On Wed, Feb 14, 2018 at 08:30:20PM +1300, Kai Huang wrote:
> On Tue, 2018-02-13 at 22:57 -0600, Tom Lendacky wrote:
> > On 2/13/2018 10:21 PM, Kirill A. Shutemov wrote:
> > > On Tue, Feb 13, 2018 at 10:10:22PM -0600, Tom Lendacky wrote:
> > > > On 2/8/2018 6:55 AM, Kirill A. Shutemov wrote:
> > > > > AMD SME claims one bit from physical address to indicate
> > > > > whether the
> > > > > page is encrypted or not. To achieve that we clear out the bit
> > > > > from
> > > > > __PHYSICAL_MASK.
> > > >
> > > > I was actually working on a suggestion by Linus to use one of the
> > > > software
> > > > page table bits to indicate encryption and translate that to the
> > > > hardware
> > > > bit when writing the actual page table entry. With that,
> > > > __PHYSICAL_MASK
> > > > would go back to its original definition.
> > >
> > > But you would need to mask it on reading of pfn from page table
> > > entry,
> > > right? I expect it to have more overhead than this one.
> > When reading back an entry it would translate the hardware bit
> > position
> > back to the software bit position. The suggestion for changing it
> > was
> > to make _PAGE_ENC a constant and not tied to the sme_me_mask.
But is it really constant? I thought it's enumerated at boot-time.
Can we step onto a problem for future AMD CPUs?
In case of MKTME the bits we need to clear are not constant. Depends on
CPU and BIOS settings.
By making _PAGE_ENC constant we would effectively lower maximum physical
address space the kernel can handle, regardless if the system has SME
enabled. I can imagine some people wouldn't be happy about this.
And I think it would collide with 5-level paging.
I would leave it as variable for now and look on this later once we would
have infrastructure to patch constants in kernel text.
Kirill A. Shutemov