| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240104103047.GDZZaI11z9Htj3XS/P@fat_crate.local>
Date: Thu, 4 Jan 2024 11:30:47 +0100
From: Borislav Petkov <bp@...en8.de>
To: Michael Roth <michael.roth@....com>
Cc: x86@...nel.org, kvm@...r.kernel.org, linux-coco@...ts.linux.dev,
linux-mm@...ck.org, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...hat.com,
jroedel@...e.de, thomas.lendacky@....com, hpa@...or.com,
ardb@...nel.org, pbonzini@...hat.com, seanjc@...gle.com,
vkuznets@...hat.com, jmattson@...gle.com, luto@...nel.org,
dave.hansen@...ux.intel.com, slp@...hat.com, pgonda@...gle.com,
peterz@...radead.org, srinivas.pandruvada@...ux.intel.com,
rientjes@...gle.com, tobin@....com, vbabka@...e.cz,
kirill@...temov.name, ak@...ux.intel.com, tony.luck@...el.com,
sathyanarayanan.kuppuswamy@...ux.intel.com, alpergun@...gle.com,
jarkko@...nel.org, ashish.kalra@....com, nikunj.dadhania@....com,
pankaj.gupta@....com, liam.merwick@...cle.com, zhi.a.wang@...el.com
Subject: Re: [PATCH v1 03/26] iommu/amd: Don't rely on external callers to
enable IOMMU SNP support
On Sat, Dec 30, 2023 at 10:19:31AM -0600, Michael Roth wrote:
> +static void iommu_snp_enable(void)
> +{
> +#ifdef CONFIG_KVM_AMD_SEV
> + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP))
> + return;
> + /*
> + * The SNP support requires that IOMMU must be enabled, and is
> + * not configured in the passthrough mode.
> + */
> + if (no_iommu || iommu_default_passthrough()) {
> + pr_err("SNP: IOMMU is disabled or configured in passthrough mode, SNP cannot be supported.\n");
> + return;
> + }
> +
> + amd_iommu_snp_en = check_feature(FEATURE_SNP);
> + if (!amd_iommu_snp_en) {
> + pr_err("SNP: IOMMU SNP feature is not enabled, SNP cannot be supported.\n");
> + return;
> + }
> +
> + pr_info("IOMMU SNP support is enabled.\n");
> +
> + /* Enforce IOMMU v1 pagetable when SNP is enabled. */
> + if (amd_iommu_pgtable != AMD_IOMMU_V1) {
> + pr_warn("Forcing use of AMD IOMMU v1 page table due to SNP.\n");
> + amd_iommu_pgtable = AMD_IOMMU_V1;
> + }
Kernel code usually says simple "<bla> enabled" not "<bla> is enabled".
Other than that, LGTM.
---
diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c
index 1ed2ef22a0fb..2f1517acaba0 100644
--- a/drivers/iommu/amd/init.c
+++ b/drivers/iommu/amd/init.c
@@ -3231,17 +3231,17 @@ static void iommu_snp_enable(void)
* not configured in the passthrough mode.
*/
if (no_iommu || iommu_default_passthrough()) {
- pr_err("SNP: IOMMU is disabled or configured in passthrough mode, SNP cannot be supported.\n");
+ pr_err("SNP: IOMMU disabled or configured in passthrough mode, SNP cannot be supported.\n");
return;
}
amd_iommu_snp_en = check_feature(FEATURE_SNP);
if (!amd_iommu_snp_en) {
- pr_err("SNP: IOMMU SNP feature is not enabled, SNP cannot be supported.\n");
+ pr_err("SNP: IOMMU SNP feature not enabled, SNP cannot be supported.\n");
return;
}
- pr_info("IOMMU SNP support is enabled.\n");
+ pr_info("IOMMU SNP support enabled.\n");
/* Enforce IOMMU v1 pagetable when SNP is enabled. */
if (amd_iommu_pgtable != AMD_IOMMU_V1) {
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists