| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170516173541.q2rbh5dhkluzsjae@pd.tnic>
Date: Tue, 16 May 2017 19:35:41 +0200
From: Borislav Petkov <bp@...en8.de>
To: Tom Lendacky <thomas.lendacky@....com>
Cc: linux-arch@...r.kernel.org, linux-efi@...r.kernel.org,
kvm@...r.kernel.org, linux-doc@...r.kernel.org, x86@...nel.org,
kexec@...ts.infradead.org, linux-kernel@...r.kernel.org,
kasan-dev@...glegroups.com, linux-mm@...ck.org,
iommu@...ts.linux-foundation.org, Rik van Riel <riel@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
Toshimitsu Kani <toshi.kani@....com>,
Arnd Bergmann <arnd@...db.de>,
Jonathan Corbet <corbet@....net>,
Matt Fleming <matt@...eblueprint.co.uk>,
"Michael S. Tsirkin" <mst@...hat.com>,
Joerg Roedel <joro@...tes.org>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Larry Woodman <lwoodman@...hat.com>,
Brijesh Singh <brijesh.singh@....com>,
Ingo Molnar <mingo@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Dave Young <dyoung@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: [PATCH v5 26/32] x86, drm, fbdev: Do not specify encrypted
memory for video mappings
On Tue, Apr 18, 2017 at 04:20:56PM -0500, Tom Lendacky wrote:
> Since video memory needs to be accessed decrypted, be sure that the
> memory encryption mask is not set for the video ranges.
>
> Signed-off-by: Tom Lendacky <thomas.lendacky@....com>
> ---
> arch/x86/include/asm/vga.h | 13 +++++++++++++
> arch/x86/mm/pageattr.c | 2 ++
> drivers/gpu/drm/drm_gem.c | 2 ++
> drivers/gpu/drm/drm_vm.c | 4 ++++
> drivers/gpu/drm/ttm/ttm_bo_vm.c | 7 +++++--
> drivers/gpu/drm/udl/udl_fb.c | 4 ++++
> drivers/video/fbdev/core/fbmem.c | 12 ++++++++++++
> 7 files changed, 42 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/include/asm/vga.h b/arch/x86/include/asm/vga.h
> index c4b9dc2..5c7567a 100644
> --- a/arch/x86/include/asm/vga.h
> +++ b/arch/x86/include/asm/vga.h
> @@ -7,12 +7,25 @@
> #ifndef _ASM_X86_VGA_H
> #define _ASM_X86_VGA_H
>
> +#include <asm/cacheflush.h>
> +
> /*
> * On the PC, we can just recalculate addresses and then
> * access the videoram directly without any black magic.
> + * To support memory encryption however, we need to access
> + * the videoram as decrypted memory.
> */
>
> +#ifdef CONFIG_AMD_MEM_ENCRYPT
> +#define VGA_MAP_MEM(x, s) \
> +({ \
> + unsigned long start = (unsigned long)phys_to_virt(x); \
> + set_memory_decrypted(start, (s) >> PAGE_SHIFT); \
> + start; \
> +})
> +#else
> #define VGA_MAP_MEM(x, s) (unsigned long)phys_to_virt(x)
> +#endif
Can we push the check in and save us the ifdeffery?
#define VGA_MAP_MEM(x, s) \
({ \
unsigned long start = (unsigned long)phys_to_virt(x); \
\
if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) \
set_memory_decrypted(start, (s) >> PAGE_SHIFT); \
\
start; \
})
It does build here. :)
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
Powered by blists - more mailing lists