From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E6AE7C83F25 for ; Mon, 21 Jul 2025 10:07:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 635F36B008A; Mon, 21 Jul 2025 06:07:47 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 60DF16B008C; Mon, 21 Jul 2025 06:07:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 523816B0093; Mon, 21 Jul 2025 06:07:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 427A36B008A for ; Mon, 21 Jul 2025 06:07:47 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id D8388BAB1A for ; Mon, 21 Jul 2025 10:07:46 +0000 (UTC) X-FDA: 83687845332.08.6C31734 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) by imf10.hostedemail.com (Postfix) with ESMTP id 3656DC0002 for ; Mon, 21 Jul 2025 10:07:43 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=JxRQskf7; dmarc=pass (policy=none) header.from=intel.com; spf=none (imf10.hostedemail.com: domain of yilun.xu@linux.intel.com has no SPF policy when checking 192.198.163.10) smtp.mailfrom=yilun.xu@linux.intel.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1753092464; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1Jpcnrg86sV82Nht2jZA3F4+JG179I3H4HY7oTCHFTU=; b=z6W37sAVdj2ex/7RA2Lcnc5WDlXXgxVxmWHRZzE01FIh53P9dg2piEa+ODEOtKSBN8ByC4 FYziqTiqMedNrDvoV07IPwCeAnluabQ/o09Wf6rSG4zue6WGz6karDGO4ACJg3TPShIb1p wx5avbe144oHIQk4WT59TvuTpc4YEzc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1753092464; a=rsa-sha256; cv=none; b=kI9i2erIGkfz3EuTElrX54RDi5Cj9A28Ccrsu0mkcmSh5Y0fnwHquhTjWLfQzdE/IwCBnw 6la7Ntuqwe2G98pt0cGl+f2BAbfqRpeYGw400OBid3++30OCE9ThL0HMo0F/bqBmhIG8MZ R41Qf+RUx655Qak0Vmf3/EXGyHgje8A= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=JxRQskf7; dmarc=pass (policy=none) header.from=intel.com; spf=none (imf10.hostedemail.com: domain of yilun.xu@linux.intel.com has no SPF policy when checking 192.198.163.10) smtp.mailfrom=yilun.xu@linux.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1753092464; x=1784628464; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=gnT7JnKbIZTs1/DF9F99GY/6ioIc4Qm9hwZlyLDRQAE=; b=JxRQskf7T++HTMkf9q1SMgRBCa3jekEI0CavHuQX3sBd8puPMt93E/Tk H/iDYCg97pYfT5rqAO8rkLnt3rg28Losc4rjwu5f3vApfszsZ6v0Pfh93 qwpcM3+xmm5LJsFHG2mZrrlsP7UYYckE3ssdP0m/ULGGMxnJo46fA08vY xCkIS5J6AiBbfZI1JvesshOZUy5ZehsIRp5nls3Qt0JLgy/fb4DR9MpVH rVoVuduRetOsLC9HCHfOXmuQCtPmijOxWTAg+NVWKCpDahG0sZtu7IGhF 5gW8/3JI6kBe531jSx8vmFIE3C0mpgyVLoBjMB1BvIwn9bSJfzLb3CSAX g==; X-CSE-ConnectionGUID: //1zx51cTTa9z+L13CbUAg== X-CSE-MsgGUID: FfjpWeXnT+2ea77+u1iRbA== X-IronPort-AV: E=McAfee;i="6800,10657,11498"; a="66649595" X-IronPort-AV: E=Sophos;i="6.16,328,1744095600"; d="scan'208";a="66649595" Received: from orviesa010.jf.intel.com ([10.64.159.150]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jul 2025 03:07:42 -0700 X-CSE-ConnectionGUID: lZvV7H2ySFeJpzJ+XwtoCw== X-CSE-MsgGUID: n/AN5tG9TNmXrKtBqI9eZg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.16,328,1744095600"; d="scan'208";a="158110405" Received: from yilunxu-optiplex-7050.sh.intel.com (HELO localhost) ([10.239.159.165]) by orviesa010.jf.intel.com with ESMTP; 21 Jul 2025 03:07:22 -0700 Date: Mon, 21 Jul 2025 17:58:30 +0800 From: Xu Yilun To: Ira Weiny Cc: Ackerley Tng , Yan Zhao , Vishal Annapurve , Jason Gunthorpe , Alexey Kardashevskiy , Fuad Tabba , kvm@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-fsdevel@vger.kernel.org, ajones@ventanamicro.com, akpm@linux-foundation.org, amoorthy@google.com, anthony.yznaga@oracle.com, anup@brainfault.org, aou@eecs.berkeley.edu, bfoster@redhat.com, binbin.wu@linux.intel.com, brauner@kernel.org, catalin.marinas@arm.com, chao.p.peng@intel.com, chenhuacai@kernel.org, dave.hansen@intel.com, david@redhat.com, dmatlack@google.com, dwmw@amazon.co.uk, erdemaktas@google.com, fan.du@intel.com, fvdl@google.com, graf@amazon.com, haibo1.xu@intel.com, hch@infradead.org, hughd@google.com, isaku.yamahata@intel.com, jack@suse.cz, james.morse@arm.com, jarkko@kernel.org, jgowans@amazon.com, jhubbard@nvidia.com, jroedel@suse.de, jthoughton@google.com, jun.miao@intel.com, kai.huang@intel.com, keirf@google.com, kent.overstreet@linux.dev, kirill.shutemov@intel.com, liam.merwick@oracle.com, maciej.wieczor-retman@intel.com, mail@maciej.szmigiero.name, maz@kernel.org, mic@digikod.net, michael.roth@amd.com, mpe@ellerman.id.au, muchun.song@linux.dev, nikunj@amd.com, nsaenz@amazon.es, oliver.upton@linux.dev, palmer@dabbelt.com, pankaj.gupta@amd.com, paul.walmsley@sifive.com, pbonzini@redhat.com, pdurrant@amazon.co.uk, peterx@redhat.com, pgonda@google.com, pvorel@suse.cz, qperret@google.com, quic_cvanscha@quicinc.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, quic_svaddagi@quicinc.com, quic_tsoni@quicinc.com, richard.weiyang@gmail.com, rick.p.edgecombe@intel.com, rientjes@google.com, roypat@amazon.co.uk, rppt@kernel.org, seanjc@google.com, shuah@kernel.org, steven.price@arm.com, steven.sistare@oracle.com, suzuki.poulose@arm.com, thomas.lendacky@amd.com, usama.arif@bytedance.com, vbabka@suse.cz, viro@zeniv.linux.org.uk, vkuznets@redhat.com, wei.w.wang@intel.com, will@kernel.org, willy@infradead.org, xiaoyao.li@intel.com, yilun.xu@intel.com, yuzenghui@huawei.com, zhiquan1.li@intel.com Subject: Re: [RFC PATCH v2 04/51] KVM: guest_memfd: Introduce KVM_GMEM_CONVERT_SHARED/PRIVATE ioctls Message-ID: References: <9502503f-e0c2-489e-99b0-94146f9b6f85@amd.com> <20250624130811.GB72557@ziepe.ca> <687a6483506f2_3c6f1d2945a@iweiny-mobl.notmuch> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <687a6483506f2_3c6f1d2945a@iweiny-mobl.notmuch> X-Stat-Signature: qmzcf4bspufthpoxffuafui334zte66y X-Rspamd-Queue-Id: 3656DC0002 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1753092463-708747 X-HE-Meta: U2FsdGVkX1/dbWhTHDMdx+sq7ZNJebXNP6siCpkrLJSQ2iuPkVvRclgm+vsG/3K8YaTU8R2YeKwNR4STYBvKVa64O8f1KApFrLnJTKuquMgOdS7ng0S4Tm8wD49ebyYT0VbEovzSHN3oxiQZH7cYjQprwQwM4vWw0kQHf/yRr8J+m73odRApEMgFec9lzu+LwAkQcPFCfvaNfoy7O+MRprJJ7i/gnYX384m4uT3VVsyCFutQUuQJzqvytywB686X3EeBcR0g7sv1IMQLW9vFJq1JNfMuY/cYoSoZwukryBbOWPWJIMegygE977NohRaLUc1nXQ6KpCfpPGgFhTh89UAYi9mxge2CbhZTL5e0PTrr9oML5f/dqfaHXGNSeQkC75Dw/4H3bxfV/S9c1QcmYLfvXBaUHHl29z6CLpdij2IYhHQSanhy/h/tX5zWPluA4C/RnmMXKVx5CG9eXs3MAeNkTc2vFkw6QtzaAp4ulKvODSTbPbqKSXlSuTmCo5ymSV3yJGoI5fsFziExauXf4kU/3HVsBtAiTCjZsbLHuI0sd72Uy9baPVN/8tgQdDOJiLkdRLQmoLLrj7bue0ki4QUv94tsK1i9tHElQAB/lz2im/QERYRQMJgSXUuCUS8r2ivUjOFKKntsrAokFeJh5VNuleZAVqqEB1Y0/RzhMpixS3fGkWUvC8NfBI28V/WY10L9+zXC25JtvI0VhUhVRtBz1Hon8O2GA7lbJEOLivRH82xC45In8YX2NSWg8plC5Nv7LwKv0XkbmznEaJ75+Ix9zDXv/nzT+X3fK6rlSSaL/plMUS/Z9sUxZQ+/PofZpy1wlKlMMHSx1YiDwjmEL4uXkDyFgEYvLEeZ1xWMvFrEJHeSNeoRZsJxgMe9eS/UfTCnFqILsBnwL9thMDdQg73h7HcZdL32dXSaR4ri+FTlJSQomm/KunkZQ1fZl9xrtwr6/J7mym9WrFwD9kB VC520ysC QfuVy/8jbISbc5SPye2WhpWwb/N7esjhHb2q8n8Pf/yFthqqwcftSaqEDB93zQWb6SW+E6sjwARg/4MCZFx4oA5gbDtmZ397xnAIQpzW3hm1qWP+OWlq3F2iOTi4oJRdh+CjMHRKwsJ//Pm33LQJt8mZJgPL5wBoXxK0I7PilarwO1bkar52hfzgYVciJVqasPR338oxDHJbjGcOYPW3JX6b8/2yGDM6NUAXjDc5fPQcwalsDJ0FrlEnjCEzipmHXAtINA02bAYZ4d47laAz/xOKjAlv3Bs7pYNMohn1qk1+Ps0uL08VB4UwVjkeR9nK6Fk3im61yWN+LinmSaHBkkQMZzw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: > > > >> Yan, Yilun, would it work if, on conversion, > > > >> > > > >> 1. guest_memfd notifies IOMMU that a conversion is about to happen for a > > > >> PFN range > > > > > > > > It is the Guest fw call to release the pinning. > > > > > > I see, thanks for explaining. > > > > > > > By the time VMM get the > > > > conversion requirement, the page is already physically unpinned. So I > > > > agree with Jason the pinning doesn't have to reach to iommu from SW POV. > > > > > > > > > > If by the time KVM gets the conversion request, the page is unpinned, > > > then we're all good, right? > > > > Yes, unless guest doesn't unpin the page first by mistake. > > Or maliciously? :-( Yes. > > My initial response to this was that this is a bug and we don't need to be > concerned with it. However, can't this be a DOS from one TD to crash the > system if the host uses the private page for something else and the > machine #MC's? I think we are already doing something to prevent vcpus from executing then destroy VM, so no further TD accessing. But I assume there is concern a TD could just leak a lot of resources, and we are investigating if host can reclaim them. Thanks, Yilun