Thread (45 messages) 45 messages, 5 authors, 2021-08-24

Re: [PATCH v2 03/12] x86/sev: Add an x86 version of prot_guest_has()

From: Tom Lendacky <thomas.lendacky@amd.com>
Date: 2021-08-19 18:33:17
Also in: amd-gfx, dri-devel, kexec, kvm, linux-efi, linux-fsdevel, linux-iommu, linux-s390, lkml, platform-driver-x86

On 8/19/21 4:52 AM, Christoph Hellwig wrote:
On Fri, Aug 13, 2021 at 11:59:22AM -0500, Tom Lendacky wrote:
quoted
While the name suggests this is intended mainly for guests, it will
also be used for host memory encryption checks in place of sme_active().
Which suggest that the name is not good to start with.  Maybe protected
hardware, system or platform might be a better choice?
quoted
+static inline bool prot_guest_has(unsigned int attr)
+{
+#ifdef CONFIG_AMD_MEM_ENCRYPT
+	if (sme_me_mask)
+		return amd_prot_guest_has(attr);
+#endif
+
+	return false;
+}
Shouldn't this be entirely out of line?
I did it as inline originally because the presence of the function will be
decided based on the ARCH_HAS_PROTECTED_GUEST config. For now, that is
only selected by the AMD memory encryption support, so if I went out of
line I could put in mem_encrypt.c. But with TDX wanting to also use it, it
would have to be in an always built file with some #ifdefs or in its own
file that is conditionally built based on the ARCH_HAS_PROTECTED_GUEST
setting (they've already tried building with ARCH_HAS_PROTECTED_GUEST=y
and AMD_MEM_ENCRYPT not set).

To take it out of line, I'm leaning towards the latter, creating a new
file that is built based on the ARCH_HAS_PROTECTED_GUEST setting.
quoted
+/* 0x800 - 0x8ff reserved for AMD */
+#define PATTR_SME			0x800
+#define PATTR_SEV			0x801
+#define PATTR_SEV_ES			0x802
Why do we need reservations for a purely in-kernel namespace?

And why are you overoading a brand new generic API with weird details
of a specific implementation like this?
There was some talk about this on the mailing list where TDX and SEV may
need to be differentiated, so we wanted to reserve a range of values per
technology. I guess I can remove them until they are actually needed.

Thanks,
Tom
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help