lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 May 2017 19:35:41 +0200 From: Borislav Petkov <bp@...en8.de> To: Tom Lendacky <thomas.lendacky@....com> Cc: linux-arch@...r.kernel.org, linux-efi@...r.kernel.org, kvm@...r.kernel.org, linux-doc@...r.kernel.org, x86@...nel.org, kexec@...ts.infradead.org, linux-kernel@...r.kernel.org, kasan-dev@...glegroups.com, linux-mm@...ck.org, iommu@...ts.linux-foundation.org, Rik van Riel <riel@...hat.com>, Radim Krčmář <rkrcmar@...hat.com>, Toshimitsu Kani <toshi.kani@....com>, Arnd Bergmann <arnd@...db.de>, Jonathan Corbet <corbet@....net>, Matt Fleming <matt@...eblueprint.co.uk>, "Michael S. Tsirkin" <mst@...hat.com>, Joerg Roedel <joro@...tes.org>, Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>, Paolo Bonzini <pbonzini@...hat.com>, Larry Woodman <lwoodman@...hat.com>, Brijesh Singh <brijesh.singh@....com>, Ingo Molnar <mingo@...hat.com>, Andy Lutomirski <luto@...nel.org>, "H. Peter Anvin" <hpa@...or.com>, Andrey Ryabinin <aryabinin@...tuozzo.com>, Alexander Potapenko <glider@...gle.com>, Dave Young <dyoung@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Dmitry Vyukov <dvyukov@...gle.com> Subject: Re: [PATCH v5 26/32] x86, drm, fbdev: Do not specify encrypted memory for video mappings On Tue, Apr 18, 2017 at 04:20:56PM -0500, Tom Lendacky wrote: > Since video memory needs to be accessed decrypted, be sure that the > memory encryption mask is not set for the video ranges. > > Signed-off-by: Tom Lendacky <thomas.lendacky@....com> > --- > arch/x86/include/asm/vga.h | 13 +++++++++++++ > arch/x86/mm/pageattr.c | 2 ++ > drivers/gpu/drm/drm_gem.c | 2 ++ > drivers/gpu/drm/drm_vm.c | 4 ++++ > drivers/gpu/drm/ttm/ttm_bo_vm.c | 7 +++++-- > drivers/gpu/drm/udl/udl_fb.c | 4 ++++ > drivers/video/fbdev/core/fbmem.c | 12 ++++++++++++ > 7 files changed, 42 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/include/asm/vga.h b/arch/x86/include/asm/vga.h > index c4b9dc2..5c7567a 100644 > --- a/arch/x86/include/asm/vga.h > +++ b/arch/x86/include/asm/vga.h > @@ -7,12 +7,25 @@ > #ifndef _ASM_X86_VGA_H > #define _ASM_X86_VGA_H > > +#include <asm/cacheflush.h> > + > /* > * On the PC, we can just recalculate addresses and then > * access the videoram directly without any black magic. > + * To support memory encryption however, we need to access > + * the videoram as decrypted memory. > */ > > +#ifdef CONFIG_AMD_MEM_ENCRYPT > +#define VGA_MAP_MEM(x, s) \ > +({ \ > + unsigned long start = (unsigned long)phys_to_virt(x); \ > + set_memory_decrypted(start, (s) >> PAGE_SHIFT); \ > + start; \ > +}) > +#else > #define VGA_MAP_MEM(x, s) (unsigned long)phys_to_virt(x) > +#endif Can we push the check in and save us the ifdeffery? #define VGA_MAP_MEM(x, s) \ ({ \ unsigned long start = (unsigned long)phys_to_virt(x); \ \ if (IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT)) \ set_memory_decrypted(start, (s) >> PAGE_SHIFT); \ \ start; \ }) It does build here. :) -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.
Powered by blists - more mailing lists