Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp445999rwr; Wed, 19 Apr 2023 08:32:05 -0700 (PDT) X-Google-Smtp-Source: AKy350ZEA/9N2jTxHda0dFQxRKGPAL5MGrof/sf5bNA3bm9+hlAMYVqqPoONdr5nDYNVwpYUIG8W X-Received: by 2002:a05:6a00:21d3:b0:627:f85c:b7ee with SMTP id t19-20020a056a0021d300b00627f85cb7eemr4378842pfj.2.1681918325106; Wed, 19 Apr 2023 08:32:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681918325; cv=none; d=google.com; s=arc-20160816; b=sehZNDsGtjViNu2hVG+tuJYUJVp8lMG5j1kbMI7s63Im4ihdR8ypXBGKOxpPfbB8Fg ena5ObSV5sUXAKiQ+xniLnO0DfgB/jLrdVvgNO71MrKcQHAzKX3DymDRziBBQ3Varlk5 7Jfozm3WUpvAfH8T2VapuB8fC/7glumkSVmWyjgEZwcstN16Eg5+KdMtTiFjNltnMP2A BwOBWS8yXdPajusexoqJodDl5bCvADPHUFEYBKH8vzMvvyNIImZY6WHOFkMq1Nif/ygu d4nsFEZX4YruEPBpAfZtnN/YkrhNCrq8h/Hk29WLPmNZOksaMcn3A6nbbwg1OKNSYGzz lviA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :organization:from:references:cc:to:content-language:subject :user-agent:mime-version:date:message-id:dkim-signature; bh=0JNpJwmiFACkqi0TsruUzwO4IifuU5oAc++33wIMhdE=; b=KqZrBc0x+t1QDizmSH0M+PbE16HJsg8mjF6WOgERyF/iK5x2LcJaI5eJyWE46A2nsp MzE2vCk4vreYUjm9n1fC3///ncMkY8RznWZZXuphjeGtDPwoPA/buyaYzkT9zEo7S+/U HcQJvEmMfCERon704JfyMpu5KMxG8RbTQRzb3v0Bap6H94XR0a5QpWSemgLh38fF0axX 9duWz25tDXu0qh/csqHG9Lfr5TRUP8oPRGIE9zIcGVtOzETfwftlVg13fum3L7C/62CU L2d+roxmXCeB9U419h9E2kXtipQt0UxclGWfTaWrShflmyZnlYg28nicQdlyQ1r+5Sh2 nIMg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=OVYMTVcb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t190-20020a625fc7000000b0063b16cf691esi16384884pfb.385.2023.04.19.08.31.48; Wed, 19 Apr 2023 08:32:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=OVYMTVcb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233025AbjDSP3I (ORCPT + 99 others); Wed, 19 Apr 2023 11:29:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52648 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232587AbjDSP3G (ORCPT ); Wed, 19 Apr 2023 11:29:06 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1F07C93E2 for ; Wed, 19 Apr 2023 08:27:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1681918045; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=0JNpJwmiFACkqi0TsruUzwO4IifuU5oAc++33wIMhdE=; b=OVYMTVcb/jqxDC2nYzWwC5kaj6sxCid6nl6Ghl2aZA1jtYsr5IMk+lzpf3C/wikoslhCRh 2vi2SSz+5KbWy4IQucedU8CaEt8HW7y5cX5w6XQX9gJMzEH4BiNgKIXGGRecbviO7Cb9oT gzRPJgGrvOhr6yTq75WYM4FVGUtULwY= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-477-wTm8Za8eP4eVHnUFBe1LCg-1; Wed, 19 Apr 2023 11:27:23 -0400 X-MC-Unique: wTm8Za8eP4eVHnUFBe1LCg-1 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-2f446161e5aso1972842f8f.1 for ; Wed, 19 Apr 2023 08:27:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681918043; x=1684510043; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0JNpJwmiFACkqi0TsruUzwO4IifuU5oAc++33wIMhdE=; b=dJxjD3VUY899vCj1iRAUPUMIECK9ej+P/dIDwYG/vKdFIsNZYSIqvQz5t5YtEEc6dz pjxm5Jq1mG13xYyzymka9xiw+jC4rDHWhBh8JCtWuR6Aj9Ql3qGk3n8G8aaItRnqMdCX 1axRpOUqDlsTpC68t3SRAJwx5/S6BV6VNBRny69Z5HzanKGqM0rCBrDnhAiUM9HqYsQE nQOMDZXkFZ2Lrkf8a74jpYJW+INgkHE5l3XMPC4nkXMYLPiOBJmL2LwiTpriopQ7Pluu uu3f40emvWnUgTEi1Y3yLzWF/ge7KQQMsbsGFCrviRGQLvNzAezWfAwV/oTqxowbyXkn /hOg== X-Gm-Message-State: AAQBX9cBmw3h/6rC3EC+dssjYA7u/4s0ciIr3Ec6DLv0z4Cmjm6MgHfE uideQjckqf7EiYIl1bVdoVulYh8SpINTuS2Kh0u1ypesIBgopIp72dQnkkcNMG/XIFu1LNs8WgV 3fxhXWPZrZUAJ6fuv0UMHsfSB X-Received: by 2002:adf:f8d1:0:b0:2f8:c65:2966 with SMTP id f17-20020adff8d1000000b002f80c652966mr5108619wrq.32.1681918042717; Wed, 19 Apr 2023 08:27:22 -0700 (PDT) X-Received: by 2002:adf:f8d1:0:b0:2f8:c65:2966 with SMTP id f17-20020adff8d1000000b002f80c652966mr5108605wrq.32.1681918042384; Wed, 19 Apr 2023 08:27:22 -0700 (PDT) Received: from ?IPV6:2003:cb:c70b:7b00:7c52:a5fa:8004:96fd? (p200300cbc70b7b007c52a5fa800496fd.dip0.t-ipconnect.de. [2003:cb:c70b:7b00:7c52:a5fa:8004:96fd]) by smtp.gmail.com with ESMTPSA id y9-20020a7bcd89000000b003f173c566b5sm2527616wmj.5.2023.04.19.08.27.21 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 19 Apr 2023 08:27:21 -0700 (PDT) Message-ID: Date: Wed, 19 Apr 2023 17:27:20 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: Rename restrictedmem => guardedmem? (was: Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM) Content-Language: en-US To: Sean Christopherson Cc: Chao Peng , Paolo Bonzini , Vitaly Kuznetsov , Jim Mattson , Joerg Roedel , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , wei.w.wang@intel.com, Mike Rapoport , Liam Merwick , Isaku Yamahata , Jarkko Sakkinen , Ackerley Tng , kvm@vger.kernel.org, linux-kernel@vger.kernel.org References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> <658018f9-581c-7786-795a-85227c712be0@redhat.com> <1ed06a62-05a1-ebe6-7ac4-5b35ba272d13@redhat.com> <9efef45f-e9f4-18d1-0120-f0fc0961761c@redhat.com> <5869f50f-0858-ab0c-9049-4345abcf5641@redhat.com> From: David Hildenbrand Organization: Red Hat In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 19.04.23 17:17, Sean Christopherson wrote: > On Wed, Apr 19, 2023, David Hildenbrand wrote: >> On 19.04.23 02:47, Sean Christopherson wrote: >>> On Tue, Apr 18, 2023, David Hildenbrand wrote: >>>> "memfd_vm" / "vm_mem" would be sooo (feel free to add some more o's here) >>>> much easier to get. It's a special fd to be used to back VM memory. Depending >>>> on the VM type (encrypted/protected/whatever), restrictions might apply (not >>>> able to mmap, not able to read/write ...). For example, there really is no >>>> need to disallow mmap/read/write when using that memory to back a simple VM >>>> where all we want to do is avoid user-space page tables. >>> >>> In seriousness, I do agree with Jason's very explicit objection[2] against naming >>> a non-KVM uAPI "guest", or any variation thereof. >> >> While I agree, it's all better than the naming we use right now ... >> >> >> Let me throw "tee_mem" / "memfd_tee" into the picture. That could eventually >> catch what we want to have. >> >> Or "coco_mem" / "memfd_coco". >> >> Of course, both expect that people know the terminology (just like what "vm" >> stands for), but it's IMHO significantly better than >> restricted/guarded/opaque/whatsoever. >> >> Again, expresses what it's used for, not why it behaves in weird ways. > > I don't want to explicitly tie this to trusted execution or confidential compute, > as there is value in backing "normal" guests with memory that cannot be accessed > by the host userspace without jumping through a few extra hoops, e.g. to add a > layer of protection against data corruption due to host userspace bugs. Nothing speaks against using tee_mem for the same purpose I guess. I like the sound of it after all. :) -- Thanks, David / dhildenb