From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24B12C25B74 for ; Mon, 13 May 2024 17:10:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AEDDF6B015B; Mon, 13 May 2024 13:10:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A75B86B015D; Mon, 13 May 2024 13:10:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8EF556B0179; Mon, 13 May 2024 13:10:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 6D5276B015B for ; Mon, 13 May 2024 13:10:04 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 1DEC2A0F62 for ; Mon, 13 May 2024 17:10:04 +0000 (UTC) X-FDA: 82114010328.13.4F1EAAC Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf08.hostedemail.com (Postfix) with ESMTP id 3C9E916001B for ; Mon, 13 May 2024 17:10:02 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=qKwN3xsb; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 3aElCZgYKCD0rdZmibfnnfkd.bnlkhmtw-lljuZbj.nqf@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3aElCZgYKCD0rdZmibfnnfkd.bnlkhmtw-lljuZbj.nqf@flex--seanjc.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1715620202; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=eqAMYyJARP70lQweb95UizBZYpowafIc/1BTiL7HAHE=; b=k+WcjMHAFEGxW05IgouHE7kh6h5ECdYQL7oXMRCzzDhFIBacYBOsYClzhMyYtpwd8QlO6k qsporywa+0cPpvuMHRoS27slYvWb5r9Llbm+RDhPDuFDb+T6Xb1gy7ERSB/IOe0SGPRhLg oixz08rfFDxlVJfcztBuPycJ6x8kUUs= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=qKwN3xsb; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf08.hostedemail.com: domain of 3aElCZgYKCD0rdZmibfnnfkd.bnlkhmtw-lljuZbj.nqf@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3aElCZgYKCD0rdZmibfnnfkd.bnlkhmtw-lljuZbj.nqf@flex--seanjc.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1715620202; a=rsa-sha256; cv=none; b=uIA4l003+mclD6BVMASvCdPA+54AwvBtQaLH9lr/F/AVzdLTet3plpftjNbqMYZBYVbhMs T8HgYWkxbcXDBbt/PF3pBDHExMsd/Ak4ERpmgUJbsbRCpylFAc3i+/P7ZlUdPPWNESD9JY iI2eMpJ8HO7DGfdtrMubGsU5uMIZuHs= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1ee2f06e652so49591475ad.1 for ; Mon, 13 May 2024 10:10:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1715620201; x=1716225001; darn=kvack.org; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=eqAMYyJARP70lQweb95UizBZYpowafIc/1BTiL7HAHE=; b=qKwN3xsbM59q3Anh4uwuVjZjuoP+uqRTDtOzbkCfys/wyK/U3q4C+RdurVcR98j0ul ISSZSH8qkQEHS/YrlKejOkOJZoIaAHl6KoRo7MofX4piYwu08GdwnUWq7OidbA2TFgCC idBThfyyeBpZ1qNl938YgP9b73KMA5Mv1cM8w7HWqTLHHqh5GLMv+7U+V4QA4ijXgfGu qmsWH+UrJSFPISP1aWYG2v6EBA1tMM6BsbWgrepVUo3n78JHTVTK0H1zZ3jQ/dRQELlG tD2bLyXSW6lwupyDFrjBA8cmZGtElOgVVR7/WkTg0YYFpOoZxupe0voR43+t85UflRXQ WMjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715620201; x=1716225001; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=eqAMYyJARP70lQweb95UizBZYpowafIc/1BTiL7HAHE=; b=XNSWj0ERi7J1SEQ/4K9bscEVpUp9ie6MCoNp40U9qahAZEOtZ7KOIelW+vNXIw/TIc vsfMVRkZPaLLk9jEAL/LGdOPHMUALupMrmj4Xgbr5jNNLH82ioU2DhXuSeaedEy+D2ut Drv4uiASOxhCmN40PqTN4ZC50W/RmJtReKH7KuKqpgWHQEN9Ak7ysCnpKQrcRjJiHEp0 PuV1koY4Pg0c+qW0KUTtYgnsZQ+AWe/+F4+uOxW2az7bCsSDkjhIhqgsLfVI7d7VJ4bO riFFSsaLhLTEMFB3nDGlt6kOa8oTrzMEhS/FdN0z+/yy9xfmyXvO5k2LMTcoM7iQ/7cE NKOg== X-Forwarded-Encrypted: i=1; AJvYcCUViLTydGTK9dlUf+qrKxP9+BhbTPUMienEa0ursYfeaZOVDBqM8Y1bc4WPH0xdY2mFNweEJGNgJRx0Nt6k3wDmvjw= X-Gm-Message-State: AOJu0YwikgJRIbtlcPXBaM/shllGswowVJqB3sJHBKKBOwWHcdB6T6W0 yhiG9/djj/opIQ6vcyT6Rp152jbctkaAMKObb7eKQCNeoXfnyAfMbef+iadkxJ2D7uCU8OErj3J KoA== X-Google-Smtp-Source: AGHT+IFe9bUcF2cKcIAR1X9HznQBXdRthmRbSGERQIgzvsrvwXGdt51Pjnpg13XPQnNPLlENosr3rjbDm/4= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:e752:b0:1e5:62:7aa6 with SMTP id d9443c01a7336-1ef43c0fe5emr540015ad.2.1715620200915; Mon, 13 May 2024 10:10:00 -0700 (PDT) Date: Mon, 13 May 2024 10:09:59 -0700 In-Reply-To: Mime-Version: 1.0 References: <58f39f23-0314-4e34-a8c7-30c3a1ae4777@amazon.co.uk> Message-ID: Subject: Re: Unmapping KVM Guest Memory from Host Kernel From: Sean Christopherson To: James Gowans Cc: Patrick Roy , "kvm@vger.kernel.org" , Nikita Kalyazin , "qemu-devel@nongnu.org" , "rppt@kernel.org" , "linux-coco@lists.linux.dev" , "somlo@cmu.edu" , "vbabka@suse.cz" , "akpm@linux-foundation.org" , "Liam.Howlett@oracle.com" , "kirill.shutemov@linux.intel.com" , David Woodhouse , "pbonzini@redhat.com" , "linux-mm@kvack.org" , Alexander Graf , Derek Manwaring , "chao.p.peng@linux.intel.com" , "lstoakes@gmail.com" , "mst@redhat.com" Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 3C9E916001B X-Stat-Signature: snwc91kqm3579dbazz1wjxer9u9dezxr X-Rspam-User: X-Rspamd-Server: rspam04 X-HE-Tag: 1715620202-405983 X-HE-Meta: U2FsdGVkX19nKa3jYUur+qBsd4dSEIaegmia+niJRUqBhTFLt85HGQZkOBiDmeY+fFyuK4MorSI4dE3vXXzFbxps5UQez+aU2Z86B3kbrPMAjdORn1/67GojcKqF2YAOSNgMWxF8abE9M0+H2eCttOv2aftrzcY/uM8QHsMY5GjSBsZuZS2b9ttyFhv6TIycXllRhQEftkJNj/lm5Zypm8y9oF6hQoj6JIVMR8n3THxM9i5dgPAyw4c1MqNiFsNUahFIaRYwyKnwzMmaFlW63Kwaisp2gic420vA/VIUx2Fl/zMM4xOSHNUFbYniDf2D0ZP35wErNIAqU+9yLbkTDrezDs2PflKtcMd54vPljPRuddvxddnEx7VmByjnmfxlAK6Rgx1NgwJK3bPy5Z2DbPKustTrmdN7ffHX19uixVNko9AK+zPAckD1Cc3IyMvzOs7AhGgMbwTbUQ2drPHgHQ5LmEgEdGhg94BS0MswajFpwckzXlfvS5Nc0QGCCzVSJxxGhjfjOFlujCea4QS3WUtYoAPo8TyFWAx0GCyNsil+eaDsWbl0bKpmrC5hZ3xGYg0PVBjzzN9BllIXEXS6kwpAsWUWzEiRRxvgqHiRvYm0KBBmklavm0IlUAiTOW3Chg4BxZRNashK4FNeeyHUTr0h1fZMKaL/dPDyETrv3LaFJLgOuRHPrw9t9kz7DgCdoW2c4MCb4btwlCUoXGhaX6Q2DsRySI6K63Tf5k4HiEBIvwRWoJ+9z9l9QNBTMnWmCCDCqXLmmusIEqVmPEdiLoJA1m9jMEawWRpwkzGk96/zTwXpUrs5fjwJryojHqDcxhFFR0+Rc62nJkwjo+d8/GsZdqfV77O2YNBA9PfezvILnvVjK+X5OFHLoPJ1Ncekpal8qp3ZCq3nHEL+P+PCTSjJM/IlzdW+al4bYowqnc7XZMOUWLwMTTaoS2JKLiu9xMGI236ktwMyh4clevO FXPoaX8Z TBI5NlOuJE8OT+AGfnaTTeLChidsDvRZ7pznXvFnfm9CTInzE/6aHKyxNCYJ/m73q60+PlNjv10kv9qeIw1HzmomF3+uqMJBG7iAIW9P2Hi0Sb2GQ/azCx58DXzslebN3ZLWWQmdXd17yXX/EUPokY1rnQcn+vbrArgX0NkQJBO6Y9tU5n4tKUZhfrL7QyNDTZHZUCkZKkHFvCHwFCxN6k9yr58eat4tbqw545+ngAiyDl5WNMCQnkdH9yAudxqeMLUTF0HliqAT1pCGuovlwVQ2OUMuvmJz7JXknbEPeaZUnKwj3HW3sSWgm+DGt2rtfrFHjAEw6cWZFcNlVZoQmqLxC1e/qS+sXrpsBAgURhl57/DQIlRJdK9RlofUTjJwJLx4vCUEQfghho5rtGC1XeEbkd1uFt6JwQDpOaGEIu7MrJ/be2CKjIOv0G3nEJ+Y6Hq68VArQmeY06Mz12LEmxpYVB2cRwPftgPKHVdSlYVf0V+TRJeIboVEAiHQCE7RWPoPe5ggSbzOne3AiU68lnp1GZ5LQ5gtsVDN52chZwnGMtCcZ5lxizp3rB+u8C9gCVqzYX0MhKeQ8Y/FZl19y6D0HxgjuOaC9JvGdoUF+wxHcdS4AjnMxcvgRLw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000006, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, May 13, 2024, James Gowans wrote: > On Mon, 2024-05-13 at 08:39 -0700, Sean Christopherson wrote: > > > Sean, you mentioned that you envision guest_memfd also supporting non= -CoCo VMs. > > > Do you have some thoughts about how to make the above cases work in t= he > > > guest_memfd context? > >=20 > > Yes.=C2=A0 The hand-wavy plan is to allow selectively mmap()ing guest_m= emfd().=C2=A0 There > > is a long thread[*] discussing how exactly we want to do that.=C2=A0 Th= e TL;DR is that > > the basic functionality is also straightforward; the bulk of the discus= sion is > > around gup(), reclaim, page migration, etc. >=20 > I still need to read this long thread, but just a thought on the word > "restricted" here: for MMIO the instruction can be anywhere and > similarly the load/store MMIO data can be anywhere. Does this mean that > for running unmodified non-CoCo VMs with guest_memfd backend that we'll > always need to have the whole of guest memory mmapped? Not necessarily, e.g. KVM could re-establish the direct map or mremap() on-= demand. There are variation on that, e.g. if ASI[*] were to ever make it's way upst= ream, which is a huge if, then we could have guest_memfd mapped into a KVM-only C= R3. > I guess the idea is that this use case will still be subject to the > normal restriction rules, but for a non-CoCo non-pKVM VM there will be=20 > no restriction in practice, and userspace will need to mmap everything > always? >=20 > It really seems yucky to need to have all of guest RAM mmapped all the > time just for MMIO to work... But I suppose there is no way around that > for Intel x86. It's not just MMIO. Nested virtualization, and more specifically shadowing= nested TDP, is also problematic (probably more so than MMIO). And there are more = cases, i.e. we'll need a generic solution for this. As above, there are a variety= of options, it's largely just a matter of doing the work. I'm not saying it's= a trivial amount of work/effort, but it's far from an unsolvable problem.