From: Tom Lendacky <thomas.lendacky@amd•com>
To: David Laight <David.Laight@ACULAB•COM>,
'Borislav Petkov' <bp@suse•de>,
Brijesh Singh <brijesh.singh@amd•com>
Cc: "linux-efi@vger•kernel.org" <linux-efi@vger•kernel.org>,
"Radim Krcmár" <rkrcmar@redhat•com>,
"kvm@vger•kernel.org" <kvm@vger•kernel.org>,
"Fenghua Yu" <fenghua.yu@intel•com>,
"Matt Fleming" <matt@codeblueprint•co.uk>,
"David Howells" <dhowells@redhat•com>,
"Paul Mackerras" <paulus@samba•org>,
"H . Peter Anvin" <hpa@zytor•com>,
"Christoph Lameter" <cl@linux•com>,
"Jonathan Corbet" <corbet@lwn•net>,
"x86@kernel•org" <x86@kernel•org>,
"Piotr Luc" <piotr.luc@intel•com>,
"Ingo Molnar" <mingo@redhat•com>,
"Dave Airlie" <airlied@redhat•com>,
"Laura Abbott" <labbott@redhat•com>,
"Kees Cook" <keescook@chromium•org>,
"Arnd Bergmann" <arnd@arndb•de>,
"Konrad Rzeszutek Wilk" <konrad.wilk@oracle•com>,
"Reza Arbab" <arbab@linux•vnet.ibm.com>,
"Andy Lutomirski" <luto@kernel•org>,
"Thomas Gleixner" <tglx@linutronix•de>,
"Tony Luck" <tony.luck@intel•com>,
"Ard Biesheuvel" <ard.biesheuvel@linaro•org>,
"linux-kernel@vger•kernel.org" <linux-kernel@vger•kernel.org>,
"Eric Biederman" <ebiederm@xmission•com>,
"Tejun Heo" <tj@kernel•org>,
"Paolo Bonzini" <pbonzini@redhat•com>,
"Andrew Morton" <akpm@linux-foundation•org>,
"linuxppc-dev@lists•ozlabs.org" <linuxppc-dev@lists•ozlabs.org>,
"Kirill A . Shutemov" <kirill.shutemov@linux•intel.com>,
"Lu Baolu" <baolu.lu@linux•intel.com>
Subject: Re: [RFC Part1 PATCH v3 07/17] x86/mm: Include SEV for encryption memory attribute changes
Date: Thu, 17 Aug 2017 13:21:39 -0500 [thread overview]
Message-ID: <786b615a-941c-ae83-e02b-01ece58af5b3@amd.com> (raw)
In-Reply-To: <063D6719AE5E284EB5DD2968C1650D6DD0045508@AcuExch.aculab.com>
On 7/28/2017 3:47 AM, David Laight wrote:
> From: Borislav Petkov
>> Sent: 27 July 2017 15:59
>> On Mon, Jul 24, 2017 at 02:07:47PM -0500, Brijesh Singh wrote:
>>> From: Tom Lendacky <thomas.lendacky@amd•com>
>>>
>>> The current code checks only for sme_active() when determining whether
>>> to perform the encryption attribute change. Include sev_active() in this
>>> check so that memory attribute changes can occur under SME and SEV.
>>>
>>> Signed-off-by: Tom Lendacky <thomas.lendacky@amd•com>
>>> Signed-off-by: Brijesh Singh <brijesh.singh@amd•com>
>>> ---
>>> arch/x86/mm/pageattr.c | 4 ++--
>>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
>>> index dfb7d65..b726b23 100644
>>> --- a/arch/x86/mm/pageattr.c
>>> +++ b/arch/x86/mm/pageattr.c
>>> @@ -1781,8 +1781,8 @@ static int __set_memory_enc_dec(unsigned long addr, int numpages, bool enc)
>>> unsigned long start;
>>> int ret;
>>>
>>> - /* Nothing to do if the SME is not active */
>>> - if (!sme_active())
>>> + /* Nothing to do if SME and SEV are not active */
>>> + if (!sme_active() && !sev_active())
>>
>> This is the second place which does
>>
>> if (!SME && !SEV)
>>
>> I wonder if, instead of sprinking those, we should have a
>>
>> if (mem_enc_active())
>>
>> or so which unifies all those memory encryption logic tests and makes
>> the code more straightforward for readers who don't have to pay
>> attention to SME vs SEV ...
>
> If any of the code paths are 'hot' it would make sense to be checking
> a single memory location.
The function would check a single variable/memory location and making it
an inline function would accomplish that.
Thanks,
Tom
>
> David
>
next prev parent reply other threads:[~2017-08-17 18:21 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-24 19:07 [RFC Part1 PATCH v3 00/17] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-07-24 19:07 ` [RFC Part1 PATCH v3 01/17] Documentation/x86: Add AMD Secure Encrypted Virtualization (SEV) descrption Brijesh Singh
2017-07-25 5:45 ` Borislav Petkov
2017-07-25 14:59 ` Brijesh Singh
2017-07-24 19:07 ` [RFC Part1 PATCH v3 02/17] x86/CPU/AMD: Add the Secure Encrypted Virtualization CPU feature Brijesh Singh
2017-07-25 10:26 ` Borislav Petkov
2017-07-25 14:29 ` Tom Lendacky
2017-07-25 14:36 ` Borislav Petkov
2017-07-25 14:58 ` Tom Lendacky
2017-07-25 15:13 ` Borislav Petkov
2017-07-25 15:29 ` Tom Lendacky
2017-07-25 15:33 ` Borislav Petkov
2017-08-09 18:17 ` Tom Lendacky
2017-08-17 8:12 ` Borislav Petkov
2017-07-24 19:07 ` [RFC Part1 PATCH v3 03/17] x86/mm: Secure Encrypted Virtualization (SEV) support Brijesh Singh
2017-07-26 4:28 ` Borislav Petkov
2017-07-26 16:47 ` Tom Lendacky
2017-07-27 13:39 ` Borislav Petkov
2017-07-24 19:07 ` [RFC Part1 PATCH v3 04/17] x86/mm: Don't attempt to encrypt initrd under SEV Brijesh Singh
2017-07-26 14:44 ` Borislav Petkov
2017-07-24 19:07 ` [RFC Part1 PATCH v3 05/17] x86, realmode: Don't decrypt trampoline area " Brijesh Singh
2017-07-26 16:03 ` Borislav Petkov
2017-08-10 13:03 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 06/17] x86/mm: Use encrypted access of boot related data with SEV Brijesh Singh
2017-07-27 13:31 ` Borislav Petkov
2017-08-17 18:05 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 07/17] x86/mm: Include SEV for encryption memory attribute changes Brijesh Singh
2017-07-27 14:58 ` Borislav Petkov
2017-07-28 8:47 ` David Laight
2017-08-17 18:21 ` Tom Lendacky [this message]
2017-08-17 18:10 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 08/17] x86/efi: Access EFI data as encrypted when SEV is active Brijesh Singh
2017-07-28 10:31 ` Borislav Petkov
2017-08-17 18:42 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 09/17] resource: Consolidate resource walking code Brijesh Singh
2017-07-28 15:23 ` Borislav Petkov
2017-08-17 18:55 ` Tom Lendacky
2017-08-17 19:03 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 10/17] resource: Provide resource struct in resource walk callback Brijesh Singh
2017-07-31 8:26 ` Borislav Petkov
2017-07-31 22:19 ` Kees Cook
2017-07-24 19:07 ` [RFC Part1 PATCH v3 11/17] x86/mm, resource: Use PAGE_KERNEL protection for ioremap of memory pages Brijesh Singh
2017-08-02 4:02 ` Borislav Petkov
2017-08-17 19:22 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 12/17] x86/mm: DMA support for SEV memory encryption Brijesh Singh
2017-08-07 3:48 ` Borislav Petkov
2017-08-17 19:35 ` Tom Lendacky
2017-07-24 19:07 ` [RFC Part1 PATCH v3 13/17] x86/io: Unroll string I/O when SEV is active Brijesh Singh
2017-07-25 9:51 ` David Laight
2017-07-26 10:45 ` Arnd Bergmann
2017-07-26 19:24 ` Brijesh Singh
2017-07-26 19:26 ` H. Peter Anvin
2017-07-26 20:07 ` Brijesh Singh
2017-07-27 7:45 ` David Laight
2017-08-22 16:52 ` Borislav Petkov
2017-09-15 12:24 ` Borislav Petkov
2017-09-15 14:13 ` Brijesh Singh
2017-09-15 14:40 ` Borislav Petkov
2017-09-15 14:48 ` Brijesh Singh
2017-09-15 16:22 ` Borislav Petkov
2017-09-15 16:27 ` Brijesh Singh
2017-07-24 19:07 ` [RFC Part1 PATCH v3 14/17] x86/boot: Add early boot support when running with SEV active Brijesh Singh
2017-08-23 15:30 ` Borislav Petkov
2017-08-24 18:54 ` Tom Lendacky
2017-08-25 12:54 ` Borislav Petkov
2017-07-24 19:07 ` [RFC Part1 PATCH v3 15/17] x86: Add support for changing memory encryption attribute in early boot Brijesh Singh
2017-08-28 10:51 ` Borislav Petkov
2017-08-28 11:49 ` Brijesh Singh
2017-07-24 19:07 ` [RFC Part1 PATCH v3 16/17] X86/KVM: Provide support to create Guest and HV shared per-CPU variables Brijesh Singh
2017-08-29 10:22 ` Borislav Petkov
2017-08-30 16:18 ` Brijesh Singh
2017-08-30 17:46 ` Borislav Petkov
2017-09-01 22:52 ` Brijesh Singh
2017-09-02 3:21 ` Andy Lutomirski
2017-09-03 2:34 ` Brijesh Singh
2017-09-04 17:05 ` Borislav Petkov
2017-09-04 17:47 ` Brijesh Singh
2017-07-24 19:07 ` [RFC Part1 PATCH v3 17/17] X86/KVM: Clear encryption attribute when SEV is active Brijesh Singh
2017-08-31 15:06 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=786b615a-941c-ae83-e02b-01ece58af5b3@amd.com \
--to=thomas.lendacky@amd$(echo .)com \
--cc=David.Laight@ACULAB$(echo .)COM \
--cc=airlied@redhat$(echo .)com \
--cc=akpm@linux-foundation$(echo .)org \
--cc=arbab@linux$(echo .)vnet.ibm.com \
--cc=ard.biesheuvel@linaro$(echo .)org \
--cc=arnd@arndb$(echo .)de \
--cc=baolu.lu@linux$(echo .)intel.com \
--cc=bp@suse$(echo .)de \
--cc=brijesh.singh@amd$(echo .)com \
--cc=cl@linux$(echo .)com \
--cc=corbet@lwn$(echo .)net \
--cc=dhowells@redhat$(echo .)com \
--cc=ebiederm@xmission$(echo .)com \
--cc=fenghua.yu@intel$(echo .)com \
--cc=hpa@zytor$(echo .)com \
--cc=keescook@chromium$(echo .)org \
--cc=kirill.shutemov@linux$(echo .)intel.com \
--cc=konrad.wilk@oracle$(echo .)com \
--cc=kvm@vger$(echo .)kernel.org \
--cc=labbott@redhat$(echo .)com \
--cc=linux-efi@vger$(echo .)kernel.org \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
--cc=luto@kernel$(echo .)org \
--cc=matt@codeblueprint$(echo .)co.uk \
--cc=mingo@redhat$(echo .)com \
--cc=paulus@samba$(echo .)org \
--cc=pbonzini@redhat$(echo .)com \
--cc=piotr.luc@intel$(echo .)com \
--cc=rkrcmar@redhat$(echo .)com \
--cc=tglx@linutronix$(echo .)de \
--cc=tj@kernel$(echo .)org \
--cc=tony.luck@intel$(echo .)com \
--cc=x86@kernel$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox