lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Jul 2018 10:22:49 -0700 From: Alison Schofield <alison.schofield@...el.com> To: "Kirill A. Shutemov" <kirill@...temov.name> Cc: Dave Hansen <dave.hansen@...el.com>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Ingo Molnar <mingo@...hat.com>, x86@...nel.org, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Tom Lendacky <thomas.lendacky@....com>, Kai Huang <kai.huang@...ux.intel.com>, Jacob Pan <jacob.jun.pan@...ux.intel.com>, linux-kernel@...r.kernel.org, linux-mm@...ck.org Subject: Re: [PATCHv5 10/19] x86/mm: Implement page_keyid() using page_ext On Mon, Jul 23, 2018 at 12:45:17PM +0300, Kirill A. Shutemov wrote: > On Wed, Jul 18, 2018 at 04:38:02PM -0700, Dave Hansen wrote: > > On 07/17/2018 04:20 AM, Kirill A. Shutemov wrote: > > > Store KeyID in bits 31:16 of extended page flags. These bits are unused. > > > > I'd love a two sentence remind of what page_ext is and why you chose to > > use it. Yes, you need this. No, not everybody that you want to review > > this patch set knows what it is or why you chose it. > > Okay. > > > > page_keyid() returns zero until page_ext is ready. > > > > Is there any implication of this? Or does it not matter because we > > don't run userspace until after page_ext initialization is done? > > It matters in sense that we shouldn't reference page_ext before it's > initialized otherwise we will get garbage and crash. > > > > page_ext initializer enables static branch to indicate that > > > > "enables a static branch" > > > > > page_keyid() can use page_ext. The same static branch will gate MKTME > > > readiness in general. > > > > Can you elaborate on this a bit? It would also be a nice place to hint > > to the folks working hard on the APIs to ensure she checks this. > > Okay. At API init time we can check if (MKTME_ENABLED && mktme_nr_keyids > 0) Sounds like this is another dependency we need to check and 'wait' on? It happens after MKTME_ENABLED is set? Let me know. > > > > We don't yet set KeyID for the page. It will come in the following > > > patch that implements prep_encrypted_page(). All pages have KeyID-0 for > > > now. > > > > It also wouldn't hurt to mention why you don't use an X86_FEATURE_* for > > this rather than an explicit static branch. I'm sure the x86 > > maintainers will be curious. > > Sure. > > -- > Kirill A. Shutemov
Powered by blists - more mailing lists