On 11/27/22 20:52, Dexuan Cui wrote:
From: Michael Kelley (LINUX) <mikelley@xxxxxxxxxxxxx>
Sent: Thursday, November 17, 2022 6:56 PM
[...]
But I had not thought about TDX. In the TDX case, it appears that
sme_postprocess_startup() will not decrypt the bss_decrypted section.
The corresponding mem_encrypt_free_decrypted_mem() is a no-op unless
CONFIG_AMD_MEM_ENCRYPT is set. But maybe if someone builds a
kernel image that supports both TDX and AMD encryption, it could break
at runtime on a TDX system. I would also note that on a TDX system
without CONFIG_AMD_MEM_ENCRYPT, the unused memory in the
bss_decrypted section never gets freed.
On a TDX system *with* CONFIG_AMD_MEM_ENCRYPT, the unused
memory in the bss_decrypted section also never gets freed due to the
below "return;"
I'd suggest a Fixes tag should be added to make sure the distro vendors
notice the patch and backport it :-)
BTW, I just posted a similar patch as I didn't notice this patch. I have
replied to my patch email, asking people to ignore my patch.
Fixes: b3f0907c71e0 ("x86/mm: Add .bss..decrypted section to hold shared variables")
I think the Fixes: tag should really be:
e9d1d2bb75b2 ("treewide: Replace the use of mem_encrypt_active() with cc_platform_has()")
since mem_encrypt_active() used to return sme_me_mask, so the checks were
balanced at that point.
Thanks,
Tom
void __init mem_encrypt_free_decrypted_mem(void)
{
unsigned long vaddr, vaddr_end, npages;
int r;
vaddr = (unsigned long)__start_bss_decrypted_unused;
vaddr_end = (unsigned long)__end_bss_decrypted;
npages = (vaddr_end - vaddr) >> PAGE_SHIFT;
/*
* The unused memory range was mapped decrypted, change the encryption
* attribute from decrypted to encrypted before freeing it.
*/
if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) {
r = set_memory_encrypted(vaddr, npages);
if (r) {
pr_warn("failed to free unused decrypted pages\n");
return;
}
}
free_init_pages("unused decrypted", vaddr, vaddr_end);
}