diff options
| author |   Suzuki K Poulose <suzuki.poulose@arm.com> | 2024-10-17 14:14:28 +0100 |
|---|---|---|
| committer |   Catalin Marinas <catalin.marinas@arm.com> | 2024-10-23 10:19:32 +0100 |
| commit | 3c6c706139564f74ec48229378873c1d930a8bc8 (patch) | |
| tree | a84fe80ad3229bb155ca96f7c80f4172fe5825ad | |
| parent | arm64: rsi: Add support for checking whether an MMIO is protected (diff) | |
| download | wireguard-linux-3c6c706139564f74ec48229378873c1d930a8bc8.tar.xz wireguard-linux-3c6c706139564f74ec48229378873c1d930a8bc8.zip | |
arm64: rsi: Map unprotected MMIO as decrypted
Instead of marking every MMIO as shared, check if the given region is
"Protected" and apply the permissions accordingly.
Reviewed-by: Gavin Shan <gshan@redhat.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Steven Price <steven.price@arm.com>
Link: https://lore.kernel.org/r/20241017131434.40935-6-steven.price@arm.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Diffstat (limited to '')
| -rw-r--r-- | arch/arm64/kernel/rsi.c | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/arch/arm64/kernel/rsi.c b/arch/arm64/kernel/rsi.c index 7e7934c4fca0..3e0c83e2296f 100644 --- a/arch/arm64/kernel/rsi.c +++ b/arch/arm64/kernel/rsi.c @@ -6,6 +6,8 @@ #include <linux/jump_label.h> #include <linux/memblock.h> #include <linux/psci.h> + +#include <asm/io.h> #include <asm/rsi.h> static struct realm_config config; @@ -93,6 +95,16 @@ bool __arm64_is_protected_mmio(phys_addr_t base, size_t size) } EXPORT_SYMBOL(__arm64_is_protected_mmio); +static int realm_ioremap_hook(phys_addr_t phys, size_t size, pgprot_t *prot) +{ + if (__arm64_is_protected_mmio(phys, size)) + *prot = pgprot_encrypted(*prot); + else + *prot = pgprot_decrypted(*prot); + + return 0; +} + void __init arm64_rsi_init(void) { if (arm_smccc_1_1_get_conduit() != SMCCC_CONDUIT_SMC) @@ -103,6 +115,9 @@ void __init arm64_rsi_init(void) return; prot_ns_shared = BIT(config.ipa_bits - 1); + if (arm64_ioremap_prot_hook_register(realm_ioremap_hook)) + return; + arm64_rsi_setup_memory(); static_branch_enable(&rsi_present); |