* [PATCHv2] x86/tdx: Preserve shared bit on mprotect()
@ 2024-04-19 20:13 Kirill A. Shutemov
2024-04-22 19:46 ` Tom Lendacky
0 siblings, 1 reply; 4+ messages in thread
From: Kirill A. Shutemov @ 2024-04-19 20:13 UTC (permalink / raw
To: tglx, mingo, bp, dave.hansen
Cc: sathyanarayanan.kuppuswamy, hpa, seanjc, elena.reshetova,
rick.p.edgecombe, x86, linux-kernel, Kirill A. Shutemov, Chris Oo,
Tom Lendacky, Dexuan Cui
The TDX guest platform takes one bit from the physical address to
indicate if the page is shared (accessible by VMM). This bit is not part
of the physical_mask and is not preserved during mprotect(). As a
result, the 'shared' bit is lost during mprotect() on shared mappings.
_COMMON_PAGE_CHG_MASK specifies which PTE bits need to be preserved
during modification. AMD includes 'sme_me_mask' in the define to
preserve the 'encrypt' bit.
To cover both Intel and AMD cases, include 'cc_mask' in
_COMMON_PAGE_CHG_MASK instead of 'sme_me_mask'.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Fixes: 41394e33f3a0 ("x86/tdx: Extend the confidential computing API to support TDX guests")
Reported-and-tested-by: Chris Oo <cho@microsoft.com>
Reviewed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Dexuan Cui <decui@microsoft.com>
---
v2:
- Fix build for !CONFIG_ARCH_HAS_CC_PLATFORM
---
arch/x86/include/asm/coco.h | 1 +
arch/x86/include/asm/pgtable_types.h | 3 ++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/coco.h b/arch/x86/include/asm/coco.h
index c086699b0d0c..ac8cd4447d48 100644
--- a/arch/x86/include/asm/coco.h
+++ b/arch/x86/include/asm/coco.h
@@ -25,6 +25,7 @@ u64 cc_mkdec(u64 val);
void cc_random_init(void);
#else
#define cc_vendor (CC_VENDOR_NONE)
+#define cc_mask 0
static inline u64 cc_mkenc(u64 val)
{
diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h
index 8857d811fb5d..2f321137736c 100644
--- a/arch/x86/include/asm/pgtable_types.h
+++ b/arch/x86/include/asm/pgtable_types.h
@@ -148,7 +148,7 @@
#define _COMMON_PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \
_PAGE_SPECIAL | _PAGE_ACCESSED | \
_PAGE_DIRTY_BITS | _PAGE_SOFT_DIRTY | \
- _PAGE_DEVMAP | _PAGE_ENC | _PAGE_UFFD_WP)
+ _PAGE_DEVMAP | _PAGE_CC | _PAGE_UFFD_WP)
#define _PAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PAT)
#define _HPAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PSE | _PAGE_PAT_LARGE)
@@ -173,6 +173,7 @@ enum page_cache_mode {
};
#endif
+#define _PAGE_CC (_AT(pteval_t, cc_mask))
#define _PAGE_ENC (_AT(pteval_t, sme_me_mask))
#define _PAGE_CACHE_MASK (_PAGE_PWT | _PAGE_PCD | _PAGE_PAT)
--
2.43.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCHv2] x86/tdx: Preserve shared bit on mprotect()
2024-04-19 20:13 [PATCHv2] x86/tdx: Preserve shared bit on mprotect() Kirill A. Shutemov
@ 2024-04-22 19:46 ` Tom Lendacky
2024-04-22 20:18 ` Dave Hansen
0 siblings, 1 reply; 4+ messages in thread
From: Tom Lendacky @ 2024-04-22 19:46 UTC (permalink / raw
To: Kirill A. Shutemov, tglx, mingo, bp, dave.hansen
Cc: sathyanarayanan.kuppuswamy, hpa, seanjc, elena.reshetova,
rick.p.edgecombe, x86, linux-kernel, Chris Oo, Dexuan Cui
On 4/19/24 15:13, Kirill A. Shutemov wrote:
> The TDX guest platform takes one bit from the physical address to
> indicate if the page is shared (accessible by VMM). This bit is not part
> of the physical_mask and is not preserved during mprotect(). As a
> result, the 'shared' bit is lost during mprotect() on shared mappings.
>
> _COMMON_PAGE_CHG_MASK specifies which PTE bits need to be preserved
> during modification. AMD includes 'sme_me_mask' in the define to
> preserve the 'encrypt' bit.
>
> To cover both Intel and AMD cases, include 'cc_mask' in
> _COMMON_PAGE_CHG_MASK instead of 'sme_me_mask'.
>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
> Fixes: 41394e33f3a0 ("x86/tdx: Extend the confidential computing API to support TDX guests")
> Reported-and-tested-by: Chris Oo <cho@microsoft.com>
> Reviewed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
> Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
Appears to be no functional change on the AMD side.
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Dexuan Cui <decui@microsoft.com>
> ---
>
> v2:
> - Fix build for !CONFIG_ARCH_HAS_CC_PLATFORM
>
> ---
> arch/x86/include/asm/coco.h | 1 +
> arch/x86/include/asm/pgtable_types.h | 3 ++-
> 2 files changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/include/asm/coco.h b/arch/x86/include/asm/coco.h
> index c086699b0d0c..ac8cd4447d48 100644
> --- a/arch/x86/include/asm/coco.h
> +++ b/arch/x86/include/asm/coco.h
> @@ -25,6 +25,7 @@ u64 cc_mkdec(u64 val);
> void cc_random_init(void);
> #else
> #define cc_vendor (CC_VENDOR_NONE)
> +#define cc_mask 0
>
> static inline u64 cc_mkenc(u64 val)
> {
> diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h
> index 8857d811fb5d..2f321137736c 100644
> --- a/arch/x86/include/asm/pgtable_types.h
> +++ b/arch/x86/include/asm/pgtable_types.h
> @@ -148,7 +148,7 @@
> #define _COMMON_PAGE_CHG_MASK (PTE_PFN_MASK | _PAGE_PCD | _PAGE_PWT | \
> _PAGE_SPECIAL | _PAGE_ACCESSED | \
> _PAGE_DIRTY_BITS | _PAGE_SOFT_DIRTY | \
> - _PAGE_DEVMAP | _PAGE_ENC | _PAGE_UFFD_WP)
> + _PAGE_DEVMAP | _PAGE_CC | _PAGE_UFFD_WP)
> #define _PAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PAT)
> #define _HPAGE_CHG_MASK (_COMMON_PAGE_CHG_MASK | _PAGE_PSE | _PAGE_PAT_LARGE)
>
> @@ -173,6 +173,7 @@ enum page_cache_mode {
> };
> #endif
>
> +#define _PAGE_CC (_AT(pteval_t, cc_mask))
> #define _PAGE_ENC (_AT(pteval_t, sme_me_mask))
>
> #define _PAGE_CACHE_MASK (_PAGE_PWT | _PAGE_PCD | _PAGE_PAT)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCHv2] x86/tdx: Preserve shared bit on mprotect()
2024-04-22 19:46 ` Tom Lendacky
@ 2024-04-22 20:18 ` Dave Hansen
2024-04-23 11:09 ` Kirill A. Shutemov
0 siblings, 1 reply; 4+ messages in thread
From: Dave Hansen @ 2024-04-22 20:18 UTC (permalink / raw
To: Tom Lendacky, Kirill A. Shutemov, tglx, mingo, bp
Cc: sathyanarayanan.kuppuswamy, hpa, seanjc, elena.reshetova,
rick.p.edgecombe, x86, linux-kernel, Chris Oo, Dexuan Cui
On 4/22/24 12:46, Tom Lendacky wrote:
> Appears to be no functional change on the AMD side.
>
> Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Thanks a bunch for that! I was just noodling over this one and that was
one of my worries.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCHv2] x86/tdx: Preserve shared bit on mprotect()
2024-04-22 20:18 ` Dave Hansen
@ 2024-04-23 11:09 ` Kirill A. Shutemov
0 siblings, 0 replies; 4+ messages in thread
From: Kirill A. Shutemov @ 2024-04-23 11:09 UTC (permalink / raw
To: Dave Hansen
Cc: Tom Lendacky, tglx, mingo, bp, sathyanarayanan.kuppuswamy, hpa,
seanjc, elena.reshetova, rick.p.edgecombe, x86, linux-kernel,
Chris Oo, Dexuan Cui
On Mon, Apr 22, 2024 at 01:18:26PM -0700, Dave Hansen wrote:
> On 4/22/24 12:46, Tom Lendacky wrote:
> > Appears to be no functional change on the AMD side.
> >
> > Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
>
> Thanks a bunch for that! I was just noodling over this one and that was
> one of my worries.
Please hold. 0-day found more build issues. Apparently 'cc_mask' is used in
couple of drivers for unrelated reasons and "#define cc_mask 0" breaks them.
I will send v3.
--
Kiryl Shutsemau / Kirill A. Shutemov
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2024-04-23 11:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-04-19 20:13 [PATCHv2] x86/tdx: Preserve shared bit on mprotect() Kirill A. Shutemov
2024-04-22 19:46 ` Tom Lendacky
2024-04-22 20:18 ` Dave Hansen
2024-04-23 11:09 ` Kirill A. Shutemov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).