Re: [RFC PATCH v3 04/20] x86: Handle reduction in physical address size with SME
From: Tom Lendacky
Date: Tue Nov 15 2016 - 11:06:36 EST
On 11/15/2016 9:33 AM, Borislav Petkov wrote:
> On Tue, Nov 15, 2016 at 08:40:05AM -0600, Tom Lendacky wrote:
>> The feature may be present and enabled even if it is not currently
>> active. In other words, the SYS_CFG MSR bit could be set but we aren't
>> actually using encryption (sme_me_mask is 0). As long as the SYS_CFG
>> MSR bit is set we need to take into account the physical reduction in
>> address space.
>
> But later in the series I see sme_early_mem_enc() which tests exactly
> that mask.
Yes, but that doesn't relate to the physical address space reduction.
Once the SYS_CFG MSR bit for SME is set, even if the encryption bit is
never used, there is a physical reduction of the address space. So when
checking whether to adjust the physical address bits I can't rely on the
sme_me_mask, I have to look at the MSR.
But when I'm looking to decide whether to encrypt or decrypt something,
I use the sme_me_mask to decide if that is needed. If the sme_me_mask
is not set then the encrypt/decrypt op shouldn't be performed.
I might not be grasping the point you're trying to make...
Thanks,
Tom
>
> And in patch 12 you have:
>
> + /*
> + * If memory encryption is active, the trampoline area will need to
> + * be in un-encrypted memory in order to bring up other processors
> + * successfully.
> + */
> + sme_early_mem_dec(__pa(base), size);
> + sme_set_mem_unenc(base, size);
>
> What's up?
>
> IOW, it all sounds to me like you want to have an sme_active() helper
> and use it everywhere.
>