From nobody Sun May 19 13:07:48 2024 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E170877F15 for ; Fri, 26 Apr 2024 04:24:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.15 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714105499; cv=none; b=byae2DAwoYy3i3AW7am7d/mXl64toNIjWqdW2Q/uzn3PM8gB+ceTFExYx+91fd1k1dxmN2hdzQxb0h2HJoer5JrI38nNR+ratwbXKy3ANwIe1qwcE0UV1m0XUJS3KvUm2++iGMzgvGJcHQLHudT++RTkfgVXn45IoR+rH0uvv9I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714105499; c=relaxed/simple; bh=VdW9bdPBRWMTWRlwkRdzEvAoS7wssdCcrk8FGuTdAKE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=teIeTeKDZPyuh4sYokw3BTkjFLUF/vMl7xmPWOqHFllSt27bm1ocJ2bEA3pJiOMgAi/b0XsZFfmxoTWGVRmsT9xsojx754g7W5exN8J8kk2AtwEXFnb8FPhg7dv0Ri/MBGZNW+T0eiiJN/LMpBQd1xU362sy63IssMV9FkJgUcE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=LyKFRamw; arc=none smtp.client-ip=198.175.65.15 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="LyKFRamw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1714105497; x=1745641497; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VdW9bdPBRWMTWRlwkRdzEvAoS7wssdCcrk8FGuTdAKE=; b=LyKFRamwdQVxBEu5/WuCa+MUgN2yWqwFs48C0lGAuKWdQFuVi/tMaZ1o pC8a8suPKDUusmjyyA4Kgr2mzn77+WGL3/Q4Kb4PwA1O/Jn5UY5yE2Mnv OoXyH5WNdsylnanF2KhpTZcQSNENlpBQhVa+rFrq4oFIZ1f68f1qCznyj 1jItF7tFXFJ6VnLlX2vJonyIoyIeZ6HWOSYX4YZ8mQ2pl2bE96GQifMGD DXGmU6eTs2dNdTZbLVkIPR9MycMh8TYJSf5kdNgiJYNuJpRPVnojP5Bpi uWr4kNuwTInjervN91NYZmIapim1VOsTKDtPnupgPYX+qgJYvlWaAJe9d g==; X-CSE-ConnectionGUID: eUaDpSC+SmCi+3CBTaEptA== X-CSE-MsgGUID: 6Mc62z76Slmg9qZZnSk/4A== X-IronPort-AV: E=McAfee;i="6600,9927,11055"; a="13613168" X-IronPort-AV: E=Sophos;i="6.07,231,1708416000"; d="scan'208";a="13613168" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa107.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Apr 2024 21:24:56 -0700 X-CSE-ConnectionGUID: bT9pix3ETAeyiWxbIqhMKg== X-CSE-MsgGUID: Z4ULzVupSEO8Ix75ghNlzg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,231,1708416000"; d="scan'208";a="30099328" Received: from aschofie-mobl2.amr.corp.intel.com (HELO localhost) ([10.252.128.24]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Apr 2024 21:24:55 -0700 From: alison.schofield@intel.com To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org Cc: Alison Schofield , "H. Peter Anvin" , "Kirill A. Shutemov" , Kai Huang , linux-kernel@vger.kernel.org Subject: [PATCH 1/2] x86/cpu: Remove useless work in detect_tme_early() Date: Thu, 25 Apr 2024 21:24:52 -0700 Message-Id: <4e159cdb00907dd7884c191acdab3a028d2f4857.1713929290.git.alison.schofield@intel.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alison Schofield TME (Total Memory Encryption) and MKTME (Multi-Key Total Memory Encryption) BIOS detection were introduced together here [1] and are loosely coupled in the Intel CPU init code. TME is a hardware only feature and its BIOS status is all that needs to be shared with the kernel user: enabled or disabled. The TME algorithm the BIOS is using and whether or not the kernel recognizes that algorithm is useless to the kernel user. MKTME is a hardware feature that requires kernel support. MKTME detection code was added in advance of broader kernel support for MKTME that never followed. So, rather than continuing to emit needless and confusing messages about BIOS MKTME status, remove most of the MKTME pieces from detect_tme_early(). Keep one important piece: when the BIOS is configured with MKTME 'on' any BIOS defined KeyID bits do take away from the physaddr bits available in the kernel. Add a pr_info_once() informing about the enabled keyids so the user can address (by rebooting with MKTME off) if the user needs to recover the MKTME consumed bits. There is no functional change for the user, only this change in boot messages: Before: [] x86/tme: enabled by BIOS [] x86/tme: Unknown policy is active: 0x2 [] x86/mktme: No known encryption algorithm is supported: 0x4 [] x86/mktme: enabled by BIOS [] x86/mktme: 127 KeyIDs available After: [] x86/tme: enabled by BIOS [] x86/mktme: BIOS enabled 127 keyids [1] cb06d8e3d020 ("x86/tme: Detect if TME and MKTME is activated by BIOS") Signed-off-by: Alison Schofield Acked-by: Kirill A. Shutemov --- arch/x86/kernel/cpu/intel.c | 71 +++++++------------------------------ 1 file changed, 12 insertions(+), 59 deletions(-) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index 3c3e7e5695ba..83865897a2a7 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -190,83 +190,36 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 = *c) #define TME_ACTIVATE_LOCKED(x) (x & 0x1) #define TME_ACTIVATE_ENABLED(x) (x & 0x2) =20 -#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ -#define TME_ACTIVATE_POLICY_AES_XTS_128 0 - #define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ =20 -#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ -#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 - -/* Values for mktme_status (SW only construct) */ -#define MKTME_ENABLED 0 -#define MKTME_DISABLED 1 -#define MKTME_UNINITIALIZED 2 -static int mktme_status =3D MKTME_UNINITIALIZED; - static void detect_tme_early(struct cpuinfo_x86 *c) { - u64 tme_activate, tme_policy, tme_crypto_algs; int keyid_bits =3D 0, nr_keyids =3D 0; - static u64 tme_activate_cpu0 =3D 0; + u64 tme_activate; =20 rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); =20 - if (mktme_status !=3D MKTME_UNINITIALIZED) { - if (tme_activate !=3D tme_activate_cpu0) { - /* Broken BIOS? */ - pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); - pr_err_once("x86/tme: MKTME is not usable\n"); - mktme_status =3D MKTME_DISABLED; - - /* Proceed. We may need to exclude bits from x86_phys_bits. */ - } - } else { - tme_activate_cpu0 =3D tme_activate; - } - if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activ= ate)) { pr_info_once("x86/tme: not enabled by BIOS\n"); - mktme_status =3D MKTME_DISABLED; clear_cpu_cap(c, X86_FEATURE_TME); return; } - - if (mktme_status !=3D MKTME_UNINITIALIZED) - goto detect_keyid_bits; - - pr_info("x86/tme: enabled by BIOS\n"); - - tme_policy =3D TME_ACTIVATE_POLICY(tme_activate); - if (tme_policy !=3D TME_ACTIVATE_POLICY_AES_XTS_128) - pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); - - tme_crypto_algs =3D TME_ACTIVATE_CRYPTO_ALGS(tme_activate); - if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { - pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", - tme_crypto_algs); - mktme_status =3D MKTME_DISABLED; - } -detect_keyid_bits: + pr_info_once("x86/tme: enabled by BIOS\n"); keyid_bits =3D TME_ACTIVATE_KEYID_BITS(tme_activate); - nr_keyids =3D (1UL << keyid_bits) - 1; - if (nr_keyids) { - pr_info_once("x86/mktme: enabled by BIOS\n"); - pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); - } else { - pr_info_once("x86/mktme: disabled by BIOS\n"); - } - - if (mktme_status =3D=3D MKTME_UNINITIALIZED) { - /* MKTME is usable */ - mktme_status =3D MKTME_ENABLED; - } + if (!keyid_bits) + return; =20 /* - * KeyID bits effectively lower the number of physical address - * bits. Update cpuinfo_x86::x86_phys_bits accordingly. + * KeyID bits are set by BIOS and can be present regardless + * of whether the kernel is using them. They effectively lower + * the number of physical address bits. + * + * Update cpuinfo_x86::x86_phys_bits accordingly. */ c->x86_phys_bits -=3D keyid_bits; + nr_keyids =3D (1UL << keyid_bits) - 1; + + pr_info_once("x86/mktme: BIOS enabled %d keyids\n", nr_keyids); } =20 static void early_init_intel(struct cpuinfo_x86 *c) --=20 2.37.3 From nobody Sun May 19 13:07:48 2024 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 01F7582498 for ; Fri, 26 Apr 2024 04:24:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.15 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714105499; cv=none; b=YBp8Vi6/rfHZK8hKg/F4mtvf25R5chkJtEKOZqpUQhKHqwa7Q9+e73KmzHomckdj6FYFYQuBd3y85gTgtb3pjvt7VVIduIt+z0oml4SKfxWR03xZHeLHkQKcQjxMGaKw/Yvs9WbOB2An/5DtWMTzgqYOKDBZtHgvEubERoRX9AY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714105499; c=relaxed/simple; bh=oqPPwXD1qFSn8hAJXO23HwvJ2xp/7r9gtfSILVNBa8g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=B42kgKN2iPOAtC7/dAB0SC5vKvA7VUb7WrJ8/BeaKVKXoqWpflEqg0rRb+UNip/tpmPH6qB0cxTaiecXoVG5+cGeRGujDk8oi95ZbDWJHOR0dtdQkuYP1AeaMMdfiNHSryRD3IZrQZMIUsudGDEOx4+9ZQ4ydsqjB0R49wmAq9U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=KvAsLR2D; arc=none smtp.client-ip=198.175.65.15 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="KvAsLR2D" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1714105498; x=1745641498; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=oqPPwXD1qFSn8hAJXO23HwvJ2xp/7r9gtfSILVNBa8g=; b=KvAsLR2DuwcqpLmDj3vBeArowW5a8tPoKf3MaWDmP6Ayd+SDYlf/ftew 9Kr25MHQpePCWl15e5GYrl98kuWH9gz6Zbu7TZ+FEuwL+7dO8j35HoEmB yvROoQK12VTNPN2NrAunxXhRh2xSizHAD+AbbB+TnCTueiemh9buB/BMA hdrkD5fcr61qGgWtbvBF+3nHdnxGgiP8QHG2vtRizxs0TlZs7H/bV2dN+ MiMy/gb3XbwfS3DLS0aH28fWV4lrIcxHSgGZjE3qlcxrk2DvYCvLHMxeu 704077U4zAaKEz7J/Py8TQQisqx3Fx1f4oVR08rLUFYRNVAyLe0nl9df/ A==; X-CSE-ConnectionGUID: Ux5xvbKtQyWGtng5WGcIZQ== X-CSE-MsgGUID: XIsEBG42SxKx0yp6LIjPIw== X-IronPort-AV: E=McAfee;i="6600,9927,11055"; a="13613174" X-IronPort-AV: E=Sophos;i="6.07,231,1708416000"; d="scan'208";a="13613174" Received: from orviesa005.jf.intel.com ([10.64.159.145]) by orvoesa107.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Apr 2024 21:24:56 -0700 X-CSE-ConnectionGUID: NlKKnzarS2Ct7bc4Ph8e9g== X-CSE-MsgGUID: Juc/ycf6QSa8teNInjl+mA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,231,1708416000"; d="scan'208";a="30099340" Received: from aschofie-mobl2.amr.corp.intel.com (HELO localhost) ([10.252.128.24]) by orviesa005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Apr 2024 21:24:56 -0700 From: alison.schofield@intel.com To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org Cc: Alison Schofield , "H. Peter Anvin" , "Kirill A. Shutemov" , Kai Huang , linux-kernel@vger.kernel.org Subject: [PATCH 2/2] x86/pconfig: Remove unused MKTME pconfig code Date: Thu, 25 Apr 2024 21:24:53 -0700 Message-Id: <029c84dd5743c8d56734593455ae3d576387f72b.1713929290.git.alison.schofield@intel.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Alison Schofield Code supporting Intel PCONFIG targets was an early piece of enabling for MKTME (Multi-Key Total Memory Encryption). Since MKTME feature enablement did not follow into the kernel, remove the unused PCONFIG code. Signed-off-by: Alison Schofield Acked-by: Kai Huang Acked-by: Kirill A. Shutemov --- arch/x86/include/asm/intel_pconfig.h | 65 --------------------- arch/x86/kernel/cpu/Makefile | 2 +- arch/x86/kernel/cpu/intel_pconfig.c | 84 ---------------------------- 3 files changed, 1 insertion(+), 150 deletions(-) delete mode 100644 arch/x86/include/asm/intel_pconfig.h delete mode 100644 arch/x86/kernel/cpu/intel_pconfig.c diff --git a/arch/x86/include/asm/intel_pconfig.h b/arch/x86/include/asm/in= tel_pconfig.h deleted file mode 100644 index 994638ef171b..000000000000 --- a/arch/x86/include/asm/intel_pconfig.h +++ /dev/null @@ -1,65 +0,0 @@ -#ifndef _ASM_X86_INTEL_PCONFIG_H -#define _ASM_X86_INTEL_PCONFIG_H - -#include -#include - -enum pconfig_target { - INVALID_TARGET =3D 0, - MKTME_TARGET =3D 1, - PCONFIG_TARGET_NR -}; - -int pconfig_target_supported(enum pconfig_target target); - -enum pconfig_leaf { - MKTME_KEY_PROGRAM =3D 0, - PCONFIG_LEAF_INVALID, -}; - -#define PCONFIG ".byte 0x0f, 0x01, 0xc5" - -/* Defines and structure for MKTME_KEY_PROGRAM of PCONFIG instruction */ - -/* mktme_key_program::keyid_ctrl COMMAND, bits [7:0] */ -#define MKTME_KEYID_SET_KEY_DIRECT 0 -#define MKTME_KEYID_SET_KEY_RANDOM 1 -#define MKTME_KEYID_CLEAR_KEY 2 -#define MKTME_KEYID_NO_ENCRYPT 3 - -/* mktme_key_program::keyid_ctrl ENC_ALG, bits [23:8] */ -#define MKTME_AES_XTS_128 (1 << 8) - -/* Return codes from the PCONFIG MKTME_KEY_PROGRAM */ -#define MKTME_PROG_SUCCESS 0 -#define MKTME_INVALID_PROG_CMD 1 -#define MKTME_ENTROPY_ERROR 2 -#define MKTME_INVALID_KEYID 3 -#define MKTME_INVALID_ENC_ALG 4 -#define MKTME_DEVICE_BUSY 5 - -/* Hardware requires the structure to be 256 byte aligned. Otherwise #GP(0= ). */ -struct mktme_key_program { - u16 keyid; - u32 keyid_ctrl; - u8 __rsvd[58]; - u8 key_field_1[64]; - u8 key_field_2[64]; -} __packed __aligned(256); - -static inline int mktme_key_program(struct mktme_key_program *key_program) -{ - unsigned long rax =3D MKTME_KEY_PROGRAM; - - if (!pconfig_target_supported(MKTME_TARGET)) - return -ENXIO; - - asm volatile(PCONFIG - : "=3Da" (rax), "=3Db" (key_program) - : "0" (rax), "1" (key_program) - : "memory", "cc"); - - return rax; -} - -#endif /* _ASM_X86_INTEL_PCONFIG_H */ diff --git a/arch/x86/kernel/cpu/Makefile b/arch/x86/kernel/cpu/Makefile index eb4dbcdf41f1..ecd78a61da2e 100644 --- a/arch/x86/kernel/cpu/Makefile +++ b/arch/x86/kernel/cpu/Makefile @@ -34,7 +34,7 @@ obj-$(CONFIG_PROC_FS) +=3D proc.o =20 obj-$(CONFIG_IA32_FEAT_CTL) +=3D feat_ctl.o ifdef CONFIG_CPU_SUP_INTEL -obj-y +=3D intel.o intel_pconfig.o tsx.o +obj-y +=3D intel.o tsx.o obj-$(CONFIG_PM) +=3D intel_epb.o endif obj-$(CONFIG_CPU_SUP_AMD) +=3D amd.o diff --git a/arch/x86/kernel/cpu/intel_pconfig.c b/arch/x86/kernel/cpu/inte= l_pconfig.c deleted file mode 100644 index 5be2b1790282..000000000000 --- a/arch/x86/kernel/cpu/intel_pconfig.c +++ /dev/null @@ -1,84 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0 -/* - * Intel PCONFIG instruction support. - * - * Copyright (C) 2017 Intel Corporation - * - * Author: - * Kirill A. Shutemov - */ -#include -#include - -#include -#include - -#define PCONFIG_CPUID 0x1b - -#define PCONFIG_CPUID_SUBLEAF_MASK ((1 << 12) - 1) - -/* Subleaf type (EAX) for PCONFIG CPUID leaf (0x1B) */ -enum { - PCONFIG_CPUID_SUBLEAF_INVALID =3D 0, - PCONFIG_CPUID_SUBLEAF_TARGETID =3D 1, -}; - -/* Bitmask of supported targets */ -static u64 targets_supported __read_mostly; - -int pconfig_target_supported(enum pconfig_target target) -{ - /* - * We would need to re-think the implementation once we get > 64 - * PCONFIG targets. Spec allows up to 2^32 targets. - */ - BUILD_BUG_ON(PCONFIG_TARGET_NR >=3D 64); - - if (WARN_ON_ONCE(target >=3D 64)) - return 0; - return targets_supported & (1ULL << target); -} - -static int __init intel_pconfig_init(void) -{ - int subleaf; - - if (!boot_cpu_has(X86_FEATURE_PCONFIG)) - return 0; - - /* - * Scan subleafs of PCONFIG CPUID leaf. - * - * Subleafs of the same type need not to be consecutive. - * - * Stop on the first invalid subleaf type. All subleafs after the first - * invalid are invalid too. - */ - for (subleaf =3D 0; subleaf < INT_MAX; subleaf++) { - struct cpuid_regs regs; - - cpuid_count(PCONFIG_CPUID, subleaf, - ®s.eax, ®s.ebx, ®s.ecx, ®s.edx); - - switch (regs.eax & PCONFIG_CPUID_SUBLEAF_MASK) { - case PCONFIG_CPUID_SUBLEAF_INVALID: - /* Stop on the first invalid subleaf */ - goto out; - case PCONFIG_CPUID_SUBLEAF_TARGETID: - /* Mark supported PCONFIG targets */ - if (regs.ebx < 64) - targets_supported |=3D (1ULL << regs.ebx); - if (regs.ecx < 64) - targets_supported |=3D (1ULL << regs.ecx); - if (regs.edx < 64) - targets_supported |=3D (1ULL << regs.edx); - break; - default: - /* Unknown CPUID.PCONFIG subleaf: ignore */ - break; - } - } -out: - return 0; -} -arch_initcall(intel_pconfig_init); --=20 2.37.3