Re: [PATCH v3 5/6] fs/core/vmcore: Move sev_active() reference to x86 arch code
Hello Lianbo, lijiang writes: > 在 2019年07月19日 01:47, Lendacky, Thomas 写道: >> On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: >>> Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't >>> appear in generic kernel code because it forces non-x86 architectures to >>> define the sev_active() function, which doesn't make a lot of sense. >>> >>> To solve this problem, add an x86 elfcorehdr_read() function to override >>> the generic weak implementation. To do that, it's necessary to make >>> read_from_oldmem() public so that it can be used outside of vmcore.c. >>> >>> Also, remove the export for sev_active() since it's only used in files that >>> won't be built as modules. >>> >>> Signed-off-by: Thiago Jung Bauermann >> >> Adding Lianbo and Baoquan, who recently worked on this, for their review. >> > > This change looks good to me. > > Reviewed-by: Lianbo Jiang Thanks for your review! -- Thiago Jung Bauermann IBM Linux Technology Center
Re: [PATCH v3 5/6] fs/core/vmcore: Move sev_active() reference to x86 arch code
在 2019年07月19日 01:47, Lendacky, Thomas 写道: > On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: >> Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't >> appear in generic kernel code because it forces non-x86 architectures to >> define the sev_active() function, which doesn't make a lot of sense. >> >> To solve this problem, add an x86 elfcorehdr_read() function to override >> the generic weak implementation. To do that, it's necessary to make >> read_from_oldmem() public so that it can be used outside of vmcore.c. >> >> Also, remove the export for sev_active() since it's only used in files that >> won't be built as modules. >> >> Signed-off-by: Thiago Jung Bauermann > > Adding Lianbo and Baoquan, who recently worked on this, for their review. > This change looks good to me. Reviewed-by: Lianbo Jiang Thanks. Lianbo > Thanks, > Tom > >> --- >> arch/x86/kernel/crash_dump_64.c | 5 + >> arch/x86/mm/mem_encrypt.c | 1 - >> fs/proc/vmcore.c| 8 >> include/linux/crash_dump.h | 14 ++ >> include/linux/mem_encrypt.h | 1 - >> 5 files changed, 23 insertions(+), 6 deletions(-) >> >> diff --git a/arch/x86/kernel/crash_dump_64.c >> b/arch/x86/kernel/crash_dump_64.c >> index 22369dd5de3b..045e82e8945b 100644 >> --- a/arch/x86/kernel/crash_dump_64.c >> +++ b/arch/x86/kernel/crash_dump_64.c >> @@ -70,3 +70,8 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char >> *buf, size_t csize, >> { >> return __copy_oldmem_page(pfn, buf, csize, offset, userbuf, true); >> } >> + >> +ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) >> +{ >> +return read_from_oldmem(buf, count, ppos, 0, sev_active()); >> +} >> diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c >> index 7139f2f43955..b1e823441093 100644 >> --- a/arch/x86/mm/mem_encrypt.c >> +++ b/arch/x86/mm/mem_encrypt.c >> @@ -349,7 +349,6 @@ bool sev_active(void) >> { >> return sme_me_mask && sev_enabled; >> } >> -EXPORT_SYMBOL(sev_active); >> >> /* Override for DMA direct allocation check - >> ARCH_HAS_FORCE_DMA_UNENCRYPTED */ >> bool force_dma_unencrypted(struct device *dev) >> diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c >> index 57957c91c6df..ca1f20bedd8c 100644 >> --- a/fs/proc/vmcore.c >> +++ b/fs/proc/vmcore.c >> @@ -100,9 +100,9 @@ static int pfn_is_ram(unsigned long pfn) >> } >> >> /* Reads a page from the oldmem device from given offset. */ >> -static ssize_t read_from_oldmem(char *buf, size_t count, >> -u64 *ppos, int userbuf, >> -bool encrypted) >> +ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted) >> { >> unsigned long pfn, offset; >> size_t nr_bytes; >> @@ -166,7 +166,7 @@ void __weak elfcorehdr_free(unsigned long long addr) >> */ >> ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) >> { >> -return read_from_oldmem(buf, count, ppos, 0, sev_active()); >> +return read_from_oldmem(buf, count, ppos, 0, false); >> } >> >> /* >> diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h >> index f774c5eb9e3c..4664fc1871de 100644 >> --- a/include/linux/crash_dump.h >> +++ b/include/linux/crash_dump.h >> @@ -115,4 +115,18 @@ static inline int vmcore_add_device_dump(struct >> vmcoredd_data *data) >> return -EOPNOTSUPP; >> } >> #endif /* CONFIG_PROC_VMCORE_DEVICE_DUMP */ >> + >> +#ifdef CONFIG_PROC_VMCORE >> +ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted); >> +#else >> +static inline ssize_t read_from_oldmem(char *buf, size_t count, >> + u64 *ppos, int userbuf, >> + bool encrypted) >> +{ >> +return -EOPNOTSUPP; >> +} >> +#endif /* CONFIG_PROC_VMCORE */ >> + >> #endif /* LINUX_CRASHDUMP_H */ >> diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h >> index 0c5b0ff9eb29..5c4a18a91f89 100644 >> --- a/include/linux/mem_encrypt.h >> +++ b/include/linux/mem_encrypt.h >> @@ -19,7 +19,6 @@ >> #else /* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ >> >> static inline bool mem_encrypt_active(void) { return false; } >> -static inline bool sev_active(void) { return false; } >> >> #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ >> >>
Re: [PATCH v3 5/6] fs/core/vmcore: Move sev_active() reference to x86 arch code
On 7/17/19 10:28 PM, Thiago Jung Bauermann wrote: > Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't > appear in generic kernel code because it forces non-x86 architectures to > define the sev_active() function, which doesn't make a lot of sense. > > To solve this problem, add an x86 elfcorehdr_read() function to override > the generic weak implementation. To do that, it's necessary to make > read_from_oldmem() public so that it can be used outside of vmcore.c. > > Also, remove the export for sev_active() since it's only used in files that > won't be built as modules. > > Signed-off-by: Thiago Jung Bauermann Adding Lianbo and Baoquan, who recently worked on this, for their review. Thanks, Tom > --- > arch/x86/kernel/crash_dump_64.c | 5 + > arch/x86/mm/mem_encrypt.c | 1 - > fs/proc/vmcore.c| 8 > include/linux/crash_dump.h | 14 ++ > include/linux/mem_encrypt.h | 1 - > 5 files changed, 23 insertions(+), 6 deletions(-) > > diff --git a/arch/x86/kernel/crash_dump_64.c b/arch/x86/kernel/crash_dump_64.c > index 22369dd5de3b..045e82e8945b 100644 > --- a/arch/x86/kernel/crash_dump_64.c > +++ b/arch/x86/kernel/crash_dump_64.c > @@ -70,3 +70,8 @@ ssize_t copy_oldmem_page_encrypted(unsigned long pfn, char > *buf, size_t csize, > { > return __copy_oldmem_page(pfn, buf, csize, offset, userbuf, true); > } > + > +ssize_t elfcorehdr_read(char *buf, size_t count, u64 *ppos) > +{ > + return read_from_oldmem(buf, count, ppos, 0, sev_active()); > +} > diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c > index 7139f2f43955..b1e823441093 100644 > --- a/arch/x86/mm/mem_encrypt.c > +++ b/arch/x86/mm/mem_encrypt.c > @@ -349,7 +349,6 @@ bool sev_active(void) > { > return sme_me_mask && sev_enabled; > } > -EXPORT_SYMBOL(sev_active); > > /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED > */ > bool force_dma_unencrypted(struct device *dev) > diff --git a/fs/proc/vmcore.c b/fs/proc/vmcore.c > index 57957c91c6df..ca1f20bedd8c 100644 > --- a/fs/proc/vmcore.c > +++ b/fs/proc/vmcore.c > @@ -100,9 +100,9 @@ static int pfn_is_ram(unsigned long pfn) > } > > /* Reads a page from the oldmem device from given offset. */ > -static ssize_t read_from_oldmem(char *buf, size_t count, > - u64 *ppos, int userbuf, > - bool encrypted) > +ssize_t read_from_oldmem(char *buf, size_t count, > + u64 *ppos, int userbuf, > + bool encrypted) > { > unsigned long pfn, offset; > size_t nr_bytes; > @@ -166,7 +166,7 @@ void __weak elfcorehdr_free(unsigned long long addr) > */ > ssize_t __weak elfcorehdr_read(char *buf, size_t count, u64 *ppos) > { > - return read_from_oldmem(buf, count, ppos, 0, sev_active()); > + return read_from_oldmem(buf, count, ppos, 0, false); > } > > /* > diff --git a/include/linux/crash_dump.h b/include/linux/crash_dump.h > index f774c5eb9e3c..4664fc1871de 100644 > --- a/include/linux/crash_dump.h > +++ b/include/linux/crash_dump.h > @@ -115,4 +115,18 @@ static inline int vmcore_add_device_dump(struct > vmcoredd_data *data) > return -EOPNOTSUPP; > } > #endif /* CONFIG_PROC_VMCORE_DEVICE_DUMP */ > + > +#ifdef CONFIG_PROC_VMCORE > +ssize_t read_from_oldmem(char *buf, size_t count, > + u64 *ppos, int userbuf, > + bool encrypted); > +#else > +static inline ssize_t read_from_oldmem(char *buf, size_t count, > +u64 *ppos, int userbuf, > +bool encrypted) > +{ > + return -EOPNOTSUPP; > +} > +#endif /* CONFIG_PROC_VMCORE */ > + > #endif /* LINUX_CRASHDUMP_H */ > diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h > index 0c5b0ff9eb29..5c4a18a91f89 100644 > --- a/include/linux/mem_encrypt.h > +++ b/include/linux/mem_encrypt.h > @@ -19,7 +19,6 @@ > #else/* !CONFIG_ARCH_HAS_MEM_ENCRYPT */ > > static inline bool mem_encrypt_active(void) { return false; } > -static inline bool sev_active(void) { return false; } > > #endif /* CONFIG_ARCH_HAS_MEM_ENCRYPT */ > >
Re: [PATCH v3 5/6] fs/core/vmcore: Move sev_active() reference to x86 arch code
On Thu, Jul 18, 2019 at 12:28:57AM -0300, Thiago Jung Bauermann wrote: > Secure Encrypted Virtualization is an x86-specific feature, so it shouldn't > appear in generic kernel code because it forces non-x86 architectures to > define the sev_active() function, which doesn't make a lot of sense. > > To solve this problem, add an x86 elfcorehdr_read() function to override > the generic weak implementation. To do that, it's necessary to make > read_from_oldmem() public so that it can be used outside of vmcore.c. > > Also, remove the export for sev_active() since it's only used in files that > won't be built as modules. I have to say I find the __weak overrides of the vmcore files very confusing and which we'd have a better scheme there. But as this fits into that scheme and allows to remove the AMD SME vs SEV knowledge from the core I'm fine with it. Reviewed-by: Christoph Hellwig