Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp683502rdb; Fri, 22 Dec 2023 01:40:52 -0800 (PST) X-Google-Smtp-Source: AGHT+IHdlMgL4aBZmgzdtL2Bq/J5mqs6qAeFxjoktNuV1EFvBQ1lwDw9Gtm/R0lS21ATpR56SSyQ X-Received: by 2002:a05:6214:62a:b0:67f:127d:3d49 with SMTP id a10-20020a056214062a00b0067f127d3d49mr1220342qvx.55.1703238052256; Fri, 22 Dec 2023 01:40:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1703238052; cv=none; d=google.com; s=arc-20160816; b=QXzmqV/FDOrquQvzrrIbVKGn/z7WmlBhMybK3OT8MDI3o0l/mf8x3WQmQQt/8ef8ri mwDq+ppFjDEV0C9jyTV+XZdiDrUAduYeUyhNCBDwTMKS9wrOJ7dUQEH+MM7+gZIlHVty F5hMDfCmXghY8ZJ1qMf60KALFA//nmSNiSn3TafqxGMoxHP+c7+LgGh5HidZ8cqhG3cT NdGzROstdCTTXxxrYbhldOjmNsmrT5FyfO02nArqtGh8cqbaKdF0EKNlz+DbsKQKgBqt ia6LF+2bhYGAdYs+aWE1lcE8pqxJdFOTPGv4OyYXVHcWy6WHxNc8RRjqbXJibRgJN9r9 GWmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:feedback-id:references :in-reply-to:message-id:subject:cc:from:to:date:dkim-signature; bh=RvFPmQYSXCW++H17F3FBSpFjPOkodCCqULNpYKx/X4M=; fh=PZPa/0zyNzJwRmLpXObM5gjmyl3+z3Oj5YechquJP34=; b=dF0f/5L8gGO9n5mlZ2Oswj3W23gg11lBqEeQ7Lu3Jhxb7yz4xQPVYLfrxs2XcZKkS3 nBpsI7FyndqODGfGx3X9vy1tiEc+jXg1EuV9J9+0wrpXdf1qcqOkHLPLrFQGKLsYHEYb AnrSlOBB4hqWZq/WG5gBYus8IABmBZ3CMpoO5kpyF31AIIOuQuphOmRdw3E63+CBmMir vTeZsJ/TZkuoGzGL3nSx0wi+aBHuVzwYjv+yntfM1SZKisjxcV9A4yADiXTXkwpl1pJq 2KbGWWcLxsFoR4whOXEjMAu8Tsh6fD/tw8J2ziMYMOkOUuhvfDJUmtciqGlHRiMc9zOK RlYA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@emersion.fr header.s=protonmail2 header.b=KUeJEFF8; spf=pass (google.com: domain of linux-kernel+bounces-9551-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9551-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=emersion.fr Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id h8-20020a0cf448000000b0067f96e452casi988671qvm.195.2023.12.22.01.40.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Dec 2023 01:40:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-9551-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@emersion.fr header.s=protonmail2 header.b=KUeJEFF8; spf=pass (google.com: domain of linux-kernel+bounces-9551-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9551-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=emersion.fr Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 084321C2336D for ; Fri, 22 Dec 2023 09:40:52 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 62857FBFA; Fri, 22 Dec 2023 09:40:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=emersion.fr header.i=@emersion.fr header.b="KUeJEFF8" X-Original-To: linux-kernel@vger.kernel.org Received: from mail-4022.proton.ch (mail-4022.proton.ch [185.70.40.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C253FF9ED for ; Fri, 22 Dec 2023 09:40:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=emersion.fr Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=emersion.fr DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=emersion.fr; s=protonmail2; t=1703238029; x=1703497229; bh=RvFPmQYSXCW++H17F3FBSpFjPOkodCCqULNpYKx/X4M=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=KUeJEFF8cS8NbUYEe1YI7C9RCUnb22uQFIsHpP6jjSohQf0y1mWvISCZss2RSG0cE FpFbc+rRNMpRZSb13C1ahONUfnCzGKxUsUUXSsR5C+1R9ci2C5g3By5Mb251Zs9fVi YFv/UAC1f8dJ2Vd22XeC0cShQ3exgbgm9qAvG5p0ggzE7Kr1Y++nvPWpA9zuiSt7oR JeJvwrdg3px1mpjFK/Pb0+sldHag3128mqywcYp+5f8irYQA4y3n4J7ElJxPnbAZiR 03F5CEcznFJEOCNtxpJk+MYxgpv1yuAr1WVgq6nUByVZdezLQspZZ6YpOL8YNsVtZb E9NXLgPNEemwQ== Date: Fri, 22 Dec 2023 09:40:18 +0000 To: Pekka Paalanen From: Simon Ser Cc: Joakim Bech , Yong Wu , Rob Herring , Sumit Semwal , christian.koenig@amd.com, Matthias Brugger , dri-devel@lists.freedesktop.org, John Stultz , Krzysztof Kozlowski , Jeffrey Kardatzke , Benjamin Gaignard , Vijayanand Jitta , Nicolas Dufresne , jianjiao.zeng@mediatek.com, linux-media@vger.kernel.org, devicetree@vger.kernel.org, Conor Dooley , ckoenig.leichtzumerken@gmail.com, linaro-mm-sig@lists.linaro.org, linux-mediatek@lists.infradead.org, tjmercier@google.com, linux-arm-kernel@lists.infradead.org, AngeloGioacchino Del Regno , kuohong.wang@mediatek.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH v3 0/7] dma-buf: heaps: Add secure heap Message-ID: <9m8eC1j8YSwxu9Mr8vCXyzF0nfyCSHpFbfc__FtUjjKppew65jElBbUqa-nkzFTN-N_ME893w0YQRcb3r3UbIajQUP-Y5LxnHKKFoiBepSI=@emersion.fr> In-Reply-To: <20231213161614.43e5bca8@eldfell> References: <20231212024607.3681-1-yong.wu@mediatek.com> <20231213110517.6ce36aca@eldfell> <20231213101549.lioqfzjxcvmqxqu3@pop-os.localdomain> <20231213133825.0a329864@eldfell> <20231213132229.q3uxdhtdsxuzw3w6@pop-os.localdomain> <20231213161614.43e5bca8@eldfell> Feedback-ID: 1358184:user:proton Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Wednesday, December 13th, 2023 at 15:16, Pekka Paalanen wrote: > > > It is protected/shielded/fortified from all the kernel and userspace, > > > but a more familiar word to describe that is inaccessible. > > > "Inaccessible buffer" per se OTOH sounds like a useless concept. > > >=20 > > > It is not secure, because it does not involve security in any way. In > > > fact, given it's so fragile, I'd classify it as mildly opposite of > > > secure, as e.g. clients of a Wayland compositor can potentially DoS t= he > > > compositor with it by simply sending such a dmabuf. Or DoS the whole > > > system. > >=20 > > I hear what you are saying and DoS is a known problem and attack vector= , > > but regardless, we have use cases where we don't want to expose > > information in the clear and where we also would like to have some > > guarantees about correctness. That is where various secure elements and > > more generally security is needed. > >=20 > > So, it sounds like we have two things here, the first is the naming and > > the meaning behind it. I'm pretty sure the people following and > > contributing to this thread can agree on a name that makes sense. Would > > you personally be OK with "restricted" as the name? It sounds like that= . >=20 > I would. I'm also just a by-stander, not a maintainer of kernel > anything. I have no power to accept nor reject anything here. I'd also personally be OK with "restricted", I think it's a lot better than "secure". In general I agree with everything Pekka said.