Re: [PATCH] dma-direct: Force unencrypted DMA under SME for certain DMA masks

Kirill A. Shutemov Wed, 24 Jul 2019 08:55:53 -0700

On Wed, Jul 10, 2019 at 07:01:19PM +0000, Lendacky, Thomas wrote:
> @@ -351,6 +355,32 @@ bool sev_active(void)
>  }
>  EXPORT_SYMBOL(sev_active);
>  
> +/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED 
> */
> +bool force_dma_unencrypted(struct device *dev)
> +{
> +     /*
> +      * For SEV, all DMA must be to unencrypted addresses.
> +      */
> +     if (sev_active())
> +             return true;
> +
> +     /*
> +      * For SME, all DMA must be to unencrypted addresses if the
> +      * device does not support DMA to addresses that include the
> +      * encryption mask.
> +      */
> +     if (sme_active()) {
> +             u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask));
> +             u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask,
> +                                             dev->bus_dma_mask);
> +
> +             if (dma_dev_mask <= dma_enc_mask)
> +                     return true;


Hm. What is wrong with the dev mask being equal to enc mask? IIUC, it
means that device mask is wide enough to cover encryption bit, doesn't it?

> +     }
> +
> +     return false;
> +}

-- 
 Kirill A. Shutemov

Re: [PATCH] dma-direct: Force unencrypted DMA under SME for certain DMA masks

Reply via email to