Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2303650ybi;
        Mon, 17 Jun 2019 02:27:44 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwLCYmWEdHu4oJrx0xTG/FdTYptAN6VB1G4ZqzHaWAYIgi33TjRdv66pbtT28nWLJLLDeF3
X-Received: by 2002:a62:2c8e:: with SMTP id s136mr68819831pfs.3.1560763664780;
        Mon, 17 Jun 2019 02:27:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560763664; cv=none;
        d=google.com; s=arc-20160816;
        b=dc4dtPY8KnekH8nQHdVfYq8FDyc8XegJNlPcZM2PEsFW5myt3NcFNOlIxQba8lxmjv
         e3oMxhvNMrpFWoiY2Glcn3KkBUHSE1MXG66uhCHLMwkrugjtVo02BZyPE/CUPI2AmgFg
         Uw0HPNP9luFnX9XCTXLsKW33RX1GCL1Ntmy71joAw6MCjcCeiw2/JJ+tAbOXvU+p+TAq
         P1jQ4HX+MgM9J+H29tUO0MfuWcv3btNr7PBvvfP/duWIPfRo6W+By6/6X+RQrVm2/6N6
         /iFaHAbWGcrjZV8sMSO/TD7XuZoiJjd0aXiBjbUsSXIQrfT6GMNKcXbazdosuVdBB4j9
         1A9w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=R5E4jvXEvZihQlXT71dalQ2LmxCFvADw8lOr0h8eEyE=;
        b=MsmolH3OzD6snjfqOiKBdoUblbFb7qnslBVwRnWShPIzd9oahO1O7fniOCqGG13lg6
         07LwDfPFoQwfWKQ8px2pEYpD4pKmEuUUgqdrjmIUeRBmgKX6WoAUv8LLA7QcCVkvkfxs
         P9TvtwIN9U4+uw2ICNgsYQse7oxQNhjyEBVcoRK4UNEj3R2o7rmXvGcNogKkVn6gmNt5
         t7wEar0L+uW3FprHxMmG/kPK+9pAV7kXnOuIYhpp0Ctna7QEhWFVgull3zf7r8deB/DP
         ELiCEQH/dvyZURH7iuBVB97mpNGMpL9rqKxes38sZWG6K3MAR5Y6Atvgqv1nNXQV2Pnq
         9XXw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=iagTfw8x;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 205si10077166pgb.424.2019.06.17.02.27.28;
        Mon, 17 Jun 2019 02:27:44 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=iagTfw8x;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728088AbfFQJZs (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Mon, 17 Jun 2019 05:25:48 -0400
Received: from merlin.infradead.org ([205.233.59.134]:59136 "EHLO
        merlin.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726286AbfFQJZs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 17 Jun 2019 05:25:48 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
        d=infradead.org; s=merlin.20170209; h=In-Reply-To:Content-Type:MIME-Version:
        References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:
        Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
        Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
        List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
         bh=R5E4jvXEvZihQlXT71dalQ2LmxCFvADw8lOr0h8eEyE=; b=iagTfw8xds9QY4p8IF0ieCpv7
        R6fN48j9Es6f93Yz2tldjKCQ+ntXSefyw3kNrKsMbUbjUqA84TeJzXrLEdQObSICB1iVXJGOQ8+Eq
        9IRMyOs8kYnpBHcGb6vewf6hYAdf+YhVjHqsNPjXmadLMxaRTZ6GUT5fPqBsFdBcRwSDu4jLiRB2u
        6hge9UbGUNfEwOyQAh3M2OUPuxWisqxTqIyBh9HT1+DrBhloyWAbYW5EX6+6oHX7zl1J1JhlESdAl
        mw0BwUkVul1GvsVfBbz0Hn28CVedvWeDc9DPhTlTajB0W4zdU5IGdxqqA1USUGiTQ/EKg+tF/qlYo
        U1JjgEeQA==;
Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=hirez.programming.kicks-ass.net)
        by merlin.infradead.org with esmtpsa (Exim 4.92 #3 (Red Hat Linux))
        id 1hcntN-00063N-3A; Mon, 17 Jun 2019 09:25:34 +0000
Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000)
        id C392220144538; Mon, 17 Jun 2019 11:25:31 +0200 (CEST)
Date:   Mon, 17 Jun 2019 11:25:31 +0200
From:   Peter Zijlstra <peterz@infradead.org>
To:     "Kirill A. Shutemov" <kirill@shutemov.name>
Cc:     "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Andrew Morton <akpm@linux-foundation.org>, x86@kernel.org,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@amacapital.net>,
        David Howells <dhowells@redhat.com>,
        Kees Cook <keescook@chromium.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Kai Huang <kai.huang@linux.intel.com>,
        Jacob Pan <jacob.jun.pan@linux.intel.com>,
        Alison Schofield <alison.schofield@intel.com>,
        linux-mm@kvack.org, kvm@vger.kernel.org, keyrings@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH, RFC 13/62] x86/mm: Add hooks to allocate and free
 encrypted pages
Message-ID: <20190617092531.GZ3419@hirez.programming.kicks-ass.net>
References: <20190508144422.13171-1-kirill.shutemov@linux.intel.com>
 <20190508144422.13171-14-kirill.shutemov@linux.intel.com>
 <20190614093409.GX3436@hirez.programming.kicks-ass.net>
 <20190614110458.GN3463@hirez.programming.kicks-ass.net>
 <20190614132836.spl6bmk2kkx65nfr@box>
 <20190614134335.GU3436@hirez.programming.kicks-ass.net>
 <20190614224131.q2gjai32la4zb42p@box>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190614224131.q2gjai32la4zb42p@box>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sat, Jun 15, 2019 at 01:41:31AM +0300, Kirill A. Shutemov wrote:
> On Fri, Jun 14, 2019 at 03:43:35PM +0200, Peter Zijlstra wrote:

> > Not really, it all 'works' because clflush_cache_range() includes mb()
> > and page_address() has an address dependency on the store, and there are
> > no other sites that will ever change 'keyid', which is all kind of
> > fragile.
> 
> Hm. I don't follow how the mb() in clflush_cache_range() relevant...
> 
> Any following access of page's memory by kernel will go through
> page_keyid() and therefore I believe there's always address dependency on
> the store.
> 
> Am I missing something?

The dependency doesn't help with prior calls; consider:

	addr = page_address(page);

	*addr = foo;

	page->key_id = bar;

	addr2 = page_address(page);


Without a barrier() between '*addr = foo' and 'page->key_id = bar', the
compiler is allowed to reorder these stores.

Now, the clflush stuff we do, that already hard orders things -- we need
to be done writing before we start flushing -- so we can/do rely on
that, but we should explicitly mention that.

Now, for the second part, addr2 must observe bar, because of the address
dependency, the compiler is not allowed mess that up, but again, that is
something we should put in a comment.