Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp3528539ybi; Tue, 18 Jun 2019 02:13:39 -0700 (PDT) X-Google-Smtp-Source: APXvYqyutRUBUtw0nx9raL2kPsx2nhnXgexAMbspJVMTNMkYHWurMYPJZy/9iBQczqMfwKyAhP36 X-Received: by 2002:a17:90a:8d0c:: with SMTP id c12mr3854592pjo.140.1560849219280; Tue, 18 Jun 2019 02:13:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560849219; cv=none; d=google.com; s=arc-20160816; b=AXvwo62cI96lG7I9N73GtnEhRKhDW/8d783sJbw6rEo9KfARhLqWthPEExLuZnWjy2 8SHneqGuYJ2q/szC89ehqx9Pr/kwPpxHrYpsy+LkCac1Y1q/HqE/727503XuYU6NsYWR 8bMTyYiVPBY1Tim5LpGIwwLGnjbzVZuyVLgFeToGSAQoOrc3jJryeWI4RIJ5ypr0KjA2 4vgZOjHsGlxtnuWj+NfmsDg4RETF6F3U2QYQci3vc5EHrg0JrSWIMOQf7gj2jDkDqDro fJym23ZNawLMRaHUMO5TGd+1TGxUOAJCIQfyQ5cZ6xnMbuwbmXVuEH/SZpO3M8FfaKhO w5zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=DWxebD/lbygK+SpH9wnfp4x77thiB2bg6Ri9elX25UY=; b=zN80VxDT7DLdId5TFNpdA039g+BZ4+woFVQv7sUZweqNvun+JkaC4m4s2O4s8h9RnK gNW97lqjjxPLHsiT3l1VAwDyqB+g4txa9/xQLKlmlZd8Qg4bM1ktV+EXZku9psO+KmIz B+9AMQab1m2bYSIRUyk8JOEjbKuEwTZRtc0xtAsrRi44pt/cbfybuUKtYcgv56/diY/d NPFnl3obogtzxBYemZbWVq27Fslb3GVUXK8Ge9l8yrhRp5YOs9I7MqfY39UAueCUA00p 83rsfA9EWlTBcIPngyjJTogbM7VLgqx7snJgG/Mw3t+pifg8rlSDa6PbiQqHVakwmUCn KLLA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=uDQHwhGW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s101si1874874pjc.5.2019.06.18.02.13.23; Tue, 18 Jun 2019 02:13:39 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=uDQHwhGW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729308AbfFRJNN (ORCPT + 99 others); Tue, 18 Jun 2019 05:13:13 -0400 Received: from merlin.infradead.org ([205.233.59.134]:44450 "EHLO merlin.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728385AbfFRJNK (ORCPT ); Tue, 18 Jun 2019 05:13:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=DWxebD/lbygK+SpH9wnfp4x77thiB2bg6Ri9elX25UY=; b=uDQHwhGWJGqiGNlXRpc+k6mqb T/OhF+fKkE9yW/1WzX5e5PKNLbvQaIEV8hjfnN19Gcy2xbw/eGs9cmZhzSw8M/dic5nZDgqvtKokl Z6IMT2orRt1vL693hdvgisFLg0TYANLGdUAijz81Pu4wz3x0lSGQAtPaTZFsOA3d0MjysgSP50m5E +nJQ6NHn87W710nEgSyxyCcyTiUu4cDdwAom6SIAGU5SekK6vxRPBlyjW5sJFJL7Mkjzt7B4keKc9 AEvw9JywQnLYrUBl+qghSJmrCZU8ZheGjH9rfN0/npezev7TcMgM94jN8FuanvHBJWWzT4IP6ikYK aDaVJhvRA==; Received: from j217100.upc-j.chello.nl ([24.132.217.100] helo=hirez.programming.kicks-ass.net) by merlin.infradead.org with esmtpsa (Exim 4.92 #3 (Red Hat Linux)) id 1hdAAZ-0000dX-Pu; Tue, 18 Jun 2019 09:12:48 +0000 Received: by hirez.programming.kicks-ass.net (Postfix, from userid 1000) id 7778620A3C471; Tue, 18 Jun 2019 11:12:46 +0200 (CEST) Date: Tue, 18 Jun 2019 11:12:46 +0200 From: Peter Zijlstra To: Kai Huang Cc: Andy Lutomirski , Dave Hansen , "Kirill A. Shutemov" , Andrew Morton , X86 ML , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , David Howells , Kees Cook , Jacob Pan , Alison Schofield , Linux-MM , kvm list , keyrings@vger.kernel.org, LKML , Tom Lendacky Subject: Re: [PATCH, RFC 45/62] mm: Add the encrypt_mprotect() system call for MKTME Message-ID: <20190618091246.GM3436@hirez.programming.kicks-ass.net> References: <3c658cce-7b7e-7d45-59a0-e17dae986713@intel.com> <5cbfa2da-ba2e-ed91-d0e8-add67753fc12@intel.com> <1560816342.5187.63.camel@linux.intel.com> <1560821746.5187.82.camel@linux.intel.com> <1560824611.5187.100.camel@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1560824611.5187.100.camel@linux.intel.com> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 18, 2019 at 02:23:31PM +1200, Kai Huang wrote: > Assuming I am understanding the context correctly, yes from this perspective it seems having > sys_encrypt is annoying, and having ENCRYPT_ME should be better. But Dave said "nobody is going to > do what you suggest in the ptr1/ptr2 example"? You have to phrase that as: 'nobody who knows what he's doing is going to do that', which leaves lots of people and fuzzers. Murphy states that if it is possible, someone _will_ do it. And this being something that causes severe data corruption on persistent storage,...