Received: by 10.213.65.68 with SMTP id h4csp1518547imn; Thu, 29 Mar 2018 06:15:36 -0700 (PDT) X-Google-Smtp-Source: AIpwx497WYq+UtrMr1vQUKAs/CFK1q9rs3KMqIz0IFC0ShHIJj4oUgqsZsvyDq2iawXd3ns/BUIm X-Received: by 2002:a17:902:6f01:: with SMTP id w1-v6mr8218142plk.196.1522329336822; Thu, 29 Mar 2018 06:15:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522329336; cv=none; d=google.com; s=arc-20160816; b=wp0zG8ydg9qpZBXaKBzpY144znE6JfcXpdEGVro97vwAor7gU+I58Cyai4BcuJJB1H Ij4Wpinr78RMA2QivqBelFFQy6re1q5w23Dqg+UwZNDie+4FGk3Ri422aPjM/mJN6pBm AarUJI8Q0bndjJQUUQlhjRrDB1ysyWHE+tGK8FM2Ofti/14lW/ehNPvwjSd0Ock3n8vb O+w1/baVrE9Aq8Zxqgaq10pq/GUy1yGyj8UoyzdZ7lF/WZNFquhHpxq629ctNCaHN1g3 1hhR7oRg/BriXIMH731bO7hqtWOCN5l2UgMXMfQtn6RXplk3/ccLOtIYD4/8os7xb9u8 5XRA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=lhYIsUBaEkAUcALiakyVdXcr7IB6P+xhszsWBxDibqY=; b=rqbJbMPOc8wb78R8w2s68z9VRwENZ0v+LxAgHp8oPlT+O+pqfHKIVzCxDlN30Ub5rA J7kcN/eK4mTK3Q0Zhnqu0AaPQibQi79Zm6eSzXBxAbwKdLcIcznDJnDUhDqZ37Mprzla 7CXIpFdYutFpZAslL0sKsShE9jGOII6oq90NeQCieFmbw3JB8M4mWEHU8E5Em1J82gLJ E09k+1/B5lbt7GIJVbbw5ITo2LzNmya0WI0lBCzqY6dPSw/sINtIaXPhzESwV8laozn+ 3Q0RHBcLVOwbjSRBQ/6EQNP0WSWs+g18xZWQ3KO/rViFPcMw5LiS6qTy39y6+iPtHkW6 9oGw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Qs9ZGtD8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k22-v6si5680466pli.471.2018.03.29.06.15.23; Thu, 29 Mar 2018 06:15:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@shutemov-name.20150623.gappssmtp.com header.s=20150623 header.b=Qs9ZGtD8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752732AbeC2NNq (ORCPT + 99 others); Thu, 29 Mar 2018 09:13:46 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:54178 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751908AbeC2NNp (ORCPT ); Thu, 29 Mar 2018 09:13:45 -0400 Received: by mail-wm0-f67.google.com with SMTP id p9so10697418wmc.3 for ; Thu, 29 Mar 2018 06:13:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov-name.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=lhYIsUBaEkAUcALiakyVdXcr7IB6P+xhszsWBxDibqY=; b=Qs9ZGtD8G0N4WJXovzjenA5TcqQFSghGs5xPkx5AWFPt4HX5tyRRud25rsauIUa9TX zFDiBZMfrxAKCBW4QOa/AvwsxE+4OFBBSIMUHD0D8tRsxJqGi25uLbDQTYuMlvchoV6p k1g9etC0GNH6kTgGXxz6K7wQRuWw86ualZJtgRCgBVQWU09SMOJsYZrcRRD6C/Pf+dBU gJnkSqaGN01HhwR4LWxSlASrPe3p1/AlIvfT/w+tLNqSEaVDv7+lJvJABalFUJbLQb+G QBbSoQdgYb7QyNJ3PhdLHVcO4kZF/xPleDCgg7LhK6kabrZ2lXxbyKlmiJ967w0X29yM VL9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=lhYIsUBaEkAUcALiakyVdXcr7IB6P+xhszsWBxDibqY=; b=ngRU33GIROt1FTtUhdrsO2LVue+f7PKRQU0sjiKSArOev6982YONrEvrQkcocwjCsm tgbp/dOmPZZuFc/RENb/WAsuNorB8rGeO/J7Rjykzf3hFijl8OCHS+njpWPBXA79iKas luuldY9JPMm4UVYhxgH0xm0RBuJLa4H/jNdBzW3SuaOlVA9C1juXiUt1FIGYrr8huacY YR7GbHKXsDhJljUBKv+qhq5f4q5QMCXe9Sw9ClIm+k07H2J58FFXt/drl9OmX7Vt2aa8 QiANsU/KZzGY+B2OWdrOHv3og1PtZGo4Hi03Iwq/EoBElreISNUKAncbi5odrTBzfRip Z9Tw== X-Gm-Message-State: AElRT7F7gaHsRy5nS0nGcV0EA9XvLCtnteGY9JKpix+omS9OjoHlydGR bhuuXD4t2KZ1FIAXv3ZT96DmTQ== X-Received: by 10.80.155.6 with SMTP id o6mr7434464edi.280.1522329224139; Thu, 29 Mar 2018 06:13:44 -0700 (PDT) Received: from node.shutemov.name ([178.124.220.81]) by smtp.gmail.com with ESMTPSA id m7sm3886715eda.36.2018.03.29.06.13.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 29 Mar 2018 06:13:43 -0700 (PDT) Received: by node.shutemov.name (Postfix, from userid 1000) id 2C7C2648D520; Thu, 29 Mar 2018 16:13:08 +0300 (+03) Date: Thu, 29 Mar 2018 16:13:08 +0300 From: "Kirill A. Shutemov" To: Michal Hocko Cc: "Kirill A. Shutemov" , Ingo Molnar , x86@kernel.org, Thomas Gleixner , "H. Peter Anvin" , Tom Lendacky , Dave Hansen , Kai Huang , linux-kernel@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCHv2 06/14] mm/page_alloc: Propagate encryption KeyID through page allocator Message-ID: <20180329131308.cq64n3dvnre2wcz5@node.shutemov.name> References: <20180328165540.648-1-kirill.shutemov@linux.intel.com> <20180328165540.648-7-kirill.shutemov@linux.intel.com> <20180329112034.GE31039@dhcp22.suse.cz> <20180329123712.zlo6qmstj3zm5v27@node.shutemov.name> <20180329125227.GF31039@dhcp22.suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180329125227.GF31039@dhcp22.suse.cz> User-Agent: NeoMutt/20180223 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 29, 2018 at 02:52:27PM +0200, Michal Hocko wrote: > On Thu 29-03-18 15:37:12, Kirill A. Shutemov wrote: > > On Thu, Mar 29, 2018 at 01:20:34PM +0200, Michal Hocko wrote: > > > On Wed 28-03-18 19:55:32, Kirill A. Shutemov wrote: > > > > Modify several page allocation routines to pass down encryption KeyID to > > > > be used for the allocated page. > > > > > > > > There are two basic use cases: > > > > > > > > - alloc_page_vma() use VMA's KeyID to allocate the page. > > > > > > > > - Page migration and NUMA balancing path use KeyID of original page as > > > > KeyID for newly allocated page. > > > > > > I am sorry but I am out of time to look closer but this just raised my > > > eyebrows. This looks like a no-go. The basic allocator has no business > > > in fancy stuff like a encryption key. If you need something like that > > > then just build a special allocator API on top. This looks like a no-go > > > to me. > > > > The goal is to make memory encryption first class citizen in memory > > management and not to invent parallel subsysustem (as we did with hugetlb). > > How do you get a page_keyid for random kernel allocation? Initial feature enabling only targets userspace anonymous memory, but we can definately use the same technology in the future for kernel hardening if we would choose so. For anonymous memory, we can get KeyID from VMA or from other page (migration case). > > Making memory encryption integral part of Linux VM would involve handing > > encrypted page everywhere we expect anonymous page to appear. > > How many architectures will implement this feature? I can't read the future. I'm only aware about one architecture so far. -- Kirill A. Shutemov