From: Alison Schofield <alison.schofield@xxxxxxxxx> MKTME Key service maintains the hardware key tables. These key tables are package scoped per the MKTME hardware definition. This means that each physical package on the system needs its key table programmed. These physical packages are the targets of the new PCONFIG programming command. So, introduce a PCONFIG targets bitmap as well as a CPU mask that includes the lead CPUs capable of programming the targets. The lead CPU mask will be used every time a new key is programmed into the hardware. Keep the PCONFIG targets bit map around for future use during CPU hotplug events. Signed-off-by: Alison Schofield <alison.schofield@xxxxxxxxx> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> --- security/keys/mktme_keys.c | 42 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/security/keys/mktme_keys.c b/security/keys/mktme_keys.c index 8ac75b1e6188..272bff8591b7 100644 --- a/security/keys/mktme_keys.c +++ b/security/keys/mktme_keys.c @@ -2,6 +2,7 @@ /* Documentation/x86/mktme/ */ +#include <linux/cpu.h> #include <linux/init.h> #include <linux/key.h> #include <linux/key-type.h> @@ -17,6 +18,8 @@ static DEFINE_SPINLOCK(mktme_lock); static unsigned int mktme_available_keyids; /* Free Hardware KeyIDs */ static struct kmem_cache *mktme_prog_cache; /* Hardware programming cache */ +static unsigned long *mktme_target_map; /* PCONFIG programming target */ +static cpumask_var_t mktme_leadcpus; /* One CPU per PCONFIG target */ enum mktme_keyid_state { KEYID_AVAILABLE, /* Available to be assigned */ @@ -257,6 +260,33 @@ struct key_type key_type_mktme = { .destroy = mktme_destroy_key, }; +static void mktme_update_pconfig_targets(void) +{ + int cpu, target_id; + + cpumask_clear(mktme_leadcpus); + bitmap_clear(mktme_target_map, 0, sizeof(mktme_target_map)); + + for_each_online_cpu(cpu) { + target_id = topology_physical_package_id(cpu); + if (!__test_and_set_bit(target_id, mktme_target_map)) + __cpumask_set_cpu(cpu, mktme_leadcpus); + } +} + +static int mktme_alloc_pconfig_targets(void) +{ + if (!alloc_cpumask_var(&mktme_leadcpus, GFP_KERNEL)) + return -ENOMEM; + + mktme_target_map = bitmap_alloc(topology_max_packages(), GFP_KERNEL); + if (!mktme_target_map) { + free_cpumask_var(mktme_leadcpus); + return -ENOMEM; + } + return 0; +} + static int __init init_mktme(void) { int ret; @@ -278,9 +308,21 @@ static int __init init_mktme(void) if (!mktme_prog_cache) goto free_map; + /* Hardware programming targets */ + if (mktme_alloc_pconfig_targets()) + goto free_cache; + + /* Initialize first programming targets */ + mktme_update_pconfig_targets(); + ret = register_key_type(&key_type_mktme); if (!ret) return ret; /* SUCCESS */ + + free_cpumask_var(mktme_leadcpus); + bitmap_free(mktme_target_map); +free_cache: + kmem_cache_destroy(mktme_prog_cache); free_map: kvfree(mktme_map); -- 2.21.0