| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Nov 2016 11:08:37 -0600
From: Tom Lendacky <thomas.lendacky@....com>
To: Borislav Petkov <bp@...en8.de>
CC: Joerg Roedel <joro@...tes.org>, <linux-arch@...r.kernel.org>,
<linux-efi@...r.kernel.org>, <kvm@...r.kernel.org>,
<linux-doc@...r.kernel.org>, <x86@...nel.org>,
<linux-kernel@...r.kernel.org>, <kasan-dev@...glegroups.com>,
<linux-mm@...ck.org>, <iommu@...ts.linux-foundation.org>,
Rik van Riel <riel@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
Arnd Bergmann <arnd@...db.de>,
Jonathan Corbet <corbet@....net>,
Matt Fleming <matt@...eblueprint.co.uk>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Larry Woodman <lwoodman@...hat.com>,
Ingo Molnar <mingo@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: [RFC PATCH v3 04/20] x86: Handle reduction in physical address
size with SME
On 11/15/2016 10:33 AM, Borislav Petkov wrote:
> On Tue, Nov 15, 2016 at 10:06:16AM -0600, Tom Lendacky wrote:
>> Yes, but that doesn't relate to the physical address space reduction.
>>
>> Once the SYS_CFG MSR bit for SME is set, even if the encryption bit is
>> never used, there is a physical reduction of the address space. So when
>> checking whether to adjust the physical address bits I can't rely on the
>> sme_me_mask, I have to look at the MSR.
>>
>> But when I'm looking to decide whether to encrypt or decrypt something,
>> I use the sme_me_mask to decide if that is needed. If the sme_me_mask
>> is not set then the encrypt/decrypt op shouldn't be performed.
>>
>> I might not be grasping the point you're trying to make...
>
> Ok, let me try to summarize how I see it. There are a couple of states:
>
> * CPUID bit in 0x8000001f - that's SME supported
>
> * Reduction of address space - MSR bit. That could be called "SME
> BIOS-eenabled".
>
> * SME active. That's both of the above and is sme_me_mask != 0.
>
> Right?
Correct.
>
> So you said previously "The feature may be present and enabled even if
> it is not currently active."
>
> But then you say "active" below
>
>>> And in patch 12 you have:
>>>
>>> + /*
>>> + * If memory encryption is active, the trampoline area will need to
>>> + * be in un-encrypted memory in order to bring up other processors
>>> + * successfully.
>>> + */
>>> + sme_early_mem_dec(__pa(base), size);
>>> + sme_set_mem_unenc(base, size);
>
> and test sme_me_mask. Which makes sense now after having explained which
> hw setting controls what.
>
> So can we agree on the nomenclature for all the different SME states
> first and use those throughout the code? And hold those states down in
> Documentation/x86/amd-memory-encryption.txt so that it is perfectly
> clear to people looking at the code.
Yup, that sounds good. I'll update the documentation to clarify the
various states/modes of SME.
>
> Also, if we need to check those states more than once, we should add
> inline helpers:
>
> sme_supported()
> sme_bios_enabled()
> sme_active()
>
> How does that sound?
Sounds good.
Thanks,
Tom
>
Powered by blists - more mailing lists