From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=wawx=37=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.6 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0984EC3B187
	for <linux-mm@archiver.kernel.org>; Tue, 11 Feb 2020 11:26:21 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id C432420848
	for <linux-mm@archiver.kernel.org>; Tue, 11 Feb 2020 11:26:20 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="zIMcq8Pu"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C432420848
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 6CA976B02AC; Tue, 11 Feb 2020 06:26:20 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 653AC6B02AD; Tue, 11 Feb 2020 06:26:20 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 51C9F6B02AE; Tue, 11 Feb 2020 06:26:20 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0211.hostedemail.com [216.40.44.211])
	by kanga.kvack.org (Postfix) with ESMTP id 2CB236B02AC
	for <linux-mm@kvack.org>; Tue, 11 Feb 2020 06:26:20 -0500 (EST)
Received: from smtpin16.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id D7EDAD38
	for <linux-mm@kvack.org>; Tue, 11 Feb 2020 11:26:19 +0000 (UTC)
X-FDA: 76477617678.16.camp44_37377aa471533
X-HE-Tag: camp44_37377aa471533
X-Filterd-Recvd-Size: 3214
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by imf33.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Tue, 11 Feb 2020 11:26:19 +0000 (UTC)
Received: from willie-the-truck (236.31.169.217.in-addr.arpa [217.169.31.236])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPSA id 34C7C206D7;
	Tue, 11 Feb 2020 11:26:15 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=default; t=1581420378;
	bh=2L9bSGf+TLqSURpvqdOD5PgYiQUSnDassNwBUiYrriI=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=zIMcq8PuF7naKYNRnYV/McurYaFZkvc8Q3bRjAQVY5mvkTZ9RRGI3NbU4k3dZKCHv
	 8x6Ta7MIr5rRbWpvYs1wlmzPSa1vzb9LQXMh+3hd3Q3xIfyrKIr7fQ6N8Wrs/4JeEj
	 he5z9/2Q+RthfSvQrj7PFLFiV0R2GUju758R0708=
Date: Tue, 11 Feb 2020 11:26:11 +0000
From: Will Deacon <will@kernel.org>
To: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Janosch Frank <frankja@linux.vnet.ibm.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Marc Zyngier <maz@kernel.org>,
	Sean Christopherson <sean.j.christopherson@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>, KVM <kvm@vger.kernel.org>,
	Cornelia Huck <cohuck@redhat.com>,
	David Hildenbrand <david@redhat.com>,
	Thomas Huth <thuth@redhat.com>,
	Ulrich Weigand <Ulrich.Weigand@de.ibm.com>,
	Claudio Imbrenda <imbrenda@linux.ibm.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	linux-s390 <linux-s390@vger.kernel.org>,
	Michael Mueller <mimu@linux.ibm.com>,
	Vasily Gorbik <gor@linux.ibm.com>, linux-mm@kvack.org,
	kvm-ppc@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	mark.rutland@arm.com, qperret@google.com, palmerdabbelt@google.com
Subject: Re: [PATCH 01/35] mm:gup/writeback: add callbacks for inaccessible
 pages
Message-ID: <20200211112611.GD8560@willie-the-truck>
References: <20200207113958.7320-1-borntraeger@de.ibm.com>
 <20200207113958.7320-2-borntraeger@de.ibm.com>
 <28792269-e053-ac70-a344-45612ee5c729@de.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <28792269-e053-ac70-a344-45612ee5c729@de.ibm.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Feb 10, 2020 at 06:27:04PM +0100, Christian Borntraeger wrote:
> CC Marc Zyngier for KVM on ARM.  Marc, see below. Will there be any
> use for this on KVM/ARM in the future?

I can't speak for Marc, but I can say that we're interested in something
like this for potentially isolating VMs from a KVM host in Android.
However, we've currently been working on the assumption that the memory
removed from the host won't usually be touched by the host (i.e. no
KSM or swapping out), so all we'd probably want at the moment is to be
able to return an error back from arch_make_page_accessible(). Its return
code is ignored in this patch :/

One thing I don't grok about the ultravisor encryption is how it avoids
replay attacks when paging back in. For example, if the host is compromised
and replaces the page contents with an old encrypted value. Are you storing
per-page metadata somewhere to ensure "freshness" of the encrypted data?

Will