lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 16 Oct 2017 20:20:08 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Brijesh Singh <brijesh.singh@....com>
Cc:     x86@...nel.org, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...e.de>,
        linux-kernel@...r.kernel.org,
        Tom Lendacky <thomas.lendacky@....com>
Subject: Re: [Part1 PATCH v6 14/17] x86: Add support for changing memory
 encryption attribute in early boot

On Mon, Oct 16, 2017 at 10:34:20AM -0500, Brijesh Singh wrote:
> Some KVM-specific custom MSRs share the guest physical address with the
> hypervisor in early boot. When SEV is active, the shared physical address
> must be mapped with memory encryption attribute cleared so that both
> hypervisor and guest can access the data.
> 
> Add APIs to change the memory encryption attribute in early boot code.
> 
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Ingo Molnar <mingo@...hat.com>
> Cc: "H. Peter Anvin" <hpa@...or.com>
> Cc: Borislav Petkov <bp@...e.de>
> Cc: x86@...nel.org
> Cc: linux-kernel@...r.kernel.org
> Cc: Tom Lendacky <thomas.lendacky@....com>
> Signed-off-by: Brijesh Singh <brijesh.singh@....com>
> ---
> 
> Changes since v5:
> 
> early_set_memory_enc_dec() is enhanced to perform encrypt/decrypt and change
> the C bit in one go. The changes shields the caller from having to check
> the C bit status before changing it and also shield the OS from converting a
> page blindly.
> 
> Boris,
> 
> I removed your R-b since I was not sure if you are okay with the above changes.
> please let me know if you are okay with the changes. thanks

Looks ok, you can readd it, here are only minor comment corrections.
Just send v6.1 as a reply to this message.

Thx.

---
diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c
index b671e91e6a1f..53d11b4d74b7 100644
--- a/arch/x86/mm/mem_encrypt.c
+++ b/arch/x86/mm/mem_encrypt.c
@@ -291,7 +291,7 @@ static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc)
 	else
 		pgprot_val(new_prot) &= ~_PAGE_ENC;
 
-	/* if prot is same then do nothing */
+	/* If prot is same then do nothing. */
 	if (pgprot_val(old_prot) == pgprot_val(new_prot))
 		return;
 
@@ -299,19 +299,19 @@ static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc)
 	size = page_level_size(level);
 
 	/*
-	 * We are going to perform in-place encrypt/decrypt and change the
+	 * We are going to perform in-place en-/decryption and change the
 	 * physical page attribute from C=1 to C=0 or vice versa. Flush the
-	 * caches to ensure that data gets accessed with correct C-bit.
+	 * caches to ensure that data gets accessed with the correct C-bit.
 	 */
 	clflush_cache_range(__va(pa), size);
 
-	/* encrypt/decrypt the contents in-place */
+	/* Encrypt/decrypt the contents in-place */
 	if (enc)
 		sme_early_encrypt(pa, size);
 	else
 		sme_early_decrypt(pa, size);
 
-	/* change the page encryption mask */
+	/* Change the page encryption mask. */
 	new_pte = pfn_pte(pfn, new_prot);
 	set_pte_atomic(kpte, new_pte);
 }
@@ -322,8 +322,8 @@ static int __init early_set_memory_enc_dec(resource_size_t paddr,
 	unsigned long vaddr, vaddr_end, vaddr_next;
 	unsigned long psize, pmask;
 	int split_page_size_mask;
-	pte_t *kpte;
 	int level, ret;
+	pte_t *kpte;
 
 	vaddr = (unsigned long)__va(paddr);
 	vaddr_next = vaddr;
@@ -346,24 +346,23 @@ static int __init early_set_memory_enc_dec(resource_size_t paddr,
 		pmask = page_level_mask(level);
 
 		/*
-		 * Check, whether we can change the large page in one go.
-		 * We request a split, when the address is not aligned and
+		 * Check whether we can change the large page in one go.
+		 * We request a split when the address is not aligned and
 		 * the number of pages to set/clear encryption bit is smaller
 		 * than the number of pages in the large page.
 		 */
 		if (vaddr == (vaddr & pmask) &&
-			((vaddr_end - vaddr) >= psize)) {
+		    ((vaddr_end - vaddr) >= psize)) {
 			__set_clr_pte_enc(kpte, level, enc);
 			vaddr_next = (vaddr & pmask) + psize;
 			continue;
 		}
 
 		/*
-		 * virtual address is part of large page, create the page table
-		 * mapping to use smaller pages (4K or 2M). If virtual address
-		 * is part of 2M page the we request spliting the large page
-		 * into 4K, similarly 1GB large page is requested to split into
-		 * 2M pages.
+		 * The virtual address is part of a larger page, create the next
+		 * level page table mapping (4K or 2M). If it is part of a 2M
+		 * page then we request a split of the large page into 4K
+		 * chunks. A 1GB large page is split into 2M pages, resp.
 		 */
 		if (level == PG_LEVEL_2M)
 			split_page_size_mask = 0;
@@ -376,6 +375,7 @@ static int __init early_set_memory_enc_dec(resource_size_t paddr,
 	}
 
 	ret = 0;
+
 out:
 	__flush_tlb_all();
 	return ret;

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ