Re: [RFC PATCH v4 19/28] swiotlb: Add warnings for use of bounce buffers with SME
From: Tom Lendacky
Date: Tue Feb 28 2017 - 18:44:08 EST
On 2/27/2017 11:52 AM, Borislav Petkov wrote:
On Thu, Feb 16, 2017 at 09:46:19AM -0600, Tom Lendacky wrote:
Add warnings to let the user know when bounce buffers are being used for
DMA when SME is active. Since the bounce buffers are not in encrypted
memory, these notifications are to allow the user to determine some
appropriate action - if necessary.
Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
---
arch/x86/include/asm/mem_encrypt.h | 11 +++++++++++
include/linux/dma-mapping.h | 11 +++++++++++
include/linux/mem_encrypt.h | 6 ++++++
lib/swiotlb.c | 3 +++
4 files changed, 31 insertions(+)
diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h
index 87e816f..5a17f1b 100644
--- a/arch/x86/include/asm/mem_encrypt.h
+++ b/arch/x86/include/asm/mem_encrypt.h
@@ -26,6 +26,11 @@ static inline bool sme_active(void)
return (sme_me_mask) ? true : false;
}
+static inline u64 sme_dma_mask(void)
+{
+ return ((u64)sme_me_mask << 1) - 1;
+}
+
void __init sme_early_encrypt(resource_size_t paddr,
unsigned long size);
void __init sme_early_decrypt(resource_size_t paddr,
@@ -53,6 +58,12 @@ static inline bool sme_active(void)
{
return false;
}
+
+static inline u64 sme_dma_mask(void)
+{
+ return 0ULL;
+}
+
#endif
static inline void __init sme_early_encrypt(resource_size_t paddr,
diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h
index 10c5a17..130bef7 100644
--- a/include/linux/dma-mapping.h
+++ b/include/linux/dma-mapping.h
@@ -10,6 +10,7 @@
#include <linux/scatterlist.h>
#include <linux/kmemcheck.h>
#include <linux/bug.h>
+#include <linux/mem_encrypt.h>
/**
* List of possible attributes associated with a DMA mapping. The semantics
@@ -557,6 +558,11 @@ static inline int dma_set_mask(struct device *dev, u64 mask)
if (!dev->dma_mask || !dma_supported(dev, mask))
return -EIO;
+
+ if (sme_active() && (mask < sme_dma_mask()))
+ dev_warn(dev,
+ "SME is active, device will require DMA bounce buffers\n");
+
Yes, definitely _once() here.
Setting the mask is a probe/init type event, so I think not having the
_once() would be better so that all devices that set a mask to something
less than the SME encryption mask would be identified. This isn't done
for every DMA, etc.
It could be extended later to be per-device if the need arises.
Also, a bit above in this function, we test if (ops->set_dma_mask) so
device drivers which supply even an empty ->set_dma_mask will circumvent
this check.
It probably doesn't matter all that much right now because the
only driver I see right now defining this method, though, is
ethernet/intel/fm10k/fm10k_pf.c and some other arches' functionality
which is unrelated here.
Device drivers don't supply set_dma_mask() since that is part of the
dma_map_ops structure. The fm10k_pf.c file function is unrelated to this
(it's part of an internal driver structure). The dma_map_ops structure
is setup by the arch or an iommu.
Thanks,
Tom
But still...