[PATCH v5 09/32] x86/mm: Provide general kernel support for memory encryption
thomas.lendacky at amd.com
Mon Apr 24 08:53:58 PDT 2017
On 4/21/2017 4:52 PM, Dave Hansen wrote:
> On 04/18/2017 02:17 PM, Tom Lendacky wrote:
>> @@ -55,7 +57,7 @@ static inline void copy_user_page(void *to, void *from, unsigned long vaddr,
>> __phys_addr_symbol(__phys_reloc_hide((unsigned long)(x)))
>> #ifndef __va
>> -#define __va(x) ((void *)((unsigned long)(x)+PAGE_OFFSET))
>> +#define __va(x) ((void *)(__sme_clr(x) + PAGE_OFFSET))
> It seems wrong to be modifying __va(). It currently takes a physical
> address, and this modifies it to take a physical address plus the SME bits.
This actually modifies it to be sure the encryption bit is not part of
the physical address.
> How does that end up ever happening? If we are pulling physical
> addresses out of the page tables, we use p??_phys(). I'd expect *those*
> to be masking off the SME bits.
> Is it these cases?
> pgd_t *base = __va(read_cr3());
> For those, it seems like we really want to create two modes of reading
> cr3. One that truly reads CR3 and another that reads the pgd's physical
> address out of CR3. Then you only do the SME masking on the one
> fetching a physical address, and the SME bits never leak into __va().
I'll investigate this and see if I can remove the mod to __va().
More information about the kexec