Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows

[RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
[RFC v2 02/13] mm: Generalize the mprotect implementation to support extensions · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 02/13] mm: Generalize the mprotect implementation to support extensions · Sakkinen, Jarkko <hidden> · 2018-12-06
[RFC v2 01/13] x86/mktme: Document the MKTME APIs · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 01/13] x86/mktme: Document the MKTME APIs · Andy Lutomirski <luto@amacapital.net> · 2018-12-05
Re: [RFC v2 01/13] x86/mktme: Document the MKTME APIs · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 01/13] x86/mktme: Document the MKTME APIs · Andy Lutomirski <luto@kernel.org> · 2018-12-05
Re: [RFC v2 01/13] x86/mktme: Document the MKTME APIs · Sakkinen, Jarkko <hidden> · 2018-12-06
[RFC v2 03/13] syscall/x86: Wire up a new system call for memory encryption keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
[RFC v2 08/13] mm: Use reference counting for encrypted VMAs · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
[RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Andy Lutomirski <luto@amacapital.net> · 2018-12-04
Re: [RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 04/13] x86/mm: Add helper functions for MKTME memory encryption keys · Sakkinen, Jarkko <hidden> · 2018-12-06
[RFC v2 07/13] x86/mm: Add helpers for reference counting encrypted VMAs · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 07/13] x86/mm: Add helpers for reference counting encrypted VMAs · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 07/13] x86/mm: Add helpers for reference counting encrypted VMAs · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
[RFC v2 05/13] x86/mm: Set KeyIDs in encrypted VMAs · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 05/13] x86/mm: Set KeyIDs in encrypted VMAs · Sakkinen, Jarkko <hidden> · 2018-12-06
[RFC v2 09/13] mm: Restrict memory encryption to anonymous VMA's · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 09/13] mm: Restrict memory encryption to anonymous VMA's · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 09/13] mm: Restrict memory encryption to anonymous VMA's · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 09/13] mm: Restrict memory encryption to anonymous VMA's · Peter Zijlstra <peterz@infradead.org> · 2018-12-05
[RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Huang, Kai <hidden> · 2018-12-07
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Alison Schofield <alison.schofield@intel.com> · 2018-12-07
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Jarkko Sakkinen <hidden> · 2018-12-07
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Jarkko Sakkinen <hidden> · 2018-12-07
Re: [RFC v2 12/13] keys/mktme: Save MKTME data if kernel cmdline parameter allows · Kirill A. Shutemov <hidden> · 2018-12-07
[RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Kirill A. Shutemov <hidden> · 2018-12-04
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Peter Zijlstra <peterz@infradead.org> · 2018-12-05
Re: [RFC v2 11/13] keys/mktme: Program memory encryption keys on a system wide basis · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
[RFC v2 10/13] keys/mktme: Add the MKTME Key Service type for memory encryption · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 10/13] keys/mktme: Add the MKTME Key Service type for memory encryption · Sakkinen, Jarkko <hidden> · 2018-12-06
Re: [RFC v2 10/13] keys/mktme: Add the MKTME Key Service type for memory encryption · Sakkinen, Jarkko <hidden> · 2018-12-06
Re: [RFC v2 10/13] keys/mktme: Add the MKTME Key Service type for memory encryption · Dave Hansen <hidden> · 2018-12-06
Re: [RFC v2 10/13] keys/mktme: Add the MKTME Key Service type for memory encryption · Sakkinen, Jarkko <hidden> · 2018-12-06
[RFC v2 13/13] keys/mktme: Support CPU Hotplug for MKTME keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 13/13] keys/mktme: Support CPU Hotplug for MKTME keys · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 13/13] keys/mktme: Support CPU Hotplug for MKTME keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
Re: [RFC v2 13/13] keys/mktme: Support CPU Hotplug for MKTME keys · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 13/13] keys/mktme: Support CPU Hotplug for MKTME keys · Alison Schofield <alison.schofield@intel.com> · 2018-12-05
[RFC v2 06/13] mm: Add the encrypt_mprotect() system call · Alison Schofield <alison.schofield@intel.com> · 2018-12-04
Re: [RFC v2 06/13] mm: Add the encrypt_mprotect() system call · Sakkinen, Jarkko <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Peter Zijlstra <peterz@infradead.org> · 2018-12-04
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Kirill A. Shutemov <hidden> · 2018-12-04
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-05
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Kirill A. Shutemov <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Kirill A. Shutemov <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-04
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-04
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-04
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-05
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Jarkko Sakkinen <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Kirill A. Shutemov <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-08
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-08
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-12
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-12
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-12
RE: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-12
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-13
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-13
RE: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-12
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Eric Rannaud <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-05
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dan Williams <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-06
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Andy Lutomirski <luto@kernel.org> · 2018-12-07
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Dave Hansen <hidden> · 2018-12-08
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Huang, Kai <hidden> · 2018-12-08
Re: [RFC v2 00/13] Multi-Key Total Memory Encryption API (MKTME) · Sakkinen, Jarkko <hidden> · 2018-12-05

From: Kirill A. Shutemov <hidden>
Date: 2018-12-07 11:47:17
Also in: keyrings, linux-mm

On Fri, Dec 07, 2018 at 02:14:03AM +0000, Huang, Kai wrote:

Alternatively, we can choose to use per-socket keyID, but not to program
keyID globally across all sockets, so you don't have to save key while
still supporting CPU hotplug.

Per-socket KeyID approach would make things more complex. For instance
KeyID on its own will not be enough to refer a key. You will need a node
too. It will also require a way to track whether theirs an KeyID on other
node for the key.

It also makes memory management less flexible: runtime migration of the
memory between nodes will be limited and it can hurt memory availablity
for non-encrypted tasks too.

In general, I don't see per-socket KeyID handling very attractive. It
creates more problems than solves.

-- 
 Kirill A. Shutemov

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help