Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp7640525rwr; Wed, 10 May 2023 10:35:19 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4pDy8mm+GW4hOUGEnQNr4rUt1hYB2QSB4PLVt3i0paVpVsSnY/0WCQ1FCBGblWNGHod/1D X-Received: by 2002:a05:6a00:1787:b0:627:6328:79f1 with SMTP id s7-20020a056a00178700b00627632879f1mr27271426pfg.34.1683740119044; Wed, 10 May 2023 10:35:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683740119; cv=none; d=google.com; s=arc-20160816; b=cvDyN/5MtIU/aF3U2FqyIkFJEJSF4Gh//d4c/K+hqff3JubWLtgnFZDjzM8t1Jm3OC pml7n6EPe66HVYkxZz46zqTmcO2JDHrQxb/z1jFWOw18xer2fanNZpWyMcXIM8vmDyl3 R48JthpTxeZaQDvtexvLGTSSkXLrISPtUwiVTfsaisQDszTQ2w0p+UNMHrQXBncdZhw4 tsitLBi3mQCp5dhxeSzp4YK4MOkU0c0LavGp7mHmF9I+2Cd0pBj8HG+ATpbGYk+umywF 5iP6E+8eb2DYsxBxsTRDlb1WgoQ0TOgmB/OzLNy3y/FsYImOEuE56f3U8a5gYvveLkmL plgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=HJL+JhQmxU9qA5lMrvGM05IUnqGL3GZgrHCNTgjj3t0=; b=sr9IsNNz++HAa55zYk6Y8xGlJ7eELwffe3NISbQgBpaWDtHVz1kNlhOJEQY26JA3AW UBrKvH8jix3ZlAWd23lyS2OmbrVXClMUNur0adKhvtIqGJYrIQz5dIM9BPmX8LrO1MAL DjU0Sm0ZGc5aeQ+D2WpQ1GNrR9aJmI07jZm1HzrzpQO9Qz+hf/jDcR0/cxBsasYihboI BmHlBqi02vDV5pukmyyws3aKd8N1ep3splzGEaVrZT5O0V6ezy8VcOngYqUjTFfcVCJ2 CNkdyYrxr2bJbzohDhSTxogvWcQIHYc0hAgBOx6WZx7kfETXVBcMXX64ohy8WbTpZF1T kFFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=v3awAP8G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b14-20020aa78ece000000b0063b8935bcbasi5238252pfr.310.2023.05.10.10.35.04; Wed, 10 May 2023 10:35:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20221208 header.b=v3awAP8G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229745AbjEJR0t (ORCPT + 99 others); Wed, 10 May 2023 13:26:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36598 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232796AbjEJR0q (ORCPT ); Wed, 10 May 2023 13:26:46 -0400 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F68AE3 for ; Wed, 10 May 2023 10:26:45 -0700 (PDT) Received: by mail-ed1-x52d.google.com with SMTP id 4fb4d7f45d1cf-50bc37e1525so14291323a12.1 for ; Wed, 10 May 2023 10:26:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1683739603; x=1686331603; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=HJL+JhQmxU9qA5lMrvGM05IUnqGL3GZgrHCNTgjj3t0=; b=v3awAP8GUD/ZDAJvrp2L+Znr7TDIkUCt5LWmzipwChCwH7m0oNy7iOV/XqpkYIvXC/ BaMLy1q5d30O1WltT+xWOddJUdKCZ77bVEh+iIGcn7clk+Pr7J34ZR9C6HjlOh0M8PQN +KtV3eWjkMhmHGFj3VzXyHLN12k3kTd0Xp27WmEQMgAvOXZx8+M07tdd09LAcdq9S5gw Op6AeU8UYav4jAMxNbO8sejmCm826l+LN+yd8U18+i4+BXzX9kJ4pN6hmGxz+2JMRPVy lnOmcSZWW/LN0u/yOT1Hm6pCFNYc9LVNZeLjV+RSIjZHbsGsFCzBdebHdWJa6cCrS655 E2wA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683739603; x=1686331603; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HJL+JhQmxU9qA5lMrvGM05IUnqGL3GZgrHCNTgjj3t0=; b=Xlm0N+cGAdNYW4TGRG0KR++8vxUDehMyxhe4Ff2hGY/BHsD8sQIq4ukl6lwoPW5n3a niFNURI9NLGx2VMhN5nBgUaQNgSo+tTIg/0MbkIKc7Lyu1g6RzoPrbUZS7S03LRlyepd /apTcvQnJbSa68aomHgb6e3GtFphjvPj6AZA5Py91ffIv/WIPHaS00pRn5RNiz3zkFuw cP6Ns+kewe/X93FUBo6ph1k5t+jhN3KRzCw53yb5U9KwTZTbk3ONDXrvkOQSbbG92DGj 8LU1QT1DhwqTGi9ux9QDawwkVnzb5ZChyegpq1LFzjHNyY2VSqZAb7zur2EvWjghmTAY oxKg== X-Gm-Message-State: AC+VfDy5U+XCvLuf8TkBxN1W+QRcD3+LlP4HTCKTj+7PmcTtAxPMWfLg bmv7bZQdbyrIRpCoqaGRhyTNBB++DWdXXVdEP4mjCQ== X-Received: by 2002:aa7:cf95:0:b0:50b:c4f0:c200 with SMTP id z21-20020aa7cf95000000b0050bc4f0c200mr15479402edx.41.1683739603390; Wed, 10 May 2023 10:26:43 -0700 (PDT) MIME-Version: 1.0 References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> <658018f9-581c-7786-795a-85227c712be0@redhat.com> <1ed06a62-05a1-ebe6-7ac4-5b35ba272d13@redhat.com> <9efef45f-e9f4-18d1-0120-f0fc0961761c@redhat.com> <5869f50f-0858-ab0c-9049-4345abcf5641@redhat.com> In-Reply-To: From: Vishal Annapurve Date: Wed, 10 May 2023 10:26:32 -0700 Message-ID: Subject: Re: Rename restrictedmem => guardedmem? (was: Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM) To: Sean Christopherson Cc: David Hildenbrand , Chao Peng , Paolo Bonzini , Vitaly Kuznetsov , Jim Mattson , Joerg Roedel , "Maciej S . Szmigiero" , Vlastimil Babka , Yu Zhang , "Kirill A . Shutemov" , dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , wei.w.wang@intel.com, Mike Rapoport , Liam Merwick , Isaku Yamahata , Jarkko Sakkinen , Ackerley Tng , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Hugh Dickins , Christian Brauner Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Apr 21, 2023 at 6:33=E2=80=AFPM Sean Christopherson wrote: > > ... > cold. I poked around a bit to see how we could avoid reinventing all of = that > infrastructure for fd-only memory, and the best idea I could come up with= is > basically a rehash of Kirill's very original "KVM protected memory" RFC[3= ], i.e. > allow "mapping" fd-only memory, but ensure that memory is never actually = present > from hardware's perspective. > I am most likely missing a lot of context here and possibly venturing into an infeasible/already shot down direction here. But I would still like to get this discussed here before we move on. I am wondering if it would make sense to implement restricted_mem/guest_mem file to expose both private and shared memory regions, inline with Kirill's original proposal now that the file implementation is controlled by KVM. Thinking from userspace perspective: 1) Userspace creates guest mem files and is able to mmap them but all accesses to these files result into faults as no memory is allowed to be mapped into userspace VMM pagetables. 2) Userspace registers mmaped HVA ranges with KVM with additional KVM_MEM_PRIVATE flag 3) Userspace converts memory attributes and this memory conversion allows userspace to access shared ranges of the file because those are allowed to be faulted in from guest_mem. Shared to private conversion unmaps the file ranges from userspace VMM pagetables. 4) Granularity of userspace pagetable mappings for shared ranges will have to be dictated by KVM guest_mem file implementation. Caveat here is that once private pages are mapped into userspace view. Benefits here: 1) Userspace view remains consistent while still being able to use HVA rang= es 2) It would be possible to use HVA based APIs from userspace to do things like binding. 3) Double allocation wouldn't be a concern since hva ranges and gpa ranges possibly map to the same HPA ranges. > > Code is available here if folks want to take a look before any kind of fo= rmal > posting: > > https://github.com/sean-jc/linux.git x86/kvm_gmem_solo > > [1] https://lore.kernel.org/all/ff5c5b97-acdf-9745-ebe5-c6609dd6322e@goog= le.com > [2] https://lore.kernel.org/all/20230418-anfallen-irdisch-6993a61be10b@br= auner > [3] https://lore.kernel.org/linux-mm/20200522125214.31348-1-kirill.shutem= ov@linux.intel.com