Re: [PATCHv10.1 09/18] x86/mm: Adding callbacks to prepare encrypted memory for kexec

From: Kirill A. Shutemov
Date: Mon May 06 2024 - 09:22:19 EST


On Thu, May 02, 2024 at 03:45:06PM +0200, Borislav Petkov wrote:
> > diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
> > index e74d0c4286c1..f1b261be78b4 100644
> > --- a/arch/x86/kernel/crash.c
> > +++ b/arch/x86/kernel/crash.c
> > @@ -128,6 +128,10 @@ void native_machine_crash_shutdown(struct pt_regs *regs)
> > #ifdef CONFIG_HPET_TIMER
> > hpet_disable();
> > #endif
> > +
> > + x86_platform.guest.enc_kexec_stop_conversion(true);
> > + x86_platform.guest.enc_kexec_unshare_mem();
> > +
>
> You call them here back-to-back...
>
> > crash_save_cpu(regs, safe_smp_processor_id());
> > }
> >
> > diff --git a/arch/x86/kernel/reboot.c b/arch/x86/kernel/reboot.c
> > index f3130f762784..c1920ec34f0c 100644
> > --- a/arch/x86/kernel/reboot.c
> > +++ b/arch/x86/kernel/reboot.c
> > @@ -12,6 +12,7 @@
> > #include <linux/delay.h>
> > #include <linux/objtool.h>
> > #include <linux/pgtable.h>
> > +#include <linux/kexec.h>
> > #include <acpi/reboot.h>
> > #include <asm/io.h>
> > #include <asm/apic.h>
> > @@ -716,6 +717,14 @@ static void native_machine_emergency_restart(void)
> >
> > void native_machine_shutdown(void)
> > {
> > + /*
> > + * Call enc_kexec_stop_conversion() while all CPUs are still active and
> > + * interrupts are enabled. This will allow all in-flight memory
> > + * conversions to finish cleanly.
> > + */
> > + if (kexec_in_progress)
> > + x86_platform.guest.enc_kexec_stop_conversion(false);
> > +
> > /* Stop the cpus and apics */
> > #ifdef CONFIG_X86_IO_APIC
> > /*
> > @@ -752,6 +761,9 @@ void native_machine_shutdown(void)
> > #ifdef CONFIG_X86_64
> > x86_platform.iommu_shutdown();
> > #endif
> > +
> > + if (kexec_in_progress)
> > + x86_platform.guest.enc_kexec_unshare_mem();
>
> ... but they're split here.
>
> And I don't know why and nothing tells me...

I do. See comment just above enc_kexec_stop_conversion() call.

Do you want also comment for enc_kexec_unshare_mem() ?

--
Kiryl Shutsemau / Kirill A. Shutemov