Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp833896pxb; Thu, 17 Feb 2022 16:07:08 -0800 (PST) X-Google-Smtp-Source: ABdhPJxUJJg/T1Y07kBoJ/blPrG4+gdMMWwVhNXxlHfXD2JjO7uVAzxZUjUWtP2tzRExucXDQmhb X-Received: by 2002:a17:90a:6943:b0:1b9:e285:e4a3 with SMTP id j3-20020a17090a694300b001b9e285e4a3mr5651937pjm.153.1645142827976; Thu, 17 Feb 2022 16:07:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645142827; cv=none; d=google.com; s=arc-20160816; b=k8dWCzywVBojbl2OXhMMCUHJUHjs4h0m1sBwNXg5HtvzB+ERjNOfCsdzJG1doxILzx zTTsfIxby4KrantBhFzKjOx5nFlyn9hIh/9ytA6KHdcitmNel6eJfyDA8yxMRk7NcDC9 By8OS5NwMwXgXxYPAT0KzVTvHEaQYkbXiTNMMbB+9ry2ywL/45MoGCx4ryOtvWGlLg8k mHzx5KtNpteHuV+aIT9cMrfH5BGn7RrbYUVNxUDaj7jAnQKTr0/rIKhwF0YXiSgaEMAT 99J9Yt6HpuMkCDh+HEn65bd+1TCbwwLCpdazObyb8lDTbURAPVKH1nNXBysX1V/PUYTd yZhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=9Sfb2T1AbjucyIEi6v2MjSelNo65o+tBhEBGRjassgk=; b=Ex0B7p65A1bU1T59d09FCwDVac5Q/fmQqXEoAmck6m5cPN+ZI0p71pgU76OJzIp86b BhQIKV4KPqfYi3sjaI2352phbOTJkVwNaIpqtv0F+Q8m8laYhYmwXGKzhXypZUFksoWp W06sJXZve2BQaeGcr4oKDGp8CLQ/siuJpW3QQrkL00qa/s01zUpSZcjDTGl54aDp+DVP xqIQQ5K7zRLs3ndQHYMJX/M27GoLaemEMyTLkHOqHrFaUySDKBuEM5cEVUdr/GpAN96I nntImak+wM499FAG0wWjVWYX8e9sBaJEF1YdLYsnuY6zfuCc+kf14J50AVrsqdRyXKtu WC4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Y+GDxmtj; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id u2si21204715plm.167.2022.02.17.16.07.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Feb 2022 16:07:07 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=Y+GDxmtj; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id E8D942D4672; Thu, 17 Feb 2022 15:34:38 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241449AbiBQNru (ORCPT + 99 others); Thu, 17 Feb 2022 08:47:50 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:36270 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241431AbiBQNrt (ORCPT ); Thu, 17 Feb 2022 08:47:49 -0500 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5DE2AC7C33; Thu, 17 Feb 2022 05:47:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1645105655; x=1676641655; h=date:from:to:cc:subject:message-id:reply-to:references: mime-version:in-reply-to; bh=00jU+EOCM+jaTdG7EhL3AgRMsoum/qW8+F9FVekDncc=; b=Y+GDxmtjn9iv1O3+8XGGFByZ3j5rF8sny/cDr1GM85e5pif9DNtlsJ4H XYQBG95z6aMsKqtdheJrNOIZvhJ/udJigVA0anXjKXfWuN0HJZ1UOjV3E 8UcXVe7GRtTf4CIm20F4TbCtvnOgo8+jWzOkUvpdvd5ObrPrklNMfi34I l3wrLee+IKrRxiAmcxUOAkOaVI7R20yN/MuxJkTipep9Uoec2OI2s/1Rf ILYbYqNn+yGCh+SBEnxnKgvs7JmiuJ1mzynWVdb/xhn8cnE3ZsDq6Kusg 36VF3fOrmjvYqSLIdlfC3rCemBp5ktgcyypNwF0KoQWlNVuJeGfTb1nVN w==; X-IronPort-AV: E=McAfee;i="6200,9189,10260"; a="251073528" X-IronPort-AV: E=Sophos;i="5.88,375,1635231600"; d="scan'208";a="251073528" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Feb 2022 05:47:34 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,375,1635231600"; d="scan'208";a="503514098" Received: from chaop.bj.intel.com (HELO localhost) ([10.240.192.101]) by orsmga002.jf.intel.com with ESMTP; 17 Feb 2022 05:47:27 -0800 Date: Thu, 17 Feb 2022 21:47:05 +0800 From: Chao Peng To: Mike Rapoport Cc: linux-api@vger.kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com Subject: Re: [PATCH v4 00/12] KVM: mm: fd-based approach for supporting KVM guest private memory Message-ID: <20220217134705.GB33836@chaop.bj.intel.com> Reply-To: Chao Peng References: <20220118132121.31388-1-chao.p.peng@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 08, 2022 at 08:33:18PM +0200, Mike Rapoport wrote: > (addded linux-api) > > On Tue, Jan 18, 2022 at 09:21:09PM +0800, Chao Peng wrote: > > This is the v4 of this series which try to implement the fd-based KVM > > guest private memory. The patches are based on latest kvm/queue branch > > commit: > > > > fea31d169094 KVM: x86/pmu: Fix available_event_types check for > > REF_CPU_CYCLES event > > > > Introduction > > ------------ > > In general this patch series introduce fd-based memslot which provides > > guest memory through memory file descriptor fd[offset,size] instead of > > hva/size. The fd can be created from a supported memory filesystem > > like tmpfs/hugetlbfs etc. which we refer as memory backing store. KVM > > and the the memory backing store exchange callbacks when such memslot > > gets created. At runtime KVM will call into callbacks provided by the > > backing store to get the pfn with the fd+offset. Memory backing store > > will also call into KVM callbacks when userspace fallocate/punch hole > > on the fd to notify KVM to map/unmap secondary MMU page tables. > > > > Comparing to existing hva-based memslot, this new type of memslot allows > > guest memory unmapped from host userspace like QEMU and even the kernel > > itself, therefore reduce attack surface and prevent bugs. > > > > Based on this fd-based memslot, we can build guest private memory that > > is going to be used in confidential computing environments such as Intel > > TDX and AMD SEV. When supported, the memory backing store can provide > > more enforcement on the fd and KVM can use a single memslot to hold both > > the private and shared part of the guest memory. > > > > mm extension > > --------------------- > > Introduces new F_SEAL_INACCESSIBLE for shmem and new MFD_INACCESSIBLE > > flag for memfd_create(), the file created with these flags cannot read(), > > write() or mmap() etc via normal MMU operations. The file content can > > only be used with the newly introduced memfile_notifier extension. > > It would be great to see man page draft for new ABI flags Yes I can provide the man page. Thanks, Chao