From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0FE10D2FFE0 for ; Fri, 18 Oct 2024 09:35:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 86B076B0095; Fri, 18 Oct 2024 05:35:02 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7F3396B0096; Fri, 18 Oct 2024 05:35:02 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 66C826B0098; Fri, 18 Oct 2024 05:35:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 481556B0095 for ; Fri, 18 Oct 2024 05:35:02 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id E93954087E for ; Fri, 18 Oct 2024 09:34:54 +0000 (UTC) X-FDA: 82686213834.18.C4C6FDD Received: from smtp-fw-80009.amazon.com (smtp-fw-80009.amazon.com [99.78.197.220]) by imf09.hostedemail.com (Postfix) with ESMTP id C77BF14000B for ; Fri, 18 Oct 2024 09:34:51 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=LLGd5hPj; spf=pass (imf09.hostedemail.com: domain of "prvs=014eda594=roypat@amazon.co.uk" designates 99.78.197.220 as permitted sender) smtp.mailfrom="prvs=014eda594=roypat@amazon.co.uk"; dmarc=pass (policy=quarantine) header.from=amazon.co.uk ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729244025; a=rsa-sha256; cv=none; b=5iuVOXwHX0LOIJXn3YEe4Ec0L7UXc4oxqq+CVmbjUre7epous1Jb6QQX12DlA6YsRTZeAs 5MCXzhsy2TRSfHmCNyK1y6DJNgwnGVG7+vEXIHgN/rYMz1safiYVHVUhFEPLmae0GivbiC WK59EE3lKGqCkF7i60dlZpQwKBfNaCw= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=LLGd5hPj; spf=pass (imf09.hostedemail.com: domain of "prvs=014eda594=roypat@amazon.co.uk" designates 99.78.197.220 as permitted sender) smtp.mailfrom="prvs=014eda594=roypat@amazon.co.uk"; dmarc=pass (policy=quarantine) header.from=amazon.co.uk ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729244025; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BpK3TfvA/aJJBGezkvWLQTG+09sgEOAIsRn2y8OahHU=; b=uVpTsretXnWpGQixR7llzecwhlVxv+StsrS4CHUa8g+C5Jy3YwS0ixKWCBZbqvocazCdCP 36y/zHgsjpH2pRuq3Ux4QpKrozQRWE2Hiyob60uORZLUhm1KI6skEJrRUAb2ESdKOpJ31O i9NLprpwqDmc8RU3poeJM947ApBc2qY= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1729244099; x=1760780099; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=BpK3TfvA/aJJBGezkvWLQTG+09sgEOAIsRn2y8OahHU=; b=LLGd5hPjS82zv6u3rK+NL7K8k8lEVu6GJ2F5TFXWY3XFHaRo+TECQYRW UymzCbCDotKUxuAcK2uHuT6Pl2bctRgyxkOFreex45CuIT4uaHscY8uGQ 4Qqg91+YzIp0JsQ3HunCIeO9obMys4R1gst+y2+oxQPTIEZNrcQQhhpdX c=; X-IronPort-AV: E=Sophos;i="6.11,213,1725321600"; d="scan'208";a="139152822" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80009.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Oct 2024 09:34:56 +0000 Received: from EX19MTAUWB001.ant.amazon.com [10.0.7.35:55009] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.59.23:2525] with esmtp (Farcaster) id e4886bcc-8a61-48fc-987b-7c7278cb980c; Fri, 18 Oct 2024 09:34:55 +0000 (UTC) X-Farcaster-Flow-ID: e4886bcc-8a61-48fc-987b-7c7278cb980c Received: from EX19EXOUWB001.ant.amazon.com (10.250.64.229) by EX19MTAUWB001.ant.amazon.com (10.250.64.248) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Fri, 18 Oct 2024 09:34:51 +0000 Received: from EX19MTAUWB001.ant.amazon.com (10.250.64.248) by EX19EXOUWB001.ant.amazon.com (10.250.64.229) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Fri, 18 Oct 2024 09:34:49 +0000 Received: from email-imr-corp-prod-iad-all-1a-059220b4.us-east-1.amazon.com (10.25.36.214) by mail-relay.amazon.com (10.250.64.254) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34 via Frontend Transport; Fri, 18 Oct 2024 09:34:48 +0000 Received: from [127.0.0.1] (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-iad-all-1a-059220b4.us-east-1.amazon.com (Postfix) with ESMTPS id 688E44050D; Fri, 18 Oct 2024 09:34:44 +0000 (UTC) Message-ID: <799e5861-c91c-4756-982c-033ebef476b4@amazon.co.uk> Date: Fri, 18 Oct 2024 10:34:41 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC PATCH 26/39] KVM: guest_memfd: Track faultability within a struct kvm_gmem_private To: David Hildenbrand , Jason Gunthorpe , Peter Xu CC: Ackerley Tng , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , References: <1d243dde-2ddf-4875-890d-e6bb47931e40@redhat.com> <20241016225157.GQ3559746@nvidia.com> <20241016235424.GU3559746@nvidia.com> <20241017164713.GF3559746@nvidia.com> <20241017171010.GK3559746@nvidia.com> <20241017191829.GA3559746@nvidia.com> <2686a5ae-e1e5-48d6-ae4b-31face5284ca@amazon.co.uk> <257d5578-f256-49cf-affe-6255ff224ed0@redhat.com> From: Patrick Roy Content-Language: en-US Autocrypt: addr=roypat@amazon.co.uk; keydata= xjMEY0UgYhYJKwYBBAHaRw8BAQdA7lj+ADr5b96qBcdINFVJSOg8RGtKthL5x77F2ABMh4PN NVBhdHJpY2sgUm95IChHaXRodWIga2V5IGFtYXpvbikgPHJveXBhdEBhbWF6b24uY28udWs+ wpMEExYKADsWIQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbAwULCQgHAgIiAgYVCgkI CwIEFgIDAQIeBwIXgAAKCRBVg4tqeAbEAmQKAQC1jMl/KT9pQHEdALF7SA1iJ9tpA5ppl1J9 AOIP7Nr9SwD/fvIWkq0QDnq69eK7HqW14CA7AToCF6NBqZ8r7ksi+QLOOARjRSBiEgorBgEE AZdVAQUBAQdAqoMhGmiXJ3DMGeXrlaDA+v/aF/ah7ARbFV4ukHyz+CkDAQgHwngEGBYKACAW IQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbDAAKCRBVg4tqeAbEAtjHAQDkh5jZRIsZ 7JMNkPMSCd5PuSy0/Gdx8LGgsxxPMZwePgEAn5Tnh4fVbf00esnoK588bYQgJBioXtuXhtom 8hlxFQM= In-Reply-To: <257d5578-f256-49cf-affe-6255ff224ed0@redhat.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Stat-Signature: 5zbi4t1enyjmwzs3zu8y95ebk8tsimjk X-Rspamd-Queue-Id: C77BF14000B X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1729244091-717590 X-HE-Meta: U2FsdGVkX182X76A2KIa0q5pGFRuM8NL+v8ABzN672slLeSadcVOjjyjPOk0/IUWzpdyK5vd3AqiQKrPwkxPWJQOMUtjlPdST8rSg1TFwP9nnCOkhuzIpxLjwL6nrmPdiaep7h43s/8N9FCNUUud0pKpg7fgSr9BSZKe3iiwrhSGBNqzkKlJS1TOu96Xs9vUtIf5rHPpITucAzcPA2GmXyExd7QmcS0hfQ/NlsHfX8iXk+Zs0u1aNDhrRlgnbVujxX1Ca5S4KBfrHibtfP4EnZTLx5XoenMF2eDBQlrsQ3olmIEtVEuwrQp8EEPXEt24qloFrVpGx0yjrGFZAL4dOxt+Ob3Ca4Xz1bmkvwYlSsEB+HtDDkLCX3pRupHKGZSMqA29jFjUNSX9yKG+YPQ6byzbCIeiytU0VdlRKjPiAd++4cK6RZFxBaQYCEnstwXZMiQ3DbpbIbeOz0c9PBJN3BdMZomY16jo8Bdl2KBvSNb9yE//tYYP8SmuScQ7oJSp9kOAkwOeqLugQi0bQqkIqldgqXn+0EcNydK1II+yOFrD/Kw9g+d29hsXYYwLdxQUMQ3CNW22RFR79cwJg4twojQt6F5+yHu9ZqtrRwl0nEPlABjBFS67Vamz0pMTlP1KrF6W+WQh+ST5DIWvYV6+O8fSzpuiSa2vbzeohmm/CPPADFrrR9fWtJRpOrMvgt8l6HYqDsACat2s8N8khiNz9FMBIgISP5NQu1A8/Zbq+MXZHri/kOpWhgo6VsxHqrkhTbqRHr2H3xfZfIJTo23prSAniLvaw9/RyRDmFHxrq3mIiBeP4TuWd8PGSGpUCnkDatg4uBWi9yarGXHuAhhzuLXfxL/idvi6cRyRIrdlVPHNO0aDGqKxMF02SpkB7Ru/HEM28a5ZAbILbT1Ad06mz+EXq9X0JEHsSlBTL5fWpDUiwbNemP0VK4SU7mjLt8gJ0dAFcI2NzZ8z/tqEs6Z 9s7FHGDB vXSqDIaQNG8VnnLw2x0OHwW8lJMCMMAR70XglwcKsWDOWMOoH++SXE/QLT1f3pm+pl9qxY5+5EQV/PcnWlEB6gW5tS5EN4jOdMIYXE8Au5e54HQ61PmtCopTGUP0CBZfQveG4KV+6mNeog+7cV7KJWfs+apXzThrHvdexL2jOxcIT/0UnHZrgrrrKGBFxyqz0H1UQKnj1LsFOdKAw9Ufvsqvn3pMnmGxuZ2v7AFHNjKRvMHEnyg9/QpfpXolyn7sJLVvntxSmi0NfRjEXAehitKEvRjrEDSFGuyePe/d5tKmfnXSSRWYyvDKKVBUC2nAlBjCHMMftIhu3wiHAYjRZ0qSZOkG0U/NA6nM9hEXYRStG8wvKVKMy1W4LSxEZMPzuojouStkNLLtMmtNZCzvTMBvC4sRqnpDzT1njJGiGr9eMgNq0rttcc7qo21hr7kHc88j+YrNfsDXANGxnpQzA1yCDZiWYHr8W7UOuQFhp2c21hdSUrjXmlI9pYCX9u06tiPYnzJKFEANnYJNGstLEByO/52Yl5ekdDVZzOHcb3pr7ZSUxQMCBnuEV5q1DhbG3IWKZ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 2024-10-18 at 08:50 +0100, David Hildenbrand wrote: > On 18.10.24 09:15, Patrick Roy wrote: >> >> >> On Thu, 2024-10-17 at 20:18 +0100, Jason Gunthorpe wrote: >>> On Thu, Oct 17, 2024 at 03:11:10PM -0400, Peter Xu wrote: >>>> On Thu, Oct 17, 2024 at 02:10:10PM -0300, Jason Gunthorpe wrote: >>>>>> If so, maybe that's a non-issue for non-CoCo, where the VM object / >>>>>> gmemfd object (when created) can have a flag marking that it's >>>>>> always shared and can never be converted to private for any page >>>>>> within. >>>>> >>>>> What is non-CoCo? Does it include the private/shared concept? >>>> >>>> I used that to represent the possible gmemfd use cases outside confidential >>>> computing. >>>> >>>> So the private/shared things should still be around as fundamental property >>>> of gmemfd, but it should be always shared and no convertion needed for the >>>> whole lifecycle of the gmemfd when marked !CoCo. >>> >>> But what does private mean in this context? >>> >>> Is it just like a bit of additional hypervisor security that the page >>> is not mapped anyplace except the KVM stage 2 and the hypervisor can >>> cause it to become mapped/shared at any time? But the guest has no >>> idea about this? >>> >>> Jason >> >> Yes, this is pretty much exactly what I'm after when I say "non-CoCo". > > It's likely not what Peter meant, though. > > I think there are three scenarios: > > (a) Secure CoCo VMs: private is protected by HW > (b) Semi-secured non-CoCo VMs: private is removed from the directmap > (c) Non-CoCo VMs: only shared memory > > Does that match what you have in mind? Are there other cases? Yeah, I'm after your case (b). I suppose I will not call it just "non-CoCo" anymore then :) > -- > Cheers, > > David / dhildenb >