On Wed, Feb 14, 2018 at 08:30:20PM +1300, Kai Huang wrote: > On Tue, 2018-02-13 at 22:57 -0600, Tom Lendacky wrote: > > On 2/13/2018 10:21 PM, Kirill A. Shutemov wrote: > > > On Tue, Feb 13, 2018 at 10:10:22PM -0600, Tom Lendacky wrote: > > > > On 2/8/2018 6:55 AM, Kirill A. Shutemov wrote: > > > > > AMD SME claims one bit from physical address to indicate > > > > > whether the > > > > > page is encrypted or not. To achieve that we clear out the bit > > > > > from > > > > > __PHYSICAL_MASK. > > > > > > > > I was actually working on a suggestion by Linus to use one of the > > > > software > > > > page table bits to indicate encryption and translate that to the > > > > hardware > > > > bit when writing the actual page table entry. With that, > > > > __PHYSICAL_MASK > > > > would go back to its original definition. > > > > > > But you would need to mask it on reading of pfn from page table > > > entry, > > > right? I expect it to have more overhead than this one. > > > > When reading back an entry it would translate the hardware bit > > position > > back to the software bit position. The suggestion for changing it > > was > > to make _PAGE_ENC a constant and not tied to the sme_me_mask.
But is it really constant? I thought it's enumerated at boot-time. Can we step onto a problem for future AMD CPUs? In case of MKTME the bits we need to clear are not constant. Depends on CPU and BIOS settings. By making _PAGE_ENC constant we would effectively lower maximum physical address space the kernel can handle, regardless if the system has SME enabled. I can imagine some people wouldn't be happy about this. And I think it would collide with 5-level paging. I would leave it as variable for now and look on this later once we would have infrastructure to patch constants in kernel text. -- Kirill A. Shutemov