[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v7 33/36] x86/mm: Use proper encryption attributes with /dev/mem

To: Tom Lendacky <thomas.lendacky@xxxxxxx>
From: Borislav Petkov <bp@xxxxxxxxx>
Date: Fri, 23 Jun 2017 11:32:36 +0200
Cc: linux-efi@xxxxxxxxxxxxxxx, Brijesh Singh <brijesh.singh@xxxxxxx>, Toshimitsu Kani <toshi.kani@xxxxxxx>, linux-doc@xxxxxxxxxxxxxxx, Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx>, x86@xxxxxxxxxx, linux-mm@xxxxxxxxx, Radim Krčmář <rkrcmar@xxxxxxxxxx>, Alexander Potapenko <glider@xxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Larry Woodman <lwoodman@xxxxxxxxxx>, linux-arch@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, Jonathan Corbet <corbet@xxxxxxx>, Joerg Roedel <joro@xxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, kasan-dev@xxxxxxxxxxxxxxxx, Ingo Molnar <mingo@xxxxxxxxxx>, Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>, Dave Young <dyoung@xxxxxxxxxx>, Rik van Riel <riel@xxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Dmitry Vyukov <dvyukov@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, kexec@xxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx, iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>
Delivery-date: Fri, 23 Jun 2017 09:32:57 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, Jun 16, 2017 at 01:56:07PM -0500, Tom Lendacky wrote:
> When accessing memory using /dev/mem (or /dev/kmem) use the proper
> encryption attributes when mapping the memory.
> 
> To insure the proper attributes are applied when reading or writing
> /dev/mem, update the xlate_dev_mem_ptr() function to use memremap()
> which will essentially perform the same steps of applying __va for
> RAM or using ioremap() for if not RAM.
> 
> To insure the proper attributes are applied when mmapping /dev/mem,
> update the phys_mem_access_prot() to call phys_mem_access_encrypted(),
> a new function which will check if the memory should be mapped encrypted
> or not. If it is not to be mapped encrypted then the VMA protection
> value is updated to remove the encryption bit.
> 
> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
> ---
>  arch/x86/include/asm/io.h |    3 +++
>  arch/x86/mm/ioremap.c     |   18 +++++++++---------
>  arch/x86/mm/pat.c         |    3 +++
>  3 files changed, 15 insertions(+), 9 deletions(-)

Reviewed-by: Borislav Petkov <bp@xxxxxxx>

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v7 00/36] x86: Secure Memory Encryption (AMD)
  - From: Tom Lendacky
- [Xen-devel] [PATCH v7 33/36] x86/mm: Use proper encryption attributes with /dev/mem
  - From: Tom Lendacky

Prev by Date: [Xen-devel] [PATCH 2/2] x86/mm: Drop is_guest_l1_slot()
Next by Date: Re: [Xen-devel] [PATCH v5 0/8] Memory scrubbing from idle loop
Previous by thread: [Xen-devel] [PATCH v7 33/36] x86/mm: Use proper encryption attributes with /dev/mem
Next by thread: [Xen-devel] [PATCH v7 34/36] x86/mm: Add support to encrypt the kernel in-place
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.