From patchwork Wed Sep 8 22:58:32 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508534 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id BEC08C433F5 for ; Wed, 8 Sep 2021 22:59:06 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id A518E61104 for ; Wed, 8 Sep 2021 22:59:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347797AbhIHXAN (ORCPT ); Wed, 8 Sep 2021 19:00:13 -0400 Received: from mail-bn8nam08on2047.outbound.protection.outlook.com ([40.107.100.47]:45793 "EHLO NAM04-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S229997AbhIHXAM (ORCPT ); Wed, 8 Sep 2021 19:00:12 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YTA56BfNzr+WdTzLWf0R7R5bkD3Z2NieabjINt4YklGwrzQtoa4B479oZdwzgc6eMu3rAnDGD24taLyHxbZUdoWubZs6Scmp85TtvdHZc7jeaMCH+xfCVP+7vzKGD2JdnNAgnAeMZU63nLYAj/RKi+xw768Ip2GJkBfZh7wdfiUwXYHTx3C9GbbbbGQBUAXmhtVWpzuQlXj3V8NYydZYbB/C618dON2moNn+CGy7Wk1saCcZdlU7hNdLkEFpp+VAZDxgm36qeyr88XvH7W6lUi/YdCMZv9r/0HwKaMoqYXkn/a17XFlSJaS7MpeyMJCeckA5hpLuuB2aTP/D+Z6cRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=IqGtg1cAr8szUUscL6nSCzLAsTjemz8U/WSliGIExU0=; b=eSExbDz1dU5buWdsM4k9sPqrh822VNRsFzTkOhNaBfE4PsjrN+emkA5X7Bu4UTtc+KUTr0VdzfxqgV4VGrBztMpfG4SUeP4lQxGFGEmf7MTqvrIDYiF7IyBEzJxst7BrPfm1eiRbV8ivRtZWNBp3Nr1CxiJEAf/PPN/xhsS0L16lkIasmfy9uwmzEH+/kSMFg6dFLxiWz11ooBi6O9ublqnfghipeW93y7cilzuBP7NBGjaO+0T6mn5DcVC6iuQ6xUsTAyO8NqvuI1psr/wJUCZJ71Wz6WCJ9ZbYOJoctiJZbikd5bL6bUE5RdV1qjhUVStfKQ+oRJSgzJbhdNx9og== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IqGtg1cAr8szUUscL6nSCzLAsTjemz8U/WSliGIExU0=; b=y/rwPex5PwZ7r32Z/uZquca7YNmifGZVQR+X1FqYvKzav8z5krd9TPLyhOq2Vu7BdCDir+LjVqvr54KM7QB2/J6s5fRafBY6tU/BTvJzGvMV7xmznbBIW+plUPIfLmmWmzeDxZLyzJsOMePIPkxP5jz3yXN8x7WfVW3E6xHY93g= Received: from DM5PR08CA0026.namprd08.prod.outlook.com (2603:10b6:4:60::15) by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Wed, 8 Sep 2021 22:59:02 +0000 Received: from DM6NAM11FT044.eop-nam11.prod.protection.outlook.com (2603:10b6:4:60:cafe::20) by DM5PR08CA0026.outlook.office365.com (2603:10b6:4:60::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT044.mail.protection.outlook.com (10.13.173.185) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:01 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:58:59 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , "Dave Hansen" , Andy Lutomirski , Peter Zijlstra Subject: [PATCH v3 1/8] x86/ioremap: Selectively build arch override encryption functions Date: Wed, 8 Sep 2021 17:58:32 -0500 Message-ID: <3c25da5d5516afbdd868df2f6a6f7d7f241f32d4.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: e3722983-dabc-4172-82ef-08d9731c3ff2 X-MS-TrafficTypeDiagnostic: SA0PR12MB4512: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BUVdzJB5u2MkMrpUqQhlFq51g9QCsOyMJsm8AcsZFHjDTOD+5gRCwagnQ1mHpcPfTJRc1+4Dq71DTnTFraa7vrnxQ1QwBEC/d5V70m3O3BHyIWgCoOTe58RPUpuXv+iHmKgVC99x9k8SRXnMsUOyXrFL7SwHiJRlvrv0M74S91rlPY2UWmaI4yCeINDkK/jc+K9Q8AEcgHu8XbppQLxw4OqsdOiWz5JlN/Hto8+w788fZm3eCLmoHqqvJ2pmx4wiygTMz5grlmY/AaeC3z7TwU0gDn8aMHJqCKJXvorW1rVDYwcnBu92Ol3fFC/tjcpFy7d40fUZU20dp2fiLRymdpKtQvAilSYk+c82Ml/DqAJBRvkFt8mWUCCtgPX0tqI0gcV6O+JDg5SG6sIalG59NmUe2gOJOnpH9fHs9gOBTPflXbrTnXChtuDYU4mOZP8yybsyMt9IMM0q7i7U/1vLOjP4EsnyzxQ+2zqSxQtXzZuYN8xQgTSjQqo83a0ev5ndq4k0JRgsdFeNN6zm1Ic86v4oJp7n6pGfBOIVh4Ms6e+iUyodeiqS3WOoNk5pu57bxFvxOn97s/kRVRN07BTBt+6dhob0FNN7gkjaJV+ha04NW4qAS7etwLwverSvgnn92J65pek37xYTBNBuQSJ+/ujJueHyKbqhuBT5bEtBTPMF/8z4cggbBml9sS08MQ6fMq4ZHzHVWkFjIfT4Zu76GCZQ4kkT7BfVdVYaVaxvPzN5QpH5/LIVflA92OfV8xuVFs/PByC67R0R/w/GqkgpT3efm+Z4/JM3ynEjWYlQorg= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(346002)(376002)(136003)(396003)(39860400002)(36840700001)(46966006)(8676002)(2906002)(7696005)(110136005)(8936002)(478600001)(6666004)(356005)(70206006)(16526019)(316002)(54906003)(36756003)(4326008)(426003)(7416002)(26005)(47076005)(36860700001)(186003)(336012)(83380400001)(81166007)(82310400003)(70586007)(5660300002)(86362001)(921005)(2616005)(82740400003)(2101003)(83996005)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:01.7802 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e3722983-dabc-4172-82ef-08d9731c3ff2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT044.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org In prep for other uses of the cc_platform_has() function besides AMD's memory encryption support, selectively build the AMD memory encryption architecture override functions only when CONFIG_AMD_MEM_ENCRYPT=y. These functions are: - early_memremap_pgprot_adjust() - arch_memremap_can_ram_remap() Additionally, routines that are only invoked by these architecture override functions can also be conditionally built. These functions are: - memremap_should_map_decrypted() - memremap_is_efi_data() - memremap_is_setup_data() - early_memremap_is_setup_data() And finally, phys_mem_access_encrypted() is conditionally built as well, but requires a static inline version of it when CONFIG_AMD_MEM_ENCRYPT is not set. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: Peter Zijlstra Signed-off-by: Tom Lendacky --- arch/x86/include/asm/io.h | 8 ++++++++ arch/x86/mm/ioremap.c | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/io.h b/arch/x86/include/asm/io.h index 841a5d104afa..5c6a4af0b911 100644 --- a/arch/x86/include/asm/io.h +++ b/arch/x86/include/asm/io.h @@ -391,6 +391,7 @@ extern void arch_io_free_memtype_wc(resource_size_t start, resource_size_t size) #define arch_io_reserve_memtype_wc arch_io_reserve_memtype_wc #endif +#ifdef CONFIG_AMD_MEM_ENCRYPT extern bool arch_memremap_can_ram_remap(resource_size_t offset, unsigned long size, unsigned long flags); @@ -398,6 +399,13 @@ extern bool arch_memremap_can_ram_remap(resource_size_t offset, extern bool phys_mem_access_encrypted(unsigned long phys_addr, unsigned long size); +#else +static inline bool phys_mem_access_encrypted(unsigned long phys_addr, + unsigned long size) +{ + return true; +} +#endif /** * iosubmit_cmds512 - copy data to single MMIO location, in 512-bit units diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c index 60ade7dd71bd..ccff76cedd8f 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -508,6 +508,7 @@ void unxlate_dev_mem_ptr(phys_addr_t phys, void *addr) memunmap((void *)((unsigned long)addr & PAGE_MASK)); } +#ifdef CONFIG_AMD_MEM_ENCRYPT /* * Examine the physical address to determine if it is an area of memory * that should be mapped decrypted. If the memory is not part of the @@ -746,7 +747,6 @@ bool phys_mem_access_encrypted(unsigned long phys_addr, unsigned long size) return arch_memremap_can_ram_remap(phys_addr, size, 0); } -#ifdef CONFIG_AMD_MEM_ENCRYPT /* Remap memory with encryption */ void __init *early_memremap_encrypted(resource_size_t phys_addr, unsigned long size) From patchwork Wed Sep 8 22:58:33 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508102 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25B45C43219 for ; Wed, 8 Sep 2021 22:59:18 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 117CC610E9 for ; Wed, 8 Sep 2021 22:59:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347985AbhIHXAX (ORCPT ); Wed, 8 Sep 2021 19:00:23 -0400 Received: from mail-mw2nam08on2064.outbound.protection.outlook.com ([40.107.101.64]:52193 "EHLO NAM04-MW2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1347607AbhIHXAW (ORCPT ); Wed, 8 Sep 2021 19:00:22 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K4nRibuF58rgCsJfRBv76wF4EI1MUP4dUgDnD6U9Fi1ILZxB5fHN00GPTRm74yr78FkU4vNFrp8IipJq7gPWK1Mc5uAjbfFntFTgAWl/XDoEx44bdx+U7ITM7dy5NKzT0L4XP7Et1U9S5kObXxBEAyfO2HCGK2KVsdTCwcln8JTgTM0pAyJF7waa+SKUcqlLEMYhhjLk/DRmG8z7O35BWyEMjOU++9cyiWn1uFsLENCKQOR3czjUYFAk6nRkgnt3MSgxBnDxpGzzY7K+oh+iRbH7CwNmbLnZpVlamJhaKbfh0vwKzZWi6VgfVOVfXFsuawFM+U80C/ew0fZ6UiI74Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=SHft1xeMLhkBPYDzYQt8LaIvbeLOAmhTGlhraPgkBIY=; b=dMvOs05b7NiYSMsx5eSUd4Jplx+iQEq1Ysz5wQBGCAFjEFbYk1Rviut7sk+2X9bdEPWG4rVFZYiYIikurakc/lG/g7vAguTXuIB0ebisrFCXZtuzAtqtR1y5jrKMcL4QGk3Rl1di7bg2NEt/yOrcOF38KzeJY9B4b0M2MjSVTtRGSPTMQ8E64xxelr3hN9wX+ThsClOUHw5cMT/NfIM2bYhxzEOypRhr4ua740CCsskTr4zFbdvOFbC03UGRn50N/BrvLsT//L0o0TahznbdYItJh5ruH3yNPvBNEq7LhNj2wWFl6SS3IX0gdwGrCUUxCjJvTHtZPkXqgBXxkCXYlg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SHft1xeMLhkBPYDzYQt8LaIvbeLOAmhTGlhraPgkBIY=; b=Gitot9eQ8Rj1LNdG4PgLOWNalhBn5T8ewnVfxRY9p+UfgN1j+//B6z9LQxgb9C5P/eMqwt+L++bYbtUW6RLI7tefHhe2PUpcSrpzZH0CwWZ/vzLm/oCRGUJsghqJ3xLbph70y1yPNrG6IUscx4qPoK3GUfYDAm+pFmNBmaYzXuQ= Received: from DM6PR03CA0058.namprd03.prod.outlook.com (2603:10b6:5:100::35) by BN6PR12MB1332.namprd12.prod.outlook.com (2603:10b6:404:15::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Wed, 8 Sep 2021 22:59:09 +0000 Received: from DM6NAM11FT029.eop-nam11.prod.protection.outlook.com (2603:10b6:5:100:cafe::99) by DM6PR03CA0058.outlook.office365.com (2603:10b6:5:100::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT029.mail.protection.outlook.com (10.13.173.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:09 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:07 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig Subject: [PATCH v3 2/8] mm: Introduce a function to check for confidential computing features Date: Wed, 8 Sep 2021 17:58:33 -0500 Message-ID: <0a7618d54e7e954ee56c22ad1b94af2ffe69543a.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 66d45662-8a16-4741-b832-08d9731c4478 X-MS-TrafficTypeDiagnostic: BN6PR12MB1332: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: me1ISZsQ9Q/ZTy9AcUK/cEFHVLwQh0tIjmGXIgWFCAEjrStdEI4h7+mBgZvBgqhiaqcwmzjwAgLd45ztzGxCQhw0QpNEHVIpiVGBFDMYiPc8yLs96/fcOuHR1nKE7Yf0GP11gvAuY36ozQrM6D9/BvcyyjoirO4ohYha5qDorqVSWEOL7Ez6r0lVVBUKIqc7FBP6YIh2sKVYnNNMgTQWxXkaXkS2paL6os2xvaIE9dXqFq/xElrkRB52vwJsLLNK2ILJbEv/1m0Qoo+UBgFLiTCcfrAzrmPiZwNMaVunb2K2bmhD2E67AyFWuuf1aXajoY+i794Gnfbxds3NmJVnnAe5TXyUMpB1gkk/3rq4hKkqjrF3HnV48cETGMHWJJ691VzxFPRihwMfkRTIDc4y7S07Yd2GVfIFn+9PoNiLbXftQKDzz/UbgenVpLoDVn6qnoLgjQTFgM2CXVAJ79qQ9xYhYuXf/5NuGqpBdcAXfI1liqKi5Zhq66BOeFpPIEe7FhuMfO3Wh08Sx3+ENPR1YIga4yKIPJX7yNIysySqpOwbV2bJJiCyalGTda/Py+quF0k9dPc7bxZna+rIjOLsVSt6JnGIl4P51c7vjoI1YA9TPybeKWVUi3/PwrauZfvf/GwBFsn1keq5WJEn/OFN7HnRzK7lunaNps6BlouTt+RHdVuJync/Qj/4HnpnQlbV10j9n0EiajL0SCvrq156q1Z9CkEzv9HrKij3oVmefBtzlNfhM76JuXVsMhaT46T3ini+znIj3Q0HZvU02R+cYHhZgbSXojT32L46c0KfuIw= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(136003)(39860400002)(346002)(396003)(376002)(36840700001)(46966006)(426003)(2616005)(478600001)(70586007)(921005)(36756003)(336012)(47076005)(4326008)(82740400003)(316002)(7416002)(54906003)(110136005)(8676002)(356005)(2906002)(81166007)(8936002)(7696005)(186003)(86362001)(5660300002)(36860700001)(82310400003)(26005)(6666004)(70206006)(16526019)(2101003)(83996005)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:09.3747 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 66d45662-8a16-4741-b832-08d9731c4478 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT029.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1332 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org In prep for other confidential computing technologies, introduce a generic helper function, cc_platform_has(), that can be used to check for specific active confidential computing attributes, like memory encryption. This is intended to eliminate having to add multiple technology-specific checks to the code (e.g. if (sev_active() || tdx_active())). Co-developed-by: Andi Kleen Signed-off-by: Andi Kleen Co-developed-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kuppuswamy Sathyanarayanan Signed-off-by: Tom Lendacky --- arch/Kconfig | 3 ++ include/linux/cc_platform.h | 88 +++++++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 include/linux/cc_platform.h diff --git a/arch/Kconfig b/arch/Kconfig index 3743174da870..ca7c359e5da8 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -1234,6 +1234,9 @@ config RELR config ARCH_HAS_MEM_ENCRYPT bool +config ARCH_HAS_CC_PLATFORM + bool + config HAVE_SPARSE_SYSCALL_NR bool help diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h new file mode 100644 index 000000000000..253f3ea66cd8 --- /dev/null +++ b/include/linux/cc_platform.h @@ -0,0 +1,88 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Confidential Computing Platform Capability checks + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + */ + +#ifndef _CC_PLATFORM_H +#define _CC_PLATFORM_H + +#include +#include + +/** + * enum cc_attr - Confidential computing attributes + * + * These attributes represent confidential computing features that are + * currently active. + */ +enum cc_attr { + /** + * @CC_ATTR_MEM_ENCRYPT: Memory encryption is active + * + * The platform/OS is running with active memory encryption. This + * includes running either as a bare-metal system or a hypervisor + * and actively using memory encryption or as a guest/virtual machine + * and actively using memory encryption. + * + * Examples include SME, SEV and SEV-ES. + */ + CC_ATTR_MEM_ENCRYPT, + + /** + * @CC_ATTR_HOST_MEM_ENCRYPT: Host memory encryption is active + * + * The platform/OS is running as a bare-metal system or a hypervisor + * and actively using memory encryption. + * + * Examples include SME. + */ + CC_ATTR_HOST_MEM_ENCRYPT, + + /** + * @CC_ATTR_GUEST_MEM_ENCRYPT: Guest memory encryption is active + * + * The platform/OS is running as a guest/virtual machine and actively + * using memory encryption. + * + * Examples include SEV and SEV-ES. + */ + CC_ATTR_GUEST_MEM_ENCRYPT, + + /** + * @CC_ATTR_GUEST_STATE_ENCRYPT: Guest state encryption is active + * + * The platform/OS is running as a guest/virtual machine and actively + * using memory encryption and register state encryption. + * + * Examples include SEV-ES. + */ + CC_ATTR_GUEST_STATE_ENCRYPT, +}; + +#ifdef CONFIG_ARCH_HAS_CC_PLATFORM + +/** + * cc_platform_has() - Checks if the specified cc_attr attribute is active + * @attr: Confidential computing attribute to check + * + * The cc_platform_has() function will return an indicator as to whether the + * specified Confidential Computing attribute is currently active. + * + * Context: Any context + * Return: + * * TRUE - Specified Confidential Computing attribute is active + * * FALSE - Specified Confidential Computing attribute is not active + */ +bool cc_platform_has(enum cc_attr attr); + +#else /* !CONFIG_ARCH_HAS_CC_PLATFORM */ + +static inline bool cc_platform_has(enum cc_attr attr) { return false; } + +#endif /* CONFIG_ARCH_HAS_CC_PLATFORM */ + +#endif /* _CC_PLATFORM_H */ From patchwork Wed Sep 8 22:58:34 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508533 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 36122C433F5 for ; Wed, 8 Sep 2021 22:59:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 1A4536113C for ; Wed, 8 Sep 2021 22:59:23 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347517AbhIHXA3 (ORCPT ); Wed, 8 Sep 2021 19:00:29 -0400 Received: from mail-dm3nam07on2064.outbound.protection.outlook.com ([40.107.95.64]:26401 "EHLO NAM02-DM3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1347756AbhIHXA2 (ORCPT ); Wed, 8 Sep 2021 19:00:28 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iLgb/s3ZJxgzt0Mx1WgqWEZMusXn4s2LILg2+hvzfglzWfLRsPMOUv8mEHPjNtq5Gmo2vrfDt5WguYD6RigcxpDU9U7QTAdwOPwQESDDAFNu9w6K0l1HjJzuUfVRSnnddqptG2ZAB+saBU6lRLp8bNz0AjEH6hFOmTj8QgyXnAirsj0V5b2gL8lP5vvu475UFq0psjLfiz58a666ZKv1h9/Z0PnPaJjPY5RREz5Z9X2hRyK9lPWo6Z6OCa34mi/1hk9Hj134hJu0Z2qEVFSg1Sn/FapxBLXKM6OcvtEsXkn2FMQBil/vlHvXOvC7sHH3NpvaU9RbtUc/ubZfGmwTHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=PkHOOjZ5XwLPGXYBfaJ6+CT1G6w0aI8Oj/Og6FSB+Tw=; b=QI5bCGtdXaZosz75px9FvAzfPwvQp0VEOlmZEIXn2HInOJgZyDyOmDkPT2ObK8Clgo+KE1Mv1zmtmHEW8Zzl16iOXXLQRlsCPx7mhTtjHCjsiB9sRuZbLteWuqb2tvQlfwHER53BumMkulkjW8HPTRPGWY8r/Ze/up3e9VGTvaZfGEt29KzwoBI5sV7YszqAlDuuwCrKiMJfMApT33BYUfaycpjl6IVcJceq0tALvyC7wJOzKBCD61wbdAj8vKPVsOJz8nR36oYCwO9scRDVnAMnTxyg6+gM1tc7zom4QU96ayAC7r5416EIWtVMuP1Y+0J1OrHmgiYKUn4do5laMw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PkHOOjZ5XwLPGXYBfaJ6+CT1G6w0aI8Oj/Og6FSB+Tw=; b=RMYHxEZNBkd62HBTvqOgEs71Idh/l8SFGBwpv0vj36zxy5tbE1T9bPpN+irz1P2SkZh9ESnbw2k6rZNiQ+gqkR4WHTqayixpDUbfJoq2lnxKyusFWqv6JUacKceNuzZjQnUVukBLu659qma1cDL7v1jfVMMDmM9Ku76D9FqLs8Q= Received: from DM6PR18CA0003.namprd18.prod.outlook.com (2603:10b6:5:15b::16) by MN2PR12MB3453.namprd12.prod.outlook.com (2603:10b6:208:c3::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.22; Wed, 8 Sep 2021 22:59:17 +0000 Received: from DM6NAM11FT017.eop-nam11.prod.protection.outlook.com (2603:10b6:5:15b:cafe::d1) by DM6PR18CA0003.outlook.office365.com (2603:10b6:5:15b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT017.mail.protection.outlook.com (10.13.172.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:17 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:15 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , "Dave Hansen" , Andy Lutomirski , Peter Zijlstra Subject: [PATCH v3 3/8] x86/sev: Add an x86 version of cc_platform_has() Date: Wed, 8 Sep 2021 17:58:34 -0500 Message-ID: X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6ab09aa9-ebcc-4f5d-ccfd-08d9731c4914 X-MS-TrafficTypeDiagnostic: MN2PR12MB3453: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5797; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7+z77jWY3o8AoUGCL4bculuISBwUOUfXI2hfz/nKwHmZlmaQcZd7S3bOc7Rjg98lxU6+OOp/Xb1+TZ9SgfG/5VyflgddHTNr19FmiqBvB6d/+n0j6V9fAWcwx+t6IF/t7N6gxf0t5bx3qNWwN6DV+vtVA+ulWHEVj+xKkH44sBBtOqYg9jEbVHmvD8ukr3OWuJvljA7Saoe8wHtNpKhIn89j+ho7RSNssQXtcClpLYcouPQO103M0z420yG+NwzKl/BsJJsjuDSvgN/nz4/wvbzSWt0Yz5XK9odChvsQawPjjIegcgTIPgCTQuDsbSJx5Gkrl+XNBA23bPIR+g04K8ZhP2RIlWj5Ba/jVXdfY8u41rD5MQDpXnEL2t5l0d8+N7bwE/K9CsWwq06sMBClSXUzW+REMlEJQ2GOuvJ98AsRBvJvgNOsUoEv5F3YXPgF896i6WVxgfrGi1Bq7OOlz0w8LEqQFsNTEW0yBatJxDFVPAzUGebhcRBIC5T/NvIS4Sk8hbcEtbTOAZbxPXk07mGt+iuu1sCol/qkW9BdiL1Lc4Ihx9ZO1e5dRqyRWuYuX+wNGkiJKeinr95VTnU3+V0twzLVNHR/auI2dL0gHJNFxRMR8ARB3eg5t4a5unUCArEuG2lvxmn4F0KXJOanXFQs0gKY8gccnc1egsK05IGYGzbcGy9UUpEm3wecjNKjipw9Mei5lg1gCcjyQsdMOmVVQMG7HEdQ2ns8VDoMgQCXhB/ZR2gkw86AuNE0nLXBLnGmyH0LzH07MxT0FqDag9XEDFERTMm6C6AoR58xeH4= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(396003)(376002)(346002)(39860400002)(136003)(36840700001)(46966006)(70586007)(70206006)(83380400001)(7416002)(110136005)(36860700001)(86362001)(54906003)(921005)(316002)(336012)(2616005)(5660300002)(426003)(16526019)(186003)(82310400003)(4326008)(7696005)(8676002)(8936002)(6666004)(47076005)(26005)(36756003)(2906002)(356005)(82740400003)(478600001)(81166007)(83996005)(2101003)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:17.1144 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6ab09aa9-ebcc-4f5d-ccfd-08d9731c4914 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT017.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB3453 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Introduce an x86 version of the cc_platform_has() function. This will be used to replace vendor specific calls like sme_active(), sev_active(), etc. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: Peter Zijlstra Co-developed-by: Andi Kleen Signed-off-by: Andi Kleen Co-developed-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kuppuswamy Sathyanarayanan Signed-off-by: Tom Lendacky --- arch/x86/Kconfig | 1 + arch/x86/include/asm/mem_encrypt.h | 3 +++ arch/x86/kernel/Makefile | 3 +++ arch/x86/kernel/cc_platform.c | 21 +++++++++++++++++++++ arch/x86/mm/mem_encrypt.c | 21 +++++++++++++++++++++ 5 files changed, 49 insertions(+) create mode 100644 arch/x86/kernel/cc_platform.c diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4e001bbbb425..2b2a9639d8ae 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1513,6 +1513,7 @@ config AMD_MEM_ENCRYPT select ARCH_HAS_FORCE_DMA_UNENCRYPTED select INSTRUCTION_DECODER select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS + select ARCH_HAS_CC_PLATFORM help Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 9c80c68d75b5..3d8a5e8b2e3f 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -13,6 +13,7 @@ #ifndef __ASSEMBLY__ #include +#include #include @@ -53,6 +54,7 @@ void __init sev_es_init_vc_handling(void); bool sme_active(void); bool sev_active(void); bool sev_es_active(void); +bool amd_cc_platform_has(enum cc_attr attr); #define __bss_decrypted __section(".bss..decrypted") @@ -78,6 +80,7 @@ static inline void sev_es_init_vc_handling(void) { } static inline bool sme_active(void) { return false; } static inline bool sev_active(void) { return false; } static inline bool sev_es_active(void) { return false; } +static inline bool amd_cc_platform_has(enum cc_attr attr) { return false; } static inline int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size) { return 0; } diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index 8f4e8fa6ed75..f91403a78594 100644 --- a/arch/x86/kernel/Makefile +++ b/arch/x86/kernel/Makefile @@ -147,6 +147,9 @@ obj-$(CONFIG_UNWINDER_FRAME_POINTER) += unwind_frame.o obj-$(CONFIG_UNWINDER_GUESS) += unwind_guess.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += sev.o + +obj-$(CONFIG_ARCH_HAS_CC_PLATFORM) += cc_platform.o + ### # 64 bit specific files ifeq ($(CONFIG_X86_64),y) diff --git a/arch/x86/kernel/cc_platform.c b/arch/x86/kernel/cc_platform.c new file mode 100644 index 000000000000..3c9bacd3c3f3 --- /dev/null +++ b/arch/x86/kernel/cc_platform.c @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Confidential Computing Platform Capability checks + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + */ + +#include +#include +#include + +bool cc_platform_has(enum cc_attr attr) +{ + if (sme_me_mask) + return amd_cc_platform_has(attr); + + return false; +} +EXPORT_SYMBOL_GPL(cc_platform_has); diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index ff08dc463634..18fe19916bc3 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include @@ -389,6 +390,26 @@ bool noinstr sev_es_active(void) return sev_status & MSR_AMD64_SEV_ES_ENABLED; } +bool amd_cc_platform_has(enum cc_attr attr) +{ + switch (attr) { + case CC_ATTR_MEM_ENCRYPT: + return sme_me_mask != 0; + + case CC_ATTR_HOST_MEM_ENCRYPT: + return sme_active(); + + case CC_ATTR_GUEST_MEM_ENCRYPT: + return sev_active(); + + case CC_ATTR_GUEST_STATE_ENCRYPT: + return sev_es_active(); + + default: + return false; + } +} + /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ bool force_dma_unencrypted(struct device *dev) { From patchwork Wed Sep 8 22:58:35 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508101 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 790E6C433FE for ; Wed, 8 Sep 2021 22:59:30 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 637AE6113A for ; Wed, 8 Sep 2021 22:59:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348114AbhIHXAh (ORCPT ); Wed, 8 Sep 2021 19:00:37 -0400 Received: from mail-bn8nam12on2042.outbound.protection.outlook.com ([40.107.237.42]:6240 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1348147AbhIHXAg (ORCPT ); Wed, 8 Sep 2021 19:00:36 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kx2jDPfbPnWygVwslF1uk/0iW2o2RU2yLBPj+2ArSqHdzEegNPvNNgoHi5QzcMXHgBx3K6pHC/xwJ3KuxlY7J3aPc43znxh6AuJUOiKTsoeK1MvN4UsTUfvzpbhYWZsTYsjGE/S34Cj5pptfzHubWkva+z3WkxuirqJg2iL2b+b8sIr1Jij+n8iGKizFEYkICq1OqxH5mD2LELl+O95oHB99hMpmthHDooUqtOkHX7SQqYzdu6RqACzy9r06/OJhAZJ+hFJ8dzVaagJjaGh+qxjft9RVwo9R/xKPtKz2/4qm3C/0ofCqzDjv1xW+WaLHpm9M780mtyXntG1zEQn7Pw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=u++cUN1Qd6RISwRJLRiS9b1AxjGiFOjFxkgnOKEIZvU=; b=nrOF2oYLZs44l9c3rbzgKANyVusSf/Zuyw2d+aDQb0E33t6gUN8ZcFLjxcj41VK7wqRfBYZ0kAvmvoJZB5+EVxwy1T09az1+nTTNCqQH3zAFYzFL5mMCovCjb9VIBf4b/DutzUZ2peh66x36r1F4m7vMxBz/SfKWIGhv2b1x+D0f6hw164fJH1M4nOA3ume1t3LVyz1YFc/W4/FNzkPN/xOoHbZHCif0uNKf8n3Uus8Jqvn49DUkH4BsnPP0fpmvFeLVpaKO2qlsMea9SDmmPf+RF6xU8z5FKcRbIVlLxvwpc1O/yZPy/4Gka1Y5WxpnjpK7dSKX6n/WSHBIdMeoeg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u++cUN1Qd6RISwRJLRiS9b1AxjGiFOjFxkgnOKEIZvU=; b=B/pWcf8vQ3Ts+/dBayO4wdN17XeXbq6Rosk8RtaW6diFKrsXbcshfTQGID+9L2ZbTS7HJbndiNHvWXcyB3NCdEkZqQTteO/knDvL/qF75V0URiFHWtq99Ivmx+ru9+zaHwcVn3FU/u0HX3JXtWykr4OZHaUFvdVrRyNsIN1BDgk= Received: from DM6PR07CA0066.namprd07.prod.outlook.com (2603:10b6:5:74::43) by DM6PR12MB3049.namprd12.prod.outlook.com (2603:10b6:5:11d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.19; Wed, 8 Sep 2021 22:59:25 +0000 Received: from DM6NAM11FT065.eop-nam11.prod.protection.outlook.com (2603:10b6:5:74:cafe::d) by DM6PR07CA0066.outlook.office365.com (2603:10b6:5:74::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT065.mail.protection.outlook.com (10.13.172.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:25 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:23 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Michael Ellerman , Benjamin Herrenschmidt , Paul Mackerras Subject: [PATCH v3 4/8] powerpc/pseries/svm: Add a powerpc version of cc_platform_has() Date: Wed, 8 Sep 2021 17:58:35 -0500 Message-ID: <9d4fc3f8ea7b325aaa1879beab1286876f45d450.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8c909acf-36f4-4664-b9de-08d9731c4ddb X-MS-TrafficTypeDiagnostic: DM6PR12MB3049: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1417; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BsNHF/5Po3+zCYcFBwai44JpS7svEgjUpj7QcDh3pEMdo0rvrM2g7+GVoHgKdnIu7TdrODcCygWl3t35y1fWdGoDzSdXlsN+xMrYe5unAEseP8VhiYYuhHw4TkJYXy7Mo2ju46AVsc+OTlK/0xrjs/Oh5rjRMjClDPsZxvRuA4et2D48ZRgnsrvDSMNrrZ2oEfM8aOQXMNLs4HaJ7XGtn94xxozX9e91B/rwtchnrIptYNvd/vNxQgkdLJdjNpfY2vY2L2QRd+mJ+WLeMaeMdBl7juqiyMocLYI/oscfbp9wF3t2wzdDjyxErL1wLTodXpKww3YNwZc6k8kKQ+IbpuJ60gJa0M1AGFQCcXCoF4SQis5Eh8EdP1NsaHG96S5p1exLHbV3mHAI8mzJFMdqGIMtwd/FMA0hpPiOK3dtloTGSViiYwA7+Ybgx+MFB2LdOuDVI22/pInCKlw0IWx7Ca0rTnw7+B/ibmV4v9UFcptwIpKKIamnMuzY69HsqE9c8J+ZNF8n84reMotNRpCAj/HhclgK6V97sdJ2XRh4Ok8dGe63Zw4tiG7Qh4k6XSer0pAxJMnyhUOCnDAGmgS2luxVpCRbr60Bc0g7Z1u7NKFSKMJ2ctv+AM8v1WdHw4Rue+QvQlzI6MfzjbvpGeF0hUlRlcU269W6Tlvd21OdbtPJGzegvGYzZj4zDXrhEqFCmmemVCMzM8O6uchjfnbxdWnvpy0vo7q6eClip+23/GwtKSkfyBOJkdWYRYOhhv4AgXtzKtxZg9Uk8hgCw4mN0zki0MZBHmrlk8j4Vppfd1I= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(346002)(136003)(376002)(39860400002)(396003)(36840700001)(46966006)(16526019)(336012)(426003)(5660300002)(7416002)(316002)(2616005)(26005)(478600001)(921005)(186003)(86362001)(83380400001)(8936002)(70206006)(82310400003)(36860700001)(7696005)(81166007)(54906003)(2906002)(6666004)(110136005)(356005)(36756003)(4326008)(47076005)(82740400003)(8676002)(70586007)(36900700001)(2101003)(83996005); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:25.1160 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8c909acf-36f4-4664-b9de-08d9731c4ddb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT065.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3049 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Introduce a powerpc version of the cc_platform_has() function. This will be used to replace the powerpc mem_encrypt_active() implementation, so the implementation will initially only support the CC_ATTR_MEM_ENCRYPT attribute. Cc: Michael Ellerman Cc: Benjamin Herrenschmidt Cc: Paul Mackerras Signed-off-by: Tom Lendacky Acked-by: Michael Ellerman (powerpc) --- arch/powerpc/platforms/pseries/Kconfig | 1 + arch/powerpc/platforms/pseries/Makefile | 2 ++ arch/powerpc/platforms/pseries/cc_platform.c | 26 ++++++++++++++++++++ 3 files changed, 29 insertions(+) create mode 100644 arch/powerpc/platforms/pseries/cc_platform.c diff --git a/arch/powerpc/platforms/pseries/Kconfig b/arch/powerpc/platforms/pseries/Kconfig index 5e037df2a3a1..2e57391e0778 100644 --- a/arch/powerpc/platforms/pseries/Kconfig +++ b/arch/powerpc/platforms/pseries/Kconfig @@ -159,6 +159,7 @@ config PPC_SVM select SWIOTLB select ARCH_HAS_MEM_ENCRYPT select ARCH_HAS_FORCE_DMA_UNENCRYPTED + select ARCH_HAS_CC_PLATFORM help There are certain POWER platforms which support secure guests using the Protected Execution Facility, with the help of an Ultravisor diff --git a/arch/powerpc/platforms/pseries/Makefile b/arch/powerpc/platforms/pseries/Makefile index 4cda0ef87be0..41d8aee98da4 100644 --- a/arch/powerpc/platforms/pseries/Makefile +++ b/arch/powerpc/platforms/pseries/Makefile @@ -31,3 +31,5 @@ obj-$(CONFIG_FA_DUMP) += rtas-fadump.o obj-$(CONFIG_SUSPEND) += suspend.o obj-$(CONFIG_PPC_VAS) += vas.o + +obj-$(CONFIG_ARCH_HAS_CC_PLATFORM) += cc_platform.o diff --git a/arch/powerpc/platforms/pseries/cc_platform.c b/arch/powerpc/platforms/pseries/cc_platform.c new file mode 100644 index 000000000000..e8021af83a19 --- /dev/null +++ b/arch/powerpc/platforms/pseries/cc_platform.c @@ -0,0 +1,26 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Confidential Computing Platform Capability checks + * + * Copyright (C) 2021 Advanced Micro Devices, Inc. + * + * Author: Tom Lendacky + */ + +#include +#include + +#include +#include + +bool cc_platform_has(enum cc_attr attr) +{ + switch (attr) { + case CC_ATTR_MEM_ENCRYPT: + return is_secure_guest(); + + default: + return false; + } +} +EXPORT_SYMBOL_GPL(cc_platform_has); From patchwork Wed Sep 8 22:58:36 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508532 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DC2CDC433EF for ; Wed, 8 Sep 2021 22:59:44 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C89A961090 for ; Wed, 8 Sep 2021 22:59:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348155AbhIHXAu (ORCPT ); Wed, 8 Sep 2021 19:00:50 -0400 Received: from mail-sn1anam02on2071.outbound.protection.outlook.com ([40.107.96.71]:62062 "EHLO NAM02-SN1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1348269AbhIHXAo (ORCPT ); Wed, 8 Sep 2021 19:00:44 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ftBiG0CV+Zaz/O1o56c3CqEuB4U9vDrxC+gaiG90CAtj6+ORz4nmP4+uCoCpHaM7cz5t8t4vWvMs1jvCc2jMTjO3OinohyLXL1yJL3+aMy52OvUZAuReaIzn0P0K99tlMubKWVJLGGT7fzIjrDC5EcOoEIsR7HV+F/GgjcXjy5ctEtDhCyRWdEf4UkuRRfX7ssXBKb/Pmjdo5fQGdOHUgYMIYe99g7b2w15a8SAkf7v3yti6k055AGDkroSXI3FMZpLBE0LftGis1/UTrxnZJVm2C7K4zhRmK2m1xm1efrk+UfgyfCgkrU/hlN/yQuST4wuCXvRHyXwrFzBdFBhspQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=nFfA0Sluea6dqGfKUWijQjLsU3PV2cWEiUGt3KY8Q6I=; b=YHd/tofoQWchlbzD3P8Iw5kiTjy25eiH+Q9GLiLZ8Efg2sWEmNSnpWP549D3BBJZuq4T9C7/jOquA8E1ea6PQN2pu5euNI3iG2Dwr7N+bOj8LOtH3VBLgseJmmGHpqfvE/xg6Kl6/1iZOrUsmAZsfBS1jh71k0sWnO7hkrxasu0xYNbH0/aQU1Tks/BocAhC3AqQtr5GZ1/enRgA3VeNnj+m7bXz8fwgM9dh5dnx7nTZ3QHL3rnjafALA+cmG9pzy0RuU74zP33iKyYjFHDf1RmqL2kmTSLvxg48zz46WLEPF2e1rnFvUo+H1oYifW8pcBP+9dNDv/F8FoBTUUYdLA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nFfA0Sluea6dqGfKUWijQjLsU3PV2cWEiUGt3KY8Q6I=; b=R7fkTD5+ddO3OkxATKGtvxHPWMlCKH3VimK5UHWkVdZRQ5j86M0UsGicwBRkxdLyvj8EEYPwT2MHJlsKGbc5IVJY37m4pnGbc8SMOIkEf7hYdjnwRcXPdgHrb/AmIy5U8tX61UvTyxEd46A/MkoGxK4a4QHJzugTfWe9yQ93Lb8= Received: from DS7PR03CA0112.namprd03.prod.outlook.com (2603:10b6:5:3b7::27) by BY5PR12MB5559.namprd12.prod.outlook.com (2603:10b6:a03:1d9::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.20; Wed, 8 Sep 2021 22:59:33 +0000 Received: from DM6NAM11FT021.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b7:cafe::29) by DS7PR03CA0112.outlook.office365.com (2603:10b6:5:3b7::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT021.mail.protection.outlook.com (10.13.173.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:33 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:31 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , "Dave Hansen" , Andy Lutomirski , Peter Zijlstra , Will Deacon Subject: [PATCH v3 5/8] x86/sme: Replace occurrences of sme_active() with cc_platform_has() Date: Wed, 8 Sep 2021 17:58:36 -0500 Message-ID: <367624d43d35d61d5c97a8b289d9ddae223636e9.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bfa385cc-a30f-43fb-6921-08d9731c5295 X-MS-TrafficTypeDiagnostic: BY5PR12MB5559: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: R3GiEYwnaGy5XsOmXC8LXhvI4RWai15guAFP1kfIFDZRKKZt8y61gXmdFETRTokcUqdNjGSmYigoYGv4CCTj+y+yTQyW1Yi+3NbSdhgMj0jsniRL1D0Z/LZbLn1KA/WGRk9B8zaCYhsduRIca2Tw80HkqmvgkY8mSqfgc9gSINZLogu5Yis2OdHfXq6qfpNktVKPgjrzpXTQOZ/CFc2EuLEuUDSQYlSUD58YZW35NLQEuyFqrVesoapy5m9uUbAx7Gg76iUXxXdP7vRASrOe18EI9eW7dIKWp2LNG3gt5V2l3xwe+1PIEdE7Qhuiw49D4yvXTQjOZrhjlBnZ6rI5Jg4C/vPU4g0n7HqPP8alDkujh2SG0Sf3NuGCt36LrB+9e/Z7sdaWvg8+ty7aiHAtpKNPKN6j6g7xqeIMUgJXXBn12vKrvffLVGa47KX+Iy/jMQKjzq54nIkT784YBippIiz/XZ1XWJKxpHW6ji8ROmBAW7Fu2YSZCAo3K84+wEQR/7L/6liA3Z9X6dIRJknLxPZpZGa9r26NaUxS6oYZEfMHYIwgKNCgEMCgoYn3qyG4wRskNIoHJUfeJt3lSTM7V6/gdMt6nFDkMCObgXxjST6kcZ/u/TXOrkg0JG1dCy+U3O/OdooEtkAPNz3q3O4EHRpzOdy9p4OQjQuNOnkIF+VdHfsHfW3DLOZOiAKfAOyi0fCYBs5hMjIx6b+oW8WrPR8uCuRfmfKg2aM1MJO2r8WgE++mMAc83lTr4JXF5Ebdhr7I0smZtoUXJYgOTmNh2ubA5vs+ybojZ0lEe/jml30= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(136003)(346002)(396003)(376002)(39860400002)(36840700001)(46966006)(81166007)(82740400003)(5660300002)(36860700001)(8676002)(316002)(30864003)(110136005)(16526019)(186003)(356005)(82310400003)(83380400001)(478600001)(36756003)(70206006)(70586007)(26005)(86362001)(47076005)(426003)(7416002)(8936002)(921005)(54906003)(2906002)(336012)(2616005)(4326008)(7696005)(2101003)(83996005)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:33.0448 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bfa385cc-a30f-43fb-6921-08d9731c5295 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT021.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5559 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace uses of sme_active() with the more generic cc_platform_has() using CC_ATTR_HOST_MEM_ENCRYPT. If future support is added for other memory encryption technologies, the use of CC_ATTR_HOST_MEM_ENCRYPT can be updated, as required. This also replaces two usages of sev_active() that are really geared towards detecting if SME is active. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: Peter Zijlstra Cc: Joerg Roedel Cc: Will Deacon Signed-off-by: Tom Lendacky --- arch/x86/include/asm/kexec.h | 2 +- arch/x86/include/asm/mem_encrypt.h | 2 -- arch/x86/kernel/machine_kexec_64.c | 15 ++++++++------- arch/x86/kernel/pci-swiotlb.c | 9 ++++----- arch/x86/kernel/relocate_kernel_64.S | 2 +- arch/x86/mm/ioremap.c | 6 +++--- arch/x86/mm/mem_encrypt.c | 15 +++++---------- arch/x86/mm/mem_encrypt_identity.c | 3 ++- arch/x86/realmode/init.c | 5 +++-- drivers/iommu/amd/init.c | 7 ++++--- 10 files changed, 31 insertions(+), 35 deletions(-) diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h index 0a6e34b07017..11b7c06e2828 100644 --- a/arch/x86/include/asm/kexec.h +++ b/arch/x86/include/asm/kexec.h @@ -129,7 +129,7 @@ relocate_kernel(unsigned long indirection_page, unsigned long page_list, unsigned long start_address, unsigned int preserve_context, - unsigned int sme_active); + unsigned int host_mem_enc_active); #endif #define ARCH_HAS_KIMAGE_ARCH diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 3d8a5e8b2e3f..8c4f0dfe63f9 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -51,7 +51,6 @@ void __init mem_encrypt_free_decrypted_mem(void); void __init mem_encrypt_init(void); void __init sev_es_init_vc_handling(void); -bool sme_active(void); bool sev_active(void); bool sev_es_active(void); bool amd_cc_platform_has(enum cc_attr attr); @@ -77,7 +76,6 @@ static inline void __init sme_encrypt_kernel(struct boot_params *bp) { } static inline void __init sme_enable(struct boot_params *bp) { } static inline void sev_es_init_vc_handling(void) { } -static inline bool sme_active(void) { return false; } static inline bool sev_active(void) { return false; } static inline bool sev_es_active(void) { return false; } static inline bool amd_cc_platform_has(enum cc_attr attr) { return false; } diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c index 131f30fdcfbd..7040c0fa921c 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include @@ -358,7 +359,7 @@ void machine_kexec(struct kimage *image) (unsigned long)page_list, image->start, image->preserve_context, - sme_active()); + cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)); #ifdef CONFIG_KEXEC_JUMP if (image->preserve_context) @@ -569,12 +570,12 @@ void arch_kexec_unprotect_crashkres(void) */ int arch_kexec_post_alloc_pages(void *vaddr, unsigned int pages, gfp_t gfp) { - if (sev_active()) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) return 0; /* - * If SME is active we need to be sure that kexec pages are - * not encrypted because when we boot to the new kernel the + * If host memory encryption is active we need to be sure that kexec + * pages are not encrypted because when we boot to the new kernel the * pages won't be accessed encrypted (initially). */ return set_memory_decrypted((unsigned long)vaddr, pages); @@ -582,12 +583,12 @@ int arch_kexec_post_alloc_pages(void *vaddr, unsigned int pages, gfp_t gfp) void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages) { - if (sev_active()) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) return; /* - * If SME is active we need to reset the pages back to being - * an encrypted mapping before freeing them. + * If host memory encryption is active we need to reset the pages back + * to being an encrypted mapping before freeing them. */ set_memory_encrypted((unsigned long)vaddr, pages); } diff --git a/arch/x86/kernel/pci-swiotlb.c b/arch/x86/kernel/pci-swiotlb.c index c2cfa5e7c152..814ab46a0dad 100644 --- a/arch/x86/kernel/pci-swiotlb.c +++ b/arch/x86/kernel/pci-swiotlb.c @@ -6,7 +6,7 @@ #include #include #include -#include +#include #include #include @@ -45,11 +45,10 @@ int __init pci_swiotlb_detect_4gb(void) swiotlb = 1; /* - * If SME is active then swiotlb will be set to 1 so that bounce - * buffers are allocated and used for devices that do not support - * the addressing range required for the encryption mask. + * Set swiotlb to 1 so that bounce buffers are allocated and used for + * devices that can't support DMA to encrypted memory. */ - if (sme_active()) + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) swiotlb = 1; return swiotlb; diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S index c53271aebb64..c8fe74a28143 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -47,7 +47,7 @@ SYM_CODE_START_NOALIGN(relocate_kernel) * %rsi page_list * %rdx start address * %rcx preserve_context - * %r8 sme_active + * %r8 host_mem_enc_active */ /* Save the CPU context, used for jumping back */ diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c index ccff76cedd8f..a7250fa3d45f 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -14,7 +14,7 @@ #include #include #include -#include +#include #include #include @@ -703,7 +703,7 @@ bool arch_memremap_can_ram_remap(resource_size_t phys_addr, unsigned long size, if (flags & MEMREMAP_DEC) return false; - if (sme_active()) { + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { if (memremap_is_setup_data(phys_addr, size) || memremap_is_efi_data(phys_addr, size)) return false; @@ -729,7 +729,7 @@ pgprot_t __init early_memremap_pgprot_adjust(resource_size_t phys_addr, encrypted_prot = true; - if (sme_active()) { + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { if (early_memremap_is_setup_data(phys_addr, size) || memremap_is_efi_data(phys_addr, size)) encrypted_prot = false; diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 18fe19916bc3..4b54a2377821 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -144,7 +144,7 @@ void __init sme_unmap_bootdata(char *real_mode_data) struct boot_params *boot_data; unsigned long cmdline_paddr; - if (!sme_active()) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) return; /* Get the command line address before unmapping the real_mode_data */ @@ -164,7 +164,7 @@ void __init sme_map_bootdata(char *real_mode_data) struct boot_params *boot_data; unsigned long cmdline_paddr; - if (!sme_active()) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) return; __sme_early_map_unmap_mem(real_mode_data, sizeof(boot_params), true); @@ -377,11 +377,6 @@ bool sev_active(void) { return sev_status & MSR_AMD64_SEV_ENABLED; } - -bool sme_active(void) -{ - return sme_me_mask && !sev_active(); -} EXPORT_SYMBOL_GPL(sev_active); /* Needs to be called from non-instrumentable code */ @@ -397,7 +392,7 @@ bool amd_cc_platform_has(enum cc_attr attr) return sme_me_mask != 0; case CC_ATTR_HOST_MEM_ENCRYPT: - return sme_active(); + return sme_me_mask && !sev_active(); case CC_ATTR_GUEST_MEM_ENCRYPT: return sev_active(); @@ -424,7 +419,7 @@ bool force_dma_unencrypted(struct device *dev) * device does not support DMA to addresses that include the * encryption mask. */ - if (sme_active()) { + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask)); u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask, dev->bus_dma_limit); @@ -465,7 +460,7 @@ static void print_mem_encrypt_feature_info(void) pr_info("AMD Memory Encryption Features active:"); /* Secure Memory Encryption */ - if (sme_active()) { + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { /* * SME is mutually exclusive with any of the SEV * features below. diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 470b20208430..eff4d19f9cb4 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #include @@ -287,7 +288,7 @@ void __init sme_encrypt_kernel(struct boot_params *bp) unsigned long pgtable_area_len; unsigned long decrypted_base; - if (!sme_active()) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) return; /* diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index 31b5856010cb..c878c5ee5a4c 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -3,6 +3,7 @@ #include #include #include +#include #include #include @@ -44,7 +45,7 @@ void __init reserve_real_mode(void) static void sme_sev_setup_real_mode(struct trampoline_header *th) { #ifdef CONFIG_AMD_MEM_ENCRYPT - if (sme_active()) + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) th->flags |= TH_FLAGS_SME_ACTIVE; if (sev_es_active()) { @@ -81,7 +82,7 @@ static void __init setup_real_mode(void) * decrypted memory in order to bring up other processors * successfully. This is not needed for SEV. */ - if (sme_active()) + if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT); memcpy(base, real_mode_blob, size); diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index bdcf167b4afe..07504f67ec9c 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -20,7 +20,7 @@ #include #include #include -#include +#include #include #include #include @@ -964,7 +964,7 @@ static bool copy_device_table(void) pr_err("The address of old device table is above 4G, not trustworthy!\n"); return false; } - old_devtb = (sme_active() && is_kdump_kernel()) + old_devtb = (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT) && is_kdump_kernel()) ? (__force void *)ioremap_encrypted(old_devtb_phys, dev_table_size) : memremap(old_devtb_phys, dev_table_size, MEMREMAP_WB); @@ -3024,7 +3024,8 @@ static int __init amd_iommu_init(void) static bool amd_iommu_sme_check(void) { - if (!sme_active() || (boot_cpu_data.x86 != 0x17)) + if (!cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT) || + (boot_cpu_data.x86 != 0x17)) return true; /* For Fam17h, a specific level of support is required */ From patchwork Wed Sep 8 22:58:37 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508100 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D9CCC433FE for ; Wed, 8 Sep 2021 22:59:50 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 7CE6C6113E for ; Wed, 8 Sep 2021 22:59:50 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1348233AbhIHXA5 (ORCPT ); Wed, 8 Sep 2021 19:00:57 -0400 Received: from mail-co1nam11on2050.outbound.protection.outlook.com ([40.107.220.50]:4672 "EHLO NAM11-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1348227AbhIHXAw (ORCPT ); Wed, 8 Sep 2021 19:00:52 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AK+uq5UNPaGTXNz6UE1tiT3oak56dtHi5e914fB/K/3fdLqSzgJN0Ji4LmayArUKxLqyGgmf9eWgQgHcihXUxP2C8f4dipBpxCINhv3E5HA3D7Ip5dhHOOmF3/E4UfX4xLyX9rEuXUQDen94fH4FdsjyzAjf7RtpYl+Uo3J/GZ61U/mzyLzQPVodF2tNco4ws65mK4/iDVrIVaOA9FyDBjoPrq/Htg2uxPmNx9YzVwTbwXHw0n1AstRq/uD4NJv+eIvGEBhkmp9Wr3nRmR7LkPmgtdvZAxBCJDeb3SBj69W3UOti/NAPjPgLL9m4ymBFL4UdPVDaYm0rab4vCh7bOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OcYjtjS6Lun9L7G9/pzKuTBmSrMUa9j0IajUfCrj0LA=; b=BWpe2D958oLWZpJ6ypf1uNmBj5Qdax5sEs+Q99RV2CdzSPkyikgDsH4FTWXKSZFFtsPY+XO+nIwQqb5DmDcrF422RpKhLQH6djLQrGLeUu2EgQkkXUmqpcApwjF55yKTIST+wdk6LQ0ajnJAnMVHkSrFh47oLjhnnIUEybumddv0GHjcrM7rcjyd+8ypaT9A7zavCVdyTcEnOKCDv88Yc8fLSRlaCTbqcsx1sE0h2Yg/nxNU5UdXleIt/gOzL1NgR8Q/hE4SgLGhp36ttk83swdBY0+MpiI98pzsDSW420VKDku3bFOSXu/PyCiR4KUA9vbxRBO6CEozqyYObLUJ4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OcYjtjS6Lun9L7G9/pzKuTBmSrMUa9j0IajUfCrj0LA=; b=QvCwtZOf8fIEfH456F82EjKoKsGsZKHn4imk5xUlV3kgDBPnn1FckBv0b8jbxb9wRmadXVX5pCSbTR8IUeloqDZ4ul7BBAjLHVjaPfIcIyc2BWS30y7521z44gOi4VimygiAP4sgeOnVd/0ClcpV2xn8gynnnnhHlaBQaxJ5VG8= Received: from DM6PR18CA0009.namprd18.prod.outlook.com (2603:10b6:5:15b::22) by DM6PR12MB3002.namprd12.prod.outlook.com (2603:10b6:5:117::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.22; Wed, 8 Sep 2021 22:59:41 +0000 Received: from DM6NAM11FT017.eop-nam11.prod.protection.outlook.com (2603:10b6:5:15b:cafe::e8) by DM6PR18CA0009.outlook.office365.com (2603:10b6:5:15b::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT017.mail.protection.outlook.com (10.13.172.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:41 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:39 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , "Dave Hansen" , Andy Lutomirski , Peter Zijlstra , Ard Biesheuvel Subject: [PATCH v3 6/8] x86/sev: Replace occurrences of sev_active() with cc_platform_has() Date: Wed, 8 Sep 2021 17:58:37 -0500 Message-ID: X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7abcee76-9506-4867-dcc7-08d9731c5753 X-MS-TrafficTypeDiagnostic: DM6PR12MB3002: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kuHKXyw07yXpJ0pFACxm70x+E/jgkTUdxcdTcfdmTUrYS18SqMHzO+UKIWFg7Ff7xzLXgzoAKKX+Ltbmd8z4NV2ErkcZlvI/CJO9G2n/C6bT7CVCR3C2vnJeIKk7GVBNST/pYXekk52f4XtuLTrC5dfeMQbnNboHst+gg/TpeD/iPkRHvjagXxAO7OYuBRqdg12wsKCBScCgUYLyvDNF9mHLWCuXGgUHvbJ5LrY6TNvBmSfTo1hbawNU980vkAM2uWlWq2rBvv4y9eqOVjAYbVJVTBcGYlJWzbHJuqFpoEguQnr22nppnOvmgC9hSxnC2BPke+/mRlWX28nLOblX/kGogPJOv/m0ARoTp6cOkiGD11FxiHCHD2S03CHntyieTqulHDvHuUIGE1mgHxkwdCPYP3JunY4jkTVAMUWLIppJx7hOld4Llg7vR8Zm2SscfeloCM6u6b6kBVCG2MrXko+Fjk47JoFWIzPPSNusRRXT81fOwXWs7UMWSXpKbAV6p6I5DLjYUgaBrxtu/jj4qS8gu3jBK933s3jrr4YNQhsj594EIt74Yhn9RP9bzSUZDqRSJfyPr0JZdc/DbLpr7RC7Wl6t84hhE/TFWxm41/vDe9ZmZf8CmLVde8SNGd0u/h1ga+P9dpA5oh21QxYEjMjyNCU7A5VBqW1mJyvQqumH9RqCI/LKZcbGPRt7e+Mv1v52mVk9f4Mz5f7gbfUpMptiMA5SMS+1BlHZrwcnfZqsN2rhX7G8WNu7ptxZtdwSfK6o0zY3aZqPYT8OaK/yi1o0rCVhjfLwCfTY8vfQOic= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(346002)(39860400002)(376002)(396003)(136003)(46966006)(36840700001)(26005)(186003)(86362001)(336012)(8936002)(5660300002)(82740400003)(7696005)(356005)(16526019)(110136005)(70586007)(7416002)(2906002)(30864003)(47076005)(921005)(54906003)(478600001)(426003)(2616005)(81166007)(36756003)(70206006)(82310400003)(4326008)(83380400001)(36860700001)(316002)(8676002)(2101003)(83996005)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:41.0028 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7abcee76-9506-4867-dcc7-08d9731c5753 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT017.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3002 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace uses of sev_active() with the more generic cc_platform_has() using CC_ATTR_GUEST_MEM_ENCRYPT. If future support is added for other memory encryption technologies, the use of CC_ATTR_GUEST_MEM_ENCRYPT can be updated, as required. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: Peter Zijlstra Cc: Ard Biesheuvel Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 2 -- arch/x86/kernel/crash_dump_64.c | 4 +++- arch/x86/kernel/kvm.c | 3 ++- arch/x86/kernel/kvmclock.c | 4 ++-- arch/x86/kernel/machine_kexec_64.c | 4 ++-- arch/x86/kvm/svm/svm.c | 3 ++- arch/x86/mm/ioremap.c | 6 +++--- arch/x86/mm/mem_encrypt.c | 25 ++++++++++--------------- arch/x86/platform/efi/efi_64.c | 9 +++++---- 9 files changed, 29 insertions(+), 31 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 8c4f0dfe63f9..f440eebeeb2c 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -51,7 +51,6 @@ void __init mem_encrypt_free_decrypted_mem(void); void __init mem_encrypt_init(void); void __init sev_es_init_vc_handling(void); -bool sev_active(void); bool sev_es_active(void); bool amd_cc_platform_has(enum cc_attr attr); @@ -76,7 +75,6 @@ static inline void __init sme_encrypt_kernel(struct boot_params *bp) { } static inline void __init sme_enable(struct boot_params *bp) { } static inline void sev_es_init_vc_handling(void) { } -static inline bool sev_active(void) { return false; } static inline bool sev_es_active(void) { return false; } static inline bool amd_cc_platform_has(enum cc_attr attr) { return false; } diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c index 045e82e8945b..a7f617a3981d 100644 --- a/arch/x86/kernel/crash_dump_64.c +++ b/arch/x86/kernel/crash_dump_64.c @@ -10,6 +10,7 @@ #include #include #include +#include static ssize_t __copy_oldmem_page(unsigned long pfn, char *buf, size_t csize, unsigned long offset, int userbuf, @@ -73,5 +74,6 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char *buf, size_t csize, ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) { - return read_from_oldmem(buf, count, ppos, 0, sev_active()); + return read_from_oldmem(buf, count, ppos, 0, + cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)); } diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c index a26643dc6bd6..509a578f56a0 100644 --- a/arch/x86/kernel/kvm.c +++ b/arch/x86/kernel/kvm.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -418,7 +419,7 @@ static void __init sev_map_percpu_data(void) { int cpu; - if (!sev_active()) + if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; for_each_possible_cpu(cpu) { diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index ad273e5861c1..fc3930c5db1b 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -16,9 +16,9 @@ #include #include #include +#include #include -#include #include #include @@ -232,7 +232,7 @@ static void __init kvmclock_init_mem(void) * hvclock is shared between the guest and the hypervisor, must * be mapped decrypted. */ - if (sev_active()) { + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) { r = set_memory_decrypted((unsigned long) hvclock_mem, 1UL << order); if (r) { diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c index 7040c0fa921c..f5da4a18070a 100644 --- a/arch/x86/kernel/machine_kexec_64.c +++ b/arch/x86/kernel/machine_kexec_64.c @@ -167,7 +167,7 @@ static int init_transition_pgtable(struct kimage *image, pgd_t *pgd) } pte = pte_offset_kernel(pmd, vaddr); - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) prot = PAGE_KERNEL_EXEC; set_pte(pte, pfn_pte(paddr >> PAGE_SHIFT, prot)); @@ -207,7 +207,7 @@ static int init_pgtable(struct kimage *image, unsigned long start_pgtable) level4p = (pgd_t *)__va(start_pgtable); clear_page(level4p); - if (sev_active()) { + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) { info.page_flag |= _PAGE_ENC; info.kernpg_flag |= _PAGE_ENC; } diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 69639f9624f5..eb3669154b48 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -457,7 +458,7 @@ static int has_svm(void) return 0; } - if (sev_active()) { + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) { pr_info("KVM is unsupported when running as an SEV guest\n"); return 0; } diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c index a7250fa3d45f..b59a5cbc6bc5 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -92,7 +92,7 @@ static unsigned int __ioremap_check_ram(struct resource *res) */ static unsigned int __ioremap_check_encrypted(struct resource *res) { - if (!sev_active()) + if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return 0; switch (res->desc) { @@ -112,7 +112,7 @@ static unsigned int __ioremap_check_encrypted(struct resource *res) */ static void __ioremap_check_other(resource_size_t addr, struct ioremap_desc *desc) { - if (!sev_active()) + if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; if (!IS_ENABLED(CONFIG_EFI)) @@ -556,7 +556,7 @@ static bool memremap_should_map_decrypted(resource_size_t phys_addr, case E820_TYPE_NVS: case E820_TYPE_UNUSABLE: /* For SEV, these areas are encrypted */ - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) break; fallthrough; diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 4b54a2377821..22d4e152a6de 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -194,7 +194,7 @@ void __init sme_early_init(void) for (i = 0; i < ARRAY_SIZE(protection_map); i++) protection_map[i] = pgprot_encrypted(protection_map[i]); - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) swiotlb_force = SWIOTLB_FORCE; } @@ -203,7 +203,7 @@ void __init sev_setup_arch(void) phys_addr_t total_mem = memblock_phys_mem_size(); unsigned long size; - if (!sev_active()) + if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return; /* @@ -364,8 +364,8 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) /* * SME and SEV are very similar but they are not the same, so there are * times that the kernel will need to distinguish between SME and SEV. The - * sme_active() and sev_active() functions are used for this. When a - * distinction isn't needed, the mem_encrypt_active() function can be used. + * cc_platform_has() function is used for this. When a distinction isn't + * needed, the CC_ATTR_MEM_ENCRYPT attribute can be used. * * The trampoline code is a good example for this requirement. Before * paging is activated, SME will access all memory as decrypted, but SEV @@ -373,11 +373,6 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) * up under SME the trampoline area cannot be encrypted, whereas under SEV * the trampoline area must be encrypted. */ -bool sev_active(void) -{ - return sev_status & MSR_AMD64_SEV_ENABLED; -} -EXPORT_SYMBOL_GPL(sev_active); /* Needs to be called from non-instrumentable code */ bool noinstr sev_es_active(void) @@ -392,10 +387,10 @@ bool amd_cc_platform_has(enum cc_attr attr) return sme_me_mask != 0; case CC_ATTR_HOST_MEM_ENCRYPT: - return sme_me_mask && !sev_active(); + return sme_me_mask && !(sev_status & MSR_AMD64_SEV_ENABLED); case CC_ATTR_GUEST_MEM_ENCRYPT: - return sev_active(); + return sev_status & MSR_AMD64_SEV_ENABLED; case CC_ATTR_GUEST_STATE_ENCRYPT: return sev_es_active(); @@ -411,7 +406,7 @@ bool force_dma_unencrypted(struct device *dev) /* * For SEV, all DMA must be to unencrypted addresses. */ - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) return true; /* @@ -470,7 +465,7 @@ static void print_mem_encrypt_feature_info(void) } /* Secure Encrypted Virtualization */ - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) pr_cont(" SEV"); /* Encrypted Register State */ @@ -493,7 +488,7 @@ void __init mem_encrypt_init(void) * With SEV, we need to unroll the rep string I/O instructions, * but SEV-ES supports them through the #VC handler. */ - if (sev_active() && !sev_es_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT) && !sev_es_active()) static_branch_enable(&sev_enable_key); print_mem_encrypt_feature_info(); @@ -501,6 +496,6 @@ void __init mem_encrypt_init(void) int arch_has_restricted_virtio_memory_access(void) { - return sev_active(); + return cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT); } EXPORT_SYMBOL_GPL(arch_has_restricted_virtio_memory_access); diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c index 7515e78ef898..1f3675453a57 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include #include @@ -284,7 +284,8 @@ static void __init __map_region(efi_memory_desc_t *md, u64 va) if (!(md->attribute & EFI_MEMORY_WB)) flags |= _PAGE_PCD; - if (sev_active() && md->type != EFI_MEMORY_MAPPED_IO) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT) && + md->type != EFI_MEMORY_MAPPED_IO) flags |= _PAGE_ENC; pfn = md->phys_addr >> PAGE_SHIFT; @@ -390,7 +391,7 @@ static int __init efi_update_mem_attr(struct mm_struct *mm, efi_memory_desc_t *m if (!(md->attribute & EFI_MEMORY_RO)) pf |= _PAGE_RW; - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) pf |= _PAGE_ENC; return efi_update_mappings(md, pf); @@ -438,7 +439,7 @@ void __init efi_runtime_update_mappings(void) (md->type != EFI_RUNTIME_SERVICES_CODE)) pf |= _PAGE_RW; - if (sev_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) pf |= _PAGE_ENC; efi_update_mappings(md, pf); From patchwork Wed Sep 8 22:58:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508531 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11BA2C433F5 for ; Wed, 8 Sep 2021 23:00:42 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EA0B261104 for ; Wed, 8 Sep 2021 23:00:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1347801AbhIHXBj (ORCPT ); Wed, 8 Sep 2021 19:01:39 -0400 Received: from mail-bn8nam12on2089.outbound.protection.outlook.com ([40.107.237.89]:15424 "EHLO NAM12-BN8-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1348351AbhIHXBB (ORCPT ); Wed, 8 Sep 2021 19:01:01 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Rucm0QybWJkoiSdkDmF52M8eLCegYqwz1r5bWpvDlug51FwN6vAG+Dn5AvXsIl4/q/oagXHn3NpxGP2fudhTivk1PvlG7xh9z7S3Ztzr0N1VZsG5GFWcjQgmr+2TfahK9dMclragIB8qerJs1P7Q+Ho2ulV8R6N7d4IsObB74zwp4YzU38raOedK2Scb6jt+LBK11M+sj0vefVBZPAXOsUq2uyvXRf99+lcVZ6MdVUfn/vLKSIrk2MoFV+lziN3wRF/UEqSohBRUDYQgOWA0uqMp629Sr/L4brtprnFS6J96oq+dImSdwO4DILUrgGuozNFORD2UiKm8EdV+0beOLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=iP4gdPz2H4V+6Rx63Too6pyiVhWIasL/sar8rmR9aF0=; b=GsomL9N/6z8tVFT8PP28k0jq9krzHK84grjLC2thDjQN0VjYqWuxlOfwdIqmeTCwYKjiTejwfR7zaN0DZkyEB6t/xsLr3BGpoeS9L4LGqocDQC6rZgUr0LB8/U0FscDX8huyeCYcfRMXg7DPVpbzcqJ/LROnMeKl8t6n2LbOJoOjlg4N8c97AaUifaB09Ut6L9NhLBtpTrHtCZJRuxGnGltk8/IWsXeQl28Hrvs1pmwsOSk5PHgrQ0f7SoJ7563WuCAhSy76yRW6tmtx3CxVGf+ph+zy5Th7GX3ilcHmHXKQi7OOf1BTRDuqKv7g3xGMUJ4zUAx7u49XRuyRpIETAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iP4gdPz2H4V+6Rx63Too6pyiVhWIasL/sar8rmR9aF0=; b=XLUiA+wCTjeZwvIiiND7195h2tlgHz4x9obeVbLKx5e8zJnv9dFwVqMSKKaQjCQAdRwhN0FKDWU6viTOREGd+ah11sE+yk5OkX+qNfkheliRAJcsa2BJQak7DrSFTOlgoex6l99GKyluftBNJG2QTn92jPIjyGkArAQcLxmTHiY= Received: from DM3PR03CA0014.namprd03.prod.outlook.com (2603:10b6:0:50::24) by DM6PR12MB3482.namprd12.prod.outlook.com (2603:10b6:5:3d::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Wed, 8 Sep 2021 22:59:49 +0000 Received: from DM6NAM11FT014.eop-nam11.prod.protection.outlook.com (2603:10b6:0:50:cafe::18) by DM3PR03CA0014.outlook.office365.com (2603:10b6:0:50::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.15 via Frontend Transport; Wed, 8 Sep 2021 22:59:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT014.mail.protection.outlook.com (10.13.173.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:49 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:46 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar Subject: [PATCH v3 7/8] x86/sev: Replace occurrences of sev_es_active() with cc_platform_has() Date: Wed, 8 Sep 2021 17:58:38 -0500 Message-ID: <702338e6122d189cf9c322133bed5da2f42114c7.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 28f2f61d-1b70-4301-3a85-08d9731c5c7a X-MS-TrafficTypeDiagnostic: DM6PR12MB3482: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uRjyroriEBbLvyYAwYyCsbncLpa+qDqRUBa+iNZOpaYi3QMOid6drgYXkgPIPWCVZ+aIYC9Cz26B3H/wIBuNa2Lka878pFsIlJKzs1VtvhZRLLiq33VN0kwpkL+4PHjWRWJRYFbdkwR6UMmRF1hLi6XR4r4Khp9Ja9S02ezLsPDfNeji+sr/07me4H3F5qFU5XrfFDExiCZxlVj1cEjYE1+0tmLOrHgUTUf7+FlAXWUFu5OpPcgetbwOt5K6ftHfpsQMhWfzrnjRQ62OK/xF362c28noHQsUj0X+kIdrdL7IVeHCALM6fdW809jugAeRJ/VvCnyAhOvuVHDLKCjvmPp1XdO61B8wV5xwWtemKSO5UhS8vcLsIhv69nS6HqYe7tcL19r/lP0hlxFcGNGqECmV6cq+b2XQ8j1afC1BU58Ktjj9jgmfDRognh4CHWuKublvWIAVFkiAntpc7rizpCR9cqGCG2ru4FZmHCP3CP8xFp4vxQCQ062fNvcGhbpc3TzkxQBMeT73uH/Pcwc8Cix0gUIFHOhZjzNszQmFD/wmDvxMK0Y9H750IIzX7biMj7d6SeMHqajncUaijWmroT1Ta5n0PSJW6ZN8DV0wdA3nCyVXgoxb5W+4tb/AQK/JvCVGrKc6CooDFGCLk7vDd7750D+EACMRFMi7BOF/XUHbTQgUJDqhVdHhLSnsBtIJHukLt+bjtJWTrQaECA9hhtaQtMpBTKcOv+ytoE4SuhoI6bq5e8STIM8cKFHf7kdgkCKZeu0oF6SJUO9bW35oMrLoS4z9y7iCG3codHt9cug= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(376002)(346002)(39860400002)(396003)(136003)(46966006)(36840700001)(26005)(4326008)(921005)(83380400001)(8676002)(8936002)(6666004)(426003)(16526019)(2616005)(36756003)(186003)(36860700001)(86362001)(82740400003)(81166007)(336012)(356005)(5660300002)(7416002)(47076005)(54906003)(478600001)(82310400003)(316002)(7696005)(110136005)(70586007)(2906002)(70206006)(83996005)(2101003)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:49.6489 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 28f2f61d-1b70-4301-3a85-08d9731c5c7a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT014.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3482 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace uses of sev_es_active() with the more generic cc_platform_has() using CC_ATTR_GUEST_STATE_ENCRYPT. If future support is added for other memory encyrption techonologies, the use of CC_ATTR_GUEST_STATE_ENCRYPT can be updated, as required. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Signed-off-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 2 -- arch/x86/kernel/sev.c | 6 +++--- arch/x86/mm/mem_encrypt.c | 14 ++++---------- arch/x86/realmode/init.c | 3 +-- 4 files changed, 8 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index f440eebeeb2c..499440781b39 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -51,7 +51,6 @@ void __init mem_encrypt_free_decrypted_mem(void); void __init mem_encrypt_init(void); void __init sev_es_init_vc_handling(void); -bool sev_es_active(void); bool amd_cc_platform_has(enum cc_attr attr); #define __bss_decrypted __section(".bss..decrypted") @@ -75,7 +74,6 @@ static inline void __init sme_encrypt_kernel(struct boot_params *bp) { } static inline void __init sme_enable(struct boot_params *bp) { } static inline void sev_es_init_vc_handling(void) { } -static inline bool sev_es_active(void) { return false; } static inline bool amd_cc_platform_has(enum cc_attr attr) { return false; } static inline int __init diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index a6895e440bc3..53a6837d354b 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -11,7 +11,7 @@ #include /* For show_regs() */ #include -#include +#include #include #include #include @@ -615,7 +615,7 @@ int __init sev_es_efi_map_ghcbs(pgd_t *pgd) int cpu; u64 pfn; - if (!sev_es_active()) + if (!cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) return 0; pflags = _PAGE_NX | _PAGE_RW; @@ -774,7 +774,7 @@ void __init sev_es_init_vc_handling(void) BUILD_BUG_ON(offsetof(struct sev_es_runtime_data, ghcb_page) % PAGE_SIZE); - if (!sev_es_active()) + if (!cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) return; if (!sev_es_check_cpu_features()) diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 22d4e152a6de..47d571a2cd28 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -373,13 +373,6 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) * up under SME the trampoline area cannot be encrypted, whereas under SEV * the trampoline area must be encrypted. */ - -/* Needs to be called from non-instrumentable code */ -bool noinstr sev_es_active(void) -{ - return sev_status & MSR_AMD64_SEV_ES_ENABLED; -} - bool amd_cc_platform_has(enum cc_attr attr) { switch (attr) { @@ -393,7 +386,7 @@ bool amd_cc_platform_has(enum cc_attr attr) return sev_status & MSR_AMD64_SEV_ENABLED; case CC_ATTR_GUEST_STATE_ENCRYPT: - return sev_es_active(); + return sev_status & MSR_AMD64_SEV_ES_ENABLED; default: return false; @@ -469,7 +462,7 @@ static void print_mem_encrypt_feature_info(void) pr_cont(" SEV"); /* Encrypted Register State */ - if (sev_es_active()) + if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) pr_cont(" SEV-ES"); pr_cont("\n"); @@ -488,7 +481,8 @@ void __init mem_encrypt_init(void) * With SEV, we need to unroll the rep string I/O instructions, * but SEV-ES supports them through the #VC handler. */ - if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT) && !sev_es_active()) + if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT) && + !cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) static_branch_enable(&sev_enable_key); print_mem_encrypt_feature_info(); diff --git a/arch/x86/realmode/init.c b/arch/x86/realmode/init.c index c878c5ee5a4c..4a3da7592b99 100644 --- a/arch/x86/realmode/init.c +++ b/arch/x86/realmode/init.c @@ -2,7 +2,6 @@ #include #include #include -#include #include #include @@ -48,7 +47,7 @@ static void sme_sev_setup_real_mode(struct trampoline_header *th) if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) th->flags |= TH_FLAGS_SME_ACTIVE; - if (sev_es_active()) { + if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) { /* * Skip the call to verify_cpu() in secondary_startup_64 as it * will cause #VC exceptions when the AP can't handle them yet. From patchwork Wed Sep 8 22:58:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom Lendacky X-Patchwork-Id: 508099 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B7BA6C433FE for ; Wed, 8 Sep 2021 23:01:07 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 8D2EC610C8 for ; Wed, 8 Sep 2021 23:01:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236716AbhIHXCO (ORCPT ); Wed, 8 Sep 2021 19:02:14 -0400 Received: from mail-dm6nam10on2088.outbound.protection.outlook.com ([40.107.93.88]:61792 "EHLO NAM10-DM6-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S236793AbhIHXBI (ORCPT ); Wed, 8 Sep 2021 19:01:08 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JHt5JFVfCk4HCM3m823U3zmQONYZPzyqPRl5CiOFiOgEzg6jZutbLi/e68jcfp14h1OSmbGmvZacycLVB1mHNFnD9l9qReEcXNRvcdYoaUFjc6+Vklm89ASykdywlIWmIDYPE8WlmCwx4iEHIA/QlaPiTA/5e6hgIwHhunOICvH4o/ucJXKNOZhX/fLrfPkc0UeHuAwos2tGfYHVnSTBqSpACz4LQ+bLcO7/E0r9CdpWEUU/caPd1GdDZ5djE84OUb21Ae1edTs53l6w/sKs+f1w7EaORk6WGFD6VsBY/L7gJRneHrGntitm3Ar/fRxg7DLgDcl88De0rBfsPcldCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=pAbXSnzMVH0GK/CW2FXN5UhmlkTk0+/+WVuMc/5XJUo=; b=CnbzFg9so8OTmPgYqfQe6NFUIE4B2aEjt+NDIKU2Zxzciet8a16R8PeL3hwjV0Y8y034uou90UXWVKMK4v8Nec3IU1frlemIf8QGO+x1dzDJR/CSEMRQ+7AzzLneDIotygdvVOJvfY5SjcFVUr2gBZ4O1wReXhD5s0DM3LW4xvlUvm3TZJYjQSdeyRbxRXxxxCuYAk6FCuBFZsL/pU91yY8uhAsvJ4fBEWNOuIMNDiBUj0+TTVcHgrJtaMBCTXmpmON33fNHqLPtfu25TF+cxzoKIitQqnisCdnc+tEg7jPZ6FhixZ5cNY2F+3XFAx34Ig5hDqc6ygF0QGTxHrx+ew== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pAbXSnzMVH0GK/CW2FXN5UhmlkTk0+/+WVuMc/5XJUo=; b=sVjHVH0tf1/WuGYOC09ygULECOPOkdVfjmBbgDEVBlaw3wH94xzKMCVrduBVsmQw8Hen8BH1GJ9V7mjizTdamdKFU2cVe36nIhUp48LIfQaU1fwQUpWogcU+HtKK/CQ7HJ5MZOkSqiBjBMLxY+Er6JzixQX7AdljgqxW0DRJw50= Received: from DS7PR03CA0105.namprd03.prod.outlook.com (2603:10b6:5:3b7::20) by DM5PR12MB1595.namprd12.prod.outlook.com (2603:10b6:4:3::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.22; Wed, 8 Sep 2021 22:59:57 +0000 Received: from DM6NAM11FT042.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b7:cafe::7b) by DS7PR03CA0105.outlook.office365.com (2603:10b6:5:3b7::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.15 via Frontend Transport; Wed, 8 Sep 2021 22:59:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT042.mail.protection.outlook.com (10.13.173.165) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4500.14 via Frontend Transport; Wed, 8 Sep 2021 22:59:56 +0000 Received: from tlendack-t1.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.8; Wed, 8 Sep 2021 17:59:54 -0500 From: Tom Lendacky To: , , , , , , , , , , , , CC: Borislav Petkov , Brijesh Singh , Joerg Roedel , Andi Kleen , Sathyanarayanan Kuppuswamy , Tianyu Lan , Christoph Hellwig , Thomas Gleixner , Ingo Molnar , "Dave Hansen" , Andy Lutomirski , Peter Zijlstra , David Airlie , Daniel Vetter , Maarten Lankhorst , Maxime Ripard , Thomas Zimmermann , Will Deacon , "Dave Young" , Baoquan He , Michael Ellerman , Benjamin Herrenschmidt , "Paul Mackerras" , Heiko Carstens , "Vasily Gorbik" , Christian Borntraeger Subject: [PATCH v3 8/8] treewide: Replace the use of mem_encrypt_active() with cc_platform_has() Date: Wed, 8 Sep 2021 17:58:39 -0500 Message-ID: <46a18427dc4e9dda985b10e472965e3e4c769f1d.1631141919.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ed1e8dc2-5c5f-4917-df34-08d9731c60d9 X-MS-TrafficTypeDiagnostic: DM5PR12MB1595: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: OVIPqPJSnCCaQ0M9Sp+ZGaflD02NrnyqEFsJFbWGbBZaaJ8VLhyUokqFcAKhxqthB0GQPXG02EPQEOMivaq+S3GHkv/75meekhTVoHODAMfwFqIS2CVysoJpMHyNjYyP+amZ8+Bs+bbg0AsjtO9GXZ5g4QiEnaFBfD+qlA+48UChnUSkPfoYdaF91NHZVYI+r51FNrafWcpRB6wHH5dGtk4VppCauexh7gwp3aOsfewXq4kqwbuCrxjnfe/DyfhIXwt3PKb0KTB15fuzl4hNLBOixCiOarx2FTi55IEybw2sQEnv1OtquaFZec9QmGBmP+7QvvrKD2vFkwMEJSSrdnAYZBkRFZK1xDNPQhYg/GG3rI2CdK6CKysXbXaB0XxayIkPi4azytga6Izpmyp9zaRs+BEgf4PYHcBy5Sivnuj5U/Wq8wkUEWtd2elOaZiyqw0qNRE9P/O9Mcy7Gq3G+FpRTJnpaqDoe1EsAPVvL7VfgyFH5ZC3EF8No71+HGGGZW8se7wixaveWRL1YYiEaehgALdvNOPCVXtupOl00MOPs8xvGnuBLfdi/XQbpXcDCkarjs7HVhdLFUp5T9RqT5X13I+M4X9BOqfYW1bqlZ6PhQnpHtn9XVLu6UUg726VtVY8Ct5aQ55+g9nxexvs/lrjwk9cZ/AhNObDQRZ6UvioKpN+Ijoa47SLHH9FMUkSjzI1FhxAm8IkdAaetUZV4nzJ/SkJ3WZLBIeUKv+xCcfq0x624LEtRefEGOHbY0fmIBc2uwWxTaQUJIj4Dqz0yMLUmjFlDYXqz6wmXDYTdlc= X-Forefront-Antispam-Report: CIP:165.204.84.17; CTRY:US; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:SATLEXMB04.amd.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(39860400002)(396003)(346002)(376002)(136003)(46966006)(36840700001)(82310400003)(316002)(110136005)(426003)(54906003)(30864003)(356005)(7696005)(8936002)(5660300002)(921005)(81166007)(36756003)(36860700001)(70206006)(186003)(26005)(16526019)(2616005)(86362001)(4326008)(70586007)(2906002)(47076005)(7416002)(7406005)(6666004)(336012)(83380400001)(478600001)(82740400003)(8676002)(2101003)(36900700001)(83996005); DIR:OUT; SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2021 22:59:56.9876 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ed1e8dc2-5c5f-4917-df34-08d9731c60d9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17]; Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT042.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1595 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace uses of mem_encrypt_active() with calls to cc_platform_has() with the CC_ATTR_MEM_ENCRYPT attribute. Remove the implementation of mem_encrypt_active() across all arches. For s390, since the default implementation of the cc_platform_has() matches the s390 implementation of mem_encrypt_active(), cc_platform_has() does not need to be implemented in s390 (the config option ARCH_HAS_CC_PLATFORM is not set). Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: Dave Hansen Cc: Andy Lutomirski Cc: Peter Zijlstra Cc: David Airlie Cc: Daniel Vetter Cc: Maarten Lankhorst Cc: Maxime Ripard Cc: Thomas Zimmermann Cc: VMware Graphics Cc: Joerg Roedel Cc: Will Deacon Cc: Dave Young Cc: Baoquan He Cc: Michael Ellerman Cc: Benjamin Herrenschmidt Cc: Paul Mackerras Cc: Heiko Carstens Cc: Vasily Gorbik Cc: Christian Borntraeger Signed-off-by: Tom Lendacky --- arch/powerpc/include/asm/mem_encrypt.h | 5 ----- arch/powerpc/platforms/pseries/svm.c | 5 +++-- arch/s390/include/asm/mem_encrypt.h | 2 -- arch/x86/include/asm/mem_encrypt.h | 5 ----- arch/x86/kernel/head64.c | 4 ++-- arch/x86/mm/ioremap.c | 4 ++-- arch/x86/mm/mem_encrypt.c | 2 +- arch/x86/mm/pat/set_memory.c | 3 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 4 +++- drivers/gpu/drm/drm_cache.c | 4 ++-- drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 4 ++-- drivers/gpu/drm/vmwgfx/vmwgfx_msg.c | 6 +++--- drivers/iommu/amd/iommu.c | 3 ++- drivers/iommu/amd/iommu_v2.c | 3 ++- drivers/iommu/iommu.c | 3 ++- fs/proc/vmcore.c | 6 +++--- include/linux/mem_encrypt.h | 4 ---- kernel/dma/swiotlb.c | 4 ++-- 18 files changed, 31 insertions(+), 40 deletions(-) diff --git a/arch/powerpc/include/asm/mem_encrypt.h b/arch/powerpc/include/asm/mem_encrypt.h index ba9dab07c1be..2f26b8fc8d29 100644 --- a/arch/powerpc/include/asm/mem_encrypt.h +++ b/arch/powerpc/include/asm/mem_encrypt.h @@ -10,11 +10,6 @@ #include -static inline bool mem_encrypt_active(void) -{ - return is_secure_guest(); -} - static inline bool force_dma_unencrypted(struct device *dev) { return is_secure_guest(); diff --git a/arch/powerpc/platforms/pseries/svm.c b/arch/powerpc/platforms/pseries/svm.c index 87f001b4c4e4..c083ecbbae4d 100644 --- a/arch/powerpc/platforms/pseries/svm.c +++ b/arch/powerpc/platforms/pseries/svm.c @@ -8,6 +8,7 @@ #include #include +#include #include #include #include @@ -63,7 +64,7 @@ void __init svm_swiotlb_init(void) int set_memory_encrypted(unsigned long addr, int numpages) { - if (!mem_encrypt_active()) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return 0; if (!PAGE_ALIGNED(addr)) @@ -76,7 +77,7 @@ int set_memory_encrypted(unsigned long addr, int numpages) int set_memory_decrypted(unsigned long addr, int numpages) { - if (!mem_encrypt_active()) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return 0; if (!PAGE_ALIGNED(addr)) diff --git a/arch/s390/include/asm/mem_encrypt.h b/arch/s390/include/asm/mem_encrypt.h index 2542cbf7e2d1..08a8b96606d7 100644 --- a/arch/s390/include/asm/mem_encrypt.h +++ b/arch/s390/include/asm/mem_encrypt.h @@ -4,8 +4,6 @@ #ifndef __ASSEMBLY__ -static inline bool mem_encrypt_active(void) { return false; } - int set_memory_encrypted(unsigned long addr, int numpages); int set_memory_decrypted(unsigned long addr, int numpages); diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 499440781b39..ed954aa5c448 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -98,11 +98,6 @@ static inline void mem_encrypt_free_decrypted_mem(void) { } extern char __start_bss_decrypted[], __end_bss_decrypted[], __start_bss_decrypted_unused[]; -static inline bool mem_encrypt_active(void) -{ - return sme_me_mask; -} - static inline u64 sme_get_me_mask(void) { return sme_me_mask; diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index de01903c3735..f98c76a1d16c 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -19,7 +19,7 @@ #include #include #include -#include +#include #include #include @@ -285,7 +285,7 @@ unsigned long __head __startup_64(unsigned long physaddr, * there is no need to zero it after changing the memory encryption * attribute. */ - if (mem_encrypt_active()) { + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { vaddr = (unsigned long)__start_bss_decrypted; vaddr_end = (unsigned long)__end_bss_decrypted; for (; vaddr < vaddr_end; vaddr += PMD_SIZE) { diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c index b59a5cbc6bc5..026031b3b782 100644 --- a/arch/x86/mm/ioremap.c +++ b/arch/x86/mm/ioremap.c @@ -694,7 +694,7 @@ static bool __init early_memremap_is_setup_data(resource_size_t phys_addr, bool arch_memremap_can_ram_remap(resource_size_t phys_addr, unsigned long size, unsigned long flags) { - if (!mem_encrypt_active()) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return true; if (flags & MEMREMAP_ENC) @@ -724,7 +724,7 @@ pgprot_t __init early_memremap_pgprot_adjust(resource_size_t phys_addr, { bool encrypted_prot; - if (!mem_encrypt_active()) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return prot; encrypted_prot = true; diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 47d571a2cd28..7f09b86d2467 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -432,7 +432,7 @@ void __init mem_encrypt_free_decrypted_mem(void) * The unused memory range was mapped decrypted, change the encryption * attribute from decrypted to encrypted before freeing it. */ - if (mem_encrypt_active()) { + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { r = set_memory_encrypted(vaddr, npages); if (r) { pr_warn("failed to free unused decrypted pages\n"); diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index ad8a5c586a35..527957586f3c 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include @@ -1986,7 +1987,7 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc) int ret; /* Nothing to do if memory encryption is not active */ - if (!mem_encrypt_active()) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return 0; /* Should not be working on unaligned addresses */ diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c index b6640291f980..c8973bbb7d3f 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c @@ -38,6 +38,7 @@ #include #include #include +#include #include "amdgpu.h" #include "amdgpu_irq.h" @@ -1252,7 +1253,8 @@ static int amdgpu_pci_probe(struct pci_dev *pdev, * however, SME requires an indirect IOMMU mapping because the encryption * bit is beyond the DMA mask of the chip. */ - if (mem_encrypt_active() && ((flags & AMD_ASIC_MASK) == CHIP_RAVEN)) { + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT) && + ((flags & AMD_ASIC_MASK) == CHIP_RAVEN)) { dev_info(&pdev->dev, "SME is not compatible with RAVEN\n"); return -ENOTSUPP; diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c index 30cc59fe6ef7..f19d9acbe959 100644 --- a/drivers/gpu/drm/drm_cache.c +++ b/drivers/gpu/drm/drm_cache.c @@ -31,7 +31,7 @@ #include #include #include -#include +#include #include #include @@ -204,7 +204,7 @@ bool drm_need_swiotlb(int dma_bits) * Enforce dma_alloc_coherent when memory encryption is active as well * for the same reasons as for Xen paravirtual hosts. */ - if (mem_encrypt_active()) + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return true; for (tmp = iomem_resource.child; tmp; tmp = tmp->sibling) diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c index ab9a1750e1df..bfd71c86faa5 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_drv.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #include #include @@ -666,7 +666,7 @@ static int vmw_dma_select_mode(struct vmw_private *dev_priv) [vmw_dma_map_bind] = "Giving up DMA mappings early."}; /* TTM currently doesn't fully support SEV encryption. */ - if (mem_encrypt_active()) + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return -EINVAL; if (vmw_force_coherent) diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c index e50fb82a3030..2aceac7856e2 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include @@ -160,7 +160,7 @@ static unsigned long vmw_port_hb_out(struct rpc_channel *channel, unsigned long msg_len = strlen(msg); /* HB port can't access encrypted memory. */ - if (hb && !mem_encrypt_active()) { + if (hb && !cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { unsigned long bp = channel->cookie_high; u32 channel_id = (channel->channel_id << 16); @@ -216,7 +216,7 @@ static unsigned long vmw_port_hb_in(struct rpc_channel *channel, char *reply, unsigned long si, di, eax, ebx, ecx, edx; /* HB port can't access encrypted memory */ - if (hb && !mem_encrypt_active()) { + if (hb && !cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { unsigned long bp = channel->cookie_low; u32 channel_id = (channel->channel_id << 16); diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c index 1722bb161841..9e5da037d949 100644 --- a/drivers/iommu/amd/iommu.c +++ b/drivers/iommu/amd/iommu.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include #include @@ -2238,7 +2239,7 @@ static int amd_iommu_def_domain_type(struct device *dev) * active, because some of those devices (AMD GPUs) don't have the * encryption bit in their DMA-mask and require remapping. */ - if (!mem_encrypt_active() && dev_data->iommu_v2) + if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT) && dev_data->iommu_v2) return IOMMU_DOMAIN_IDENTITY; return 0; diff --git a/drivers/iommu/amd/iommu_v2.c b/drivers/iommu/amd/iommu_v2.c index a9e568276c99..13cbeb997cc1 100644 --- a/drivers/iommu/amd/iommu_v2.c +++ b/drivers/iommu/amd/iommu_v2.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "amd_iommu.h" @@ -742,7 +743,7 @@ int amd_iommu_init_device(struct pci_dev *pdev, int pasids) * When memory encryption is active the device is likely not in a * direct-mapped domain. Forbid using IOMMUv2 functionality for now. */ - if (mem_encrypt_active()) + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) return -ENODEV; if (!amd_iommu_v2_supported()) diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 3303d707bab4..e80261d17a49 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -25,6 +25,7 @@ #include #include #include +#include #include static struct kset *iommu_group_kset; @@ -130,7 +131,7 @@ static int __init iommu_subsys_init(void) else iommu_set_default_translated(false); - if (iommu_default_passthrough() && mem_encrypt_active()) { + if (iommu_default_passthrough() && cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { pr_info("Memory encryption detected - Disabling default IOMMU Passthrough\n"); iommu_set_default_translated(false); } diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c index 9a15334da208..cdbbf819d2d6 100644 --- a/fs/proc/vmcore.c +++ b/fs/proc/vmcore.c @@ -26,7 +26,7 @@ #include #include #include -#include +#include #include #include "internal.h" @@ -177,7 +177,7 @@ ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) */ ssize_t __weak elfcorehdr_read_notes(char *buf, size_t count, u64 *ppos) { - return read_from_oldmem(buf, count, ppos, 0, mem_encrypt_active()); + return read_from_oldmem(buf, count, ppos, 0, cc_platform_has(CC_ATTR_MEM_ENCRYPT)); } /* @@ -378,7 +378,7 @@ static ssize_t __read_vmcore(char *buffer, size_t buflen, loff_t *fpos, buflen); start = m->paddr + *fpos - m->offset; tmp = read_from_oldmem(buffer, tsz, &start, - userbuf, mem_encrypt_active()); + userbuf, cc_platform_has(CC_ATTR_MEM_ENCRYPT)); if (tmp < 0) return tmp; buflen -= tsz; diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h index 5c4a18a91f89..ae4526389261 100644 --- a/include/linux/mem_encrypt.h +++ b/include/linux/mem_encrypt.h @@ -16,10 +16,6 @@ #include -#else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ - -static inline bool mem_encrypt_active(void) { return false; } - #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ #ifdef CONFIG_AMD_MEM_ENCRYPT diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c index 87c40517e822..c4ca040fdb05 100644 --- a/kernel/dma/swiotlb.c +++ b/kernel/dma/swiotlb.c @@ -34,7 +34,7 @@ #include #include #include -#include +#include #include #ifdef CONFIG_DEBUG_FS #include @@ -552,7 +552,7 @@ phys_addr_t swiotlb_tbl_map_single(struct device *dev, phys_addr_t orig_addr, if (!mem) panic("Can not allocate SWIOTLB buffer earlier and can't now provide you with the DMA bounce buffer"); - if (mem_encrypt_active()) + if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) pr_warn_once("Memory encryption is active and system is using DMA bounce buffers\n"); if (mapping_size > alloc_size) {