| Message ID | 20180612143915.68065-9-kirill.shutemov@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 06/12/2018 07:39 AM, Kirill A. Shutemov wrote: > +bool vma_is_encrypted(struct vm_area_struct *vma) > +{ > + return pgprot_val(vma->vm_page_prot) & mktme_keyid_mask; > +} > + > +int vma_keyid(struct vm_area_struct *vma) > +{ > + pgprotval_t prot; > + > + if (!vma_is_anonymous(vma)) > + return 0; > + > + prot = pgprot_val(vma->vm_page_prot); > + return (prot & mktme_keyid_mask) >> mktme_keyid_shift; > +} Why do we have a vma_is_anonymous() in one of these but not the other? While this reuse of ->vm_page_prot is cute, is there any downside? It's the first place I know of that we can't derive ->vm_page_prot from ->vm_flags on non-VM_IO/PFNMAP VMAs. Is that a problem?
On Wed, Jun 13, 2018 at 06:18:05PM +0000, Dave Hansen wrote: > On 06/12/2018 07:39 AM, Kirill A. Shutemov wrote: > > +bool vma_is_encrypted(struct vm_area_struct *vma) > > +{ > > + return pgprot_val(vma->vm_page_prot) & mktme_keyid_mask; > > +} > > + > > +int vma_keyid(struct vm_area_struct *vma) > > +{ > > + pgprotval_t prot; > > + > > + if (!vma_is_anonymous(vma)) > > + return 0; > > + > > + prot = pgprot_val(vma->vm_page_prot); > > + return (prot & mktme_keyid_mask) >> mktme_keyid_shift; > > +} > > Why do we have a vma_is_anonymous() in one of these but not the other? It shouldn't be there. It's from earlier approach to the function. I'll fix this. And I'll drop vma_is_encrypted(). It is not very useful. > While this reuse of ->vm_page_prot is cute, is there any downside? It's > the first place I know of that we can't derive ->vm_page_prot from > ->vm_flags on non-VM_IO/PFNMAP VMAs. Is that a problem? I don't think so. It need to be covered in pte_modify() and such, but it's about it. That's relatively isolated change and we can move KeyID into a standalone field, if this approach proves to be problematic.
diff --git a/arch/x86/include/asm/mktme.h b/arch/x86/include/asm/mktme.h index df31876ec48c..08f613953207 100644 --- a/arch/x86/include/asm/mktme.h +++ b/arch/x86/include/asm/mktme.h @@ -3,10 +3,19 @@ #include <linux/types.h> +struct vm_area_struct; + #ifdef CONFIG_X86_INTEL_MKTME extern phys_addr_t mktme_keyid_mask; extern int mktme_nr_keyids; extern int mktme_keyid_shift; + +#define vma_is_encrypted vma_is_encrypted +bool vma_is_encrypted(struct vm_area_struct *vma); + +#define vma_keyid vma_keyid +int vma_keyid(struct vm_area_struct *vma); + #else #define mktme_keyid_mask ((phys_addr_t)0) #define mktme_nr_keyids 0 diff --git a/arch/x86/mm/mktme.c b/arch/x86/mm/mktme.c index 467f1b26c737..3b2f28a21d99 100644 --- a/arch/x86/mm/mktme.c +++ b/arch/x86/mm/mktme.c @@ -1,5 +1,22 @@ +#include <linux/mm.h> #include <asm/mktme.h> phys_addr_t mktme_keyid_mask; int mktme_nr_keyids; int mktme_keyid_shift; + +bool vma_is_encrypted(struct vm_area_struct *vma) +{ + return pgprot_val(vma->vm_page_prot) & mktme_keyid_mask; +} + +int vma_keyid(struct vm_area_struct *vma) +{ + pgprotval_t prot; + + if (!vma_is_anonymous(vma)) + return 0; + + prot = pgprot_val(vma->vm_page_prot); + return (prot & mktme_keyid_mask) >> mktme_keyid_shift; +}
We store KeyID in upper bits for vm_page_prot that match position of KeyID in PTE. vma_keyid() extracts KeyID from vm_page_prot. VMA is encrypted if KeyID is non-zero. vma_is_encrypted() checks that. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> --- arch/x86/include/asm/mktme.h | 9 +++++++++ arch/x86/mm/mktme.c | 17 +++++++++++++++++ 2 files changed, 26 insertions(+)