acpi, x86/mm: Remove encryption mask from ACPI page protection type

The arch_apei_get_mem_attributes() function is used to set the page
protection type for ACPI physical addresses. When SME is active, the
associated protection type cannot have the encryption mask set since the
ACPI tables live in un-encrypted memory - the kernel will see corrupted
data.

To fix this, create a new protection type, PAGE_KERNEL_NOENC, that is a
'no encryption' version of PAGE_KERNEL, and return that from
arch_apei_get_mem_attributes().

Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/e1cb9395b2f061cd96f1e59c3cbbe5ff5d4ec26e.1501186516.git.thomas.lendacky@amd.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>

diff --git a/arch/x86/include/asm/acpi.h b/arch/x86/include/asm/acpi.h
index 562286fa151f3e40f3d220925010b41fd2320309..72d867f6b518e4db5a79a10c924f858a3edb0af8 100644 (file)
--- a/arch/x86/include/asm/acpi.h
+++ b/arch/x86/include/asm/acpi.h
@@ -160,12 +160,13 @@ static inline pgprot_t arch_apei_get_mem_attribute(phys_addr_t addr)
         * you call efi_mem_attributes() during boot and at runtime,
         * you could theoretically see different attributes.
         *
-        * Since we are yet to see any x86 platforms that require
-        * anything other than PAGE_KERNEL (some arm64 platforms
-        * require the equivalent of PAGE_KERNEL_NOCACHE), return that
-        * until we know differently.
+        * We are yet to see any x86 platforms that require anything
+        * other than PAGE_KERNEL (some ARM64 platforms require the
+        * equivalent of PAGE_KERNEL_NOCACHE). Additionally, if SME
+        * is active, the ACPI information will not be encrypted,
+        * so return PAGE_KERNEL_NOENC until we know differently.
         */
-        return PAGE_KERNEL;
+       return PAGE_KERNEL_NOENC;
 }
 #endif
 

diff --git a/arch/x86/include/asm/pgtable_types.h b/arch/x86/include/asm/pgtable_types.h
index 6c55973ebab83bf3becafce989a5a8b465dbcfb6..399261ce904ca1df269e5194b8e523d73b8a3f69 100644 (file)
--- a/arch/x86/include/asm/pgtable_types.h
+++ b/arch/x86/include/asm/pgtable_types.h
@@ -211,6 +211,7 @@ enum page_cache_mode {
 #define __PAGE_KERNEL_NOENC_WP (__PAGE_KERNEL_WP)
 
 #define PAGE_KERNEL            __pgprot(__PAGE_KERNEL | _PAGE_ENC)
+#define PAGE_KERNEL_NOENC      __pgprot(__PAGE_KERNEL)
 #define PAGE_KERNEL_RO         __pgprot(__PAGE_KERNEL_RO | _PAGE_ENC)
 #define PAGE_KERNEL_EXEC       __pgprot(__PAGE_KERNEL_EXEC | _PAGE_ENC)
 #define PAGE_KERNEL_EXEC_NOENC __pgprot(__PAGE_KERNEL_EXEC)