| Message ID | 20190508144422.13171-53-kirill.shutemov@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Intel MKTME enabling | expand |
On Wed, May 08, 2019 at 05:44:12PM +0300, Kirill A. Shutemov wrote: > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_set); > + > +phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) > +{ > + if (sme_active()) > + return __sme_clr(paddr); > + > + return paddr & ~mktme_keyid_mask; > +} > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_clear); In general nothing related to low-level dma address should ever be exposed to modules. What is your intended user for these two?
On Wed, 8 May 2019 09:58:30 -0700 Christoph Hellwig <hch@infradead.org> wrote: > On Wed, May 08, 2019 at 05:44:12PM +0300, Kirill A. Shutemov wrote: > > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_set); > > + > > +phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) > > +{ > > + if (sme_active()) > > + return __sme_clr(paddr); > > + > > + return paddr & ~mktme_keyid_mask; > > +} > > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_clear); > > In general nothing related to low-level dma address should ever > be exposed to modules. What is your intended user for these two? Right no need to export. It will be used by IOMMU drivers.
On Wed, May 08, 2019 at 08:52:25PM +0000, Jacob Pan wrote: > On Wed, 8 May 2019 09:58:30 -0700 > Christoph Hellwig <hch@infradead.org> wrote: > > > On Wed, May 08, 2019 at 05:44:12PM +0300, Kirill A. Shutemov wrote: > > > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_set); > > > + > > > +phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) > > > +{ > > > + if (sme_active()) > > > + return __sme_clr(paddr); > > > + > > > + return paddr & ~mktme_keyid_mask; > > > +} > > > +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_clear); > > > > In general nothing related to low-level dma address should ever > > be exposed to modules. What is your intended user for these two? > > Right no need to export. It will be used by IOMMU drivers. I will drop these EXPORT_SYMBOL_GPL().
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 62cfb381fee3..ce9642e2c31b 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1505,11 +1505,15 @@ config X86_CPA_STATISTICS config ARCH_HAS_MEM_ENCRYPT def_bool y +config X86_MEM_ENCRYPT_COMMON + def_bool n + config AMD_MEM_ENCRYPT bool "AMD Secure Memory Encryption (SME) support" depends on X86_64 && CPU_SUP_AMD select DYNAMIC_PHYSICAL_MASK select ARCH_USE_MEMREMAP_PROT + select X86_MEM_ENCRYPT_COMMON ---help--- Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile index 4ebee899c363..89dddbc01b1b 100644 --- a/arch/x86/mm/Makefile +++ b/arch/x86/mm/Makefile @@ -55,3 +55,4 @@ obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_identity.o obj-$(CONFIG_AMD_MEM_ENCRYPT) += mem_encrypt_boot.o obj-$(CONFIG_X86_INTEL_MKTME) += mktme.o +obj-$(CONFIG_X86_MEM_ENCRYPT_COMMON) += mem_encrypt_common.o diff --git a/arch/x86/mm/mem_encrypt_common.c b/arch/x86/mm/mem_encrypt_common.c new file mode 100644 index 000000000000..2adee65eec46 --- /dev/null +++ b/arch/x86/mm/mem_encrypt_common.c @@ -0,0 +1,28 @@ +#include <linux/mm.h> +#include <linux/mem_encrypt.h> +#include <asm/mktme.h> + +/* + * Encryption bits need to be set and cleared for both Intel MKTME and + * AMD SME when converting between DMA address and physical address. + */ +dma_addr_t __mem_encrypt_dma_set(dma_addr_t daddr, phys_addr_t paddr) +{ + unsigned long keyid; + + if (sme_active()) + return __sme_set(daddr); + keyid = page_keyid(pfn_to_page(__phys_to_pfn(paddr))); + + return (daddr & ~mktme_keyid_mask) | (keyid << mktme_keyid_shift); +} +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_set); + +phys_addr_t __mem_encrypt_dma_clear(phys_addr_t paddr) +{ + if (sme_active()) + return __sme_clr(paddr); + + return paddr & ~mktme_keyid_mask; +} +EXPORT_SYMBOL_GPL(__mem_encrypt_dma_clear);