Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp3475631pxu; Sun, 11 Oct 2020 11:02:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzRnnb291Fk0tSn5EYGpJa7meh6Oybn4eItmPxbnS09lQpeqbo0MJE1dlahx25Sn9ZjglLk X-Received: by 2002:a17:906:f106:: with SMTP id gv6mr25461393ejb.411.1602439344574; Sun, 11 Oct 2020 11:02:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602439344; cv=none; d=google.com; s=arc-20160816; b=VdCxZqMiHN/4CPfITosWEY5vWSvXSBTkMJ0olFh1xfCdpnhXQ1daIcwYCzFkuUCCAZ kw9Li/jvjK/HdPD04ezTSLQK3o3BalM8DQa/RTVz7lyvMEwHJVav2aB28AYi6ZCDMVKY /aeCHBl/D4XTS0zIyBLsjZfOSFhincrSeJWTTKFbLmQgYjwVfhKF7ogeSQSDy2NXOTgi 2WWgBFRSvrj7JjxQgkdngPo+ROO78ICtroexMhSSqcEdJRpxjfX6YTlPzCcsZppucfQq N9wNoGoS4MRXnmk6YmiNJWRQac/8TjolwoHWDOWAVuJtXzJtr2kYGoeSDM6Rj2dsZVOs G32Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=6bQ7rbs21xhd+0lx2kVxRCBRjLIi6tlmzkUidSrL2bU=; b=j3vYl1AM1UuqXj8Qvvx08K34emvJ+oUKamcps41l3qmpCxzKVXBMGzO7eL1sDHeSzF KeWvmcF3EpzhJuGMVaSRCqQGrlJ1ouQop3F1UHOGGgn2HGI3Hy3HwVhiLet5bwFdHRlP rHNtfBBD/bUB8kJvklQc5kss37ryrtekqyNUCWYFEVMG6DIrUcrjixvNbmQaJnh428GT 7tZT43tDX0LJEIhiMAP9bpbowwN/Qz9UTeFp2cuGvDWpchq9xNBZIAgRMAx4+lO+7ML0 /AobYiJar619w0Mbm8yxo11ASYiG4q8NZNV3hnrafDJE2Z3wbVxAGxCsQuUCcK3AyMsf V43g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=GyVAztyf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bs1si12616915edb.6.2020.10.11.11.02.01; Sun, 11 Oct 2020 11:02:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=GyVAztyf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729485AbgJKJnN (ORCPT + 99 others); Sun, 11 Oct 2020 05:43:13 -0400 Received: from mail.kernel.org ([198.145.29.99]:48610 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725863AbgJKJnM (ORCPT ); Sun, 11 Oct 2020 05:43:12 -0400 Received: from kernel.org (unknown [87.71.73.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 0CC9D207FB; Sun, 11 Oct 2020 09:42:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1602409392; bh=JEb/p0JIeDwreayr/694lmHvSiZFhmLJTNKc6RgoUB0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=GyVAztyffWGroLTBwFkigZ5sS434B8V3s8XU67kyKeRb2YvnrpxN1017L7nppODmP HOneZWpbWwQWUpDOo1rOsiJ1syiGbCKA8zOTjnkbk43GyDZ5DFJ6mzTbvMJFiwGbka Re+K4LSoEoUz5cn+1C6SOXqPmDeAvZpRR5Sz0gkM= Date: Sun, 11 Oct 2020 12:42:55 +0300 From: Mike Rapoport To: "Edgecombe, Rick P" Cc: "david@redhat.com" , "cl@linux.com" , "hpa@zytor.com" , "peterz@infradead.org" , "catalin.marinas@arm.com" , "linux-kselftest@vger.kernel.org" , "dave.hansen@linux.intel.com" , "will@kernel.org" , "linux-mm@kvack.org" , "idan.yaniv@ibm.com" , "kirill@shutemov.name" , "viro@zeniv.linux.org.uk" , "rppt@linux.ibm.com" , "Williams, Dan J" , "linux-arch@vger.kernel.org" , "bp@alien8.de" , "willy@infradead.org" , "akpm@linux-foundation.org" , "luto@kernel.org" , "shuah@kernel.org" , "arnd@arndb.de" , "tglx@linutronix.de" , "linux-nvdimm@lists.01.org" , "x86@kernel.org" , "linux-riscv@lists.infradead.org" , "linux-arm-kernel@lists.infradead.org" , "Reshetova, Elena" , "palmer@dabbelt.com" , "mingo@redhat.com" , "mtk.manpages@gmail.com" , "linux-fsdevel@vger.kernel.org" , "mark.rutland@arm.com" , "tycho@tycho.ws" , "linux-kernel@vger.kernel.org" , "linux-api@vger.kernel.org" , "jejb@linux.ibm.com" , "paul.walmsley@sifive.com" Subject: Re: [PATCH v6 3/6] mm: introduce memfd_secret system call to create "secret" memory areas Message-ID: <20201011094255.GB4251@kernel.org> References: <20200924132904.1391-1-rppt@kernel.org> <20200924132904.1391-4-rppt@kernel.org> <20200929130602.GF2142832@kernel.org> <839fbb26254dc9932dcff3c48a3a4ab038c016ea.camel@intel.com> <20200930103507.GK2142832@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 30, 2020 at 08:11:28PM +0000, Edgecombe, Rick P wrote: > On Wed, 2020-09-30 at 13:35 +0300, Mike Rapoport wrote: > > > > Our thinking was that copy_*user() would work in the context of the > > process that "owns" the secretmem and gup() would not allow access in > > general, unless requested with certail (yet another) FOLL_ flag. > > Hmm, yes. I think one easier thing about this design over the series > Kirill sent out is that the actual page will never transition to and > from unmapped while it's mapped in userspace. If it could transition, > you'd have to worry about a race window between > get_user_pages(FOLL_foo) and the kmap() where the page might get > unmapped. > > Without the ability to transition pages though, using this for KVM > guests memory remains a not completely worked through problem since it > has the get_user_pages()/kmap() pattern quite a bit. Did you have an > idea for that? (I thought I saw that use case mentioned somewhere). I've mentioned the KVM usecase because it was dicussed at the hallway track at KVM Forum last year and also after looking at Kirill's patches I though that "KVM protected" memory could be implemented on top of secretmem. Can't say I have enough expertise in KVM to have a completely worked through solution for that. -- Sincerely yours, Mike.