On Wed, Nov 8, 2017 at 1:15 PM, Borislav Petkov <bp@xxxxxxx> wrote:
Right, AFAIRC, the main reason for this being an export was because if
we hid it in a function, you'd have all those function calls as part of
the _PAGE_* macros and that's just crap.
Yes, that would be worse.
I was thinking that maybe we could have a fixed "encrypt" bit in our
PTE, and then replace that "software bit" with whatever the real
hardware mask is (if any).
Because it's nasty to have these constants that _used_ to be
constants, and still _look_ like constants, suddely do stupid memory
reads from random kernel data.
So _this_ is the underflying problem:
#define _PAGE_ENC (_AT(pteval_t, sme_me_mask))
because that is simply not how the _PAGE_xyz macros should work!
So it should have been a fixed bit to begin with, and the dynamic part
should have been elsewhere.
The whole EXPORT_SYMBOL() thing is just a symptom of that fundamental
error. Modules - GPL or not - should _never_ have to know or care
about this _PAGE_ENC bit madness, simply because it shouldn't have
been there.
Linus