diff mbox series

mm/memremap.c: map FS_DAX device memory as decrypted

Message ID 20221102160728.3184016-1-pankaj.gupta@amd.com (mailing list archive)
State New
Headers show
Series mm/memremap.c: map FS_DAX device memory as decrypted | expand

Commit Message

Gupta, Pankaj Nov. 2, 2022, 4:07 p.m. UTC
virtio_pmem use devm_memremap_pages() to map the device memory.
By default this memory is mapped as encrypted with SEV. Guest
reboot changes the current encryption key and guest no longer
properly decrypts the FSDAX device meta data.

Mark the corresponding device memory region for FSDAX devices
(mapped with memremap_pages) as decrypted to retain the persistent
memory property.

Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
---
 mm/memremap.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Gupta, Pankaj Nov. 2, 2022, 7:03 p.m. UTC | #1
+Cc Andrew [forgot to add earlier]

> virtio_pmem use devm_memremap_pages() to map the device memory.
> By default this memory is mapped as encrypted with SEV. Guest
> reboot changes the current encryption key and guest no longer
> properly decrypts the FSDAX device meta data.
> 
> Mark the corresponding device memory region for FSDAX devices
> (mapped with memremap_pages) as decrypted to retain the persistent
> memory property.
> 
> Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
> ---
>   mm/memremap.c | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/mm/memremap.c b/mm/memremap.c
> index 421bec3a29ee..08cbf54fe037 100644
> --- a/mm/memremap.c
> +++ b/mm/memremap.c
> @@ -335,6 +335,7 @@ void *memremap_pages(struct dev_pagemap *pgmap, int nid)
>   			WARN(1, "File system DAX not supported\n");
>   			return ERR_PTR(-EINVAL);
>   		}
> +		params.pgprot = pgprot_decrypted(params.pgprot);
>   		break;
>   	case MEMORY_DEVICE_GENERIC:
>   		break;
Andrew Morton Nov. 2, 2022, 8:05 p.m. UTC | #2
On Wed, 2 Nov 2022 11:07:28 -0500 Pankaj Gupta <pankaj.gupta@amd.com> wrote:

> virtio_pmem use devm_memremap_pages() to map the device memory.
> By default this memory is mapped as encrypted with SEV. Guest
> reboot changes the current encryption key and guest no longer
> properly decrypts the FSDAX device meta data.
> 
> Mark the corresponding device memory region for FSDAX devices
> (mapped with memremap_pages) as decrypted to retain the persistent
> memory property.
> 
> ...
>
> --- a/mm/memremap.c
> +++ b/mm/memremap.c
> @@ -335,6 +335,7 @@ void *memremap_pages(struct dev_pagemap *pgmap, int nid)
>  			WARN(1, "File system DAX not supported\n");
>  			return ERR_PTR(-EINVAL);
>  		}
> +		params.pgprot = pgprot_decrypted(params.pgprot);
>  		break;
>  	case MEMORY_DEVICE_GENERIC:
>  		break;

Should this be backported into earlier kernels?

Is b7b3c01b19159 a suitable Fixes: target?
Gupta, Pankaj Nov. 3, 2022, 7:55 a.m. UTC | #3
Hi Andrew,

>> virtio_pmem use devm_memremap_pages() to map the device memory.
>> By default this memory is mapped as encrypted with SEV. Guest
>> reboot changes the current encryption key and guest no longer
>> properly decrypts the FSDAX device meta data.
>>
>> Mark the corresponding device memory region for FSDAX devices
>> (mapped with memremap_pages) as decrypted to retain the persistent
>> memory property.
>>
>> ...
>>
>> --- a/mm/memremap.c
>> +++ b/mm/memremap.c
>> @@ -335,6 +335,7 @@ void *memremap_pages(struct dev_pagemap *pgmap, int nid)
>>   			WARN(1, "File system DAX not supported\n");
>>   			return ERR_PTR(-EINVAL);
>>   		}
>> +		params.pgprot = pgprot_decrypted(params.pgprot);
>>   		break;
>>   	case MEMORY_DEVICE_GENERIC:
>>   		break;
> 
> Should this be backported into earlier kernels?

Yes, kernel >= 5.10 for clean back-port as it contains the below commit.

> 
> Is b7b3c01b19159 a suitable Fixes: target?

Not very sure. But seems like the right commit for fixes tag as the 
target code is moved in this commit with multiple range support addition.

Should I send a v2 with fixes & stable kernel fixes tag?

Thanks,
Pankaj
Andrew Morton Nov. 4, 2022, 11:32 p.m. UTC | #4
On Thu, 3 Nov 2022 08:55:40 +0100 "Gupta, Pankaj" <pankaj.gupta@amd.com> wrote:

> > Should this be backported into earlier kernels?
> 
> Yes, kernel >= 5.10 for clean back-port as it contains the below commit.
> 
> > 
> > Is b7b3c01b19159 a suitable Fixes: target?
> 
> Not very sure. But seems like the right commit for fixes tag as the 
> target code is moved in this commit with multiple range support addition.
> 
> Should I send a v2 with fixes & stable kernel fixes tag?

That's OK thanks - I made those changes to my copy.
diff mbox series

Patch

diff --git a/mm/memremap.c b/mm/memremap.c
index 421bec3a29ee..08cbf54fe037 100644
--- a/mm/memremap.c
+++ b/mm/memremap.c
@@ -335,6 +335,7 @@  void *memremap_pages(struct dev_pagemap *pgmap, int nid)
 			WARN(1, "File system DAX not supported\n");
 			return ERR_PTR(-EINVAL);
 		}
+		params.pgprot = pgprot_decrypted(params.pgprot);
 		break;
 	case MEMORY_DEVICE_GENERIC:
 		break;