mm: Add callbacks to prepare encrypted memory for kexec

Borislav Petkov Wed, 29 May 2024 03:44:05 -0700

On Tue, May 28, 2024 at 12:55:13PM +0300, Kirill A. Shutemov wrote:
> diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h
> index 28ac3cb9b987..6cade48811cc 100644
> --- a/arch/x86/include/asm/x86_init.h
> +++ b/arch/x86/include/asm/x86_init.h
> @@ -149,12 +149,21 @@ struct x86_init_acpi {
>   * @enc_status_change_finish Notify HV after the encryption status of a 
> range is changed
>   * @enc_tlb_flush_required   Returns true if a TLB flush is needed before 
> changing page encryption status
>   * @enc_cache_flush_required Returns true if a cache flush is needed before 
> changing page encryption status
> + * @enc_kexec_begin          Begin the two-step process of conversion shared 
> memory back


s/conversion/converting/

> + *                           to private. It stops the new conversions from 
> being started
> + *                           and waits in-flight conversions to finish, if 
> possible.

Good.

Now add "The @crash parameter denotes whether the function is being
called in the crash shutdown path."

> + * @enc_kexec_finish         Finish the two-step process of conversion 
> shared memory to

s/conversion/converting/

> + *                           private. All memory is private after the call.

"... when the function returns."

> + *                           It called with all CPUs but one shutdown and 
> interrupts
> + *                           disabled.

"It is called on only one CPU while the others are shut down and with
interrupts disabled."

>   */
>  struct x86_guest {
>       int (*enc_status_change_prepare)(unsigned long vaddr, int npages, bool 
> enc);
>       int (*enc_status_change_finish)(unsigned long vaddr, int npages, bool 
> enc);
>       bool (*enc_tlb_flush_required)(bool enc);
>       bool (*enc_cache_flush_required)(void);
> +     void (*enc_kexec_begin)(bool crash);
> +     void (*enc_kexec_finish)(void);
>  };
>  
>  /**
> diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
> index f06501445cd9..74f6305eb9ec 100644
> --- a/arch/x86/kernel/crash.c
> +++ b/arch/x86/kernel/crash.c
> @@ -128,6 +128,18 @@ void native_machine_crash_shutdown(struct pt_regs *regs)
>  #ifdef CONFIG_HPET_TIMER
>       hpet_disable();
>  #endif
> +
> +     /*
> +      * Non-crash kexec calls enc_kexec_begin() while scheduling is still
> +      * active. This allows the callback to wait until all in-flight
> +      * shared<->private conversions are complete. In a crash scenario,
> +      * enc_kexec_begin() get call after all but one CPU has been shut down

"gets called" ... "have been shut down"

> +      * and interrupts have been disabled. This only allows the callback to

only?

> +      * detect a race with the conversion and report it.
> +      */
> +     x86_platform.guest.enc_kexec_begin(true);
> +     x86_platform.guest.enc_kexec_finish();
> +

...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Re: [PATCHv11 10/19] x86/mm: Add callbacks to prepare encrypted memory for kexec

Reply via email to