From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4D68CDB47E for ; Wed, 18 Oct 2023 04:43:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DD4A48D0131; Wed, 18 Oct 2023 00:43:41 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D84E48D0016; Wed, 18 Oct 2023 00:43:41 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C74028D0131; Wed, 18 Oct 2023 00:43:41 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id B3F3E8D0016 for ; Wed, 18 Oct 2023 00:43:41 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 88461B66E3 for ; Wed, 18 Oct 2023 04:43:41 +0000 (UTC) X-FDA: 81357339042.07.5EA5C66 Received: from verein.lst.de (verein.lst.de [213.95.11.211]) by imf22.hostedemail.com (Postfix) with ESMTP id A087EC0004 for ; Wed, 18 Oct 2023 04:43:39 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf22.hostedemail.com: domain of hch@lst.de designates 213.95.11.211 as permitted sender) smtp.mailfrom=hch@lst.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697604220; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Y8dpzAxGNF7xYyh9/OYskro2jVdKfTdZh6TOwIkr3gQ=; b=QBDLnFZlgAX47Y6I3jywhEvuEEhIhSXOSJbj03bLbkmh41LueiYVjhXJaC4vHoC6J8ZKZQ NWR8BPIAQkEc64v1roTt7pMyhfd3Bz5U2lk4+JRbUnwA5Xknm/u0QK3VY8evRqg0mY29iX ZE4w5wb0QZhNSycfQwy6tOwJHnzyogw= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf22.hostedemail.com: domain of hch@lst.de designates 213.95.11.211 as permitted sender) smtp.mailfrom=hch@lst.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1697604220; a=rsa-sha256; cv=none; b=3ahwcsYdqq7+fdckPJGXSaIjR9gz4X0Dld9Y/kQJ7lHML0uulztMmD8ZDvcYUKW5sNcjsw RwoqOdQw8v4Pi6qAVN01xsf1+ziw/LbtFrE8kdsampweEBKH2bTzesDzm4bsQdT8v8yWbv pKlcfcshu6nC5wQdlUuaaMcKaxQOWMU= Received: by verein.lst.de (Postfix, from userid 2407) id DD76567373; Wed, 18 Oct 2023 06:43:33 +0200 (CEST) Date: Wed, 18 Oct 2023 06:43:33 +0200 From: Christoph Hellwig To: Rick Edgecombe Cc: x86@kernel.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, hpa@zytor.com, luto@kernel.org, peterz@infradead.org, kirill.shutemov@linux.intel.com, elena.reshetova@intel.com, isaku.yamahata@intel.com, seanjc@google.com, Michael Kelley , thomas.lendacky@amd.com, decui@microsoft.com, sathyanarayanan.kuppuswamy@linux.intel.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, Christoph Hellwig , Marek Szyprowski , Robin Murphy , iommu@lists.linux.dev Subject: Re: [PATCH 04/10] swiotlb: Use free_decrypted_pages() Message-ID: <20231018044333.GA15759@lst.de> References: <20231017202505.340906-1-rick.p.edgecombe@intel.com> <20231017202505.340906-5-rick.p.edgecombe@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20231017202505.340906-5-rick.p.edgecombe@intel.com> User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: A087EC0004 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: kd8oix4n57zr7pamw43j5w13ea149gtb X-HE-Tag: 1697604219-919459 X-HE-Meta: U2FsdGVkX19zUddV8Kt+icPfEr2lZ63BR/Z0xzMBEcOjE+8tov/oxGh+Hlmpq8nB99TMV0vhLy7SNSwUuE/+ii9mbTxSlnWbG2fDK8Sm7mtosyO4OwpRawuBb7ZajhuNlwNj8QBCfpMTyLl+p4RtnQr803ln31GHD72q1HM59Jzxe5495l+xPWsAPCEGwfn7jL/0rrDwJVatoVlReAhXwSsA8PRwkpuHnBNEaOC9bX7uLQyN+QcqO/mNDYDwe17W/7dTuvHOx78Thzr71iOO97rvKjd+Q/OMQPyKjnap4O+ftF4L7a22gqiC067MdUa6JcstZmn0Firxoo/p6icI7cpunFCXMpFWe96nE7GEtnEn+5Alp39WSo8DUTftz99LSPlvj8IBs15Zdr53kM/g8lvrrWhvRKf1A/JBbSdxkkI9wVlU13a4Ejp5uqnuvvRU/Yjl8g2oCIhZNdOheXlRLIT8hvsn1QwwDysxLvH/DwmE6J95AnUu3LeeXRsWC+2nr0QPQyp4eOAub/K1toDWJIbS4BivMQJZf2IDYIZv4EgM/+brpo2ZqnF3nwLnzQSsN5aGUiWJKps2tdSDL19MWeySTmdBUGNs/THNTLXKjn8lgHDKbNBhiWtMPCt81wbpG3SzXF+TVGEjD5iDqKpgSV/LV3eeuF/RFlxHuH+hH9jRS4UV7S8YqWvjeRXjTOu3eaX0bsftuwfYKG+dqFXR9VNWrP2SjnWn5S2vTNmt/iRm6i+UV0ZzvNCzKBEmXE3NfPgfcEYjH4ACRYSms86NjmsDzq2/HWsn7IIfd2K6hKsLOmN9W8YM/AIvNwja/sFPWEcdIKKJG2Onul93ub/Zf0NbRGPhuKVQpAU2II+LlIZtGhVrSLfzLysdl2BfsIWgE9BmKs8kRlRILeTs7Fe3DwwitpvYs8+OLA6qSAbSX9krp/DqDww0V2idI023Qc1g2NM3SliVZSUvTK4a5ii kmk2Q791 OvnzXgdSyrJlalgVYw4jLrqWzFOarm2SYtfXfaw4cUub9x/qN6BWFYmcinyioHLGA2Ks8wODNCSlkZXn649MJkWRqYQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Oct 17, 2023 at 01:24:59PM -0700, Rick Edgecombe wrote: > On TDX it is possible for the untrusted host to cause > set_memory_encrypted() or set_memory_decrypted() to fail such that an > error is returned and the resulting memory is shared. Callers need to take > care to handle these errors to avoid returning decrypted (shared) memory to > the page allocator, which could lead to functional or security issues. > > Swiotlb could free decrypted/shared pages if set_memory_decrypted() fails. > Use the recently added free_decrypted_pages() to avoid this. > > In swiotlb_exit(), check for set_memory_encrypted() errors manually, > because the pages are not nessarily going to the page allocator. Whatever recently introduced it didn't make it to my mailbox. Please always CC everyone on every patch in a series, everything else is impossible to review.