From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0086C369BD for ; Wed, 16 Apr 2025 12:30:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CAD1A280117; Wed, 16 Apr 2025 08:30:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C3559280112; Wed, 16 Apr 2025 08:30:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AD4EF280117; Wed, 16 Apr 2025 08:30:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 8D2C5280112 for ; Wed, 16 Apr 2025 08:30:28 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id C0AB112085C for ; Wed, 16 Apr 2025 12:30:29 +0000 (UTC) X-FDA: 83339840178.27.442A025 Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) by imf08.hostedemail.com (Postfix) with ESMTP id 8D898160005 for ; Wed, 16 Apr 2025 12:30:27 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=vM2pQfr5; dmarc=pass (policy=quarantine) header.from=amazon.co.uk; spf=pass (imf08.hostedemail.com: domain of "prvs=194cfe719=roypat@amazon.co.uk" designates 207.171.184.29 as permitted sender) smtp.mailfrom="prvs=194cfe719=roypat@amazon.co.uk" ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1744806627; a=rsa-sha256; cv=none; b=SSJn1iUD/klAHZcvdF0LvDzJwpELPGPuN6y+4I2SlDMoPaGUejMGrybMqSy0Qd2dZOoBPA 34sHqyPdsC232FR5DmJCmVmVzDoRh/tnd1XsIJgEvhOJR3Z6VmooVKQOtOCbq9qCynvdxC p4IJl6ATU42O++HUuRj2shRawsfKvl8= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=vM2pQfr5; dmarc=pass (policy=quarantine) header.from=amazon.co.uk; spf=pass (imf08.hostedemail.com: domain of "prvs=194cfe719=roypat@amazon.co.uk" designates 207.171.184.29 as permitted sender) smtp.mailfrom="prvs=194cfe719=roypat@amazon.co.uk" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1744806627; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=sFqE0U8biMo7h/rFvupA/Vgek3MDfQSR208Nzfq3VY8=; b=LbXWqNvsW1JXhPMJWxTxujOvp4qzRUmBtJXbBfptiMcMM1FW/ypoEhUawrC6nFcZ9Aqzk5 kXOJo4M9yDIpH2hbzymVFpwThLpK/f1tGTQlYUxOwYzigK//tu8oUQPVcaRA6mmZzBYfNg SQwdjGzqqWgMi0ihpNCGuYSxXmr4n0U= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1744806628; x=1776342628; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=sFqE0U8biMo7h/rFvupA/Vgek3MDfQSR208Nzfq3VY8=; b=vM2pQfr52rdF8h6OaDwoAJrsGCnveRgwR7vdOrNjIEmzgX1bkf4nJKEL ypR6BITF1T8b9zrt4S3zVxagRDKOmYYwdLcmzopm53sy/X9e25HSOPLHZ ZkxtNAW+kL8olcQm5+su+Tt3AAi87u9M03ILlGXTk5KUzFlRsKRewJqBG k=; X-IronPort-AV: E=Sophos;i="6.15,216,1739836800"; d="scan'208";a="511999090" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.214]) by smtp-border-fw-9102.sea19.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Apr 2025 12:30:19 +0000 Received: from EX19MTAUEB002.ant.amazon.com [10.0.44.209:53443] by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.3.249:2525] with esmtp (Farcaster) id f70429f0-c47d-4fdb-91fa-3cfc607f9143; Wed, 16 Apr 2025 12:30:17 +0000 (UTC) X-Farcaster-Flow-ID: f70429f0-c47d-4fdb-91fa-3cfc607f9143 Received: from EX19MTAUEB002.ant.amazon.com (10.252.135.47) by EX19MTAUEB002.ant.amazon.com (10.252.135.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Wed, 16 Apr 2025 12:30:17 +0000 Received: from email-imr-corp-prod-iad-all-1a-f1af3bd3.us-east-1.amazon.com (10.43.8.2) by mail-relay.amazon.com (10.252.135.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14 via Frontend Transport; Wed, 16 Apr 2025 12:30:17 +0000 Received: from [127.0.0.1] (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-iad-all-1a-f1af3bd3.us-east-1.amazon.com (Postfix) with ESMTPS id E8E47413B0; Wed, 16 Apr 2025 12:30:10 +0000 (UTC) Message-ID: <392fc76a-5d2a-441d-99c8-532c0bbb052b@amazon.co.uk> Date: Wed, 16 Apr 2025 13:30:10 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v7 4/9] KVM: guest_memfd: Handle in-place shared memory as guest_memfd backed memory To: David Hildenbrand , Fuad Tabba , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , References: <20250318161823.4005529-1-tabba@google.com> <20250318161823.4005529-5-tabba@google.com> <8ebc66ae-5f37-44c0-884b-564a65467fe4@redhat.com> From: Patrick Roy Content-Language: en-US Autocrypt: addr=roypat@amazon.co.uk; keydata= xjMEY0UgYhYJKwYBBAHaRw8BAQdA7lj+ADr5b96qBcdINFVJSOg8RGtKthL5x77F2ABMh4PN NVBhdHJpY2sgUm95IChHaXRodWIga2V5IGFtYXpvbikgPHJveXBhdEBhbWF6b24uY28udWs+ wpMEExYKADsWIQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbAwULCQgHAgIiAgYVCgkI CwIEFgIDAQIeBwIXgAAKCRBVg4tqeAbEAmQKAQC1jMl/KT9pQHEdALF7SA1iJ9tpA5ppl1J9 AOIP7Nr9SwD/fvIWkq0QDnq69eK7HqW14CA7AToCF6NBqZ8r7ksi+QLOOARjRSBiEgorBgEE AZdVAQUBAQdAqoMhGmiXJ3DMGeXrlaDA+v/aF/ah7ARbFV4ukHyz+CkDAQgHwngEGBYKACAW IQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbDAAKCRBVg4tqeAbEAtjHAQDkh5jZRIsZ 7JMNkPMSCd5PuSy0/Gdx8LGgsxxPMZwePgEAn5Tnh4fVbf00esnoK588bYQgJBioXtuXhtom 8hlxFQM= In-Reply-To: <8ebc66ae-5f37-44c0-884b-564a65467fe4@redhat.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 8D898160005 X-Stat-Signature: 6yh1u7orr4j6h8tcfa1xekjdto61kzad X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1744806627-581680 X-HE-Meta: U2FsdGVkX18KWaXhNL41qqzqaLkZ6vi4jR3QyGZS/XX9OtWyiJUMOkuvIt/VjfGwqsjFi9TQes81Fcs7wAQpvEPNZNkaUzI+Agryr9k+s2aC5TsRO1GaGek+8jqY6oE8lTDbAAYsbl8WCT2pBzdrovihUQm4ieMmlUg5pJG4QzBQWKuC8dgdE1fVlFyc1+4rzDMa8K85bYoRQZpKu0RMeH548yRDpWE1Arw/14ejhJgg51SuWpFb+KZJcd5OHi6biiv6RwkiryMCkRLoIz1uLWsj7bgH5AXoU6i4Nw9mZeYhOdnsmGyt7C6JrL4VopEw/s5D4HgkhxvLLjuQgQk3lLQLtCwM4kC2Td7toMvS6Bx0LmqDKJxOg/I8wjZhyewsT72bqXiickTHrS7fIHzh9ty7whSDFPY7z2LmKPKZFkXBKjTsEkcOeX3zebyqmdQuh4i0XURyxu8rxsJyUrzyqwuLbMjHRJM5SN9rUAZ+MyQnW1WMzIiOkl24TTXCty2QaO/u7eTvhAR5Q7rq1gUPsIfk5CuFgDlgYr+ZKS7ZjoFtFhC5Gv3/62EQam334P0bU4xOFtBiLQJ0xokqwAY/B4N9+q8t3afCA6LTJV05golsDdarjCpizKRA+sTES6wRGq7+C9Q/2SbAMa/IzOqt2WEaAXY/Xj8VFMB1QJtvcR+5z3ZNLqRNobE0BSANJ2QZAxlKaupbJAJMP607SdSpMfHyof/w7dF5eMt0SXyQQeLvCsaUOJg0dm0XlSE9HfjSgKYTfhYSMPef7ZEG5iADgtzdbXJnb1JvAyK9izWPeG1gRbjOyvJr56gqlvwARgiG2Rb6kjXfkMUhb0R4PN+IlkLOr4c7GkwDmBUC9oUxVOYvnzoZkouSmEmd4IrFgKrRpOHNEWQd+Hs+P82kWfq384KpZ4UaJw9lkpiDz4x2KRmImH8dERE9jn5Y7PChw0p65QMVcjHLarjelN7vaiz 1kYWvzIt 4B3oIPO2RsfHJB7JlgbSzpGTQvZBmWKvOkE3aQ8QPlJAMgDCNQB8tsKjAPkbfBCfFCnSxaRB1+sVjbf6O4/walBpA3rd8ORzeHu5huaToRAv7ezASJkCa8VhJp32+OAAgw4aY3AyXn1kp05kmsjESOGmJuEyCz3HtXkMW8xSLtc8yZirwkbUlKEgIPqy1ChAZz1IoPlo+0fyDN+L/U4wA2LBza/UlVC8TUfE+grltgQ7JNxLrNRElo1WByUDkgI6k7nEDMZhkUS/VHM23i1cvvdUN1dFjyWV0d38I2JGg2lE6PmeMJF0Jtr+IVXFHC0lxOLdlXtGWcIR7pvJo9dwrwfZIwRvgdMjVVfXNwbQXBHR2GPI0EPWR7MF+T5319gU95aztFQzVjKiYCFUkX1RYI03woyNJBsGB0iQbehG6Y60ZqZprTQqltx9G8G3Q+PqeKgmYJxwXN8fosPSFwEKqvgEDZDUfyjelmC2OVVtTwVtpfJSi6NHXqOBiaoFJe3AtWCgjElcmJNsh2/FwiaF3NWojryZbOYzpNzampUYAHyD8SyBSeQa6P52SciaAmIknBgvmsdYxo3b8vPOyg3oOsIRMRrlMgNiRu0hgEGPIPZWV2/t6b+rpwBCuV2nniiAANL9WTpL2q70SqM0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi! On Mon, 2025-04-14 at 12:51 +0100, David Hildenbrand wrote: > [...] > On top of that, I was wondering if we could look into doing something like > the following. It would also allow for pulling pages out of gmem for > existing SW-protected VMs once they enable shared memory for GMEM IIUC. > > > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c > index 08eebd24a0e18..6f878cab0f466 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -4495,11 +4495,6 @@ static int kvm_mmu_faultin_pfn_gmem(struct kvm_vcpu *vcpu, > { > int max_order, r; > > - if (!kvm_slot_has_gmem(fault->slot)) { > - kvm_mmu_prepare_memory_fault_exit(vcpu, fault); > - return -EFAULT; > - } > - > r = kvm_gmem_get_pfn(vcpu->kvm, fault->slot, fault->gfn, &fault->pfn, > &fault->refcounted_page, &max_order); > if (r) { > @@ -4518,8 +4513,19 @@ static int __kvm_mmu_faultin_pfn(struct kvm_vcpu *vcpu, > struct kvm_page_fault *fault) > { > unsigned int foll = fault->write ? FOLL_WRITE : 0; > + bool use_gmem = false; > + > + if (fault->is_private) { > + if (!kvm_slot_has_gmem(fault->slot)) { > + kvm_mmu_prepare_memory_fault_exit(vcpu, fault); > + return -EFAULT; > + } > + use_gmem = true; > + } else if (kvm_slot_has_gmem_with_shared(fault->slot)) { > + use_gmem = true; > + } > > - if (fault->is_private) > + if (use_gmem) > return kvm_mmu_faultin_pfn_gmem(vcpu, fault); > > foll |= FOLL_NOWAIT; > > > That is, we'd not claim that things are private when they are not, but instead > teach the code about shared memory coming from gmem. > > There might be some more missing, just throwing it out there if I am completely off. I think I arrived at the need for this as well while experimenting with building a Firecracker version that works with my direct map removal patches. With this patch series, on ARM, as soon as a memslot has a guest_memfd associated with it, all guest faults go through kvm_gmem_get_pfn, but on x86, they go through slot->userspace_addr by default, as CONFIG_KVM_SW_PROTECTED_VM selects CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES. There's no real difference between these if slot->userspace_addr can be GUP'd, but if its a VMA of a guest_memfd without direct map entries, faulting through slot->userspace_addr wont work. So on x86 Firecracker has to formally set the memory attributes to private, while on ARM it doesn't [1], which is a bit awkward. David, I couldn't find an implementation of kvm_slot_has_gmem_with_shared() in the branch you shared, but would it be something like "slot->userspace_addr points to a gmem VMA, particularly to a VMA of the gmem that's associated with this memslot, mapped at the same offset"? Best, Patrick [1]: https://github.com/firecracker-microvm/firecracker/blob/feature/secret-hiding/src/vmm/src/builder.rs#L268 > -- > Cheers, > > David / dhildenb >