memory_encryption: prevent setting the encryption bit in PhysAddr

zyuiop · zyuiop · commit ac566d28624e · 2025-04-30T10:42:40.000+02:00
diff --git a/src/addr.rs b/src/addr.rs
@@ -1,14 +1,17 @@
 //! Physical and virtual addresses manipulation
 
+#[cfg(feature = "memory_encryption")]
+use crate::structures::mem_encrypt::ENC_BIT_MASK;
+use crate::structures::paging::page_table::PageTableLevel;
+use crate::structures::paging::{PageOffset, PageTableIndex};
+use bit_field::BitField;
 use core::convert::TryFrom;
 use core::fmt;
 #[cfg(feature = "step_trait")]
 use core::iter::Step;
 use core::ops::{Add, AddAssign, Sub, SubAssign};
-
-use crate::structures::paging::page_table::PageTableLevel;
-use crate::structures::paging::{PageOffset, PageTableIndex};
-use bit_field::BitField;
+#[cfg(feature = "memory_encryption")]
+use core::sync::atomic::Ordering;
 
 const ADDRESS_SPACE_SIZE: u64 = 0x1_0000_0000_0000;
 
@@ -439,6 +442,8 @@ impl PhysAddr {
     /// ## Panics
     ///
     /// This function panics if a bit in the range 52 to 64 is set.
+    /// If the `memory_encryption` feature is available and has been enabled, this function also
+    /// panics fails if the encryption bit is manually set in the address.
     #[inline]
     pub const fn new(addr: u64) -> Self {
         // TODO: Replace with .ok().expect(msg) when that works on stable.
@@ -448,12 +453,6 @@ impl PhysAddr {
         }
     }
 
-    /// Creates a new physical address, throwing bits 52..64 away.
-    #[inline]
-    pub const fn new_truncate(addr: u64) -> PhysAddr {
-        PhysAddr(addr % (1 << 52))
-    }
-
     /// Creates a new physical address, without any checks.
     ///
     /// ## Safety
@@ -467,6 +466,8 @@ impl PhysAddr {
     /// Tries to create a new physical address.
     ///
     /// Fails if any bits in the range 52 to 64 are set.
+    /// If the `memory_encryption` feature is available and has been enabled, this also fails if the
+    /// encryption bit is manually set in the address.
     #[inline]
     pub const fn try_new(addr: u64) -> Result<Self, PhysAddrNotValid> {
         let p = Self::new_truncate(addr);
@@ -546,6 +547,24 @@ impl PhysAddr {
     }
 }
 
+#[cfg(feature = "memory_encryption")]
+impl PhysAddr {
+    /// Creates a new physical address, throwing bits 52..64 and the encryption bit away.
+    #[inline]
+    pub fn new_truncate(addr: u64) -> PhysAddr {
+        PhysAddr((addr % (1 << 52)) & !ENC_BIT_MASK.load(Ordering::Relaxed))
+    }
+}
+
+#[cfg(not(feature = "memory_encryption"))]
+impl PhysAddr {
+    /// Creates a new physical address, throwing bits 52..64 away.
+    #[inline]
+    pub const fn new_truncate(addr: u64) -> PhysAddr {
+        PhysAddr(addr % (1 << 52))
+    }
+}
+
 impl fmt::Debug for PhysAddr {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         f.debug_tuple("PhysAddr")
diff --git a/src/structures/mem_encrypt.rs b/src/structures/mem_encrypt.rs
@@ -11,7 +11,7 @@ use crate::structures::paging::page_table::PHYSICAL_ADDRESS_MASK;
 use crate::structures::paging::PageTableFlags;
 
 /// Position of the encryption (C/S) bit in the physical address
-static ENC_BIT_MASK: AtomicU64 = AtomicU64::new(0);
+pub(crate) static ENC_BIT_MASK: AtomicU64 = AtomicU64::new(0);
 
 /// Is the encryption bit reversed (i.e. its presence denote that the page is _decrypted_ rather
 /// than encrypted)
