projects / linux-block.git / blame
| Commit | Line | Data |
|---|---|---|
| 20f07a04 KS |
1 | // SPDX-License-Identifier: GPL-2.0-only |
| 2 | /* | |
| 3 | * Memory Encryption Support Common Code | |
| 4 | * | |
| 5 | * Copyright (C) 2016 Advanced Micro Devices, Inc. | |
| 6 | * | |
| 7 | * Author: Tom Lendacky <thomas.lendacky@amd.com> | |
| 8 | */ | |
| 9 | ||
| 10 | #include <linux/dma-direct.h> | |
| 11 | #include <linux/dma-mapping.h> | |
| 12 | #include <linux/swiotlb.h> | |
| 13 | #include <linux/cc_platform.h> | |
| 14 | #include <linux/mem_encrypt.h> | |
| 20f07a04 KS |
15 | |
| 16 | /* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */ | |
| 17 | bool force_dma_unencrypted(struct device *dev) | |
| 18 | { | |
| 19 | /* | |
| 20 | * For SEV, all DMA must be to unencrypted addresses. | |
| 21 | */ | |
| 22 | if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) | |
| 23 | return true; | |
| 24 | ||
| 25 | /* | |
| 26 | * For SME, all DMA must be to unencrypted addresses if the | |
| 27 | * device does not support DMA to addresses that include the | |
| 28 | * encryption mask. | |
| 29 | */ | |
| 30 | if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { | |
| 31 | u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask)); | |
| 32 | u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask, | |
| 33 | dev->bus_dma_limit); | |
| 34 | ||
| 35 | if (dma_dev_mask <= dma_enc_mask) | |
| 36 | return true; | |
| 37 | } | |
| 38 | ||
| 39 | return false; | |
| 40 | } | |
| 41 | ||
| 42 | static void print_mem_encrypt_feature_info(void) | |
| 43 | { | |
| 968b4931 KS |
44 | pr_info("Memory Encryption Features active:"); |
| 45 | ||
| 46 | if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) { | |
| 47 | pr_cont(" Intel TDX\n"); | |
| 48 | return; | |
| 49 | } | |
| 50 | ||
| 51964015 | 51 | pr_cont(" AMD"); |
| 20f07a04 KS |
52 | |
| 53 | /* Secure Memory Encryption */ | |
| 54 | if (cc_platform_has(CC_ATTR_HOST_MEM_ENCRYPT)) { | |
| 55 | /* | |
| 56 | * SME is mutually exclusive with any of the SEV | |
| 57 | * features below. | |
| 58 | */ | |
| 59 | pr_cont(" SME\n"); | |
| 60 | return; | |
| 61 | } | |
| 62 | ||
| 63 | /* Secure Encrypted Virtualization */ | |
| 64 | if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) | |
| 65 | pr_cont(" SEV"); | |
| 66 | ||
| 67 | /* Encrypted Register State */ | |
| 68 | if (cc_platform_has(CC_ATTR_GUEST_STATE_ENCRYPT)) | |
| 69 | pr_cont(" SEV-ES"); | |
| 70 | ||
| f742b90e BS |
71 | /* Secure Nested Paging */ |
| 72 | if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) | |
| 73 | pr_cont(" SEV-SNP"); | |
| 74 | ||
| 20f07a04 KS |
75 | pr_cont("\n"); |
| 76 | } | |
| 77 | ||
| 78 | /* Architecture __weak replacement functions */ | |
| 79 | void __init mem_encrypt_init(void) | |
| 80 | { | |
| 81 | if (!cc_platform_has(CC_ATTR_MEM_ENCRYPT)) | |
| 82 | return; | |
| 83 | ||
| 84 | /* Call into SWIOTLB to update the SWIOTLB DMA buffers */ | |
| 85 | swiotlb_update_mem_attributes(); | |
| 86 | ||
| 87 | print_mem_encrypt_feature_info(); | |
| 88 | } |