From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29843C3DA7F for ; Thu, 15 Aug 2024 19:08:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B19186B019E; Thu, 15 Aug 2024 15:08:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AC9DD6B019F; Thu, 15 Aug 2024 15:08:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9439E6B01A1; Thu, 15 Aug 2024 15:08:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 795D36B019E for ; Thu, 15 Aug 2024 15:08:13 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 2A4DEC1602 for ; Thu, 15 Aug 2024 19:08:13 +0000 (UTC) X-FDA: 82455415266.28.C3C2F1A Received: from smtp-fw-80009.amazon.com (smtp-fw-80009.amazon.com [99.78.197.220]) by imf23.hostedemail.com (Postfix) with ESMTP id 10A5B140026 for ; Thu, 15 Aug 2024 19:08:10 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=amazon.com header.s=amazon201209 header.b=hj8+BVGr; spf=pass (imf23.hostedemail.com: domain of "prvs=950f35e20=derekmn@amazon.com" designates 99.78.197.220 as permitted sender) smtp.mailfrom="prvs=950f35e20=derekmn@amazon.com"; dmarc=pass (policy=quarantine) header.from=amazon.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723748819; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=tEGEgIcRKXDTkmdRvTVw2CvUW7+3ffACZCr/9mvjZqo=; b=SricXGk/0Qe+inFHBDyLnAsdhGbGDmaOMpwylX8pzs0lrP4gC560BfXYMIURKyevvN/pO1 htuj1xF3vXA4KSUuj8uRNXIXmJ5UKIc59VB7LCOUTXHYMdy8j7V9l6AcGSIhiheB3M+aJv WyyB3mkdyeITKckLrNm6yAFxfCaRID8= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723748819; a=rsa-sha256; cv=none; b=u5aqfGdS3NsGLFfX5CwCmR7Zo5JezqAYJcoDouubxMs5U0p/tOQDvYcDl94VlFbIDda4IH RyGqFhAEtqI8Jgi6eiI3yY68ou4lXEu0cqjSuyjhqFotUU92q6XcUmT1s/nrj9eUMhuTtz 8xRkGSoku7oeH/D39Al/6Ky6Y7w8W78= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=amazon.com header.s=amazon201209 header.b=hj8+BVGr; spf=pass (imf23.hostedemail.com: domain of "prvs=950f35e20=derekmn@amazon.com" designates 99.78.197.220 as permitted sender) smtp.mailfrom="prvs=950f35e20=derekmn@amazon.com"; dmarc=pass (policy=quarantine) header.from=amazon.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1723748891; x=1755284891; h=message-id:date:mime-version:subject:from:to:cc: references:in-reply-to:content-transfer-encoding; bh=tEGEgIcRKXDTkmdRvTVw2CvUW7+3ffACZCr/9mvjZqo=; b=hj8+BVGr+CUbqiRzh1kJlyDhXIukUu/vHjxDgpcgg3FPTn4ITwAEWtNx IsMOQb1g3Gsp889U6jrvT2dKL6XK3Yo1YktHRAcKF7ODTN3yFuDXTzljc 1MRGnDY+mQR8vRDU6qbPUw3ZJm2b4fONfxgw6Df2Qp5o7K0Hv/BP9XE+Y g=; X-IronPort-AV: E=Sophos;i="6.10,149,1719878400"; d="scan'208";a="115649481" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80009.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Aug 2024 19:08:09 +0000 Received: from EX19MTAUWC001.ant.amazon.com [10.0.21.151:21068] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.24.187:2525] with esmtp (Farcaster) id 7c28823e-4999-43b1-ba3b-b0e1f64f96e0; Thu, 15 Aug 2024 19:08:09 +0000 (UTC) X-Farcaster-Flow-ID: 7c28823e-4999-43b1-ba3b-b0e1f64f96e0 Received: from EX19D003UWC002.ant.amazon.com (10.13.138.169) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Thu, 15 Aug 2024 19:08:07 +0000 Received: from [192.168.11.28] (10.106.101.5) by EX19D003UWC002.ant.amazon.com (10.13.138.169) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Thu, 15 Aug 2024 19:08:06 +0000 Message-ID: <3ea89d7f-fc29-4c80-a123-94673e526ca5@amazon.com> Date: Thu, 15 Aug 2024 12:08:05 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH RFC 3/4] mm: guest_memfd: Add option to remove guest private memory from direct map From: "Manwaring, Derek" To: David Hildenbrand , Elliot Berman , Andrew Morton , "Paolo Bonzini" , Sean Christopherson , "Fuad Tabba" , Patrick Roy , , Ackerley Tng CC: , , , , , Alexander Graf , Moritz Lipp , "Claudio Canella" References: <20240805-guest-memfd-lib-v1-0-e5a29a4ff5d7@quicinc.com> <20240805-guest-memfd-lib-v1-3-e5a29a4ff5d7@quicinc.com> <396fb134-f43e-4263-99a8-cfcef82bfd99@amazon.com> Content-Language: en-US In-Reply-To: <396fb134-f43e-4263-99a8-cfcef82bfd99@amazon.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [10.106.101.5] X-ClientProxiedBy: EX19D039UWB001.ant.amazon.com (10.13.138.119) To EX19D003UWC002.ant.amazon.com (10.13.138.169) X-Rspamd-Queue-Id: 10A5B140026 X-Stat-Signature: 7p81f3pwtrd44prdegmocc7ijo4my5xo X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1723748890-852884 X-HE-Meta: U2FsdGVkX1+b0a51ESEFn7ZfSpfFfCySlQE2yCqMYaBi3Araucr0vKB4mPQ86AZRx9NsqKgJIOgJex/uObx+zkltTjQ8YgyGQwRKE8mZL3ZbqY46lQmBeXL5oll3lF3r0jJLw7hrn6WDj6SD7Nh3yulLFkrHNXGEhAQE8Zu/wEjNq1gh5s5xRoo7N99g4VT+8uwXxLQIAu9KKgomZo7JtGELKqmD8QHwfwocXFOi1HflrsCGwygCEvfdl6/AjI1wQ5IzO8vwu+9+r/+iLF1++d0oT8zvcP9hnj2uckojYE3L/s1HYgRmw8i3wUAlzBnR3ekxDrMv4EnmoHdI26mQqHgJhJvPAQ3Je0Zym+Iutl17E2zp9P6SOwMZAhk0/RMsrgu7FcIi6SB1w62jsZyJ6VpnfZ0JGS3NgMNvqeshMqJkXWnvJK+d48Sf+Ti9SJE42Erq1T4xSzeVISF5ANRGo6KfpWXV1Arf6/iGv6sv6Nn9yZrVhbXZAORABnbK0eyS4QzgtGLquxph5CZCFgxsMHM02GfVsUa83iU3ebQHBScjwJyCfMYzMd+gSqQGPg0SEGUqjXwHesUUMYDjcSTEws2BumbViVXf1xHKzgy8xTDaaPHqKsrxVA8urw8pOuQcwdVa5K9ehJvhfXmQ7WBgwjGlpKARSmL6HuCrrlRPnoCpC6KJ3uAVfo+yQNQov+R37WEZRHrR6Qhwv3vFfLkQwl9vzFq9nf/9/yPQRTlGcAqNrjrRD1Vttw3nHEJrbaQg2vJmfXwTk6vZlppQGEL9viq/V+FkfqmHQoM4NOF8V2YwhfA8MIUPRQfRaBymUi6GSF/aI+g0UNssa6jB3VzF9Vu3CcbD18fB69ZC2zjHjVYLk8V22psknrhYfCd6gvTZizvWMghLdmlM+mru8p+C6oxPHdG+GAUgdYf4zwDMHoaoaX4x6EdZTMrv0lzNbwjq8GTCvogmBJCeDeK3GX0 3Yw6muV6 kTfEvNPlIFV6wN8DqJynDknW/kgUlWA/H6Snj+H5wvyW3D4YhyVFNjs0cKsBiG7gu5CbMIpYpE0DFEH3/MwVIYohk61bOBmA+zNGHKtuHCbAEWJFLAq4ncIj9qh2DXY/4KnuH1u4jLM6eG6l8i9ZjCDFCI2Wt4V9oJujC9NmQA95RX1BdjioMz4hgHmCW0+cieu+cQSEOoUIaSCM8C1oZTy4m2expbsajChY1GvpI0uyxQV59HZDB72LYib/VNuAJf+d/RdI8Yw1v7E6KZu54ROdtbCpK9AWv0apxnoswlKVC0safeL+n9dm9XUyPpeIuCGgc2DWVQzRTUPiwgU/UbJVNyhP7vDC68s76N8ZZ9f/rXx44cnqzS45VIhxQx/Ekh5PPNM7wwp8XomICNFG4BHs0H3VLe+tnlzLcZE0Iskd0xPSL4aySRSDA4ZZhrk5V7a32XQRTarFXFfyoJh9+IhMmnF1O4zBLfkU2q1r0GINNQtGx1qvttnqnZ53+JI+M4O64WYZrHXNeOQ2DFbauIEmBATXKbOJo6t9iNjYyjauNH7Fp6gBHyJ2oygxoaejgLLwSSpacquTqYSorWIslir8zXFBXbJQBzy/uckuBzLfBAIJ/lNYZo0yDKtVLYf79VeDv4hmfrNN+QY0jGzsEG7UEbA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 2024-08-07 17:16-0700 Derek Manwaring wrote: > All that said, we're also dependent on hardware not being subject to > L1TF-style issues for the currently proposed non-CoCo method to be > effective. We're simply clearing the Present bit while the physmap PTE > still points to the guest physical page. I was wrong here. The set_direct_map_invalid_noflush implementation moves through __change_page_attr and pfn_pte, eventually arriving at flip_protnone_guard where the PFN is inverted & thus no longer valid for pages marked not present. So we do benefit from that prior work's extra protection against L1TF. Thank you for finding this, Patrick. Derek