Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp1133618pxb;
        Fri, 1 Oct 2021 04:22:25 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxPC9fkqWa5tadkx1yh361J06+9z/vkyzfO6wfcAt04pkhka5k4pqhbG3KEfUW/0+4PIuNr
X-Received: by 2002:a17:906:a59:: with SMTP id x25mr5545459ejf.33.1633087345407;
        Fri, 01 Oct 2021 04:22:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1633087345; cv=none;
        d=google.com; s=arc-20160816;
        b=V48xzzmqURNWIG7U72qQ3wiiMs/Ju+cWZ0JFpWCINbHEyyQMWmVikSKZjkBS1LNqxE
         EEmhfRa2RMFRr76TZwZv8ak0bRCsR4EaPPuB2JVBeWoNYqc/qAPLm06haYWp5Yx4RIp5
         a92QtpebJsf/NRBOyzdJTpbPLHU66uqN3GSALg5rozZxi1qLmr1vCpKIGsA52I7FG16a
         1IC0Otp1PGHY30WpGfZb7a5kYCeY7ARM7Y65eqnPsCqfzCDmin6AYGf/JGlbHmscRqZk
         YbX2RxXRMqwXfMQaCdbQQYPds4VC5lNuboWfnS0h/bTFdoG8Sr57T1BnQn2DdiKnMmV0
         +iWg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-transfer-encoding
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=JCBAeXE9Fm2/4A8nfF4qlTElC4omNaQJNghTb8YDddM=;
        b=WuAL2207NG7+3L+XLGOHj1NXcKZMADfMVtToq0mcMYEQx+pScsJ6SoHlZWEqzf+s5j
         iw5Vh/Zb9L3gbknlOEwUCDsTv2zLtADp7b9LFwaaBfISvkD/KyFNCFddkY6BMc1izV6a
         VO/PLLjVaYtYT4wZPFHhWkkIXYlK5T+rlsZCO2j7EEqLzYRQilbPQPdLZLOHHy6yMDxY
         SjOeZGelqaYUUg7EgXhjYyA22U81OUSqfagaZwfWHHrNe9eM1GQ/zfPMrd7QxTMaQGmT
         5Kq+cC90v2za3PtIsbkQLk5udxbJAwvadItOwFaY5kEqvdtHkG97EMR2eAgfIETwaRvE
         wg4Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b="kTtfe1X/";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id 8si6181939ejd.70.2021.10.01.04.21.59;
        Fri, 01 Oct 2021 04:22:25 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@alien8.de header.s=dkim header.b="kTtfe1X/";
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1353526AbhJALH7 (ORCPT <rfc822;will.sands.v@gmail.com>
        + 99 others); Fri, 1 Oct 2021 07:07:59 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34238 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1353454AbhJALH7 (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Fri, 1 Oct 2021 07:07:59 -0400
Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 27484C061775;
        Fri,  1 Oct 2021 04:06:15 -0700 (PDT)
Received: from zn.tnic (p200300ec2f0e8e0006425ffdb1062ac0.dip0.t-ipconnect.de [IPv6:2003:ec:2f0e:8e00:642:5ffd:b106:2ac0])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 7CBB61EC0419;
        Fri,  1 Oct 2021 13:06:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim;
        t=1633086372;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:content-type:content-type:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=JCBAeXE9Fm2/4A8nfF4qlTElC4omNaQJNghTb8YDddM=;
        b=kTtfe1X/X1Cm8CiF7sqgmxJbnYSVBHwhUxmVIQWx22i7VqsRKC6EEWMxmDVCD+9RF7VzG5
        QJBTrSVvQeE27As7XeJBpiyoxWoEGP1nFgkKyx5GnB9alDDmJT1lAjv2TqZFpTt2XpnmBK
        KSzCimg6oBTl41PghKnK15OZssLqRMo=
Date:   Fri, 1 Oct 2021 13:06:08 +0200
From:   Borislav Petkov <bp@alien8.de>
To:     Brijesh Singh <brijesh.singh@amd.com>
Cc:     x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
        linux-coco@lists.linux.dev, linux-mm@kvack.org,
        linux-crypto@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Joerg Roedel <jroedel@suse.de>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Ard Biesheuvel <ardb@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Sean Christopherson <seanjc@google.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Sergio Lopez <slp@redhat.com>, Peter Gonda <pgonda@google.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>,
        David Rientjes <rientjes@google.com>,
        Dov Murik <dovmurik@linux.ibm.com>,
        Tobin Feldman-Fitzthum <tobin@ibm.com>,
        Michael Roth <michael.roth@amd.com>,
        Vlastimil Babka <vbabka@suse.cz>,
        "Kirill A . Shutemov" <kirill@shutemov.name>,
        Andi Kleen <ak@linux.intel.com>, tony.luck@intel.com,
        marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com
Subject: Re: [PATCH Part2 v5 06/45] x86/sev: Invalid pages from direct map
 when adding it to RMP table
Message-ID: <YVbroJ5RGWa5kZ6J@zn.tnic>
References: <20210820155918.7518-1-brijesh.singh@amd.com>
 <20210820155918.7518-7-brijesh.singh@amd.com>
 <YVR5cOQOJxy12DcR@zn.tnic>
 <60d6a70d-22ab-9e17-b243-7f5669b4b70d@amd.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <60d6a70d-22ab-9e17-b243-7f5669b4b70d@amd.com>
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Thu, Sep 30, 2021 at 09:19:52AM -0700, Brijesh Singh wrote:
> . The thought process is if in the future 
> set_direct_map_default_noflush() is improved to restore the large
> mapping then it will all work transparently.

That's only scratching the surface of the *why* this is done so please
explain why this dance is being done in a comment above the code so that
it is clear.

It is not really obvious why that hiding from the direct map is being
done.

Good reason from that memfd_secret mail are:

"* Prevent cross-process secret userspace memory exposures. Once the secret
memory is allocated, the user can't accidentally pass it into the kernel to
be transmitted somewhere. The secreremem pages cannot be accessed via the
direct map and they are disallowed in GUP."

and in general hiding RMP pages from the direct map is a nice additional
protection.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette