From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7405ED68BCD for ; Fri, 15 Nov 2024 17:24:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E63DC6B00B1; Fri, 15 Nov 2024 12:24:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DEB636B00B2; Fri, 15 Nov 2024 12:24:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C3EF06B00B3; Fri, 15 Nov 2024 12:24:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 9E1D26B00B1 for ; Fri, 15 Nov 2024 12:24:10 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 55D2D1A1B77 for ; Fri, 15 Nov 2024 17:24:10 +0000 (UTC) X-FDA: 82789000350.03.88FF09D Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) by imf07.hostedemail.com (Postfix) with ESMTP id E04664000D for ; Fri, 15 Nov 2024 17:23:03 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=v1fzfTTl; spf=pass (imf07.hostedemail.com: domain of "prvs=0425cf9e9=roypat@amazon.co.uk" designates 207.171.184.29 as permitted sender) smtp.mailfrom="prvs=0425cf9e9=roypat@amazon.co.uk"; dmarc=pass (policy=quarantine) header.from=amazon.co.uk ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1731691251; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bk0JymAs/OEj+UcEvmUanxee/ezdfeE24i85gdC/NwU=; b=1sRwhZPUloWORpvotZTHrl8NV2gEZ3vyxIpKHuBUEpJvujc1mNFDy3aV3+kM/31IRmh9B8 cih5d6wFpY3biQ6n4nRbHaEAiFwBl6uSwGewm5x9E3XA3zvLePveHZkrh8msGuLi/c6qwZ cZ5XYCAyAm0X5/uRKxjg3gDWEqG+GDM= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=v1fzfTTl; spf=pass (imf07.hostedemail.com: domain of "prvs=0425cf9e9=roypat@amazon.co.uk" designates 207.171.184.29 as permitted sender) smtp.mailfrom="prvs=0425cf9e9=roypat@amazon.co.uk"; dmarc=pass (policy=quarantine) header.from=amazon.co.uk ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1731691251; a=rsa-sha256; cv=none; b=gzN05MXJ4Jx5B0o1wj3oiYLtq4rZnH1PFfV1AuBQrQpWHd6zs+tR2D8TyySVqILeHDMWKU hMoJwBk5TAwcka6knMIWQXx5lpP/AO4sf0ZJRaVJudAo8RBmTAgbdzvbsKLeqfWW+VRJc2 DOpJ6BNXeGMDbP9qESE95jODSb65Dq4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1731691448; x=1763227448; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=Bk0JymAs/OEj+UcEvmUanxee/ezdfeE24i85gdC/NwU=; b=v1fzfTTlLMnu2X5WPNwFdXUd4FV7OEHW4KP4gun3bkygP8S0+6gcKbdN QSD5K95IgXGpA8vvie3KAMk+oAVOQulG0xKJkitMjf2Qv8O+Ka7BoRhdu gIOT2ZkR5UMhMOJwYZypYGNcxAY8A9d7nGydqluZu3GrRXKqHBHwmIUs9 o=; X-IronPort-AV: E=Sophos;i="6.12,157,1728950400"; d="scan'208";a="470536855" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.214]) by smtp-border-fw-9102.sea19.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Nov 2024 17:24:02 +0000 Received: from EX19MTAUWB001.ant.amazon.com [10.0.38.20:38135] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.52.223:2525] with esmtp (Farcaster) id 5ff6a4b3-184c-4e50-9e2d-e5baf28ad41c; Fri, 15 Nov 2024 17:24:01 +0000 (UTC) X-Farcaster-Flow-ID: 5ff6a4b3-184c-4e50-9e2d-e5baf28ad41c Received: from EX19D003UWB004.ant.amazon.com (10.13.138.24) by EX19MTAUWB001.ant.amazon.com (10.250.64.248) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34; Fri, 15 Nov 2024 17:23:56 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWB004.ant.amazon.com (10.13.138.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.35; Fri, 15 Nov 2024 17:23:56 +0000 Received: from email-imr-corp-prod-pdx-all-2b-a57195ef.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34 via Frontend Transport; Fri, 15 Nov 2024 17:23:56 +0000 Received: from [127.0.0.1] (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-a57195ef.us-west-2.amazon.com (Postfix) with ESMTPS id AE0FAA04A5; Fri, 15 Nov 2024 17:23:48 +0000 (UTC) Message-ID: <81d14448-29eb-4496-b876-ef6de526a840@amazon.co.uk> Date: Fri, 15 Nov 2024 17:23:47 +0000 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [RFC PATCH v3 0/6] Direct Map Removal for guest_memfd To: David Hildenbrand , , , , , , , , CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , References: <20241030134912.515725-1-roypat@amazon.co.uk> <4aa0ccf4-ebbe-4244-bc85-8bc8dcd14e74@redhat.com> <27646c08-f724-49f7-9f45-d03bad500219@amazon.co.uk> <90c9d8c0-814e-4c86-86ef-439cb5552cb6@amazon.co.uk> <10e4d078-3cdb-4d1c-a1a3-80e91b247217@redhat.com> <02f77d32-e2a1-431b-bb67-33d36c06acd3@amazon.co.uk> From: Patrick Roy Content-Language: en-US Autocrypt: addr=roypat@amazon.co.uk; keydata= xjMEY0UgYhYJKwYBBAHaRw8BAQdA7lj+ADr5b96qBcdINFVJSOg8RGtKthL5x77F2ABMh4PN NVBhdHJpY2sgUm95IChHaXRodWIga2V5IGFtYXpvbikgPHJveXBhdEBhbWF6b24uY28udWs+ wpMEExYKADsWIQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbAwULCQgHAgIiAgYVCgkI CwIEFgIDAQIeBwIXgAAKCRBVg4tqeAbEAmQKAQC1jMl/KT9pQHEdALF7SA1iJ9tpA5ppl1J9 AOIP7Nr9SwD/fvIWkq0QDnq69eK7HqW14CA7AToCF6NBqZ8r7ksi+QLOOARjRSBiEgorBgEE AZdVAQUBAQdAqoMhGmiXJ3DMGeXrlaDA+v/aF/ah7ARbFV4ukHyz+CkDAQgHwngEGBYKACAW IQQ5DAcjaM+IvmZPLohVg4tqeAbEAgUCY0UgYgIbDAAKCRBVg4tqeAbEAtjHAQDkh5jZRIsZ 7JMNkPMSCd5PuSy0/Gdx8LGgsxxPMZwePgEAn5Tnh4fVbf00esnoK588bYQgJBioXtuXhtom 8hlxFQM= In-Reply-To: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: E04664000D X-Stat-Signature: bwb466fme115g8i79dmbaggtt5s391o8 X-Rspam-User: X-HE-Tag: 1731691383-690473 X-HE-Meta: U2FsdGVkX1+lhbQ+jwBx83GEvsw9CTr+GSosv/wESIfPK4EECzV9uykqtbAUbfMIfti9Twg2UYh6tYGOULXTD1P7HsRjqct6SclAR537szWxslbfNZ8h28J6MrusFJKpwX3dGDNq+z/P89c7MYW7+ZdLF/3cWdcvBZO8cyHalj6FJepxP3lXj/6LtFI0xdGd78049KJ0dXXywZW4vk3eeEEYCv5PPxr3ZruYa/IMxkGP3D+xNsexjc/NxltlUbWOtaPb1U40ofkT6DaokK8NJL7gddz5D9rUuEnt73zFWzp6iwZjGkjThqZCqoJEqCPR6Jy6+SjAK2H4h91VTpZKtYBbd61JJVNk+bj8rPZ2LVl0KuFZTQqQ7BrYuAhWIT8o+L3tebtuxnc5YmxOdlj7EJtWm03zMcwLIB9pvguVnGJDbGmBk9yCHgyIBHGJzDy65HOcdflvrkNq4ancGJ6LVcalUcmVXwOnWzkMhIhUWoPBQWkCJv49bOa4/nDY0ksz4DnLRvOuPcrSj9+Ttvi28tDtCAA0rdl+VKDdcPyL3Q9C/a+vVvBjvYhKhnE4Z/eIsFZEuQiIhwxQ59kWv8by2FEU9g6hotJWVFzA/WqrUW3qR5sXXjpEvr33o8VxUw8PR2W1f8BeRCNXOfFZAWaepP/e9hevaEWE+Yh+NBKsh1cgCeKs70WbETaoN2YY8ozmyEFFzpHGaliUZRLSjJYkKUoWNT9pIwbYdb8taNYycxOO7VBLQQfnxNQqhLqywgl5FHmMDugnUNZ7an6vIs5GjBMasHkkVs8CrUbzXHv5e0CYBTtadSGvqFnIDys77I+CL4Dws6atVWlAo+JuNF3WN7cEu5zpWSkppyIAJMi88hanWnmC07uBKvRsPsowQwbg1ALF2FDSRamt7wKdHpTMQayvhyR92FAGnrHyPGZIGkXDdlql5FYGbMZpg/XAEMBjPUtnpWubyXokIDmFDgx OmqFEM1X q2fFUjTO6SivMsyAdSVAv/eUyvtPTfiysRImoifvsz3eP302jEgbePtGPzJBaih4Cpn9eRIw2EZjkaRgA5cOKGj/YpX3X5AE0eKElMFB18FaY1uyuS0Lf6kIRDl/UOOzuujCfIhPoFBMWd4fCRqmhvLpuWFQbIVCZ5t1naw/NSlKfT4/JxxGzOMdm4Sxw7OJaEOFphYY1h/5p2xksBVRaI0tEczfPjyhoRjzsyIG+fuv0T+RAb8OW7qbEy+hl4zyDUUgka1T/cSOz2EiPo+1xrKZPDN1XCychSRGo5WTOrtxCYx85HoTGOmQYQabUujtY6wsuxSyHeQPJSUu/JWfNn2KtShIkBNO3SQZSVviYnAfU5B2zJ7pHp5PljySaREIpyCqJG96tganSLfZ10r8+g3UA+1M8wbPVM8pabOcsuA4NIiGibajutuwDx0CWR4Z8BBzhsolhM8njT426TjASyJRrnazXgJpTVAAg1Wks+1i8GpIwonn844pJ6Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.001184, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, 2024-11-15 at 17:10 +0000, David Hildenbrand wrote: >> [...] >> >> I've talked to Fares internally, and it seems that generally doing >> mm-local mappings of guest memory would work for us. We also figured out >> what the "interrupt problem" is, namely that if we receive an interrupt >> while executing in a context that has mm-local mappings available, those >> mappings will continue to be available while the interrupt is being >> handled. > > Isn't that likely also the case with secretmem where we removed the > directmap, but have an effective per-mm mapping in the (user-space > portion) of the page table? Mh, that's an excellent point, I never thought of that. But with secretmem, the memory would still be protected by SMAP (admittedly, I have no idea how much this is worth in the face of all these speculative issues), right? >> I'm talking to my security folks to see how much of a concern >> this is for the speculation hardening we're trying to achieve. Will keep >> you in the loop there :) > > Thanks! > > -- > Cheers, > > David / dhildenb Best, Patrick