Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1110333imm;
        Wed, 13 Jun 2018 13:32:55 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKJiIV1+2XRhz4Izgxy+cqGoqH3zzcZjDq1lAd7DnO7wsWl9G7PAKI56bzoN4l7t8gv0GP05
X-Received: by 2002:a63:b44f:: with SMTP id n15-v6mr5081639pgu.389.1528921975361;
        Wed, 13 Jun 2018 13:32:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1528921975; cv=none;
        d=google.com; s=arc-20160816;
        b=wlmA7Bsqz3KuHtTA+gUNZQY8YyKlkFMXgQr4I0AKkVRYNo9ly/9wzJCthFkAdjnTXH
         MMbo0ITtzHocEY4+2otxbdO9uFjMSnKVt8M3JnNx0LfqyjLqkmlPdZam7nB1p2/Rodhu
         JV/MHdgmurKitsCPXVfTvWFXPPCptEJuJiZD8e1/h/MHs/aLJxc0/74SEDZHi+dwhVQT
         18c1c/mUFQN3V8NUge+JDomY3vLuxlkrsKkN7FIz1Bq79ztwa45qm2o3prGunUmiEiwv
         pAeXUMvNaivWnN11spGQ4PEv9WmsdCap2Jpj49T/dO1fYI9NV4rOo4U8utFIqF5HhPwT
         uZoQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=cHDUglZou4rosqL2X8yh8rUvGsMF0pfVRZPHOe82Ti0=;
        b=ZQOzk3Eyin9TGBuJRMldARqOjM7mX0I6c0mLRlu3ojL1S4FHC4T3oBmmqmtxVu7HQr
         Dl7dR8rtMGvVhZt5by0jZk1VrwRn/OF58gdxBunEaeGEJ4YV1GoaNXoKWuTl9cQfupw8
         Hfl+RIj4kC3BeG8w3OQJjbkhceJAYGgYbBMUvS5mycKf4gWRmLsb2oOVVTLYH0UxnMbC
         DfvdNlai+/TlxQWzUXTM2dPvcHqNIyC94zMYVQ79HX7uqjmag5pwgq99nm9tFeFXFWrH
         /w1nSrEa36AvyrJeUXJVyS8y1tPgh//byB9yklhbg5WpYdTFljCo9mUqeLveV3DUULwl
         m21Q==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c13-v6si3631646plo.97.2018.06.13.13.32.40;
        Wed, 13 Jun 2018 13:32:55 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S935555AbeFMUbM (ORCPT <rfc822;vladislav.valtchev@gmail.com>
        + 99 others); Wed, 13 Jun 2018 16:31:12 -0400
Received: from mga14.intel.com ([192.55.52.115]:28657 "EHLO mga14.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S935503AbeFMUbL (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 13 Jun 2018 16:31:11 -0400
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Jun 2018 13:31:10 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.51,220,1526367600"; 
   d="scan'208";a="46904426"
Received: from black.fi.intel.com ([10.237.72.28])
  by fmsmga007.fm.intel.com with ESMTP; 13 Jun 2018 13:31:08 -0700
Received: by black.fi.intel.com (Postfix, from userid 1000)
        id 94EDD166; Wed, 13 Jun 2018 23:31:08 +0300 (EEST)
Date:   Wed, 13 Jun 2018 23:31:08 +0300
From:   "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To:     Dave Hansen <dave.hansen@intel.com>
Cc:     Ingo Molnar <mingo@redhat.com>, x86@kernel.org,
        Thomas Gleixner <tglx@linutronix.de>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Kai Huang <kai.huang@linux.intel.com>,
        Jacob Pan <jacob.jun.pan@linux.intel.com>,
        linux-kernel@vger.kernel.org, linux-mm@kvack.org
Subject: Re: [PATCHv3 03/17] mm/ksm: Do not merge pages with different KeyIDs
Message-ID: <20180613203108.k63fda4hvsqyczw7@black.fi.intel.com>
References: <20180612143915.68065-1-kirill.shutemov@linux.intel.com>
 <20180612143915.68065-4-kirill.shutemov@linux.intel.com>
 <63b7e88f-33d6-c5c1-f6cb-1bbb780e2cc4@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <63b7e88f-33d6-c5c1-f6cb-1bbb780e2cc4@intel.com>
User-Agent: NeoMutt/20170714-126-deb55f (1.8.3)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jun 13, 2018 at 05:51:50PM +0000, Dave Hansen wrote:
> On 06/12/2018 07:39 AM, Kirill A. Shutemov wrote:
> > Pages encrypted with different encryption keys are not subject to KSM
> > merge. Otherwise it would cross security boundary.
> 
> This needs a much stronger explanation.

Okay, fair enough.

> Which KeyID would be used for access in the new direct mappings?

New direct mapping?

Pages would be compared using direct mappings relevant for their KeyID.
They will be threated as identical if they plain-text is identical.

> What actually happens without this patch in place?

One of processes would get the page mapped with wrong KeyID and see
garbage. We setup mapping according to KeyID in vma->vm_page_prot.

-- 
 Kirill A. Shutemov