lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 23 Jul 2018 10:22:49 -0700
From:   Alison Schofield <alison.schofield@...el.com>
To:     "Kirill A. Shutemov" <kirill@...temov.name>
Cc:     Dave Hansen <dave.hansen@...el.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
        Thomas Gleixner <tglx@...utronix.de>,
        "H. Peter Anvin" <hpa@...or.com>,
        Tom Lendacky <thomas.lendacky@....com>,
        Kai Huang <kai.huang@...ux.intel.com>,
        Jacob Pan <jacob.jun.pan@...ux.intel.com>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCHv5 10/19] x86/mm: Implement page_keyid() using page_ext

On Mon, Jul 23, 2018 at 12:45:17PM +0300, Kirill A. Shutemov wrote:
> On Wed, Jul 18, 2018 at 04:38:02PM -0700, Dave Hansen wrote:
> > On 07/17/2018 04:20 AM, Kirill A. Shutemov wrote:
> > > Store KeyID in bits 31:16 of extended page flags. These bits are unused.
> > 
> > I'd love a two sentence remind of what page_ext is and why you chose to
> > use it.  Yes, you need this.  No, not everybody that you want to review
> > this patch set knows what it is or why you chose it.
> 
> Okay.
> 
> > > page_keyid() returns zero until page_ext is ready.
> > 
> > Is there any implication of this?  Or does it not matter because we
> > don't run userspace until after page_ext initialization is done?
> 
> It matters in sense that we shouldn't reference page_ext before it's
> initialized otherwise we will get garbage and crash.
> 
> > > page_ext initializer enables static branch to indicate that
> > 
> > 			"enables a static branch"
> > 
> > > page_keyid() can use page_ext. The same static branch will gate MKTME
> > > readiness in general.
> > 
> > Can you elaborate on this a bit?  It would also be a nice place to hint
> > to the folks working hard on the APIs to ensure she checks this.
> 
> Okay.

At API init time we can check if (MKTME_ENABLED &&  mktme_nr_keyids > 0)
Sounds like this is another dependency we need to check and 'wait' on?
It happens after MKTME_ENABLED is set?  Let me know.

> 
> > > We don't yet set KeyID for the page. It will come in the following
> > > patch that implements prep_encrypted_page(). All pages have KeyID-0 for
> > > now.
> > 
> > It also wouldn't hurt to mention why you don't use an X86_FEATURE_* for
> > this rather than an explicit static branch.  I'm sure the x86
> > maintainers will be curious.
> 
> Sure.
> 
> -- 
>  Kirill A. Shutemov

Powered by blists - more mailing lists