigations +========================== +:Author: Dave Hansen + +MKTME adds a few mitigations against attacks that are not +mitigated when using TME alone. The first set are mitigations +against software attacks that are familiar today: + + * Kernel Mapping Attacks: information disclosures that leverage + the kernel direct map are mitigated against disclosing user + data. + * Freed Data Leak Attacks: removing an encryption key from the + hardware mitigates future user information disclosure. + +The next set are attacks that depend on specialized hardware, +such as an “evil DIMM” or a DDR interposer: + + * Cross-Domain Replay Attack: data is captured from one domain +(guest) and replayed to another at a later time. + * Cross-Domain Capture and Delayed Compare Attack: data is + captured and later analyzed to discover secrets. + * Key Wear-out Attack: data is captured and analyzed in order + to Weaken the AES encryption itself. + +More details on these attacks are below. + +Kernel Mapping Attacks +---------------------- +Information disclosure vulnerabilities leverage the kernel direct +map because many vulnerabilities involve manipulation of kernel +data structures (examples: CVE-2017-7277, CVE-2017-9605). We +normally think of these bugs as leaking valuable *kernel* data, +but they can leak application data when application pages are +recycled for kernel use. + +With this MKTME implementation, there is a direct map created for +each MKTME KeyID which is used whenever the kernel needs to +access plaintext. But, all kernel data structures are accessed +via the direct map for KeyID-0. Thus, memory reads which are not +coordinated with the KeyID get garbage (for example, accessing +KeyID-4 data with the KeyID-0 mapping). + +This means that if sensitive data encrypted using MKTME is leaked +via the KeyID-0 direct map, ciphertext decrypted with the wrong +key will be disclosed. To disclose plaintext, an attacker must +“pivot” to the correct direct mapping, which is non-trivial +because there are no kernel data structures in the KeyID!=0 +direct mapping. + +Freed Data Leak Attack +---------------------- +The kernel has a history of bugs around uninitialized data. +Usually, we think of these bugs as leaking sensitive kernel data, +but they can also be used to leak application secrets. + +MKTME can help mitigate the case where application secrets are +leaked: + + * App (or VM) places a secret in a page * App exits or frees +memory to kernel allocator * Page added to allocator free list * +Attacker reallocates page to a purpose where it can read the page + +Now, imagine MKTME was in use on the memory being leaked. The +data can only be leaked as long as the key is programmed in the +hardware. If the key is de-programmed, like after all pages are +freed after a guest is shut down, any future reads will just see +ciphertext. + +Basically, the key is a convenient choke-point: you can be more +confident that data encrypted with it is inaccessible once the +key is removed. + +Cross-Domain Replay Attack +-------------------------- +MKTME mitigates cross-domain replay attacks where an attacker +replaces an encrypted block owned by one domain with a block +owned by another domain. MKTME does not prevent this replacement +from occurring, but it does mitigate plaintext from being +disclosed if the domains use different keys. + +With TME, the attack could be executed by: + * A victim places secret in memory, at a given physical address. + Note: AES-XTS is what restricts the attack to being performed + at a single physical address instead of across different + physical addresses + * Attacker captures victim secret’s ciphertext * Later on, after + victim frees the physical address, attacker gains ownership + * Attacker puts the ciphertext at the address and get the secret + plaintext + +But, due to the presumably different keys used by the attacker +and the victim, the attacker can not successfully decrypt old +ciphertext. + +Cross-Domain Capture and Delayed Compare Attack +----------------------------------------------- +This is also referred to as a kind of dictionary attack. + +Similarly, MKTME protects against cross-domain capture-and-compare +attacks. Consider the following scenario: + * A victim places a secret in memory, at a known physical address + * Attacker captures victim’s ciphertext + * Attacker gains control of the target physical address, perhaps + after the victim’s VM is shut down or its memory reclaimed. + * Attacker computes and writes many possible plaintexts until new + ciphertext matches content captured previously. + +Secrets which have low (plaintext) entropy are more vulnerable to +this attack because they reduce the number of possible plaintexts +an attacker has to compute and write. + +The attack will not work if attacker and victim uses different +keys. + +Key Wear-out Attack +------------------- +Repeated use of an encryption key might be used by an attacker to +infer information about the key or the plaintext, weakening the +encryption. The higher the bandwidth of the encryption engine, +the more vulnerable the key is to wear-out. The MKTME memory +encryption hardware works at the speed of the memory bus, which +has high bandwidth. + +Such a weakness has been demonstrated[1] on a theoretical cipher +with similar properties as AES-XTS. + +An attack would take the following steps: + * Victim system is using TME with AES-XTS-128 + * Attacker repeatedly captures ciphertext/plaintext pairs (can + be Performed with online hardware attack like an interposer). + * Attacker compels repeated use of the key under attack for a + sustained time period without a system reboot[2]. + * Attacker discovers a cipertext collision (two plaintexts + translating to the same ciphertext) + * Attacker can induce controlled modifications to the targeted + plaintext by modifying the colliding ciphertext + +MKTME mitigates key wear-out in two ways: + * Keys can be rotated periodically to mitigate wear-out. Since + TME keys are generated at boot, rotation of TME keys requires a + reboot. In contrast, MKTME allows rotation while the system is + booted. An application could implement a policy to rotate keys + at a frequency which is not feasible to attack. + * In the case that MKTME is used to encrypt two guests’ memory + with two different keys, an attack on one guest’s key would not + weaken the key used in the second guest. + +-- +1. http://web.cs.ucdavis.edu/~rogaway/papers/offsets.pdf +2. This sustained time required for an attack could vary from days + to years depending on the attacker’s goals. From patchwork Wed Jul 31 15:08:10 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068191 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id CD80613A4 for ; Wed, 31 Jul 2019 15:14:32 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B99A120453 for ; Wed, 31 Jul 2019 15:14:32 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AD727201BC; Wed, 31 Jul 2019 15:14:32 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AD17720881 for ; Wed, 31 Jul 2019 15:14:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C47EE8E002C; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id B828A8E002A; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A24838E002C; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 37DD28E002A for ; Wed, 31 Jul 2019 11:13:57 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id y24so42671105edb.1 for ; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=I5PL3KEd8NdLoJF+LQ8UkD4dkMItZA8rJO7OBoBpg0o=; b=LZxdH7QbKUjlvsNgxgJ4tyM0nX75348OHEUoIcpz1FFioDD/dgs7ktBS8vq6XU5Mkg ceoNU5qV3lZMzdntF3/pTcN2iwdkDj7X6n/UExjGphu4mgJrVtkAUEVmeGvl6QotUHLA J6qMLhGQw0bv4O610kgGK/SQ9SN9ltLvTikuxSVl3BqGVXyG3bwsrYJvNWknbmsVqgxV 60Karm7J9tfZndfdemLjcecUpj5MoWjZ9FwphO4Q3Kz4mx5/JMhHss4VygSZcgKRLBk6 XBcdPyhpmfmf8b7YdZdQvjkZ1z15bOzOefS5gjvMoct0XEEy+X7otZb1kk1fsBoXkrb0 MsCg== X-Gm-Message-State: APjAAAXvHjEXH3zwLQpjljEwTEVfzUKreJiX0oZOJ6SlwYf1ce2HhmLB LZxYySTM/5bvr9KxFsJb2KRsR+nMQLkROVtGe7cmyRYP1DdTLUcfiChnw1Znm+ZpiHyr7Q8VAiS EqeCPdAOXmSaOat88o3N37pXyvhVX9ooUOTlUkb6sAw6vS9LErlHzsT+CjQhu8Ws= X-Received: by 2002:a50:a3ec:: with SMTP id t41mr107388220edb.43.1564586036806; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) X-Received: by 2002:a50:a3ec:: with SMTP id t41mr107388130edb.43.1564586035915; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586035; cv=none; d=google.com; s=arc-20160816; b=Ks+ygNAbxouddKDHyeJmdDTE9U8LLgOXyXDWdqBcY3elJ30l0PvJ2Pe2lDufy9sdkb 7jf3xgjwiDrcOgtdOLs00jB6ecIJTRJnmIhaE4uRoZYLU8ylEAptsbFjHCMu73zwDkav XRm70O+vrfG16gtJJjtLbAWnFupo7yTJuZa/JOzY0Q+10mnFnvxSM9hT5PeFt1W2pWEt OhcKEsyvizFxL2zOAv8CKyDmZXdM2ZqIX4F93iNzF+2KZY1BIA6N55LYveGikIEFf66K uPil/rOWe9OqOreewLBmdOD+WL0KiCP5Ap5QSDpiRJ+ztloQ3bOy5T9PsxicfuwFSLM1 72Iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=I5PL3KEd8NdLoJF+LQ8UkD4dkMItZA8rJO7OBoBpg0o=; b=jZl2koepLvUIxr8pcz/QOFG50UneVr9RgJ0M+FEG2Ve55ocNMwuu0zakL0u/Aef8Ss Rq2CopoJ2M3zmW/K49ErBKfwcPwltMuKiSROvo5l9NfRqoQhz+6k4JW4Yy/rSrAjXX99 tRtLFXsY96oJ9LSn/M1ArMxKFfbvFez7j1GDkg9Hh4ptpyzvNGNbRPdvhxKw8bDN1+mQ 0tiMdojc4htO5SuNXAbbVELkE6kXopM03pVDFzo2JCmSp4a+sTbcL1/nExCZMbkLsgsY h8onrRVOvRkRo0Er4ymHuHlWQtFDSrqJSrBu4T2CleGJrjXQCv5fAGDV8xZjGlntLOFL 4+tQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=tW+zNphq; spf=neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id s23sor22389897eji.11.2019.07.31.08.13.55 for (Google Transport Security); Wed, 31 Jul 2019 08:13:55 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.41; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=tW+zNphq; spf=neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=I5PL3KEd8NdLoJF+LQ8UkD4dkMItZA8rJO7OBoBpg0o=; b=tW+zNphqnZbkGHkrMBxx1TXe9FglfbohupscPg50rqzrfHLWW9Hl0Z+CMMOXjE/R2+ NcyfhCCsOWXcuwckjmfDmtUusVsnWuowFpyaegX4gCHmyqrGBy+MQMUADGcZpvVKZ512 11xIjMWWAyW63Hda6ArgtSMycjMggoGiwik1SYPbJausNlmbXMmpld6k3+d5JCJ4LZJP gwHYjVnbIrQYu9TGb2+5XJG8HpaJESPi+R23zoUlviPx31pjGUmVrMYLiGF/H3Dcw0QM E2t8w4UFu33JUkrOE5ctmB9g/FhPzqGB/iO94n+xj19M9EujxQQ7zv77d7Yw2DGds/F/ 6oYA== X-Google-Smtp-Source: APXvYqzcY0rGlEFl7gKQAV09OPdwNja6Zvxs45AN38Cu6T9Con7khC9d8WVErECQGCkC99X7sSihKQ== X-Received: by 2002:a17:906:2557:: with SMTP id j23mr93846289ejb.228.1564586035522; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id p43sm17365793edc.3.2019.07.31.08.13.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 809A21048A8; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 56/59] x86/mktme: Document the MKTME kernel configuration requirements Date: Wed, 31 Jul 2019 18:08:10 +0300 Message-Id: <20190731150813.26289-57-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- Documentation/x86/mktme/index.rst | 1 + Documentation/x86/mktme/mktme_configuration.rst | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 Documentation/x86/mktme/mktme_configuration.rst diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst index a3a29577b013..0f021cc4a2db 100644 --- a/Documentation/x86/mktme/index.rst +++ b/Documentation/x86/mktme/index.rst @@ -7,3 +7,4 @@ Multi-Key Total Memory Encryption (MKTME) mktme_overview mktme_mitigations + mktme_configuration diff --git a/Documentation/x86/mktme/mktme_configuration.rst b/Documentation/x86/mktme/mktme_configuration.rst new file mode 100644 index 000000000000..7d56596360cb --- /dev/null +++ b/Documentation/x86/mktme/mktme_configuration.rst @@ -0,0 +1,6 @@ +MKTME Configuration +=================== + +CONFIG_X86_INTEL_MKTME + MKTME is enabled by selecting CONFIG_X86_INTEL_MKTME on Intel + platforms supporting the MKTME feature. From patchwork Wed Jul 31 15:08:11 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068193 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 29D5B746 for ; Wed, 31 Jul 2019 15:14:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 15E7D200E7 for ; Wed, 31 Jul 2019 15:14:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0A037205E9; Wed, 31 Jul 2019 15:14:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 61A2B20453 for ; Wed, 31 Jul 2019 15:14:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 87C5E8E002F; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 84E608E002A; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 73F878E002F; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 249B98E002A for ; Wed, 31 Jul 2019 11:13:58 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id f3so42574641edx.10 for ; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=WTAAjTsK3+3w7eSPHsyJf/zyVQM+N+66EXtK8GvqGh0=; b=gvG+y23g7/zJLiXoE7DV96v9fI+xH8UjoofHxyQ2nIzVSyiiSCMTR24wNjfiqe/2dH mo3kNc59qjNzv+ELlBtjH4tkFJcdOJvf3C20DaIWuivpmgDo0ZBejJ+OOGwrJVvJ+id/ r1H/XmBv4pkP4g19LYrJq5k3urkZ9xGLOSbZlaPJeSK69k2FmzsIumkJl6o9jm8BsE1c 0qXKCqSH6m67oqq8QDFRyjznglLjYAMnul7N0KiwtJYgZCYP5eY/DkRKHZb0NUwWyz1j VhWdaii9jIl+3X3wQZMSvK7HCIhllgutmYomWkfFlarqljuD7VIHZFG8dyssZvoC1ldY LTHQ== X-Gm-Message-State: APjAAAVvuCR2dkaGeazKLvouosuZqUdwk8fx2ONBYd/OHpboQp8rkxXf 1aKnO3hxUwq7KiTmWnG/zhuSV5WkcLeORdDPWFSagjIlcYsmh2/chvleXTYBU3RPKuAA/NI6iJj YPv65qIwXo/pj6awFwaEhu+9KMB9wQhkqnZ7OZdhKX5SItFTqt5ULLQ4cz5ioi04= X-Received: by 2002:a50:eb8f:: with SMTP id y15mr108162446edr.31.1564586037723; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) X-Received: by 2002:a50:eb8f:: with SMTP id y15mr108162319edr.31.1564586036451; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586036; cv=none; d=google.com; s=arc-20160816; b=ngoiukpe8mz6uf7yTxSvGrTH5DUZEvPhiwotcb2k9ldYF3XUY5A+gmoWGj9qWXMfMx +oOSgvK2vX8GTSvUwhwkjxN38HEne73MVhFuXeMJk7Ds9w5mCWoMeH8U+Mr0WuOJ20FY 5ORPi80PbNmRU0vOiDRZKqTSYCgNdN+kgowggEmHCQ3CvB+D5PoH8N7Tz9tCqK0jcAqg t1t25FPc79ENnIhBXz7GvaSv3VFGpXoOZIHgyzZy7Xk2gsMKzo7Pm6MPvh9QrjZetcvg ULvx9tW+EkyONJcQV98rc25P6Kw0QHu2Fy9T/1F1tkil8pegM36YimWVplYBFlLE6xF8 Ry2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=WTAAjTsK3+3w7eSPHsyJf/zyVQM+N+66EXtK8GvqGh0=; b=Wiv0ear+7Y6hzN8WoDXR2FrNCJoI2vi1mBCQ6HTDZO6gChESNPYm1xEGj2fWUzmk+m Aw7+ykd/Y89YkTYOdzAyOk5+vbLk/hPtWvnt0QAOQISj+dic0O1+VICyG3Yogk/vJfb0 NMY6ieS/IJHdxz7Yj5F6ZGN26K+8NdHK3Vl1uTtG1uKkJeqI2FKIK6Q1nfDOdyBnucAQ VCowNzaXsn9w5H1Nna4cAiPo+oPPd2nUDiMdAICbqIVytHoBMsSijbh91aon5ikTs+Ku DgDMQqaUKquL59bLembqq1IADg+4Td9rlk7o3m6te0ZKHdisvF/TYbgkF9F71h0kjtuy NoNw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=vHCm2eeu; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l22sor52318095eda.1.2019.07.31.08.13.56 for (Google Transport Security); Wed, 31 Jul 2019 08:13:56 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=vHCm2eeu; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WTAAjTsK3+3w7eSPHsyJf/zyVQM+N+66EXtK8GvqGh0=; b=vHCm2eeuCUQs2yHSeXWs6297E3LD/DJ3yKHjxnQ3uS38oTOhZMWNOL2t2b8qyqezCd TSyHJ2nZIkIp+xozfa1fMkbPHgLyD07pzVHXY1r0RJbOqJQjIa59zY+kzkFpFK+i6bAm u2IRsUZJ7qr8muyrOi/vvs1sPIHYD5F+Sz93KlJmSVBGUVMoNkaJnWL0flwcUWdk1Rd+ pJLhMUZ1mXkr512XbgaOmHVFaepWq9DNGGdxUvxD97xw+4EXINwjigBZSkDbyOrFGk9v coI9yYfL7DOZadkWb+EyLWXGslgUVJIufSy67o3yRyMY9W/s+uFsbxg0YK6+eu5onsz9 Qs2g== X-Google-Smtp-Source: APXvYqyDF7Ax4wPwm75VtJQs6n6Sw+upz55I60UXt6jJNg1T+Xcry5rWrrwsNPjn0mCM+yzapDyh9Q== X-Received: by 2002:a50:9153:: with SMTP id f19mr109455097eda.70.1564586035945; Wed, 31 Jul 2019 08:13:55 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id q56sm17022134eda.28.2019.07.31.08.13.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 87A6F1048A9; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 57/59] x86/mktme: Document the MKTME Key Service API Date: Wed, 31 Jul 2019 18:08:11 +0300 Message-Id: <20190731150813.26289-58-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov Reviewed-by: Ben Boeckel --- Documentation/x86/mktme/index.rst | 1 + Documentation/x86/mktme/mktme_keys.rst | 61 ++++++++++++++++++++++++++ 2 files changed, 62 insertions(+) create mode 100644 Documentation/x86/mktme/mktme_keys.rst diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst index 0f021cc4a2db..8cf2b7d62091 100644 --- a/Documentation/x86/mktme/index.rst +++ b/Documentation/x86/mktme/index.rst @@ -8,3 +8,4 @@ Multi-Key Total Memory Encryption (MKTME) mktme_overview mktme_mitigations mktme_configuration + mktme_keys diff --git a/Documentation/x86/mktme/mktme_keys.rst b/Documentation/x86/mktme/mktme_keys.rst new file mode 100644 index 000000000000..5d9125eb7950 --- /dev/null +++ b/Documentation/x86/mktme/mktme_keys.rst @@ -0,0 +1,61 @@ +MKTME Key Service API +===================== +MKTME is a new key service type added to the Linux Kernel Key Service. + +The MKTME Key Service type is available when CONFIG_X86_INTEL_MKTME is +turned on in Intel platforms that support the MKTME feature. + +The MKTME Key Service type manages the allocation of hardware encryption +keys. Users can request an MKTME type key and then use that key to +encrypt memory with the encrypt_mprotect() system call. + +Usage +----- + When using the Kernel Key Service to request an *mktme* key, + specify the *payload* as follows: + + type= + *cpu* User requests a CPU generated encryption key. + The CPU generates and assigns an ephemeral key. + + *no-encrypt* + User requests that hardware does not encrypt + memory when this key is in use. + + algorithm= + When type=cpu the algorithm field must be *aes-xts-128* + *aes-xts-128* is the only supported encryption algorithm + + When type=no-encrypt the algorithm field must not be + present in the payload. + +ERRORS +------ + In addition to the Errors returned from the Kernel Key Service, + add_key(2) or keyctl(1) commands, the MKTME Key Service type may + return the following errors: + + EINVAL for any payload specification that does not match the + MKTME type payload as defined above. + + EACCES for access denied. The MKTME key type uses capabilities + to restrict the allocation of keys to privileged users. + CAP_SYS_RESOURCE is required, but it will accept the + broader capability of CAP_SYS_ADMIN. See capabilities(7). + + ENOKEY if a hardware key cannot be allocated. Additional error + messages will describe the hardware programming errors. + +EXAMPLES +-------- + Add a 'cpu' type key:: + + char \*options_CPU = "type=cpu algorithm=aes-xts-128"; + + key = add_key("mktme", "name", options_CPU, strlen(options_CPU), + KEY_SPEC_THREAD_KEYRING); + + Add a "no-encrypt' type key:: + + key = add_key("mktme", "name", "no-encrypt", strlen(options_CPU), + KEY_SPEC_THREAD_KEYRING); From patchwork Wed Jul 31 15:08:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068197 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4FA3913A4 for ; Wed, 31 Jul 2019 15:14:39 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3B8CC201BC for ; Wed, 31 Jul 2019 15:14:39 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2FA4420246; Wed, 31 Jul 2019 15:14:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A25402023F for ; Wed, 31 Jul 2019 15:14:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A1B28E0031; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 67A948E002A; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5691A8E0031; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f71.google.com (mail-ed1-f71.google.com [209.85.208.71]) by kanga.kvack.org (Postfix) with ESMTP id 048058E002A for ; Wed, 31 Jul 2019 11:13:59 -0400 (EDT) Received: by mail-ed1-f71.google.com with SMTP id d27so42616638eda.9 for ; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=giiClMAwHghspubxRJeU98UBj4kcy5uaSNNQ5yHBQr8=; b=ieAcn8qbfzxAraI4scSI58G3RxLYDBSQdGbauDhFUyenuxYwAsIjvRnBHPqwsl8xso OermEUaiSvsehFGXJdgDuDQfYgBCaVla5gqqHiJUjdkh/LCuCf7Dm7nNHwJNXEtXoKL2 rDsDunjOh17QLxUi/TjCOMeaZw+lUWMKRJk+kF7tzqDlPfEJWW3qHPIEHfBwLiqoohVb LxvkDC9BWpNaeDHctRqienJ3ZZON169HhpzcDxE8YWSfGB2HYCbqADwwLXyaucskfnn3 A2UlcVynuYn0BmIw5FKPE6k370X2lCDyVvbL4zUfxlDg8rerc3TqZ/VOURKFc0dWltMK 2whw== X-Gm-Message-State: APjAAAWe4ME8xahgEdlg4J9oA95Qxi+BNtyA3nArBjuUY4YzYSjSGZLm ddmbVTcA0KR5KCpxNhCq3KYYCeGAUzxhkCmt7x5AI9IyPIzPOCf80vFpLmstadqgbYhb5yKuIbC k+iA0lslTltDIYzgeGUmux2GaoUnxDGA4hy/mtELXtSiFv6nt44V8ieUpr9Qd+l8= X-Received: by 2002:aa7:d68e:: with SMTP id d14mr107613220edr.253.1564586038604; Wed, 31 Jul 2019 08:13:58 -0700 (PDT) X-Received: by 2002:aa7:d68e:: with SMTP id d14mr107613073edr.253.1564586037216; Wed, 31 Jul 2019 08:13:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586037; cv=none; d=google.com; s=arc-20160816; b=ekcsyRrei/7+OtSJ56Bb7aeEkD9W+qWo5bH1wNt1iu/FY4/ARBi+uJejaflrkVCVLc PqaluCaewT4SSGWEYCAWuEp1NuklduI/wyMBQylztlVlD4xQWSWXLzHoqm80xp/jkM41 mqMvdZbkA8DWG0mKgcP8PHhYKOU/sKQmhBzuydR2AUYD2mA9gbO9c3kQsy8QhRnx6LXy Jnw3lXkK4P+EGhCeu7QxWNBls75eTEbHLYlGAckXqQK8uIHBFm5EO7h0N8qVgXn/1HfX g1IQbT4RFZzQzOWQFUn3izBo9zOsvrt5Izmv6aTwi8wKooXTqoKtm/VXiK8KmAqJuVPs Khng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=giiClMAwHghspubxRJeU98UBj4kcy5uaSNNQ5yHBQr8=; b=uDZEMlvH0LsYGMjXeMl4oEnf1zWXt0UYd7w2kT5rQ3Oqjy693HzVA+sIp95BJwHt+L 3l+8wi9kWFDUPA5BwlwiSldXtcJfDDx8h4jYMW4QQrU9iBDeNYdXqhVZZhC1Z7GgE20+ AD5sbwV65GsPye3MdufHI0kXf0Y5jdxQe9QsaUcP/+F8gHzH7x+6TpUuBQSItZh8blXG DI95udcUpVoGzMvmApdGIZjbijT31C8siovh3YkQkLSoKJZsM9k6RnK9kMHio5JHh/LR MWsVxFnqt9wDYZvAdbY9UVUaKlQwYEQSwHc9RU+pJF4Z0zRf52p4+OL7/3Qr/NMYytAH vu+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=YaTXMBHe; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id l33sor52320983edd.23.2019.07.31.08.13.57 for (Google Transport Security); Wed, 31 Jul 2019 08:13:57 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=YaTXMBHe; spf=neutral (google.com: 209.85.220.65 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=giiClMAwHghspubxRJeU98UBj4kcy5uaSNNQ5yHBQr8=; b=YaTXMBHevd+rhxg7oKsHgnNx749IFnPZBGV8uL7sZwZst8GkM7+TgJ5hOEwl+8ch77 0SnQ660ccq3nonm+oPVfiPClF1RSRdsFcsOmiSCMAee/860JmulRtpJu6ZVUPIXxPpab A4HPUmoMK+oL/ZYU5z/0aKIN4ZyJj82QmP1VUkYEBl9uw4vslQvBcp1bM5ghPUhjzxVC giBVV/0crRxnqKUVAJjYi7W4wag0HivWwFFhHGvLdDIRmm1PDwxpL1ZVySWrGgKoEpQY GhlGRvNmW51GC9GcIML/xNJIoQeLdRe0qiR4tweLB/NiOTOi4OWFj5nMUqbAYuKnK/j8 MnLQ== X-Google-Smtp-Source: APXvYqwa7uk1eoCfkAn/mJHFtQFBKd5911qUgdeykZm3YPTTj3MkDFh75r+Wsq0y3PI0U1ZEMWspDg== X-Received: by 2002:aa7:dd09:: with SMTP id i9mr109849959edv.193.1564586036906; Wed, 31 Jul 2019 08:13:56 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id t13sm17047248edd.13.2019.07.31.08.13.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:13:53 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 8EA5E1048AA; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 58/59] x86/mktme: Document the MKTME API for anonymous memory encryption Date: Wed, 31 Jul 2019 18:08:12 +0300 Message-Id: <20190731150813.26289-59-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- Documentation/x86/mktme/index.rst | 1 + Documentation/x86/mktme/mktme_encrypt.rst | 56 +++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 Documentation/x86/mktme/mktme_encrypt.rst diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst index 8cf2b7d62091..ca3c76adc596 100644 --- a/Documentation/x86/mktme/index.rst +++ b/Documentation/x86/mktme/index.rst @@ -9,3 +9,4 @@ Multi-Key Total Memory Encryption (MKTME) mktme_mitigations mktme_configuration mktme_keys + mktme_encrypt diff --git a/Documentation/x86/mktme/mktme_encrypt.rst b/Documentation/x86/mktme/mktme_encrypt.rst new file mode 100644 index 000000000000..6dc8ae11f1cb --- /dev/null +++ b/Documentation/x86/mktme/mktme_encrypt.rst @@ -0,0 +1,56 @@ +MKTME API: system call encrypt_mprotect() +========================================= + +Synopsis +-------- +int encrypt_mprotect(void \*addr, size_t len, int prot, key_serial_t serial); + +Where *key_serial_t serial* is the serial number of a key allocated +using the MKTME Key Service. + +Description +----------- + encrypt_mprotect() encrypts the memory pages containing any part + of the address range in the interval specified by addr and len. + + encrypt_mprotect() supports the legacy mprotect() behavior plus + the enabling of memory encryption. That means that in addition + to encrypting the memory, the protection flags will be updated + as requested in the call. + + The *addr* and *len* must be aligned to a page boundary. + + The caller must have *KEY_NEED_VIEW* permission on the key. + + The memory that is to be protected must be mapped *ANONYMOUS*. + +Errors +------ + In addition to the Errors returned from legacy mprotect() + encrypt_mprotect will return: + + ENOKEY *serial* parameter does not represent a valid key. + + EINVAL *len* parameter is not page aligned. + + EACCES Caller does not have *KEY_NEED_VIEW* permission on the key. + +EXAMPLE +-------- + Allocate an MKTME Key:: + serial = add_key("mktme", "name", "type=cpu algorithm=aes-xts-128" @u + + Map ANONYMOUS memory:: + ptr = mmap(NULL, size, PROT_NONE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0); + + Protect memory:: + ret = syscall(SYS_encrypt_mprotect, ptr, size, PROT_READ|PROT_WRITE, + serial); + + Use the encrypted memory + + Free memory:: + ret = munmap(ptr, size); + + Free the key resource:: + ret = keyctl(KEYCTL_INVALIDATE, serial); From patchwork Wed Jul 31 15:08:13 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A . Shutemov" X-Patchwork-Id: 11068315 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 930861399 for ; Wed, 31 Jul 2019 15:23:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7D854201F5 for ; Wed, 31 Jul 2019 15:23:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 70C6B21327; Wed, 31 Jul 2019 15:23:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E9971212BE for ; Wed, 31 Jul 2019 15:23:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 191498E0039; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 11B4D8E0007; Wed, 31 Jul 2019 11:23:50 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EFD918E0039; Wed, 31 Jul 2019 11:23:49 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-ed1-f70.google.com (mail-ed1-f70.google.com [209.85.208.70]) by kanga.kvack.org (Postfix) with ESMTP id 9D0028E0007 for ; Wed, 31 Jul 2019 11:23:49 -0400 (EDT) Received: by mail-ed1-f70.google.com with SMTP id b33so42604852edc.17 for ; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:dkim-signature:from:to:cc:subject:date :message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=rpVydprU+qUIbG2ieS0/pcejmTH1ILSgd/PE5xIU2l8=; b=js5w7eKl6OsGlSiXKse9YDiaGqDt+Y82AH2eO+ByuKwduXr8BsQGgJBi5AqzTi0FJE 7ug4knqsOPsoU7/ggtJAqN6Ght8UrElGhedi/TLg8HspKlvOgyndKv4MzSOV8LOj5OC/ JnbFXLt2OJp0OiYWujGKxSXBbsxJuCCQIjktK+ufN8+oPxGALUVPzWOMJQyUzzMzsgCD Y0mLQkFAxNQRUTT6MvJOZgKUshlJ7YZ6E0muc6dbQQWNU3i1FsK8blZIdQRvySZcMgF+ fQk+F2XDg0BZYNZXIRkBnJczvc+2dVAS13f56jN7korAbD+9rMXs4AS3rckb5tYupZx4 eyMg== X-Gm-Message-State: APjAAAVeBMSTncQl0CqSxOI1ujxPVpwFlYFTVg6wE5keW2ReMEGfXbE5 0arstHiy63byW+cTYkHN0BHxqLKNmWXQAIjJmERa0fyhQMScKJ4Wymx+Kd3vrkGICG8PU+IUr3U e/z/lsh1bTzIdsBPP3GJzqj2X73M/ZMKxdKcEGXCaAPQ2iGQPAJMc4659/ERpjhU= X-Received: by 2002:a17:906:499a:: with SMTP id p26mr31771441eju.308.1564586629195; Wed, 31 Jul 2019 08:23:49 -0700 (PDT) X-Received: by 2002:a17:906:499a:: with SMTP id p26mr31771362eju.308.1564586627967; Wed, 31 Jul 2019 08:23:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564586627; cv=none; d=google.com; s=arc-20160816; b=vhqrjVfBpYj3Rz2Hh+fmOufRfoZ+Wrxies0PSrMqH95rrl+IHdYBLQw2R5XRRjGKvH fJeHg1Pad6vKrHWio37xqH/LxsXFyi0VQhN2NEvUU+KHgEy8QcrFMgPfRXr483nQkwkW VEdAV3+snVZdAupddVrZYvxMTq3s0nSJ5W6MinilT9+ywe6BqEytNlm7xEvnYEDvEMTC 2kH0nhfGd6VAOK7Q3vbR7AX7sStrQ6HjEMMwuwgy9QTLffJJda+o9W/UzoW2VhmvYUcC czznlpRoSVnlzRHgO0a6NX2c1IHEeHg/6hMVC9wfGl+zxVPpENALPylNIVn+RwcXUzro 1fpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=rpVydprU+qUIbG2ieS0/pcejmTH1ILSgd/PE5xIU2l8=; b=MBYImTpk5MMRzt7Nljy/3aUPldtWFejqn6czHbIjO3ICNFiOTMNxbueAY5Jd3NLlOb E78DXQIuIs522nAtcyKevRKjHs+DrlCpjgXBDueoQFrOLY4xq3ViOnFHD5Mqtmp8rG4+ A3K8u34uNv7kTp8VY7Q1oTi1QabwTVZxo3n+Or82OGxoCEXEOEEbOQC79WTpJ8NbUIIg W8SMX+ai5MMa4LM2fGil94tV3656WSGdDO4zs6A9HuQb/CrI1GhJh7p5xmhZ6qlAFNVA q+Mmx+FnMTFxqdh8w4HHYhNVrDv6/rcDSw/ZT+0cY72tU+OUZllQfobaNQyvHH6XEo6/ GMHA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="DRp4/04Q"; spf=neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id g11sor13547196edy.18.2019.07.31.08.23.47 for (Google Transport Security); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) client-ip=209.85.220.41; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b="DRp4/04Q"; spf=neutral (google.com: 209.85.220.41 is neither permitted nor denied by best guess record for domain of kirill@shutemov.name) smtp.mailfrom=kirill@shutemov.name DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=rpVydprU+qUIbG2ieS0/pcejmTH1ILSgd/PE5xIU2l8=; b=DRp4/04Ql9tuwZ8HmklcrVGbpbwpqyiHWrb5OFmDW/SEC8peDq2WPBaUHFkAudB5fO O6QRunFSo/ysHy81uSqyDDbaDB0RbNas5DoSFJjERVndASSmEQlNkxI6m4UzvLb1lYXe HR9PxFKm/WpkDGRuHh7/II3kWjLslUMYjW15KfsW1uUXxZKw3qH1ykdFZqetYNR65uFr gcHNHUE6tyTdsEhVT4TE8EFJvr35k771sHCQxS/OJ1ZA0dTfkaCGA+sR1YMCZ/ySG35J zgO0k7b/GKJH49Q3m+NOFpVJ9izt7DqzZczYOnuYmoEesdA/OGp8B5vhT4m926rqes+k RWuQ== X-Google-Smtp-Source: APXvYqzHNAWdNlgTeKpfoNbFrJilyAoYtl9yAfdpOnAx37mkMd2b2DlC485Nke0u/zSmR8xGQJj0mw== X-Received: by 2002:aa7:ca45:: with SMTP id j5mr106898585edt.217.1564586627658; Wed, 31 Jul 2019 08:23:47 -0700 (PDT) Received: from box.localdomain ([86.57.175.117]) by smtp.gmail.com with ESMTPSA id j12sm12429043ejd.30.2019.07.31.08.23.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 31 Jul 2019 08:23:47 -0700 (PDT) From: "Kirill A. Shutemov" X-Google-Original-From: "Kirill A. Shutemov" Received: by box.localdomain (Postfix, from userid 1000) id 957D31048AB; Wed, 31 Jul 2019 18:08:17 +0300 (+03) To: Andrew Morton , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , David Howells Cc: Kees Cook , Dave Hansen , Kai Huang , Jacob Pan , Alison Schofield , linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 59/59] x86/mktme: Demonstration program using the MKTME APIs Date: Wed, 31 Jul 2019 18:08:13 +0300 Message-Id: <20190731150813.26289-60-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> References: <20190731150813.26289-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Alison Schofield Signed-off-by: Alison Schofield Signed-off-by: Kirill A. Shutemov --- Documentation/x86/mktme/index.rst | 1 + Documentation/x86/mktme/mktme_demo.rst | 53 ++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 Documentation/x86/mktme/mktme_demo.rst diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst index ca3c76adc596..3af322d13225 100644 --- a/Documentation/x86/mktme/index.rst +++ b/Documentation/x86/mktme/index.rst @@ -10,3 +10,4 @@ Multi-Key Total Memory Encryption (MKTME) mktme_configuration mktme_keys mktme_encrypt + mktme_demo diff --git a/Documentation/x86/mktme/mktme_demo.rst b/Documentation/x86/mktme/mktme_demo.rst new file mode 100644 index 000000000000..5af78617f887 --- /dev/null +++ b/Documentation/x86/mktme/mktme_demo.rst @@ -0,0 +1,53 @@ +Demonstration Program using MKTME API's +======================================= + +/* Compile with the keyutils library: cc -o mdemo mdemo.c -lkeyutils */ + +#include +#include +#include +#include +#include +#include +#include + +#define PAGE_SIZE sysconf(_SC_PAGE_SIZE) +#define sys_encrypt_mprotect 434 + +void main(void) +{ + char *options_CPU = "algorithm=aes-xts-128 type=cpu"; + long size = PAGE_SIZE; + key_serial_t key; + void *ptra; + int ret; + + /* Allocate an MKTME Key */ + key = add_key("mktme", "testkey", options_CPU, strlen(options_CPU), + KEY_SPEC_THREAD_KEYRING); + + if (key == -1) { + printf("addkey FAILED\n"); + return; + } + /* Map a page of ANONYMOUS memory */ + ptra = mmap(NULL, size, PROT_NONE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0); + if (!ptra) { + printf("failed to mmap"); + goto inval_key; + } + /* Encrypt that page of memory with the MKTME Key */ + ret = syscall(sys_encrypt_mprotect, ptra, size, PROT_NONE, key); + if (ret) + printf("mprotect error [%d]\n", ret); + + /* Enjoy that page of encrypted memory */ + + /* Free the memory */ + ret = munmap(ptra, size); + +inval_key: + /* Free the Key */ + if (keyctl(KEYCTL_INVALIDATE, key) == -1) + printf("invalidate failed on key [%d]\n", key); +}