From patchwork Thu Mar 9 02:40:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kelley (LINUX)" X-Patchwork-Id: 66562 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp56325wrd; Wed, 8 Mar 2023 18:44:05 -0800 (PST) X-Google-Smtp-Source: AK7set992j0kH8DKC4VfGgidPL2mO/+8eWZVZ5mIASRcuMIcdEJofWyVBNxX2EZEVs9rgwnPuBhZ X-Received: by 2002:a17:903:1c1:b0:19e:898f:8816 with SMTP id e1-20020a17090301c100b0019e898f8816mr23692499plh.10.1678329845198; Wed, 08 Mar 2023 18:44:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1678329845; cv=pass; d=google.com; s=arc-20160816; b=eN/NJAvKW18YlYPbN8SEYsCK+MqDP11YHV8q5F8lZHwtcqIbiUAVnPLGVw06ltjTRZ 8GDetJTiIEyaBPQ7aasvc0wpIrBfwyjyU+eyuS/xZHe4KqO9mPF0mjbflHH7km+yREUo 7zrCWFC+vfq57Sd2VU2MvdFQREUqe7jY8JdaqfpvkNiez53zrPiL55RjdGt6i58/eLRg Ci8y/Hp/meFz5P0KpgD87COs2I1v9swnLz2YxFheCB7uIFGPGw5Vgvb5RkZsqCQHZ6e6 PL2qoR7HMy4EVIiifrELWRKLy0x39xVgb8tyOl8r1S38GpxJD9dfKv5zJ/VBVWw/OulH OI9A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=+vVCdaTFGXtkZXyLDOxaOfi/6PmqIHiJZMVI3+wmvEE=; b=l0JGVyCw/WtxBbAP+4w9nWCh24GTV74xyCjk3fTdDdk69PXE0LrKhxpBqvwycLIJWQ W/7o5SZxgYcrIsehzh1OdUxEiiKe6yQRkW8YInnbGk4mgposVw26QQfg8MwNKzmuogQD CWCx3dUq1rSKiLzOt0rjzyM91atin0S2KKdjqYqQb4E4s63c+S5ByrNfLT6U5gp8LA7R tZofNxZp6e4NEIgEAcMUvQU3aXpuiZ1+MsM96K6yEmlcBsH6laUzyhj/BoQE2sW2aZxk kg/IGJL+++kChbqpq4Ks8vlCugiMYVDAdeyj4GlOZhcOvjHNgwUtSvGiA1Ex6dF8/eJR SkOw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=fIb7tzXl; arc=pass (i=1 spf=pass spfdomain=microsoft.com dkim=pass dkdomain=microsoft.com dmarc=pass fromdomain=microsoft.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g4-20020a170902934400b0019a8fe30321si16016730plp.208.2023.03.08.18.43.49; Wed, 08 Mar 2023 18:44:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=fIb7tzXl; arc=pass (i=1 spf=pass spfdomain=microsoft.com dkim=pass dkdomain=microsoft.com dmarc=pass fromdomain=microsoft.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229776AbjCICl4 (ORCPT + 99 others); Wed, 8 Mar 2023 21:41:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41774 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230052AbjCIClq (ORCPT ); Wed, 8 Mar 2023 21:41:46 -0500 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021020.outbound.protection.outlook.com [52.101.57.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 43035C9C17; Wed, 8 Mar 2023 18:41:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kVFohgUgCQOW2y4vGA8maAo/0xSjTSmN0/lNTX4KfK0C+bc4+mN3c9UWPhxw07wZWlqsv5q+E7YkxUj2lZx/GFIXXJZBheFHfD/wJb5msHJ23BDJ7G/STvKwu+EAsvNCJe3QkM94MmvSyAJlHsTURWoTBnEOiBQHCWuxdxc9bHMbvswOFqKOTIkPFIM2vibaujxyvAjJcoU3Oq/tDnbH9b4BDYJ92EBuwsfNftbkmByFpjDGchBtXmBz3GisIT22UqZSrXLfSdRUqkneldL5BaREVLXsFsDOQi2XEFHS8zFjmCb4wgUSTLXAzPiGYRLrHOywxYfJD5xp+P1/Msj+yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+vVCdaTFGXtkZXyLDOxaOfi/6PmqIHiJZMVI3+wmvEE=; b=kbYcka06ayGtLQ1t6YiFfUu0h5TRN7AjhAkyky7h4YTIfDtag7pzVINiXSaS7T5wMKo4tJhkcSmhvxV+8BHE4kuh4kbce+TYd/uMfdr/dtMIE41g+WB9DmrVmiGnx08hQbDQnxC4OdGTVpeRgWN1OYt3AFERezg4cMlj4MEDY0WV7hpPloqKtIFQcrLK+bRP1/PDvFhIrAmGXIf/QBA4d6aaelrFzjyDVcVEroNvzRC98nP0fTZjesCYyxSA8zVAdm7LAOwX2r/8JD2nMMquV7db4vIbUCslZttlnqsXijonOLS/ATq873JyDo5godQQZF2GDszM+lxwV0gSLwNIsg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+vVCdaTFGXtkZXyLDOxaOfi/6PmqIHiJZMVI3+wmvEE=; b=fIb7tzXlQYvbp2bRl8y1jQmuLIW6lx8prZEnNISSBQEv7IzYtBgXMExFNHJJo15hjreXsnFUJ9+fNRTR6B7NM8eg1P9OMUCOH2mSNXUhWnvB/Vp6FWV60yNqPziFtfWuVOZuZ9S5MU0d1a72/nb0Uk8bQjIcTU7HRkO/Otso0A4= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from DM6PR21MB1370.namprd21.prod.outlook.com (2603:10b6:5:16b::28) by BL0PR2101MB1313.namprd21.prod.outlook.com (2603:10b6:208:92::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.18; Thu, 9 Mar 2023 02:41:42 +0000 Received: from DM6PR21MB1370.namprd21.prod.outlook.com ([fe80::caf1:81fb:4297:bf17]) by DM6PR21MB1370.namprd21.prod.outlook.com ([fe80::caf1:81fb:4297:bf17%5]) with mapi id 15.20.6178.016; Thu, 9 Mar 2023 02:41:42 +0000 From: Michael Kelley To: hpa@zytor.com, kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, luto@kernel.org, peterz@infradead.org, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, lpieralisi@kernel.org, robh@kernel.org, kw@linux.com, bhelgaas@google.com, arnd@arndb.de, hch@lst.de, m.szyprowski@samsung.com, robin.murphy@arm.com, thomas.lendacky@amd.com, brijesh.singh@amd.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, Tianyu.Lan@microsoft.com, kirill.shutemov@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, dan.j.williams@intel.com, jane.chu@oracle.com, seanjc@google.com, tony.luck@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, linux-hyperv@vger.kernel.org, netdev@vger.kernel.org, linux-pci@vger.kernel.org, linux-arch@vger.kernel.org, iommu@lists.linux.dev Cc: mikelley@microsoft.com Subject: [PATCH v6 04/13] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently Date: Wed, 8 Mar 2023 18:40:05 -0800 Message-Id: <1678329614-3482-5-git-send-email-mikelley@microsoft.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1678329614-3482-1-git-send-email-mikelley@microsoft.com> References: <1678329614-3482-1-git-send-email-mikelley@microsoft.com> X-ClientProxiedBy: MW4P221CA0008.NAMP221.PROD.OUTLOOK.COM (2603:10b6:303:8b::13) To DM6PR21MB1370.namprd21.prod.outlook.com (2603:10b6:5:16b::28) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6PR21MB1370:EE_|BL0PR2101MB1313:EE_ X-MS-Office365-Filtering-Correlation-Id: 02555359-c78f-4286-8dc1-08db2047d108 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qYc7DGq4fKEe8gyeZXG/6NO8MxJ0d9obDl4zufaZ/GIvjF7cx1PGx5SiYyJAtqMn8yON4cPiqyb5jAMBaib0jiK6FpqXB5PnmAj9jVRWB+YSkptrSvsHAq0LfaRpFBkWPdi1XoGnSZsfxEEgEahHvNWMdvUIXoVHuKbF9sXHXwnFzlJ6az5BYdiaf4m+YTxLldE1aADae8Ryuqpp8w0OhdNDmj9yU+9XZb67BMUtSVTnfzG02jxudDK7CvB2PlbKzO+e2Cv7L6LesQ6JkLWyuX8E4ztpfWKCh3oAnuNCKXSeJ8+3d+MeHvs8S1VFfisKszYx2C3U1v6UUKT2OF110Qy/j5H5OfC3rKeiBu7RBCCkyQN527jPfQen1Pa+GknEfSY4hhxRraRncTDTU1Maexx1PZ2WK/yJ/LGQC/ag0ak84SmRj4lJl/wcvV/k0MDzQXvfBr+rXkjhUbBYnr6cBXWDZrDS0Wz1fGdzaMRYEcC6NPlGsrd5uV7muMCkatA55ywxarcMwSCfM4zCy8FSyePGkpLwnG/CXB5N4AsBMGzSjFOE4t/2oc5k1ospC9puJczwovpMo0ljRmlpJ7Q/KXVLgr6fEb63ggB6WavnG2oaSQqBemCEmrttP1K6hAZ6B71vLhYQot2kIZeHoSn1XC7R7/zt8bJm/bieDdPMrqjZt8Jaziovi5hJ8wWrF4XrB9kLkhYJ7ggmZ+HzP5a8+I/22K7CxoWZAEBjH8FtXrurrqelP/JJ0rLFhIynD3uafxLD3GxlIztJdi2pU45StQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR21MB1370.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(396003)(136003)(376002)(39860400002)(346002)(366004)(451199018)(82960400001)(82950400001)(83380400001)(36756003)(10290500003)(478600001)(921005)(316002)(38350700002)(38100700002)(2616005)(6486002)(6666004)(6506007)(6512007)(107886003)(26005)(186003)(7406005)(5660300002)(7416002)(41300700001)(52116002)(66476007)(66556008)(66946007)(2906002)(8936002)(8676002)(86362001)(4326008);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: Mun6Pw4MLTQr50T/vTFw6QOFATLN2EZykFB4UrLtc+j7dooJGPv+eHYCXEuBoxG/YXoJV0kMn49n6xlqktur1wll9ENoCMDR6KyuLMYbf7OMu94dsCu24hSTPfiDSisWf012Tz33fM7WOEsXE55HtX2QFuq7aYTb+9tGBmuKmrfSNYs4gOIQQNsbVZLi7pLkcwLyGU05dw4CqxYT/1FmfwRYEYULZ04fvUC7B5s0apaL6iexXFXSpgN7fJWsVjmKSVzm5FKwNQWB5CRdxkGEhSWBh6R1XiJnCH9+zJLYoKRLC4UUZeo+waq7OcDZgilef8Ey6GyKAT+ppZHnrqE4rURM83Ur4h5Db1XlyHf3XLTTH5hWI70xH+ukm9Qyo79C5V5i+aZvkwWHSDTOz5YR5IHI9oTKO/0/fT1u9+xDEtxpC9QWs7cbYRqhGzvVnkzApGfXZlY0nsxEHgYF6qRkg2TnUGJunSGqYVk9WvxN4YzApoQ3XXr1AzxUaeIj+M+DX7OTTPTNvcE+5DdzNOBrvmzpCn6IxdFe9waqCDRARgZopMTjrKuHQAAqSWzzyoS6NByxYTef50fZh39UZi0T9fiJQOFiSaetMQMFLkUOsTLDPLiQzO6cIgOzDd7XUCUXPTR0kYdZHcOTRHm+Jw/4Yg7/0KMCvpOMe2y1dahltxaCTVyxxk8uq/ELf+RZnq9VvifOtlGs3sc50OXntQNdYADEnQjCz8p6MDPRn34AUODdlBBFAwRNFKvA9WukI/mEuAXvRaAy6C2yDFa/SkizdbGvId7Ik4Oihgd1M3L0b3cquw78h5UUSa0IreSvUXKpPE+ciDxSG3eKbcYPBdvAzOsi16yUPrtnKC7Y57ZTDh9XJ/zVB4wEsmOUt/X0iMswTd4YNV6sjnRqErMiVBVtJcYygnUhp0TTTx/8tQhE+YcI4q5NDFSw80M6Qb/oaLbCRGcmOHa9RVqav/01eIHTBgO0833jAOlSizyjokLywuEAPXmHZPJ9BR3EJWJMyAJDqzuww0a35dPAUocSdXASvUqXddyQOwn6k7Q/zb/chgeY/xbI+ctGIDFmuBh2QrUE8y2cvIXscpeccnXmi+XN7ZkPRf3ebIveYX6fhr+97UciWzqOn6PN1v4lFxqjnRZqzQb9lcQhHQpe2jK5oRZf0Sd3FDIs1hG1pWmuz5AOivjlRmcvuBrAAZKyKlHYoTBwXRjNHF4Ab+Ou8gbYAVoNKwv2MciONPFcXM5etkk+lkf7QPAy4ZTOyH5b5vK+JlLVx3Gdn3ikaqYDqmovujAAO0qHH/xLLt1ZxyFvtHdkqkj+/jrFNfJSlZutCxjx3m2VPQEFZjBI7Di59nR+QNXpD3xqIcgHMp2uGOlkdq/yzPiG1PWVGMYThmssuRwNx/bsHDzK7vVBGGg4Q3VHN6sqtjbdQnidiZAR/5tcMWh+t8kTcXiLi32iqBAisFjq1FIhT6c+UripReb+eX7dH5ox0cnsmlJDNpvOAV4XLkrXJz97CQmsvsr+DduOog6pMMY2DZyYY+FnP1WXKmF9Ght/rmXrqAx6mF4+zezy9QE8spqUEprtMEpj3xrcDW23ap7YBFsXRz/BzpVUeNjIEiYc/g== X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 02555359-c78f-4286-8dc1-08db2047d108 X-MS-Exchange-CrossTenant-AuthSource: DM6PR21MB1370.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Mar 2023 02:41:42.6541 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: uDx/vAuCUrX8CCm+rCLcH57jcs+t+FmhfqUY7HWEV2Tz/GCD4QEK2kTXGtk5u5h49o7g10P/fOg2UZIZHswPpg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR2101MB1313 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1759856395759205705?= X-GMAIL-MSGID: =?utf-8?q?1759856395759205705?= sme_postprocess_startup() decrypts the bss_decrypted section when sme_me_mask is non-zero. mem_encrypt_free_decrypted_mem() re-encrypts the unused portion based on CC_ATTR_MEM_ENCRYPT. In a Hyper-V guest VM using vTOM, these conditions are not equivalent as sme_me_mask is always zero when using vTOM. Consequently, mem_encrypt_free_decrypted_mem() attempts to re-encrypt memory that was never decrypted. So check sme_me_mask in mem_encrypt_free_decrypted_mem() too. Hyper-V guests using vTOM don't need the bss_decrypted section to be decrypted, so skipping the decryption/re-encryption doesn't cause a problem. Signed-off-by: Michael Kelley Reviewed-by: Tom Lendacky --- arch/x86/mm/mem_encrypt_amd.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 9c4d8db..e0b51c0 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -513,10 +513,14 @@ void __init mem_encrypt_free_decrypted_mem(void) npages = (vaddr_end - vaddr) >> PAGE_SHIFT; /* - * The unused memory range was mapped decrypted, change the encryption - * attribute from decrypted to encrypted before freeing it. + * If the unused memory range was mapped decrypted, change the encryption + * attribute from decrypted to encrypted before freeing it. Base the + * re-encryption on the same condition used for the decryption in + * sme_postprocess_startup(). Higher level abstractions, such as + * CC_ATTR_MEM_ENCRYPT, aren't necessarily equivalent in a Hyper-V VM + * using vTOM, where sme_me_mask is always zero. */ - if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) { + if (sme_me_mask) { r = set_memory_encrypted(vaddr, npages); if (r) { pr_warn("failed to free unused decrypted pages\n");