| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Jan 2021 17:01:04 -0500
From: Tejun Heo <tj@...nel.org>
To: David Rientjes <rientjes@...gle.com>
Cc: Sean Christopherson <seanjc@...gle.com>,
Tom Lendacky <thomas.lendacky@....com>,
Vipin Sharma <vipinsh@...gle.com>,
"Singh, Brijesh" <brijesh.singh@....com>,
"Grimm, Jon" <jon.grimm@....com>,
"Van Tassell, Eric" <eric.vantassell@....com>, pbonzini@...hat.com,
lizefan@...wei.com, hannes@...xchg.org, frankja@...ux.ibm.com,
borntraeger@...ibm.com, corbet@....net, joro@...tes.org,
vkuznets@...hat.com, wanpengli@...cent.com, jmattson@...gle.com,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com,
gingell@...gle.com, dionnaglaze@...gle.com, kvm@...r.kernel.org,
x86@...nel.org, cgroups@...r.kernel.org, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [Patch v4 1/2] cgroup: svm: Add Encryption ID controller
Hello,
On Tue, Jan 26, 2021 at 12:49:14PM -0800, David Rientjes wrote:
> > SEV-SNP, another incremental enhancement (on SEV-ES), further strengthens the
> > argument for SEV and SEV-* coexistenence. SEV-SNP and SEV-ES will share the
> > same ASID range, so the question is really, "do we expect to run SEV guests and
> > any flavor of SEV-* guests on the same platform". And due to SEV-* not being
> > directly backward compatible with SEV, the answer will eventually be "yes", as
> > we'll want to keep running existing SEV guest while also spinning up new SEV-*
> > guests.
> >
>
> Agreed, cloud providers will most certainly want to run both SEV and SEV-*
> guests on the same platform.
Am I correct in thinking that the reason why these IDs are limited is
because they need to be embedded into the page table entries? If so, we
aren't talking about that many IDs and having to divide the already small
pool into disjoint purposes doesn't seem like a particularly smart use of
those bits. It is what it is, I guess.
> I'm slightly concerned about extensibility if there is to be an
> incremental enhancement atop SEV-* or TDX with yet another pool of
> encryption ids. (For example, when we only had hugepages, this name was
> perfect; then we got 1GB pages which became "gigantic pages", so are 512GB
> pages "enormous"? :) I could argue (encryption_ids.basic.*,
> encryption_ids.enhanced.*) should map to
> (encryption_ids.legacy.*, encryption_ids.*) but that's likely
> bikeshedding.
>
> Thomas: does encryption_ids.{basic,enhanced}.* make sense for ASID
> partitioning?
>
> Tejun: if this makes sense for legacy SEV and SEV-* per Thomas, and this
> is now abstracted to be technology (vendor) neutral, does this make sense
> to you?
The whole thing seems pretty immature to me and I agree with you that coming
up with an abstraction at this stage feels risky.
I'm leaning towards creating a misc controller to shove these things into:
* misc.max and misc.current: nested keyed files listing max and current
usage for the cgroup.
* Have an API to activate or update a given resource with total resource
count. I'd much prefer the resource list to be in the controller itself
rather than being through some dynamic API just so that there is some
review in what keys get added.
* Top level cgroup lists which resource is active and how many are
available.
So, behavior-wise, not that different from the proposed code. Just made
generic into a misc controller. Would that work?
Thanks.
--
tejun
Powered by blists - more mailing lists