From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 234E2C5AD49 for ; Fri, 6 Jun 2025 09:18:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B445D6B007B; Fri, 6 Jun 2025 05:18:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AF5A96B0092; Fri, 6 Jun 2025 05:18:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9BCE66B0093; Fri, 6 Jun 2025 05:18:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 7AF3C6B007B for ; Fri, 6 Jun 2025 05:18:13 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id ED5AA120660 for ; Fri, 6 Jun 2025 09:18:12 +0000 (UTC) X-FDA: 83524424424.12.905F57E Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf30.hostedemail.com (Postfix) with ESMTP id 6EC258000E for ; Fri, 6 Jun 2025 09:18:10 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=redhat.com; spf=pass (imf30.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1749201490; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Jj58XfJATL0B+GEQPXpt1/s2cxBgD2Nu15jBPdy+PsA=; b=mm/1tA4iCAIVqvNJvJzc1SUfJAHBB0uCUe/rSzH1MJG+oUvs3XynuHVzaDM87MnUD0OHPu gRZUN6elc26JYg2V5RvAtm/2XuTdX5iGViotDLMbKkSpLWiQ/Koe0TPSl59q+/0Qar+fFt fMfz2lL2lPz/KjktiqqVKXGWmebPRw0= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1749201490; a=rsa-sha256; cv=none; b=pXttDBJCRakvizGZBg+wxmKPNhCWG8+Pfjw4SlITEHcv6xywNwS4ZIRZtPkzaVAA1dIRIM QqcdpSHUtf0575KU7YJONgaWYLtzdfma2yXvDNbJzl/F6SUm3++7Pa6/sd/M+aFOfLi2Dh KaJv7RXza5sz/RY7vy9Mb8NvK9sZVgI= ARC-Authentication-Results: i=1; imf30.hostedemail.com; dkim=none; dmarc=pass (policy=quarantine) header.from=redhat.com; spf=pass (imf30.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-340-3XUJzEuBPlOaecLE0dJMkg-1; Fri, 06 Jun 2025 05:18:08 -0400 X-MC-Unique: 3XUJzEuBPlOaecLE0dJMkg-1 X-Mimecast-MFC-AGG-ID: 3XUJzEuBPlOaecLE0dJMkg_1749201487 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-450db029f2aso9424865e9.3 for ; Fri, 06 Jun 2025 02:18:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1749201487; x=1749806287; h=content-transfer-encoding:in-reply-to:organization:autocrypt :content-language:from:references:cc:to:subject:user-agent :mime-version:date:message-id:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=Jj58XfJATL0B+GEQPXpt1/s2cxBgD2Nu15jBPdy+PsA=; b=vTOtrs1cVMjwR0IKhDYAtGgifiaxca4THue7X1IVbe7evf4GPm9KT9otYpd63cvLlF dl1t3up7RKBSeWzJNmF7cCtFKg7zuW1/LjhF7Q1VPQig8tCK5IP1QZNw5MAJoTdvJaiG E34AR4ctSqJ1AlzsLksf7tCBMTd2xzI3AhTTK/DQ2o6Elj/65eeHNgSXSKne/r7uGZN5 0RzHb6cRjQGt9zstZlFCbuRT74iq5/jrI/eGBRNEPHgU8uJICjFKQXL4yPCkBvPaY/jr JjyYg3KbT3YpjiGN4tXZ0kGZTEI1JZJ2Ly2XqTMY9P9yutyvC1TS927tAc3Ua+XM/uPY h1jw== X-Forwarded-Encrypted: i=1; AJvYcCWjsx9SFuQRUz7RNYsqh1R4PlFRSkbu3yloACbAQVckyoVVeOJ3Ms6KTdOllvMuOKJggC7LUPjMEA==@kvack.org X-Gm-Message-State: AOJu0YxgDcnuw/hIL05mqY6eFJPMGoiRTqDP9cY7uspCDRP+yixIIk6H tN/EgbTcYP6kHJO9wCIfrNfRfk7B7HDMpOX090IV3wdeJgUmbRedzx5krlmB3MFqFqUBVqOiZxj +eFm44XVSQpBmmkjn7c+EzYc8NmRl7v5kXpdBYdZuDSHcfoF+0KIo X-Gm-Gg: ASbGncvhYJuZqwW4jAEVQyPYfbXH2GBjus5aP2MhYOGdEMr9MVLpODLosoM8In35g7D ErFh+WbagDIeXWwgxzcSL1p8WgZ0wlisMNQ8aGKiNJu4RLMdykgc4B5Un2sJJQCS7dtdFzkER4e P1HlSVANHbEic/ENrowKdvWjYZiUQZveO3J2MyEFcHtXbbUTWa1ajl02rfvNiPls9Q8mT61K4k9 Nrn9dfph2H/NYA9sTo3AobZabhnMf9SMb81Q9Ni3rx7QCS76RBBakqwRZNiK1SLGkhMyhIeNyUo yadG78bmewSoaLne7E3hkuCebMnlAx9G2lM15BuK6POOifMJU7gw1j9qW9da8aKyvU/Q/HTIZDv w57IuUJzSjWgmp0ZSEr5uUDr31dQbVhAXVMd5A+Xn5w== X-Received: by 2002:a05:600c:1c99:b0:44a:b793:9e4f with SMTP id 5b1f17b1804b1-4520143724fmr22881875e9.19.1749201487302; Fri, 06 Jun 2025 02:18:07 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGXHxPEab+pPqx+rT1qPLZUVdURglPsCFidzht7Kh/mmEEi+EL5y02Ki6Q7IFWhAT0wjRNTiQ== X-Received: by 2002:a05:600c:1c99:b0:44a:b793:9e4f with SMTP id 5b1f17b1804b1-4520143724fmr22881395e9.19.1749201486711; Fri, 06 Jun 2025 02:18:06 -0700 (PDT) Received: from ?IPV6:2003:d8:2f19:9c00:568:7df7:e1:293d? (p200300d82f199c0005687df700e1293d.dip0.t-ipconnect.de. [2003:d8:2f19:9c00:568:7df7:e1:293d]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-45209bc6d50sm17630415e9.5.2025.06.06.02.18.04 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 06 Jun 2025 02:18:06 -0700 (PDT) Message-ID: <870d1f85-840b-40ba-9eeb-14d3a5b7f169@redhat.com> Date: Fri, 6 Jun 2025 11:18:03 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v11 00/18] KVM: Mapping guest_memfd backed memory at the host for software protected VMs To: Fuad Tabba , kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com References: <20250605153800.557144-1-tabba@google.com> From: David Hildenbrand Autocrypt: addr=david@redhat.com; keydata= xsFNBFXLn5EBEAC+zYvAFJxCBY9Tr1xZgcESmxVNI/0ffzE/ZQOiHJl6mGkmA1R7/uUpiCjJ dBrn+lhhOYjjNefFQou6478faXE6o2AhmebqT4KiQoUQFV4R7y1KMEKoSyy8hQaK1umALTdL QZLQMzNE74ap+GDK0wnacPQFpcG1AE9RMq3aeErY5tujekBS32jfC/7AnH7I0v1v1TbbK3Gp XNeiN4QroO+5qaSr0ID2sz5jtBLRb15RMre27E1ImpaIv2Jw8NJgW0k/D1RyKCwaTsgRdwuK Kx/Y91XuSBdz0uOyU/S8kM1+ag0wvsGlpBVxRR/xw/E8M7TEwuCZQArqqTCmkG6HGcXFT0V9 PXFNNgV5jXMQRwU0O/ztJIQqsE5LsUomE//bLwzj9IVsaQpKDqW6TAPjcdBDPLHvriq7kGjt WhVhdl0qEYB8lkBEU7V2Yb+SYhmhpDrti9Fq1EsmhiHSkxJcGREoMK/63r9WLZYI3+4W2rAc UucZa4OT27U5ZISjNg3Ev0rxU5UH2/pT4wJCfxwocmqaRr6UYmrtZmND89X0KigoFD/XSeVv jwBRNjPAubK9/k5NoRrYqztM9W6sJqrH8+UWZ1Idd/DdmogJh0gNC0+N42Za9yBRURfIdKSb B3JfpUqcWwE7vUaYrHG1nw54pLUoPG6sAA7Mehl3nd4pZUALHwARAQABzSREYXZpZCBIaWxk ZW5icmFuZCA8ZGF2aWRAcmVkaGF0LmNvbT7CwZgEEwEIAEICGwMGCwkIBwMCBhUIAgkKCwQW AgMBAh4BAheAAhkBFiEEG9nKrXNcTDpGDfzKTd4Q9wD/g1oFAl8Ox4kFCRKpKXgACgkQTd4Q 9wD/g1oHcA//a6Tj7SBNjFNM1iNhWUo1lxAja0lpSodSnB2g4FCZ4R61SBR4l/psBL73xktp rDHrx4aSpwkRP6Epu6mLvhlfjmkRG4OynJ5HG1gfv7RJJfnUdUM1z5kdS8JBrOhMJS2c/gPf wv1TGRq2XdMPnfY2o0CxRqpcLkx4vBODvJGl2mQyJF/gPepdDfcT8/PY9BJ7FL6Hrq1gnAo4 3Iv9qV0JiT2wmZciNyYQhmA1V6dyTRiQ4YAc31zOo2IM+xisPzeSHgw3ONY/XhYvfZ9r7W1l pNQdc2G+o4Di9NPFHQQhDw3YTRR1opJaTlRDzxYxzU6ZnUUBghxt9cwUWTpfCktkMZiPSDGd KgQBjnweV2jw9UOTxjb4LXqDjmSNkjDdQUOU69jGMUXgihvo4zhYcMX8F5gWdRtMR7DzW/YE BgVcyxNkMIXoY1aYj6npHYiNQesQlqjU6azjbH70/SXKM5tNRplgW8TNprMDuntdvV9wNkFs 9TyM02V5aWxFfI42+aivc4KEw69SE9KXwC7FSf5wXzuTot97N9Phj/Z3+jx443jo2NR34XgF 89cct7wJMjOF7bBefo0fPPZQuIma0Zym71cP61OP/i11ahNye6HGKfxGCOcs5wW9kRQEk8P9 M/k2wt3mt/fCQnuP/mWutNPt95w9wSsUyATLmtNrwccz63XOwU0EVcufkQEQAOfX3n0g0fZz Bgm/S2zF/kxQKCEKP8ID+Vz8sy2GpDvveBq4H2Y34XWsT1zLJdvqPI4af4ZSMxuerWjXbVWb T6d4odQIG0fKx4F8NccDqbgHeZRNajXeeJ3R7gAzvWvQNLz4piHrO/B4tf8svmRBL0ZB5P5A 2uhdwLU3NZuK22zpNn4is87BPWF8HhY0L5fafgDMOqnf4guJVJPYNPhUFzXUbPqOKOkL8ojk CXxkOFHAbjstSK5Ca3fKquY3rdX3DNo+EL7FvAiw1mUtS+5GeYE+RMnDCsVFm/C7kY8c2d0G NWkB9pJM5+mnIoFNxy7YBcldYATVeOHoY4LyaUWNnAvFYWp08dHWfZo9WCiJMuTfgtH9tc75 7QanMVdPt6fDK8UUXIBLQ2TWr/sQKE9xtFuEmoQGlE1l6bGaDnnMLcYu+Asp3kDT0w4zYGsx 5r6XQVRH4+5N6eHZiaeYtFOujp5n+pjBaQK7wUUjDilPQ5QMzIuCL4YjVoylWiBNknvQWBXS lQCWmavOT9sttGQXdPCC5ynI+1ymZC1ORZKANLnRAb0NH/UCzcsstw2TAkFnMEbo9Zu9w7Kv AxBQXWeXhJI9XQssfrf4Gusdqx8nPEpfOqCtbbwJMATbHyqLt7/oz/5deGuwxgb65pWIzufa N7eop7uh+6bezi+rugUI+w6DABEBAAHCwXwEGAEIACYCGwwWIQQb2cqtc1xMOkYN/MpN3hD3 AP+DWgUCXw7HsgUJEqkpoQAKCRBN3hD3AP+DWrrpD/4qS3dyVRxDcDHIlmguXjC1Q5tZTwNB boaBTPHSy/Nksu0eY7x6HfQJ3xajVH32Ms6t1trDQmPx2iP5+7iDsb7OKAb5eOS8h+BEBDeq 3ecsQDv0fFJOA9ag5O3LLNk+3x3q7e0uo06XMaY7UHS341ozXUUI7wC7iKfoUTv03iO9El5f XpNMx/YrIMduZ2+nd9Di7o5+KIwlb2mAB9sTNHdMrXesX8eBL6T9b+MZJk+mZuPxKNVfEQMQ a5SxUEADIPQTPNvBewdeI80yeOCrN+Zzwy/Mrx9EPeu59Y5vSJOx/z6OUImD/GhX7Xvkt3kq Er5KTrJz3++B6SH9pum9PuoE/k+nntJkNMmQpR4MCBaV/J9gIOPGodDKnjdng+mXliF3Ptu6 3oxc2RCyGzTlxyMwuc2U5Q7KtUNTdDe8T0uE+9b8BLMVQDDfJjqY0VVqSUwImzTDLX9S4g/8 kC4HRcclk8hpyhY2jKGluZO0awwTIMgVEzmTyBphDg/Gx7dZU1Xf8HFuE+UZ5UDHDTnwgv7E th6RC9+WrhDNspZ9fJjKWRbveQgUFCpe1sa77LAw+XFrKmBHXp9ZVIe90RMe2tRL06BGiRZr jPrnvUsUUsjRoRNJjKKA/REq+sAnhkNPPZ/NNMjaZ5b8Tovi8C0tmxiCHaQYqj7G2rgnT0kt WNyWQQ== Organization: Red Hat In-Reply-To: <20250605153800.557144-1-tabba@google.com> X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: pNoBWH-fjVzgxk7BnB8jLNiGNG46ekrCZ2XokfrLnMM_1749201487 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 6EC258000E X-Stat-Signature: iiss4xnf9mnxo9bwsw5r7wzey4rmp5h4 X-Rspam-User: X-HE-Tag: 1749201490-19874 X-HE-Meta: U2FsdGVkX19AWr7Y4+IDm2lKIbAVXhaZTlqlFrGps7pvKraTf8Vrs+vP1fO3NWbchZoEta1qR9t42Jio2AJ+3RVYfVziWdH1Hg5T4Ub5PlzPuzDIraeg98dwXso+wlNtNQIUc8BVDmv0H5yVd1bEKcCs2web5PbgY/YEsam1/JggVYtpcIJJzxEn9W/09BEQKwPCRWSQeGsTqq1MBEznXsCwhyTCnDLnlnI7GI6h6WRjqGZdq9Ahx0nQM9G1Ks0tvou+s3RcmpJd1I4Y+x5SmPQ3XEhnKAJGOjptsQLtqA0l9mcTud8eaiIoDaFxZ6dGusBQmpY9apSXiUpRv1ms7z+cvUwWeDRVnzN5T3euUdtXJ42+VqauE7XpLOzXiWwpOHVyfN0UWuvKM7xCAfcs5Wes5uZSEnZ7dkPjijGDH7rwMo/2XssF6LEre3aGlqyaMc1+d3PEcZuLgnvMwrJgDSsEA0tIh7K4jDNZy+6KLBSRX3CCIpvCfppiJ22oNS58na2GAqtP0hpHKypQ/gMwr+zczF4IjgCo2yXVrvffb1FqXslVLi0G7rmgs/hMobAMJaH84IDAno+bqM6XbYiZTC/qF8Gzt26X7H/V8PsoctBuUBvELfSdpF8RvhhSkyHjcZLfeIayzKf9T2eCdUoKlDuqFNeJ70x+223Z8NBkNSZJ7YDtqvqvNZOtkIqr5JPgx18XP7Yf4uPO7OyZze7ekrqEoejUxq6RMszXdAY3qSEywanVD/6sySW/AZoBhUhqV4mZCw11HZJ34jpK4SApOcZ9rjkYeDRbUeBKah2w9xQ5nkp9wWeaSIS8sjuO/rJ8u6HGMjznfBFDo3vEUMtt3hE6aCJAyb4Q2T2fMEakOUHtZyuRKk8Udlz3f9vYtCont3QO1VGp42o3Q/vrPBB60HtGEpLau90OUyd0Be7KitsMnXovL6L8462b6pNT3lqVGIcRBjoQrh5gM9zRJgz 44tLTmVh sgPBbjpPwWRzu4RyfI8cQ56BLuncOBcWugV3lS6zQ90qPVJbpQ65etpCsxz7hWeRFh0JogKJL73rmFg42SoVRABcojc1k2NEolzl24/e5F8Qmhwxm4+x9ON6AzTIoH6D/E9dlJEhGyJVONnuxSY7Bmn8tUR/yRZuvaUCWoilez5jVYNdyS0EhjEkRxDPVDk9LWGin5q6+GFPzBXczYcM5KQSTjUyUsZZgR+MxDH6tbvKg7TGpZf4DT2+Q2Dji4Gvxrx7hKyeRAwyk2rzGru2Zx4GWmBld3sDqiHrFU6lbCpd/35wDqfmxMU201p9rWfk35jbk37Cski8xZp1JE2r8F99hdPDY8XNPMtHwJJg1vK46195AmB7vQ3AJMGhQVRWl2SO/XIko1nJE7v1vZzXZNm1yh76dLU0d028b X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 05.06.25 17:37, Fuad Tabba wrote: > Main changes since v10 [1]: > - Added bounds checking when faulting a shared page into the host, along > with a selftest to verify the check. > - Refactored KVM/arm64's handling of guest faults (user_mem_abort()). > I've dropped the Reviewed-by tags from "KVM: arm64: Refactor > user_mem_abort()..." since it has changed significantly. > - Handled nested virtualization in KVM/arm64 when faulting guest_memfd > backed pages into the guest. > - Addressed various points of feedback from the last revision. > - Still based on Linux 6.15 > > This patch series enables the mapping of guest_memfd backed memory in > the host. This is useful for VMMs like Firecracker that aim to run > guests entirely backed by guest_memfd [2]. When combined with Patrick's > series for direct map removal [3], this provides additional hardening > against Spectre-like transient execution attacks. > > This series also lays the groundwork for restricted mmap() support for > guest_memfd backed memory in the host for Confidential Computing > platforms that permit in-place sharing of guest memory with the host > [4]. > > Patch breakdown: > > Patches 1-7: Primarily refactoring and renaming to decouple the concept > of guest memory being "private" from it being backed by guest_memfd. > > Patches 8-9: Add support for in-place shared memory and the ability for > the host to map it. This is gated by a new configuration option, toggled > by a new flag, and advertised to userspace by a new capability > (introduced in patch 16). > > Patches 10-15: Implement the x86 and arm64 support for this feature. > > Patch 16: Introduces the new capability to advertise this support and > updates the documentation. > > Patches 17-18: Add and fix selftests for the new functionality. > > For details on how to test this patch series, and on how to boot a guest > that uses the new features, please refer to v8 [5]. Paolo Et. al, I only found some smaller things, this is looking mostly good to me. ... worth having a look ;) -- Cheers, David / dhildenb