[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fc6a47ca-1b16-eba5-d15e-ca294e01af93@redhat.com>
Date: Mon, 9 Jul 2018 21:55:35 +0800
From: lijiang <lijiang@...hat.com>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, mingo@...hat.com, tglx@...utronix.de,
hpa@...or.com, ebiederm@...ssion.com, joro@...tes.org,
thomas.lendacky@....com, dyoung@...hat.com,
kexec@...ts.infradead.org, iommu@...ts.linux-foundation.org,
bhe@...hat.com
Subject: Re: [PATCH 1/5 V5] Add a function(ioremap_encrypted) for kdump when
AMD sme enabled
在 2018年07月09日 17:29, Borislav Petkov 写道:
> On Mon, Jul 09, 2018 at 02:28:11PM +0800, lijiang wrote:
>> Last week, I had tried many ways to do this work, but it looks
>> like that the ways of deducing address is not suitable to another
>> scenarios, such as mapping some devices mmio space, which are
>> unencrypted, and the device mmio space is outside kdump kernel like
>> the old memory, but the old memory is encrypted, we can't find the
>> general rules to decide when to encrypt or not.
>
> If we can't find the "general rules" how is the caller supposed to know
> how to access the memory?
>
About this issue, i want to use an example to describe it.
/* drivers/iommu/amd_iommu_init.c */
static u8 __iomem * __init iommu_map_mmio_space(u64 address, u64 end)
{
if (!request_mem_region(address, end, "amd_iommu")) {
pr_err("AMD-Vi: Can not reserve memory region %llx-%llx for mmio\n",
address, end);
pr_err("AMD-Vi: This is a BIOS bug. Please contact your hardware vendor\n");
return NULL;
}
return (u8 __iomem *)ioremap_nocache(address, end);
}
[root@...dl385g10-03 linux]# cat /proc/iomem |grep -i crash
7fa000000-879ffffff : Crash kernel
[root@...dl385g10-03 linux]# cat /proc/iomem |grep amd_iommu
9c800000-9c87ffff : amd_iommu
a9800000-a987ffff : amd_iommu
b6800000-b687ffff : amd_iommu
c3800000-c387ffff : amd_iommu
d0800000-d087ffff : amd_iommu
dd800000-dd87ffff : amd_iommu
ea800000-ea87ffff : amd_iommu
fd800000-fd87ffff : amd_iommu
Obviously, the iommu mmio space is not encrypted, and the device mmio space is outside kdump
kernel. We know that the old memory is encrypted, and the old memory is also outside kdump
kernel. For the current case, e820__get_entry_type() and walk_iomem_res_desc() can't get the
desired result, so we can't also decide whether encryption or not according to this result(rules).
If we want to know whether encryption or not by deducing the address, we will need to read
the content of memory and have a reference value for comparison, then what's a reference value?
Sometimes we don't know that.
Regards,
Lianbo
Powered by blists - more mailing lists