git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Suzuki K Poulose <suzuki.poulose@arm.com>
	Thu, 18 Sep 2025 12:56:16 +0000 (13:56 +0100)
committer	Will Deacon <will@kernel.org>
	Fri, 19 Sep 2025 09:12:01 +0000 (10:12 +0100)
commit	fa84e534c3ec2904d8718a83180294f7b5afecc7
tree	b0900bb9e290c90cde27de2a898e9fb9a2f28eca	tree \| snapshot
parent	8f5ae30d69d7543eee0d70083daf4de8fe15d585	commit \| diff

arm64: realm: ioremap: Allow mapping memory as encrypted

For ioremap(), so far we only checked if it was a device (RIPAS_DEV) to choose
an encrypted vs decrypted mapping. However, we may have firmware reserved memory
regions exposed to the OS (e.g., EFI Coco Secret Securityfs, ACPI CCEL).
We need to make sure that anything that is RIPAS_RAM (i.e., Guest
protected memory with RMM guarantees) are also mapped as encrypted.

Rephrasing the above, anything that is not RIPAS_EMPTY is guaranteed to be
protected by the RMM. Thus we choose encrypted mapping for anything that is not
RIPAS_EMPTY. While at it, rename the helper function

__arm64_is_protected_mmio => arm64_rsi_is_protected

to clearly indicate that this not an arm64 generic helper, but something to do
with Realms.

Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
Cc: Steven Price <steven.price@arm.com>
Reviewed-by: Gavin Shan <gshan@redhat.com>
Reviewed-by: Steven Price <steven.price@arm.com>
Tested-by: Sami Mujawar <sami.mujawar@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>

arch/arm64/include/asm/io.h		diff \| blob \| blame \| history
arch/arm64/include/asm/rsi.h		diff \| blob \| blame \| history
arch/arm64/kernel/rsi.c		diff \| blob \| blame \| history