From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7564DC54E58 for ; Mon, 11 Mar 2024 09:30:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E2D866B0080; Mon, 11 Mar 2024 05:30:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DDC7A6B0081; Mon, 11 Mar 2024 05:30:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C564D6B0082; Mon, 11 Mar 2024 05:30:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id B0CE06B0080 for ; Mon, 11 Mar 2024 05:30:00 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 1C5F1A13AE for ; Mon, 11 Mar 2024 09:30:00 +0000 (UTC) X-FDA: 81884236560.18.3CC815C Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com [209.85.221.53]) by imf20.hostedemail.com (Postfix) with ESMTP id 3F4101C0010 for ; Mon, 11 Mar 2024 09:29:58 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Hy5KvCnQ; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf20.hostedemail.com: domain of tabba@google.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=tabba@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1710149398; a=rsa-sha256; cv=none; b=tm4H1nh41zzyXnwpMRILKENv6YAFEGP+pGJMlxpX7RrHeeI+26h+TsxEyul71WFoSjWO86 0lYpKcWRbsLv1gsIIlH3265kpRjZ5BlhoYM9t87+afeCKTksxztdWJx1L8xd5/Vd92yWwN 1vER0eG219Q1NYeU50ZrBbLKlLWBbJk= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Hy5KvCnQ; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf20.hostedemail.com: domain of tabba@google.com designates 209.85.221.53 as permitted sender) smtp.mailfrom=tabba@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1710149398; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=yYwZNAyl9eI8xnn6G8iPccTROZ3bREOUqaEgbZaMdn4=; b=rNCUBmpSj6ZzwOSvsuNdOc8Agl3Yox5tg0Yd5afZnx+tnQwSmRXWlKs8/C6dl+YYYBbgVd /DKOiQKkDqH69Ef4Xq9+CExIqmgo8tum1zJCeCrNfFTLE+34rrxt7Q8JqbRPBK1nlUeDuZ 1iGPKS+o0rP9A2+aZU0CSdxVns2Wy0Y= Received: by mail-wr1-f53.google.com with SMTP id ffacd0b85a97d-33e8e9a4edaso1702053f8f.2 for ; Mon, 11 Mar 2024 02:29:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1710149397; x=1710754197; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=yYwZNAyl9eI8xnn6G8iPccTROZ3bREOUqaEgbZaMdn4=; b=Hy5KvCnQvf6qN/wWeMO1UB0RL0A6c9u1gUb8a6apbElVAbHqDaQtrxzC2GJfJZ0hin 19UWxMumO8gdWJ035ckZbnemi7JrrRQPxD8VXNMjJY3F/XFHMgUQPTNdOMtR/iM7+GzM ZA0xew3wfaqOZrCyWUAaEpdmD4h+KRIA02ezLR+D+VmypWscEyIFJNmWAw08R5ApLsb0 5BM5fjsufN7hZj3Y2LzFu4M3IfYDSHQYa4EeCcGB+fdst3h63py6uxwvOtRCu1lVqjHz aabozs1yQbIggFby/QEoVVvPDme2AwtGbCB3KbQt6so9rmE70N46ljjVUYXraPbaAXMP Ew4g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710149397; x=1710754197; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yYwZNAyl9eI8xnn6G8iPccTROZ3bREOUqaEgbZaMdn4=; b=wONfNa5vYqwvhRC6wJBR9i0/zaKOX1yoXLws2aZUr+sR7TPzseFk/Rw/WrFaWElNhi 7bL6yhWNo6iBALqrJeXHecT3x8EVucvAy8FcON4Adm7jXb0P1TucivjPDXMGtAVwmP0m ZstLD6O+9tRVtynh2uyNFzjMf442mtUTUIgoXqwDL+boPPE3J/opwcVAXYFyBjewpYRV ZGYLpFpBNZhbbIqKYicKAod+iMrBo9rKHq6iho5XGzl84+Vrz0fRIpci5hz2skrMy8wt Vv+n7GGCaZff1UrUY5bFFCor+y7gZhokVmQt2mY1mbFv6QooHQjqFv1SEoD5gjZknrqK JgAA== X-Forwarded-Encrypted: i=1; AJvYcCXut8zsWiO+ZrD6H1NVhmxEHssX7p/nwvVi9f0/61mn4vVn60UNPzRBAZrmLDQN0eGBa0oEDlcedTN01/KMaaQ6D6s= X-Gm-Message-State: AOJu0Yzj2QvRsC7JQecvZcBDxQnJUGwOAOAx5olI+nsu0FHDtKd/gpal +S0nROCCKx43k+cPSJrWj29CHyYUaUOYwPjznEpBam27VLOKCPFXOXkxVtzkE3y3UW040VBiJh7 A9eR2VIOD/994XwHEk47Vx0d8AFszOg9i+MwV X-Google-Smtp-Source: AGHT+IHSfs26GHVI09JkKNk9HoDRqOW4oeQ0rJHE/UNYx/wsSmfgrD7ev79myOziiYJpopiGSTSS0pKlBEG+6nVcKtI= X-Received: by 2002:a5d:5188:0:b0:33d:e1d2:2694 with SMTP id k8-20020a5d5188000000b0033de1d22694mr3718979wrv.63.1710149396551; Mon, 11 Mar 2024 02:29:56 -0700 (PDT) MIME-Version: 1.0 References: <335E21FA-7F1E-4540-8A70-01A63D8C72FA@amazon.com> In-Reply-To: From: Fuad Tabba Date: Mon, 11 Mar 2024 09:29:11 +0000 Message-ID: Subject: Re: Unmapping KVM Guest Memory from Host Kernel To: "Manwaring, Derek" Cc: David Woodhouse , David Matlack , Brendan Jackman , "qperret@google.com" , "jason.cj.chen@intel.com" , "Gowans, James" , "seanjc@google.com" , "akpm@linux-foundation.org" , "Roy, Patrick" , "chao.p.peng@linux.intel.com" , "rppt@kernel.org" , "pbonzini@redhat.com" , "Kalyazin, Nikita" , "lstoakes@gmail.com" , "Liam.Howlett@oracle.com" , "linux-mm@kvack.org" , "qemu-devel@nongnu.org" , "kirill.shutemov@linux.intel.com" , "vbabka@suse.cz" , "mst@redhat.com" , "somlo@cmu.edu" , "Graf (AWS), Alexander" , "kvm@vger.kernel.org" , "linux-coco@lists.linux.dev" , "kvmarm@lists.linux.dev" , "kvmarm@lists.cs.columbia.edu" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 3F4101C0010 X-Stat-Signature: uexxwi9io6zbo95e4nr7fonnfsaxqq9c X-HE-Tag: 1710149398-374579 X-HE-Meta: U2FsdGVkX18rKxJ9TC/Gs5i/9z3K45AgOzVAO7iReDG+4Y3LOJiS3DfMv9ArYGWnrSf6zROyWip4bKWfpjpe7nYTJM6heCDjd7/IbO1aqHeYuIfo5wGV0tDZ6jgIDFBgYWVY+4npDMA7TeI49YkBrh5Sh5VCqHVtS/9wVKzmEnpizDGsWMgi7dE1f9Bj9lzXGXdqS9zx4RxxeRiOBCCWGE4yv4Y+NiE5T0CwYk211l07J1APrFuTECgiWQbrZdeBWW98KsxICuqvQe/xitAJGBKq4Eia7McFnIC7fTJ4Wgy25r1Z1OuuiWsdcTiCIPa/0x5m9aRtIE5WHg12d+0+Ss28ykpTmm5JwFsgHnyAsIhEHE61zCwnBwcuHgfR0wCm6wfWpW1E2KxHiKfXAMhsNO8ktSrGbWag1olkwbvfJjZNxTKDZ2l46ZZNTrZLpjqwQtHw0+PW3gokKXYWXrirYPefKO3KP49/4OJjMcaAsvB9Xd7X8fveXhCHPxZRyJ1Or5BkvsQv7KLH6EKNtIcub41Nflb5JynhFKzGR3GPMYy+67JXsk0UHr87Vh/1jH4EDL4Ldwhz3X8HaMd1AiamJrNqJ0hbH+7PAH/J8BX6Rq1pNj6tHKi5GycwDzSep+4yYgOne5waWXq3sNyuVHtDJ1gv1P/9J/lkQPDPEE2jaRv9pUS1Mm9zBTeGIfhLv9KXLAfwIuvz0QFDPIIqBnwE6woI1JDLr+R772SIgdOKTtWl2n2esUc2zByQ7q/SyboyrbmeAp6OgHG0Nm0mSUXgERjAN437/3/4w1eXlJUz13Kt0mULKFbgKNfrC6eO+NIWHfIacFbpG4eDOr7JrGzVU+jnxb6rUF8FjqKtifppMnk9zvxQvzuWNlP5cg5xalB6wyq6c2NNWwnSu47IBqGANQ09ghirT4XPUa9+rv8WISryxlJGlxIZo97+axMxAOmwLWvy8fF+WsW9ZgU8/iM qJ+N1pl6 GQv+aLW64bkBVrCwmEGo/zgN2UW/YOf8nMPUWbaxvuJP4oJZsPgqRv4gcoveHOJx1HEBfJjCNbttSjh8iiBMKImSSffe8k64aS6rv/F7KLumnPH8FPuyvSKwet+A6zG4ktSubOO5oqKlWUylRj28xAKwHN8mccE+9eh2mzeVDH928O7G4QT9RMYpos1ExJRDL2e2mGz6Y+j44hp0iY+44OeT8WZf/G+HYSN9xDpDUPX9eqkh7zwBpZVwSZm0vRqdbvTsX4P5N09qvFyL9jPzDTEFRjVFbNqWdP+GKNxe5YT1OJ4eAVQz7PWB+ImqHj2/d7t8fDVYDGm7ttVZ5chHHR0Qd6vqSDOkPHYAuEVYS9A9H5ouBgQ2yb59uRg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.026095, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Mar 11, 2024 at 9:26=E2=80=AFAM Fuad Tabba wrote= : > > Hi, > > On Fri, Mar 8, 2024 at 9:05=E2=80=AFPM Manwaring, Derek wrote: > > > > On 2024-03-08 at 10:46-0700, David Woodhouse wrote: > > > On Fri, 2024-03-08 at 09:35 -0800, David Matlack wrote: > > > > I think what James is looking for (and what we are also interested > > > > in), is _eliminating_ the ability to access guest memory from the > > > > direct map entirely. And in general, eliminate the ability to acces= s > > > > guest memory in as many ways as possible. > > > > > > Well, pKVM does that... > > > > Yes we've been looking at pKVM and it accomplishes a lot of what we're = trying > > to do. Our initial inclination is that we want to stick with VHE for th= e lower > > overhead. We also want flexibility across server parts, so we would nee= d to > > get pKVM working on Intel & AMD if we went this route. > > > > Certainly there are advantages of pKVM on the perf side like the in-pla= ce > > memory sharing rather than copying as well as on the security side by s= imply > > reducing the TCB. I'd be interested to hear others' thoughts on pKVM vs > > memfd_secret or general ASI. > > The work we've done for pKVM is still an RFC [*], but there is nothing > in it that limits it to nVHE (at least not intentionally). It should > work with VHE and hVHE as well. On respinning the patch series [*], we > plan on adding support for normal VMs to use guest_memfd() as well in > arm64, mainly for testing, and to make it easier for others to base > their work on it. Just to clarify, I am referring specifically to the work we did in porting guest_memfd() to pKVM/arm64. pKVM itself works only in nVHE mode. > > Cheers, > /fuad > > [*] https://lore.kernel.org/all/20240222161047.402609-1-tabba@google.com > > > > Derek > >