1 /* 2 * AMD Memory Encryption Support 3 * 4 * Copyright (C) 2016 Advanced Micro Devices, Inc. 5 * 6 * Author: Tom Lendacky <thomas.lendacky@amd.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 */ 12 13 #define DISABLE_BRANCH_PROFILING 14 15 #include <linux/linkage.h> 16 #include <linux/init.h> 17 #include <linux/mm.h> 18 #include <linux/dma-direct.h> 19 #include <linux/swiotlb.h> 20 #include <linux/mem_encrypt.h> 21 22 #include <asm/tlbflush.h> 23 #include <asm/fixmap.h> 24 #include <asm/setup.h> 25 #include <asm/bootparam.h> 26 #include <asm/set_memory.h> 27 #include <asm/cacheflush.h> 28 #include <asm/processor-flags.h> 29 #include <asm/msr.h> 30 #include <asm/cmdline.h> 31 32 #include "mm_internal.h" 33 34 /* 35 * Since SME related variables are set early in the boot process they must 36 * reside in the .data section so as not to be zeroed out when the .bss 37 * section is later cleared. 38 */ 39 u64 sme_me_mask __section(.data) = 0; 40 EXPORT_SYMBOL(sme_me_mask); 41 DEFINE_STATIC_KEY_FALSE(sev_enable_key); 42 EXPORT_SYMBOL_GPL(sev_enable_key); 43 44 bool sev_enabled __section(.data); 45 46 /* Buffer used for early in-place encryption by BSP, no locking needed */ 47 static char sme_early_buffer[PAGE_SIZE] __aligned(PAGE_SIZE); 48 49 /* 50 * This routine does not change the underlying encryption setting of the 51 * page(s) that map this memory. It assumes that eventually the memory is 52 * meant to be accessed as either encrypted or decrypted but the contents 53 * are currently not in the desired state. 54 * 55 * This routine follows the steps outlined in the AMD64 Architecture 56 * Programmer's Manual Volume 2, Section 7.10.8 Encrypt-in-Place. 57 */ 58 static void __init __sme_early_enc_dec(resource_size_t paddr, 59 unsigned long size, bool enc) 60 { 61 void *src, *dst; 62 size_t len; 63 64 if (!sme_me_mask) 65 return; 66 67 wbinvd(); 68 69 /* 70 * There are limited number of early mapping slots, so map (at most) 71 * one page at time. 72 */ 73 while (size) { 74 len = min_t(size_t, sizeof(sme_early_buffer), size); 75 76 /* 77 * Create mappings for the current and desired format of 78 * the memory. Use a write-protected mapping for the source. 79 */ 80 src = enc ? early_memremap_decrypted_wp(paddr, len) : 81 early_memremap_encrypted_wp(paddr, len); 82 83 dst = enc ? early_memremap_encrypted(paddr, len) : 84 early_memremap_decrypted(paddr, len); 85 86 /* 87 * If a mapping can't be obtained to perform the operation, 88 * then eventual access of that area in the desired mode 89 * will cause a crash. 90 */ 91 BUG_ON(!src || !dst); 92 93 /* 94 * Use a temporary buffer, of cache-line multiple size, to 95 * avoid data corruption as documented in the APM. 96 */ 97 memcpy(sme_early_buffer, src, len); 98 memcpy(dst, sme_early_buffer, len); 99 100 early_memunmap(dst, len); 101 early_memunmap(src, len); 102 103 paddr += len; 104 size -= len; 105 } 106 } 107 108 void __init sme_early_encrypt(resource_size_t paddr, unsigned long size) 109 { 110 __sme_early_enc_dec(paddr, size, true); 111 } 112 113 void __init sme_early_decrypt(resource_size_t paddr, unsigned long size) 114 { 115 __sme_early_enc_dec(paddr, size, false); 116 } 117 118 static void __init __sme_early_map_unmap_mem(void *vaddr, unsigned long size, 119 bool map) 120 { 121 unsigned long paddr = (unsigned long)vaddr - __PAGE_OFFSET; 122 pmdval_t pmd_flags, pmd; 123 124 /* Use early_pmd_flags but remove the encryption mask */ 125 pmd_flags = __sme_clr(early_pmd_flags); 126 127 do { 128 pmd = map ? (paddr & PMD_MASK) + pmd_flags : 0; 129 __early_make_pgtable((unsigned long)vaddr, pmd); 130 131 vaddr += PMD_SIZE; 132 paddr += PMD_SIZE; 133 size = (size <= PMD_SIZE) ? 0 : size - PMD_SIZE; 134 } while (size); 135 136 __native_flush_tlb(); 137 } 138 139 void __init sme_unmap_bootdata(char *real_mode_data) 140 { 141 struct boot_params *boot_data; 142 unsigned long cmdline_paddr; 143 144 if (!sme_active()) 145 return; 146 147 /* Get the command line address before unmapping the real_mode_data */ 148 boot_data = (struct boot_params *)real_mode_data; 149 cmdline_paddr = boot_data->hdr.cmd_line_ptr | ((u64)boot_data->ext_cmd_line_ptr << 32); 150 151 __sme_early_map_unmap_mem(real_mode_data, sizeof(boot_params), false); 152 153 if (!cmdline_paddr) 154 return; 155 156 __sme_early_map_unmap_mem(__va(cmdline_paddr), COMMAND_LINE_SIZE, false); 157 } 158 159 void __init sme_map_bootdata(char *real_mode_data) 160 { 161 struct boot_params *boot_data; 162 unsigned long cmdline_paddr; 163 164 if (!sme_active()) 165 return; 166 167 __sme_early_map_unmap_mem(real_mode_data, sizeof(boot_params), true); 168 169 /* Get the command line address after mapping the real_mode_data */ 170 boot_data = (struct boot_params *)real_mode_data; 171 cmdline_paddr = boot_data->hdr.cmd_line_ptr | ((u64)boot_data->ext_cmd_line_ptr << 32); 172 173 if (!cmdline_paddr) 174 return; 175 176 __sme_early_map_unmap_mem(__va(cmdline_paddr), COMMAND_LINE_SIZE, true); 177 } 178 179 void __init sme_early_init(void) 180 { 181 unsigned int i; 182 183 if (!sme_me_mask) 184 return; 185 186 early_pmd_flags = __sme_set(early_pmd_flags); 187 188 __supported_pte_mask = __sme_set(__supported_pte_mask); 189 190 /* Update the protection map with memory encryption mask */ 191 for (i = 0; i < ARRAY_SIZE(protection_map); i++) 192 protection_map[i] = pgprot_encrypted(protection_map[i]); 193 194 if (sev_active()) 195 swiotlb_force = SWIOTLB_FORCE; 196 } 197 198 static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) 199 { 200 pgprot_t old_prot, new_prot; 201 unsigned long pfn, pa, size; 202 pte_t new_pte; 203 204 switch (level) { 205 case PG_LEVEL_4K: 206 pfn = pte_pfn(*kpte); 207 old_prot = pte_pgprot(*kpte); 208 break; 209 case PG_LEVEL_2M: 210 pfn = pmd_pfn(*(pmd_t *)kpte); 211 old_prot = pmd_pgprot(*(pmd_t *)kpte); 212 break; 213 case PG_LEVEL_1G: 214 pfn = pud_pfn(*(pud_t *)kpte); 215 old_prot = pud_pgprot(*(pud_t *)kpte); 216 break; 217 default: 218 return; 219 } 220 221 new_prot = old_prot; 222 if (enc) 223 pgprot_val(new_prot) |= _PAGE_ENC; 224 else 225 pgprot_val(new_prot) &= ~_PAGE_ENC; 226 227 /* If prot is same then do nothing. */ 228 if (pgprot_val(old_prot) == pgprot_val(new_prot)) 229 return; 230 231 pa = pfn << page_level_shift(level); 232 size = page_level_size(level); 233 234 /* 235 * We are going to perform in-place en-/decryption and change the 236 * physical page attribute from C=1 to C=0 or vice versa. Flush the 237 * caches to ensure that data gets accessed with the correct C-bit. 238 */ 239 clflush_cache_range(__va(pa), size); 240 241 /* Encrypt/decrypt the contents in-place */ 242 if (enc) 243 sme_early_encrypt(pa, size); 244 else 245 sme_early_decrypt(pa, size); 246 247 /* Change the page encryption mask. */ 248 new_pte = pfn_pte(pfn, new_prot); 249 set_pte_atomic(kpte, new_pte); 250 } 251 252 static int __init early_set_memory_enc_dec(unsigned long vaddr, 253 unsigned long size, bool enc) 254 { 255 unsigned long vaddr_end, vaddr_next; 256 unsigned long psize, pmask; 257 int split_page_size_mask; 258 int level, ret; 259 pte_t *kpte; 260 261 vaddr_next = vaddr; 262 vaddr_end = vaddr + size; 263 264 for (; vaddr < vaddr_end; vaddr = vaddr_next) { 265 kpte = lookup_address(vaddr, &level); 266 if (!kpte || pte_none(*kpte)) { 267 ret = 1; 268 goto out; 269 } 270 271 if (level == PG_LEVEL_4K) { 272 __set_clr_pte_enc(kpte, level, enc); 273 vaddr_next = (vaddr & PAGE_MASK) + PAGE_SIZE; 274 continue; 275 } 276 277 psize = page_level_size(level); 278 pmask = page_level_mask(level); 279 280 /* 281 * Check whether we can change the large page in one go. 282 * We request a split when the address is not aligned and 283 * the number of pages to set/clear encryption bit is smaller 284 * than the number of pages in the large page. 285 */ 286 if (vaddr == (vaddr & pmask) && 287 ((vaddr_end - vaddr) >= psize)) { 288 __set_clr_pte_enc(kpte, level, enc); 289 vaddr_next = (vaddr & pmask) + psize; 290 continue; 291 } 292 293 /* 294 * The virtual address is part of a larger page, create the next 295 * level page table mapping (4K or 2M). If it is part of a 2M 296 * page then we request a split of the large page into 4K 297 * chunks. A 1GB large page is split into 2M pages, resp. 298 */ 299 if (level == PG_LEVEL_2M) 300 split_page_size_mask = 0; 301 else 302 split_page_size_mask = 1 << PG_LEVEL_2M; 303 304 kernel_physical_mapping_init(__pa(vaddr & pmask), 305 __pa((vaddr_end & pmask) + psize), 306 split_page_size_mask); 307 } 308 309 ret = 0; 310 311 out: 312 __flush_tlb_all(); 313 return ret; 314 } 315 316 int __init early_set_memory_decrypted(unsigned long vaddr, unsigned long size) 317 { 318 return early_set_memory_enc_dec(vaddr, size, false); 319 } 320 321 int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) 322 { 323 return early_set_memory_enc_dec(vaddr, size, true); 324 } 325 326 /* 327 * SME and SEV are very similar but they are not the same, so there are 328 * times that the kernel will need to distinguish between SME and SEV. The 329 * sme_active() and sev_active() functions are used for this. When a 330 * distinction isn't needed, the mem_encrypt_active() function can be used. 331 * 332 * The trampoline code is a good example for this requirement. Before 333 * paging is activated, SME will access all memory as decrypted, but SEV 334 * will access all memory as encrypted. So, when APs are being brought 335 * up under SME the trampoline area cannot be encrypted, whereas under SEV 336 * the trampoline area must be encrypted. 337 */ 338 bool sme_active(void) 339 { 340 return sme_me_mask && !sev_enabled; 341 } 342 EXPORT_SYMBOL(sme_active); 343 344 bool sev_active(void) 345 { 346 return sme_me_mask && sev_enabled; 347 } 348 EXPORT_SYMBOL(sev_active); 349 350 /* Architecture __weak replacement functions */ 351 void __init mem_encrypt_init(void) 352 { 353 if (!sme_me_mask) 354 return; 355 356 /* Call into SWIOTLB to update the SWIOTLB DMA buffers */ 357 swiotlb_update_mem_attributes(); 358 359 /* 360 * With SEV, DMA operations cannot use encryption, we need to use 361 * SWIOTLB to bounce buffer DMA operation. 362 */ 363 if (sev_active()) 364 dma_ops = &swiotlb_dma_ops; 365 366 /* 367 * With SEV, we need to unroll the rep string I/O instructions. 368 */ 369 if (sev_active()) 370 static_branch_enable(&sev_enable_key); 371 372 pr_info("AMD %s active\n", 373 sev_active() ? "Secure Encrypted Virtualization (SEV)" 374 : "Secure Memory Encryption (SME)"); 375 } 376 377