[PATCH v7 00/12] x86: Support Key Locker

From: Chang S. Bae
Date: Wed May 24 2023 - 13:10:24 EST

Next message: Chang S. Bae: "[PATCH v7 01/12] Documentation/x86: Document Key Locker"
Previous message: Andrew Lunn: "Re: [PATCH net-next v3 4/7] net: dsa: mv88e6xxx: add field to specify internal phys layout"
Next in thread: Chang S. Bae: "[PATCH v7 01/12] Documentation/x86: Document Key Locker"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

The previous posting [v6] was intended to deliver the hardware
performance update primarily by revamping the old series. Then,
multiple feedbacks were received. This revision thus incorporates the
changes to address them. So, the primary goal here is to meet those
reviewers' expectations at first.

The series has two parts of changes -- the x86 core and its crypto
library. In this revision, much more changes were made on the latter.
Also, overall changelogs were revisited to be more reviewable.

Here is the overview of those feedbacks/changes (skip some trivial):

Part 1. Crypto Library (PATCH10-12):

PATCH12: AES-KL driver
- Merge all the AES-KL patches. (Eric Biggers)
- Make the driver for the 64-bit mode only. (Eric Biggers)
- Rework the key-size check code (Eric Biggers)
- Adjust the Kconfig change (Robert Elliott)
- Update the changelog. (Eric Biggers)
- Adjust the ASM code to return a proper error code. (Eric Biggers)

PATCH11: AES-NI rework
- Inline the helper code to avoid the indirect call. (Eric Biggers)
- Rename the filename: aes-intel* -> aes-helper*. (Eric Biggers)
- Don't export symbols yet here. Instead, do it when needed later.
- Improve the coding style (Eric Biggers)

PATCH10: the AESNI-XTS field type fix
- Add as a new patch. (Eric Biggers)

Part 2. The X86 Core (PATCH1-9):

PATCH09: a chicken bit and a Kconfig option
- Rebase on the upstream: commit a894a8a56b57 ("Documentation:
kernel-parameters: sort all "no..." parameters")

PATCH08: the wrapping key recovery
- Limit the symbol export only when needed.

PATCH07: the wrapping key load at boot-time
- Use memzero_explicit() instead of memset(). (Robert Elliott)
- Improve the function prototype. (Eric Biggers and Dave Hansen)

PATCH01: documentation
- Rebase on the upstream -- commit ff61f0791ce9 ("docs: move x86
documentation into Documentation/arch/"). (Nathan Huckleberry)

This version can be also found here:
git://github.com/intel-staging/keylocker.git kl-v7

[v6] -- the last posting:
https://lore.kernel.org/lkml/20230410225936.8940-1-chang.seok.bae@xxxxxxxxx/

Thanks,
Chang

Chang S. Bae (12):
Documentation/x86: Document Key Locker
x86/cpufeature: Enumerate Key Locker feature
x86/insn: Add Key Locker instructions to the opcode map
x86/asm: Add a wrapper function for the LOADIWKEY instruction
x86/msr-index: Add MSRs for Key Locker wrapping key
x86/keylocker: Define Key Locker CPUID leaf
x86/cpu/keylocker: Load a wrapping key at boot-time
x86/PM/keylocker: Restore the wrapping key on the resume from ACPI
S3/4
x86/cpu: Add a configuration and command line option for Key Locker
crypto: x86/aesni - Use the proper data type in struct aesni_xts_ctx
crypto: x86/aes - Prepare for a new AES implementation
crypto: x86/aes-kl - Implement the AES-XTS algorithm

.../admin-guide/kernel-parameters.txt | 2 +
Documentation/arch/x86/index.rst | 1 +
Documentation/arch/x86/keylocker.rst | 97 +++
arch/x86/Kconfig | 3 +
arch/x86/crypto/Kconfig | 22 +
arch/x86/crypto/Makefile | 3 +
arch/x86/crypto/aes-helper_asm.S | 22 +
arch/x86/crypto/aes-helper_glue.h | 161 +++++
arch/x86/crypto/aeskl-intel_asm.S | 580 ++++++++++++++++++
arch/x86/crypto/aeskl-intel_glue.c | 216 +++++++
arch/x86/crypto/aesni-intel_asm.S | 55 +-
arch/x86/crypto/aesni-intel_glue.c | 242 +++-----
arch/x86/crypto/aesni-intel_glue.h | 17 +
arch/x86/include/asm/cpufeatures.h | 1 +
arch/x86/include/asm/disabled-features.h | 8 +-
arch/x86/include/asm/keylocker.h | 45 ++
arch/x86/include/asm/msr-index.h | 6 +
arch/x86/include/asm/special_insns.h | 32 +
arch/x86/include/uapi/asm/processor-flags.h | 2 +
arch/x86/kernel/Makefile | 1 +
arch/x86/kernel/cpu/common.c | 21 +-
arch/x86/kernel/cpu/cpuid-deps.c | 1 +
arch/x86/kernel/keylocker.c | 212 +++++++
arch/x86/kernel/smpboot.c | 2 +
arch/x86/lib/x86-opcode-map.txt | 11 +-
arch/x86/power/cpu.c | 2 +
tools/arch/x86/lib/x86-opcode-map.txt | 11 +-
27 files changed, 1573 insertions(+), 203 deletions(-)
create mode 100644 Documentation/arch/x86/keylocker.rst
create mode 100644 arch/x86/crypto/aes-helper_asm.S
create mode 100644 arch/x86/crypto/aes-helper_glue.h
create mode 100644 arch/x86/crypto/aeskl-intel_asm.S
create mode 100644 arch/x86/crypto/aeskl-intel_glue.c
create mode 100644 arch/x86/crypto/aesni-intel_glue.h
create mode 100644 arch/x86/include/asm/keylocker.h
create mode 100644 arch/x86/kernel/keylocker.c

base-commit: 3a128547bd4425cdef27c606efc88e1eb03a2dba
--
2.17.1

Next message: Chang S. Bae: "[PATCH v7 01/12] Documentation/x86: Document Key Locker"
Previous message: Andrew Lunn: "Re: [PATCH net-next v3 4/7] net: dsa: mv88e6xxx: add field to specify internal phys layout"
Next in thread: Chang S. Bae: "[PATCH v7 01/12] Documentation/x86: Document Key Locker"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]