lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Aug 2021 13:09:02 -0700 From: "Kuppuswamy, Sathyanarayanan" <sathyanarayanan.kuppuswamy@...ux.intel.com> To: Tom Lendacky <thomas.lendacky@....com>, linux-kernel@...r.kernel.org, x86@...nel.org, linuxppc-dev@...ts.ozlabs.org, linux-s390@...r.kernel.org, iommu@...ts.linux-foundation.org, kvm@...r.kernel.org, linux-efi@...r.kernel.org, platform-driver-x86@...r.kernel.org, linux-graphics-maintainer@...are.com, amd-gfx@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, kexec@...ts.infradead.org, linux-fsdevel@...r.kernel.org Cc: Borislav Petkov <bp@...en8.de>, Brijesh Singh <brijesh.singh@....com>, Joerg Roedel <joro@...tes.org>, Andi Kleen <ak@...ux.intel.com>, Tianyu Lan <Tianyu.Lan@...rosoft.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, Andy Lutomirski <luto@...nel.org>, Peter Zijlstra <peterz@...radead.org>, David Airlie <airlied@...ux.ie>, Daniel Vetter <daniel@...ll.ch>, Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>, Maxime Ripard <mripard@...nel.org>, Thomas Zimmermann <tzimmermann@...e.de>, Will Deacon <will@...nel.org>, Dave Young <dyoung@...hat.com>, Baoquan He <bhe@...hat.com>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com> Subject: Re: [PATCH 07/11] treewide: Replace the use of mem_encrypt_active() with prot_guest_has() On 8/10/21 12:48 PM, Tom Lendacky wrote: > On 8/10/21 1:45 PM, Kuppuswamy, Sathyanarayanan wrote: >> >> >> On 7/27/21 3:26 PM, Tom Lendacky wrote: >>> diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c >>> index de01903c3735..cafed6456d45 100644 >>> --- a/arch/x86/kernel/head64.c >>> +++ b/arch/x86/kernel/head64.c >>> @@ -19,7 +19,7 @@ >>> #include <linux/start_kernel.h> >>> #include <linux/io.h> >>> #include <linux/memblock.h> >>> -#include <linux/mem_encrypt.h> >>> +#include <linux/protected_guest.h> >>> #include <linux/pgtable.h> >>> #include <asm/processor.h> >>> @@ -285,7 +285,7 @@ unsigned long __head __startup_64(unsigned long >>> physaddr, >>> * there is no need to zero it after changing the memory encryption >>> * attribute. >>> */ >>> - if (mem_encrypt_active()) { >>> + if (prot_guest_has(PATTR_MEM_ENCRYPT)) { >>> vaddr = (unsigned long)__start_bss_decrypted; >>> vaddr_end = (unsigned long)__end_bss_decrypted; >> >> >> Since this change is specific to AMD, can you replace PATTR_MEM_ENCRYPT with >> prot_guest_has(PATTR_SME) || prot_guest_has(PATTR_SEV). It is not used in >> TDX. > > This is a direct replacement for now. I think the change you're requesting > should be done as part of the TDX support patches so it's clear why it is > being changed. Ok. I will include it part of TDX changes. > > But, wouldn't TDX still need to do something with this shared/unencrypted > area, though? Or since it is shared, there's actually nothing you need to > do (the bss decrpyted section exists even if CONFIG_AMD_MEM_ENCRYPT is not > configured)? Kirill had a requirement to turn on CONFIG_AMD_MEM_ENCRYPT for adding lazy accept support in TDX guest kernel. Kirill, can you add details here? > > Thanks, > Tom > >> -- Sathyanarayanan Kuppuswamy Linux Kernel Developer
Powered by blists - more mailing lists