From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E3F5D3C551 for ; Fri, 18 Oct 2024 07:16:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CE8AB6B00B5; Fri, 18 Oct 2024 03:16:15 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C977E6B00B7; Fri, 18 Oct 2024 03:16:15 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B5F236B00B8; Fri, 18 Oct 2024 03:16:15 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 9854C6B00B5 for ; Fri, 18 Oct 2024 03:16:15 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id ECC7E80520 for ; Fri, 18 Oct 2024 07:16:04 +0000 (UTC) X-FDA: 82685863806.13.528FEFE Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) by imf17.hostedemail.com (Postfix) with ESMTP id 6C21840004 for ; Fri, 18 Oct 2024 07:16:04 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=Lh8ZXsZA; dmarc=pass (policy=quarantine) header.from=amazon.co.uk; spf=pass (imf17.hostedemail.com: domain of "prvs=014eda594=roypat@amazon.co.uk" designates 99.78.197.218 as permitted sender) smtp.mailfrom="prvs=014eda594=roypat@amazon.co.uk" ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729235724; a=rsa-sha256; cv=none; b=7+xKSV205CLIRjfqRCHTIGX/e3u/RkY9Z8U4VJmkGwv2VadLzu8lXZBS2X0tcxqjmfU2CF 6Nt0VYaqBcpsAYlzFA8x66X8u/YWh1IuigiNqH06POXDHlcsOnXqOSS8iAR671yID2UiyE p4ZUg2nwcv4yE8fbs2wpGB1pAnGZCzo= ARC-Authentication-Results: i=1; imf17.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=Lh8ZXsZA; dmarc=pass (policy=quarantine) header.from=amazon.co.uk; spf=pass (imf17.hostedemail.com: domain of "prvs=014eda594=roypat@amazon.co.uk" designates 99.78.197.218 as permitted sender) smtp.mailfrom="prvs=014eda594=roypat@amazon.co.uk" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729235724; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=EKGqZ8hrRKP72OEOZhPQA++anSV7QH7ySNTRlQSCfpg=; b=y6q51nbiW0/Oln1SHEV9aU/qsWJ4Ur618pvf7BlkXhaiq1ZbiJKLcxvnMYDwMiZVl8qwsc jFmbTzEgI7KplwiY7nZmDKFwmLq+hAJZest3bZ64N0Pp1n+FLZe8dCnGDbl8zMiTNFoD7b 56KxPocW4PgPNH84VHCHHwZOoJDClaU= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1729235773; x=1760771773; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=EKGqZ8hrRKP72OEOZhPQA++anSV7QH7ySNTRlQSCfpg=; b=Lh8ZXsZA1PboZdOwU5E8bNsXT0vLLwyIPYE/E8nqc7Jqad8W078i4/IG 4kRN5hmNpCDZ/U9sWY4nuE+W+l19X0O/0Ixgsmu0pAcZtvtl4QMLMAjCY L4VQDoEseRs+q52zYHoMjmrae9HeaT6rsvFaEnCqMAZIPd7gh/g53XQhe M=; X-IronPort-AV: E=Sophos;i="6.11,213,1725321600"; d="scan'208";a="344116877" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Oct 2024 07:16:06 +0000 Received: from EX19MTAUEC002.ant.amazon.com [10.0.29.78:36478] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.30.212:2525] with esmtp (Farcaster) id 8c358cbd-25f6-43e2-adc9-681e56bfb8f4; Fri, 18 Oct 2024 07:16:05 +0000 (UTC) X-Farcaster-Flow-ID: 8c358cbd-25f6-43e2-adc9-681e56bfb8f4 Received: from EX19MTAUEB002.ant.amazon.com (10.252.135.47) by EX19MTAUEC002.ant.amazon.com (10.252.135.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Fri, 18 Oct 2024 07:16:01 +0000 Received: from email-imr-corp-prod-pdx-all-2b-5ec155c2.us-west-2.amazon.com (10.43.8.2) by mail-relay.amazon.com (10.252.135.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34 via Frontend Transport; Fri, 18 Oct 2024 07:16:01 +0000 Received: from [127.0.0.1] (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-5ec155c2.us-west-2.amazon.com (Postfix) with ESMTPS id ACFA640263; Fri, 18 Oct 2024 07:15:52 +0000 (UTC) Message-ID: <2686a5ae-e1e5-48d6-ae4b-31face5284ca@amazon.co.uk> Date: Fri, 18 Oct 2024 08:15:50 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC PATCH 26/39] KVM: guest_memfd: Track faultability within a struct kvm_gmem_private To: Jason Gunthorpe , Peter Xu CC: David Hildenbrand , Ackerley Tng , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , References: <1d243dde-2ddf-4875-890d-e6bb47931e40@redhat.com> <20241016225157.GQ3559746@nvidia.com> <20241016235424.GU3559746@nvidia.com> <20241017164713.GF3559746@nvidia.com> <20241017171010.GK3559746@nvidia.com> <20241017191829.GA3559746@nvidia.com> From: Patrick Roy Content-Language: en-US Autocrypt: addr=roypat@amazon.co.uk; keydata= xjMEY0UgYhYJKwYBBAHaRw8BAQdA7lj+ADr5b96qBcdINFVJSOg8RGtKthL5x77F2ABMh4PN NVBhdHJpY2sgUm95IChHaXRodWIga2V5IGFtYXpvbikgPHJveXBhdEBhbWF6b24uY28udWs+ wpMEExYKADsWIQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbAwULCQgHAgIiAgYVCgkI CwIEFgIDAQIeBwIXgAAKCRBVg4tqeAbEAmQKAQC1jMl/KT9pQHEdALF7SA1iJ9tpA5ppl1J9 AOIP7Nr9SwD/fvIWkq0QDnq69eK7HqW14CA7AToCF6NBqZ8r7ksi+QLOOARjRSBiEgorBgEE AZdVAQUBAQdAqoMhGmiXJ3DMGeXrlaDA+v/aF/ah7ARbFV4ukHyz+CkDAQgHwngEGBYKACAW IQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbDAAKCRBVg4tqeAbEAtjHAQDkh5jZRIsZ 7JMNkPMSCd5PuSy0/Gdx8LGgsxxPMZwePgEAn5Tnh4fVbf00esnoK588bYQgJBioXtuXhtom 8hlxFQM= In-Reply-To: <20241017191829.GA3559746@nvidia.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Rspam-User: X-Rspamd-Queue-Id: 6C21840004 X-Rspamd-Server: rspam01 X-Stat-Signature: zug15aas5kw7ugqdkg8h1yhoxmwsh9sj X-HE-Tag: 1729235764-762689 X-HE-Meta: U2FsdGVkX18LDv2C1YZiDAOy7bj9Rl5QTBwNI5TAmAh1fOik+ln92vj7M/+nqB4PHL9zj14L+REEzawkGxNQAVsq0ycuf7sjye7RITiUkidw33BG2niN79dMvfsrjDSCa5JcGMzvfpZdWXMuX3b2ldjIs0dhQ59wNr5OsFAhMTT/6/ndgSiY5Ja56KsWlm0GxwBmkj8S8bjJzSXnqThTF/w6bLcnNYzhioZT3tYmI5+m4Rw836FKn4i4p+55Mo51LSOchBQX3eOv1kr+iKk4K+1lHvgcNNbX5FJ/7Gx0FQAj5gRRyL1C0QvuxZYiHg1iiX0o1v683ImHOUNTKp7KEElPlGfg4srAcPZiLgyelmP2cqY/bVaohk8X9rKZsYxvZKBDCMm1qcVF+UOSZ178VIJV0W9ANAM8dM/o36KuedOv0WM2gvnBftaGbpe3ckv74rj1kN9EfY20JbujUAloF/NhhGj1xZUO6nG+yW0FOdPa+eOshP66kZRORE0GdJDMGdyHXTrs7TWj2ImjsaiW2Cd0T2X9G8Yi4XvqRHIjyXDWAO5MYAcjpo6LkjkW/mfXnPX4kTETU5dRupXgx6kgjGBx/daRJv6SJIDYngmpuqiN7zsysewjfohyYe2Llq3GDZVuCi4nr7/63OlJTCXnyY/f7Oc2LRNhVzFsPqLHsLydleqkY+mj0FC/QXznJtIPCDvsWbwdGzhiHEJIB+gRxCEgY9oi8oP+XLGAQRd9LVgrxFRc0NS7fqUPWbMvcPhpL5xvH+wZo/QiAkGFqMtHNKL21ZviQZYT0UBiOdw7WcwO4RnDSgRMHExtIx9nabInvlayZWOAH8p2E0YzpMGHya3zfWkJzoDTjXF0QXHNOrGmiwe3tdxODVNPiRF/8jtKxKwDhH+jwD7UWapH4tn9rMHTEk9ExtCwedrW/vdULm1c+RLG3UzTbG7QbvlEtTv+SiQOFue8RTAL4sfzYiP ZBlrfCDT p0YOPf4n48yaDgnAbhWC039GPHB83cPbbCbWLYVbUp+z1FdYlukoRn0NPwbWx+y9H5vLvs91bR+1fcMysK68s0AhiWu43BX+MxBR+KSGi1Kw2drZkeUJcmKZdAu0itlNOSuGfpiSESH7X5r9L9pdUW0Ns+CEJEoeJ+ilc6/qTl1QB7o3bieSFbUtP2bsKSu72s/J+k27ip31UJrSg2XHXtxvxofbShAXhAUEkxU8M9nXGUJ6SKN8sVxCMIZNfNOpUhmqNu+P9Ye7JDi4VZ/KEBwZt3nvU/91opMqBHyIDyWrZdr7DkBmKtA2J/i5BSjgPMrUBGbUZ3qnsjqbmSmwn/9fG2KgJVxQrk7yS8wcGAhI9SCz3U8FFgG2Yfd8KL6BLsVjTlC6/sUqNYQBwmK0OUOYkh62kVB/cMuYAj+QpkQSA0euQCbLwWJjM7mwrMccmkzte+A3naUKKKr/HRna4Rt22Kr1UoA12h7V+yQ8u8GywcqirtPfjf1piqg3txOYbCZJ4BaCjSkMAMy0PukXa/0YBC1Td7KLm1mmD7YqMzBBdUe2rPcUrnCTToyWyRKAtbaKa X-Bogosity: Ham, tests=bogofilter, spamicity=0.000215, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, 2024-10-17 at 20:18 +0100, Jason Gunthorpe wrote: > On Thu, Oct 17, 2024 at 03:11:10PM -0400, Peter Xu wrote: >> On Thu, Oct 17, 2024 at 02:10:10PM -0300, Jason Gunthorpe wrote: >>>> If so, maybe that's a non-issue for non-CoCo, where the VM object / >>>> gmemfd object (when created) can have a flag marking that it's >>>> always shared and can never be converted to private for any page >>>> within. >>> >>> What is non-CoCo? Does it include the private/shared concept? >> >> I used that to represent the possible gmemfd use cases outside confidential >> computing. >> >> So the private/shared things should still be around as fundamental property >> of gmemfd, but it should be always shared and no convertion needed for the >> whole lifecycle of the gmemfd when marked !CoCo. > > But what does private mean in this context? > > Is it just like a bit of additional hypervisor security that the page > is not mapped anyplace except the KVM stage 2 and the hypervisor can > cause it to become mapped/shared at any time? But the guest has no > idea about this? > > Jason Yes, this is pretty much exactly what I'm after when I say "non-CoCo". No direct map entries to provide defense-in-depth for guests against various speculative execution issues, but not a full confidential computing setup (e.g. the guest should be completely oblivious to this, and not require any modifications).