RE: [RFC PATCH V4 07/17] drivers: hv: Decrypt percpu hvcall input arg page in sev-snp enlightened guest

From: Michael Kelley (LINUX)
Date: Wed Apr 12 2023 - 10:35:13 EST

Next message: Joel Fernandes: "[GIT PULL] RCU changes for v6.4"
Previous message: Hans Verkuil: "Re: [PATCH v7 11/14] media: mediatek: vcodec: Remove the setting for dma_mask"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tianyu Lan <ltykernel@xxxxxxxxx> Sent: Monday, April 3, 2023 10:44 AM
>
> Hypervisor needs to access iput arg page and guest should decrypt
> the page.
>
> Signed-off-by: Tianyu Lan <tiala@xxxxxxxxxxxxx>
> ---
> Change since RFC V3:
> * Use pgcount to decrypt memory.
>
> Change since RFC V2:
> * Set inputarg to be zero after kfree()
> * Not free mem when fail to encrypt mem in the hv_common_cpu_die().
> ---
> drivers/hv/hv_common.c | 21 ++++++++++++++++++++-
> 1 file changed, 20 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c
> index e3b04e978932..455432d49fd3 100644
> --- a/drivers/hv/hv_common.c
> +++ b/drivers/hv/hv_common.c
> @@ -21,6 +21,7 @@
> #include <linux/ptrace.h>
> #include <linux/slab.h>
> #include <linux/dma-map-ops.h>
> +#include <linux/set_memory.h>
> #include <asm/hyperv-tlfs.h>
> #include <asm/mshyperv.h>
>
> @@ -128,6 +129,7 @@ int hv_common_cpu_init(unsigned int cpu)
> u64 msr_vp_index;
> gfp_t flags;
> int pgcount = hv_root_partition ? 2 : 1;
> + int ret;
>
> /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */
> flags = irqs_disabled() ? GFP_ATOMIC : GFP_KERNEL;
> @@ -137,6 +139,17 @@ int hv_common_cpu_init(unsigned int cpu)
> if (!(*inputarg))
> return -ENOMEM;
>
> + if (hv_isolation_type_en_snp()) {
> + ret = set_memory_decrypted((unsigned long)*inputarg, pgcount);
> + if (ret) {
> + kfree(*inputarg);
> + *inputarg = NULL;
> + return ret;
> + }
> +
> + memset(*inputarg, 0x00, PAGE_SIZE);

The memset() needs to use pgcount * PAGE_SIZE.

> + }
> +
> if (hv_root_partition) {
> outputarg = (void **)this_cpu_ptr(hyperv_pcpu_output_arg);
> *outputarg = (char *)(*inputarg) + HV_HYP_PAGE_SIZE;
> @@ -156,6 +169,7 @@ int hv_common_cpu_die(unsigned int cpu)
> {
> unsigned long flags;
> void **inputarg, **outputarg;
> + int pgcount = hv_root_partition ? 2 : 1;
> void *mem;
>
> local_irq_save(flags);
> @@ -171,7 +185,12 @@ int hv_common_cpu_die(unsigned int cpu)
>
> local_irq_restore(flags);
>
> - kfree(mem);
> + if (hv_isolation_type_en_snp()) {
> + if (!set_memory_encrypted((unsigned long)mem, pgcount))
> + kfree(mem);
> + } else {
> + kfree(mem);
> + }
>
> return 0;
> }
> --
> 2.25.1

Next message: Joel Fernandes: "[GIT PULL] RCU changes for v6.4"
Previous message: Hans Verkuil: "Re: [PATCH v7 11/14] media: mediatek: vcodec: Remove the setting for dma_mask"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]