Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp1759787rwb; Fri, 13 Jan 2023 17:39:14 -0800 (PST) X-Google-Smtp-Source: AMrXdXsdMyUcvaJNMqHMKI4w4xbL0pfcUqIfJXdBPR8VOlHoV6xtBqi4fglnBqs9OvFlLdNIisZ1 X-Received: by 2002:a05:6a20:8417:b0:b6:a422:ed83 with SMTP id c23-20020a056a20841700b000b6a422ed83mr6904586pzd.54.1673660354388; Fri, 13 Jan 2023 17:39:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673660354; cv=none; d=google.com; s=arc-20160816; b=YxvNTQcfwSiFNkeRDH/SUTR/faPP9gY8C/y/eRwkln5ZsedjtE0DzReRYTu0O/A0rN w3BUfb3D6cJmTGxgywYQHvqHa6mroZy+ArUBUac0wbuxkoc/fAqf9HuY1B9Z436ZJdby Ud4uh6UJTsv2DkJWYgL5kQhTswS+kvhSN8BGRz1SCjlHiCnDKU4s1BKFj7CBKSt2DBLx u50McP5vZ7jSxDdQ5OgOfwNoRKg7ki7EC9KCFhuV7/M8WrIzKE74sx3ZJSYoVtlG8LrA WkfgCQuambMVxuMixMHGUmJN8eejQ9kbYpCnuOElNsSbVbsLmtKoHWwKAoXPCzs6XA+k qevQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=MgBnQ26ItOkyYKiu1oV6JX0ska5GpfEn/0b8SeFBGOs=; b=MhjmOS4jF7MOC1EooH7Xbpnw0gIcAH2c1Lr0fMXqu79DdkhBpivf70DlXBJ0iiVWAI BXdGpyDkTUo3d+7C5/QJHTtWnf39jLvwfYjSJoRjB7/WMZsZ2OrlwNhGScZHrC/KkY5/ QOnnQF2y22I9F+RkvrGEJLgdLJski6hZ8iFXeqTbEiFeUrB7sZ8SpBJZh0T8JE9izhos DHuIEeM6K89C36DFujGFZaMLjA06b7cUJ+08yEwx3Rh4tfkOie0gzvwz54WSDCHHVGMV rGaxBcrziv+hVPhwUtlHGhRnOcEP5+5GQ3dC3WsptzX3uiLadxiVd6IZzppHOk3S/ekh uX8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=fZz4bsSG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id x39-20020a056a0018a700b0058b9cee5464si8263256pfh.182.2023.01.13.17.39.06; Fri, 13 Jan 2023 17:39:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=fZz4bsSG; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231604AbjANAnA (ORCPT + 53 others); Fri, 13 Jan 2023 19:43:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43204 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229797AbjANAmj (ORCPT ); Fri, 13 Jan 2023 19:42:39 -0500 Received: from mail-pj1-x1031.google.com (mail-pj1-x1031.google.com [IPv6:2607:f8b0:4864:20::1031]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 63AF7A83E3 for ; Fri, 13 Jan 2023 16:38:21 -0800 (PST) Received: by mail-pj1-x1031.google.com with SMTP id v13-20020a17090a6b0d00b00219c3be9830so25988031pjj.4 for ; Fri, 13 Jan 2023 16:38:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=MgBnQ26ItOkyYKiu1oV6JX0ska5GpfEn/0b8SeFBGOs=; b=fZz4bsSG6rplxu+/+bbAGu03TpfBRqzSERj11fI9gPC3YiJL/UeAPW98CKZYKTN7Ws j53XSFyQZNUTcXaOijVfFvsqXEfJGx6cLcfKMLjiLO/bW7eqi7LulykqxZENOBL1WwJN RayxBQjRABfgAcBUTV5MtEdBlwhGdejOfhp+6x1ylwnSaQw5/5CItg/TVLAvnSFoGFQD lbGhWsb6A9IEcn0SbTi5gMac6RtBt94MErdTeqH8q/FrYZ43WZq9AALzNfaHFxf2mxJm 5DgARQXIRLPhEsnlbzOh8dlw4D9+iPLKzKCIvdG2Ml019sB1Ej5N2/v0hQswCEcOzBeL 65NA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=MgBnQ26ItOkyYKiu1oV6JX0ska5GpfEn/0b8SeFBGOs=; b=Im6yUAi6xr3m3iw434ruRFyu1NiVbya+oHJ/sC3Y4LrDD0R4WxZUkk7+bq4FOIpLmo YqoJYBrJaZi/3ss1yJTZ1adwXs39oc0eppXb493UIwTBMdcP3FejXGRWD6TKTQMU/K7v oheJznFwK1UTykwX7+jmWK6Vjkx847P8JfaSr8XlmHWlNz5HNnLrgbayfnRegw0lU4tb UEO/1cKiP0XPjlMrrQ0DhfwIMl4gFOSnY24ePKoyBM/6D9oVlJ5Ot0ByBX3RAvGqQ5iY DpwH/9n8lEKCvCFpnRlQej2GcdnpdjRAA5HlkaAs2ZTLeDNtMa4XMmd19y3Z+skXkvqM tzwQ== X-Gm-Message-State: AFqh2krLuI7tIAZZUUSG8gg5eWkydhjW0kqOnXEutf4a8FnLDQkR5W9y 6+Kw95YpqTVsls4h7unr5wsMeA== X-Received: by 2002:a05:6a20:1394:b0:b5:a970:8d5a with SMTP id w20-20020a056a20139400b000b5a9708d5amr2026776pzh.0.1673656683660; Fri, 13 Jan 2023 16:38:03 -0800 (PST) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id d12-20020a634f0c000000b0047829d1b8eesm9871303pgb.31.2023.01.13.16.38.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 13 Jan 2023 16:38:03 -0800 (PST) Date: Sat, 14 Jan 2023 00:37:59 +0000 From: Sean Christopherson To: Chao Peng Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Arnd Bergmann , Naoya Horiguchi , Miaohe Lin , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , mhocko@suse.com, wei.w.wang@intel.com Subject: Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM Message-ID: References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Dec 02, 2022, Chao Peng wrote: > This patch series implements KVM guest private memory for confidential > computing scenarios like Intel TDX[1]. If a TDX host accesses > TDX-protected guest memory, machine check can happen which can further > crash the running host system, this is terrible for multi-tenant > configurations. The host accesses include those from KVM userspace like > QEMU. This series addresses KVM userspace induced crash by introducing > new mm and KVM interfaces so KVM userspace can still manage guest memory > via a fd-based approach, but it can never access the guest memory > content. > > The patch series touches both core mm and KVM code. I appreciate > Andrew/Hugh and Paolo/Sean can review and pick these patches. Any other > reviews are always welcome. > - 01: mm change, target for mm tree > - 02-09: KVM change, target for KVM tree A version with all of my feedback, plus reworked versions of Vishal's selftest, is available here: git@github.com:sean-jc/linux.git x86/upm_base_support It compiles and passes the selftest, but it's otherwise barely tested. There are a few todos (2 I think?) and many of the commits need changelogs, i.e. it's still a WIP. As for next steps, can you (handwaving all of the TDX folks) take a look at what I pushed and see if there's anything horrifically broken, and that it still works for TDX? Fuad (and pKVM folks) same ask for you with respect to pKVM. Absolutely no rush (and I mean that). On my side, the two things on my mind are (a) tests and (b) downstream dependencies (SEV and TDX). For tests, I want to build a lists of tests that are required for merging so that the criteria for merging are clear, and so that if the list is large (haven't thought much yet), the work of writing and running tests can be distributed. Regarding downstream dependencies, before this lands, I want to pull in all the TDX and SNP series and see how everything fits together. Specifically, I want to make sure that we don't end up with a uAPI that necessitates ugly code, and that we don't miss an opportunity to make things simpler. The patches in the SNP series to add "legacy" SEV support for UPM in particular made me slightly rethink some minor details. Nothing remotely major, but something that needs attention since it'll be uAPI. I'm off Monday, so it'll be at least Tuesday before I make any more progress on my side. Thanks!