Re: [PATCHv3 02/32] x86/coco: Add API to handle encryption mask
From: Borislav Petkov
Date: Tue Feb 22 2022 - 08:28:25 EST
On Tue, Feb 22, 2022 at 02:18:31AM +0300, Kirill A. Shutemov wrote:
> On Mon, Feb 21, 2022 at 11:56:00PM +0100, Borislav Petkov wrote:
> > On Tue, Feb 22, 2022 at 01:21:49AM +0300, Kirill A. Shutemov wrote:
> > > Well, it actually going to be
> > >
> > > cpa.mask_set = enc ? cc_mkenc(__pgprot(0)) : cc_mkdec(__pgprot(0));
> > > cpa.mask_clr = enc ? cc_mkdec(__pgprot(0)) : cc_mkenc(__pgprot(0));
> > >
> > > as '0' is not a valid pgprot_t.
> > >
> > > Still wonna go this path?
> >
> > Why "still"? What's wrong with that?
>
> IMO, it makes these statement substantially uglier.
As opposed to what you had:
+ cpa.mask_set = __pgprot(cc_get_mask(enc));
+ cpa.mask_clr = __pgprot(cc_get_mask(!enc));
?
Sorry, but cc_get_mask() - first, the name is very misleading - and then
a function argument saying what mask to return is more confusing.
The fact that each vendor chose alternating representations of what an
encrypted page means needs to be abstracted away - the API should not
ask the user of the function what mask she wants. Your functions need
to return an encrypted mask or a decripted mask, not "hey, what kind of
mask do you want".
If you want to make it even simpler, you can hide the pgprot creation
inside the function even - I'm looking at how pgprot_nx() is defined:
cpa.mask_set = enc ? pgprot_enc(0) : pgprot_dec(0);
cpa.mask_clr = enc ? pgprot_dec(0) : pgprot_enc(0);
Or, if you think this is still not readable enough, you carve it out
into a separate function:
cpa_set_masks(struct cpa_data *cpa, bool enc);
and go to town there, do comments, do pgprot conversion per-hand,
whatever.
*BUT* it all depends on what your full requirements for those functions
are for how these masks are going to be used throughout the tree. So I'm
guessing a usage analysis will give you the proper design.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette