On 09/05/2016 03:48 AM, Borislav Petkov wrote: > On Mon, Aug 22, 2016 at 05:36:46PM -0500, Tom Lendacky wrote: >> Adding general kernel support for memory encryption includes: >> - Modify and create some page table macros to include the Secure Memory >> Encryption (SME) memory encryption mask >> - Update kernel boot support to call an SME routine that checks for and >> sets the SME capability (the SME routine will grow later and for now >> is just a stub routine) >> - Update kernel boot support to call an SME routine that encrypts the >> kernel (the SME routine will grow later and for now is just a stub >> routine) >> - Provide an SME initialization routine to update the protection map with >> the memory encryption mask so that it is used by default >> >> Signed-off-by: Tom Lendacky <thomas.lendacky@xxxxxxx> >> --- > > ... > >> diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h >> index f1218f5..a01f0e1 100644 >> --- a/arch/x86/include/asm/pgtable_types.h >> +++ b/arch/x86/include/asm/pgtable_types.h >> @@ -3,6 +3,7 @@ >> >> #include <linux/const.h> >> #include <asm/page_types.h> >> +#include <asm/mem_encrypt.h> >> >> #define FIRST_USER_ADDRESS 0UL >> >> @@ -121,9 +122,9 @@ >> >> #define _PAGE_PROTNONE (_AT(pteval_t, 1) << _PAGE_BIT_PROTNONE) >> >> -#define _PAGE_TABLE (_PAGE_PRESENT | _PAGE_RW | _PAGE_USER | \ >> +#define __PAGE_TABLE (_PAGE_PRESENT | _PAGE_RW | _PAGE_USER | \ >> _PAGE_ACCESSED | _PAGE_DIRTY) > > Hmm, so this naming looks confusing and error-prone: the only difference > is a single "_". > > How about this instead: > > #define _PAGE_TABLE_NO_ENC (_PAGE_PRESENT | _PAGE_RW | _PAGE_USER | \ > _PAGE_ACCESSED | _PAGE_DIRTY) > > #define _PAGE_TABLE (_PAGE_TABLE_NO_ENC | _PAGE_ENC) > > Or call it _PAGE_TABLE_BASE or whatever. > > Ditto for __KERNPG_TABLE. > > This way you can differentiate between the two and use the _NO_ENC one > to define _PAGE_TABLE. And it will be absolutely clear when you use the > _NO_ENC one, what you mean and that you don't want to have the enc mask > in the PTE. > > Should be less confusing IMO too. Yup, makes sense. I'll rework/rename. Thanks, Tom > -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
