From: Tom Lendacky <thomas.lendacky@amd.com>
To: Borislav Petkov <bp@suse.de>,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Jiri Kosina <jikos@kernel.org>, Ingo Molnar <mingo@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
LKML <linux-kernel@vger.kernel.org>,
linux-mm <linux-mm@kvack.org>,
the arch/x86 maintainers <x86@kernel.org>,
Greg KH <greg@kroah.com>
Subject: Re: [PATCH] x86/mm: Unbreak modules that rely on external PAGE_KERNEL availability
Date: Wed, 8 Nov 2017 16:04:56 -0600 [thread overview]
Message-ID: <767a4437-4051-7812-e676-22a7178870d5@amd.com> (raw)
In-Reply-To: <20171108214522.n5ewoijugodmmiec@pd.tnic>
On 11/8/2017 3:45 PM, Borislav Petkov wrote:
> On Wed, Nov 08, 2017 at 01:23:37PM -0800, Linus Torvalds wrote:
>> I was thinking that maybe we could have a fixed "encrypt" bit in our
>> PTE, and then replace that "software bit" with whatever the real
>> hardware mask is (if any).
>
> Right, I don't think that should be hard, unless I'm missing anything.
> We read that bit from CPUID and that's bit 47 of the physical address
> right now.
>
> Do you think we could reuse one of those _PAGE_BIT_SOFTW*?
>
> Right, and then set the proper *hardware* bit everytime we set a
> pteval_t.
>
>> Because it's nasty to have these constants that _used_ to be
>> constants, and still _look_ like constants, suddely do stupid memory
>> reads from random kernel data.
>>
>> So _this_ is the underflying problem:
>>
>> #define _PAGE_ENC (_AT(pteval_t, sme_me_mask))
>>
>> because that is simply not how the _PAGE_xyz macros should work!
>
> Yeah, I still have a funny feeling when looking at that but modulo
> better solutions... :-\
>
>> So it should have been a fixed bit to begin with, and the dynamic part
>> should have been elsewhere.
>
> Right, Tom, whaddya think? Do you see any issues with doing a software,
> "mirror" bit of sorts and then converting to the C-bit when needed?
I think that should be doable. It will take some investigation to see what
bit can be safely used and to find all of the areas where we would have to
translate the software bit to the hardware bit (as you mention below).
Thanks,
Tom
>
>> The whole EXPORT_SYMBOL() thing is just a symptom of that fundamental
>> error. Modules - GPL or not - should _never_ have to know or care
>> about this _PAGE_ENC bit madness, simply because it shouldn't have
>> been there.
>
> Right, so every user of the PAGE_* macros needs to set the C-bit when
> SME is enabled and everytime it creates a PTE so that the memory
> controller knows how to do the access. I certainly like your idea but
> we'd have to audit all the places where we need to convert to the C-bit
> from the software encryption bit and how ugly that would get.
>
> Btw, this is the other reason why the _PAGE_ENC bit is in the PAGE_*
> macros: for full encryption, everything that deals with PTEs needs to
> set the C-bit.
>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-11-08 22:05 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-08 20:18 Jiri Kosina
2017-11-08 20:47 ` Thomas Gleixner
2017-11-08 21:09 ` Linus Torvalds
2017-11-08 21:15 ` Borislav Petkov
2017-11-08 21:23 ` Linus Torvalds
2017-11-08 21:36 ` Tom Lendacky
2017-11-08 21:45 ` Borislav Petkov
2017-11-08 22:04 ` Tom Lendacky [this message]
2017-11-08 21:46 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=767a4437-4051-7812-e676-22a7178870d5@amd.com \
--to=thomas.lendacky@amd.com \
--cc=bp@suse.de \
--cc=greg@kroah.com \
--cc=hpa@zytor.com \
--cc=jikos@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox