From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA6C9C61DA4 for ; Thu, 16 Feb 2023 09:41:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 477406B0071; Thu, 16 Feb 2023 04:41:24 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3FEFE6B0074; Thu, 16 Feb 2023 04:41:24 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2781A6B0078; Thu, 16 Feb 2023 04:41:24 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 11C8C6B0071 for ; Thu, 16 Feb 2023 04:41:24 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id C60421C6B4F for ; Thu, 16 Feb 2023 09:41:23 +0000 (UTC) X-FDA: 80472662046.03.0AC6C48 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf07.hostedemail.com (Postfix) with ESMTP id 60FA44000B for ; Thu, 16 Feb 2023 09:41:21 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=QUm924d1; spf=pass (imf07.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676540481; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Gmwi3nEDJwaAff3Fc8Gdw19GfxhLDRlC4Hp/kbYrQqc=; b=drIl3tHGXIlVSxizUukGFQ4fvxuBdMBca7sLXDsTMOItCOZv3bctN2XlEvQiAFsRcB5OsQ 1B+8XLPBc0CO/ehTDU9bwKRjK8nnnUkx7WIHPABLV3fAhIZTbArkmbRSEWHHz8gUHgcMvf TLW/99XdpQ0VWFChKKn+uS8lALlj8eg= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=QUm924d1; spf=pass (imf07.hostedemail.com: domain of david@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1676540481; a=rsa-sha256; cv=none; b=EswRJQUOpB4H3ZPkdFGtmbQsa20LmfF6BYLSDGDoWJhp9s4vsxc0G1CpnSvP4cTv4nt+tJ PY8uG5Dn0uizyf6BmpcTtL7MwIiFJ4+XF79iKc3SINeSmWIJmFnzHww+0B5GugVAJsUZT2 Lhm20qUfN/jK6399Qi7EaZB9Xc4Rx0E= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1676540480; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Gmwi3nEDJwaAff3Fc8Gdw19GfxhLDRlC4Hp/kbYrQqc=; b=QUm924d1eQ4/YeSGNU+9zftH1vyBIPQ3uswRg69oerBJHX2NQCCPiVlHOfWfktArNep4JC 0IkDs6vNmWi5TeWt0o4YQsXQDJbBg/wwQJ8kw+ka8d3rmi39nhEH7DyaOkfT5TorvXMV3W BSsz6vzYEBygMTXdI5RX8BpQOwGD6gw= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-589-tZOU2oEtP8aUOFkx_B8o2w-1; Thu, 16 Feb 2023 04:41:18 -0500 X-MC-Unique: tZOU2oEtP8aUOFkx_B8o2w-1 Received: by mail-wm1-f69.google.com with SMTP id k9-20020a05600c1c8900b003dc5dec2ac6so2842711wms.4 for ; Thu, 16 Feb 2023 01:41:18 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:organization:from:references :cc:to:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Gmwi3nEDJwaAff3Fc8Gdw19GfxhLDRlC4Hp/kbYrQqc=; b=ZpfbJVYsltOzrUgwRxSDKRQxXTrqAiLmW+NBgYS/m/iBblCkE915IAJgXHXeMtLmLy DH3mn5bLYDT3Mzle7XrQbHsTixZwSwsad95Cl8Tc06Y9S1jG0f/KlmCS2l+e/iHpx+qN dBqy+UDjMsQS8pZFfMPk7qxJ6BpTcxwFAcFGFvvucSkN11POQ3LIE4vKtugQxCjozcgb +WQwlBS3Hy0rv/Ys9pt8zFTZrJW25xB4gWHqvv9IggO+lmYZCeOyoP+Mo3dLhfs8YX/K 9SwABS1cLhoVOulIrn1RfEXBgp3WLhqqVKrwv9qgTtn03qABztoIccOaFL7oE+JvyhXV E1zw== X-Gm-Message-State: AO0yUKXlI/flGlL3gzYfBuFCpTTma8Lax4BNN0jgtLWLUlhUYl0aGd4V jMTZ1JTxfoifKKr3RBugVWq9zOzfTiw5460VBEy+nfSnP/e6+SMx6xM8HK96i1LVcFm9qCOVzfa oDYshahswm90= X-Received: by 2002:a05:600c:43d2:b0:3e1:f8af:7942 with SMTP id f18-20020a05600c43d200b003e1f8af7942mr4417093wmn.22.1676540477729; Thu, 16 Feb 2023 01:41:17 -0800 (PST) X-Google-Smtp-Source: AK7set/oggqqqV4UfbebLA50a7kFC2t5aIQUzgDU4Y/+rLroQMqzr7b1jBFCFplQuftcMkUVk4L02g== X-Received: by 2002:a05:600c:43d2:b0:3e1:f8af:7942 with SMTP id f18-20020a05600c43d200b003e1f8af7942mr4417078wmn.22.1676540477379; Thu, 16 Feb 2023 01:41:17 -0800 (PST) Received: from ?IPV6:2003:cb:c708:bc00:2acb:9e46:1412:686a? (p200300cbc708bc002acb9e461412686a.dip0.t-ipconnect.de. [2003:cb:c708:bc00:2acb:9e46:1412:686a]) by smtp.gmail.com with ESMTPSA id j26-20020a05600c1c1a00b003df245cd853sm1211974wms.44.2023.02.16.01.41.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 16 Feb 2023 01:41:16 -0800 (PST) Message-ID: <62c84fa8-d7c4-5163-fe1e-f2c7e5a2c7aa@redhat.com> Date: Thu, 16 Feb 2023 10:41:14 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.0 Subject: Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM To: Mike Rapoport , Chao Peng Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Arnd Bergmann , Naoya Horiguchi , Miaohe Lin , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , mhocko@suse.com, wei.w.wang@intel.com References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> From: David Hildenbrand Organization: Red Hat In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspam-User: X-Rspamd-Server: rspam03 X-Stat-Signature: ju4ohjr937ujx91rhdr61nchwg1w844i X-Rspamd-Queue-Id: 60FA44000B X-HE-Tag: 1676540481-58775 X-HE-Meta: U2FsdGVkX1/Ya52eTgBANM8vYJZGqQG0pV6HytltF3R8aXUEXNeuccTeOAAotrq3m732O37cCToMQumVlepwJ7f30U97og64bLJ3G0YpwYVPU2DGXVtf4fF3/M5zTL99nL+OJ7KncpMxyE2qKtNTT0jT8JEaGuuWl5HNVVDB54730tzlFlEm0S+SG9Wp0MLCCC/3p3gURi7szroo6AJXUoMZhXH8cg4kcg9pXcE72Y8m8Pa+Yx6ZxZydkYvuNWNA5kFUeXDU10YjTcyjhZJ2kogyP6KreURLP1+mS21KhX/GNCmYdiIEczDEuENOTP9uZddcXYnRpP+PBd6J6hTcY3GNGwJ4715EiTqRu8Z05A2inOlqnAgDMcMqhursGZAiXRoCTx7R6EM2H7S2Az0L3KxOrrJfqem5AX54OZFkMQyiPVxG2PlUDm+3tDawaaKDsN8nrBPRdxU2vGCftRyi3+QL1PjpLaY7GVxDkzy3nmxlWz/i4GqSkCM375u9SS6qLkrsJ576pnfyL4EJWYVBjbfoaXipu/YDSXGkLYWDWcrbnxz2TrdZwCVGNNyuNhAObW1pQd85uiPlc7ZcIzkgboj2kA/73rNHRrvo0Y3WJrKjxFEoeNCXdW9yyUSJTh0nL25MU8U38EvVH2g1VuYVm4LBckG6d1amkUuYwtG63tOsR6H45r3CqDfJ3SURmWwlULCAoVHAnQtGCW9IHWKT7burGzexnK6y9NXCU6NzpFuqgqe3JKIfRH7udW/63U7V7Q5Xh4I5eXDMRdhgmij0KGIAWDx3/m0FyGVUxUO6h4/h1HNnBx7rqynxKoqVNR9xWuWHf8PUCX6vNssZLik0wDtoMVqXc3stogzGwD5oGO1GKtoC0WXH1E/buiVEF44e/VJY0NBs8vMy8p+v6Uind4JHR9X77mHs+9fY5U7RfoWlM76AwxcVMGKjelikiutLuPwyFUyAjgF/6CrzkeQ JHjvgvzt xAHGUSHzmPYSO1Mxzn/lMCtT5YM3q28q8NFaC1jBY1FHriyfRDwk/qihT5cvooYApMINRhAwLTCEIfc8gLnncPVmA7wUZeKAI1DN4WoquuzjfgGd9WxUqSRAk/Hw2cwKPYFsu45VBiLNpZaMCAtTHgwE3ku7edxK02ETYf/kXs+tf1OZOkkRVzpL67V3aPd9ex8jFx3UCKt+i7QBPYjhVXYwrX9RYTaHmJS6erupFEtNpUDP/0JGVh4yNBKWyr1sdKmET5O59JzohFl/zTIbew4EHwfrgYIJfhbNkPBzbs12BBb0170sow5n8G0kQll0nKn5swxzLOx/57JgxTtNH/1avlGHZK9411k6JLpHB1/LxyeR41vZHldzIcgl4MdHNx9gswO2GvsZHOl4BkNi87QKfFw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 16.02.23 06:13, Mike Rapoport wrote: > Hi, > > On Fri, Dec 02, 2022 at 02:13:38PM +0800, Chao Peng wrote: >> This patch series implements KVM guest private memory for confidential >> computing scenarios like Intel TDX[1]. If a TDX host accesses >> TDX-protected guest memory, machine check can happen which can further >> crash the running host system, this is terrible for multi-tenant >> configurations. The host accesses include those from KVM userspace like >> QEMU. This series addresses KVM userspace induced crash by introducing >> new mm and KVM interfaces so KVM userspace can still manage guest memory >> via a fd-based approach, but it can never access the guest memory >> content. > > Sorry for jumping late. > > Unless I'm missing something, hibernation will also cause an machine check > when there is TDX-protected memory in the system. When the hibernation > creates memory snapshot it essentially walks all physical pages and saves > their contents, so for TDX memory this will trigger machine check, right? I recall bringing that up in the past (also memory access due to kdump, /prov/kcore) and was told that the main focus for now is preventing unprivileged users from crashing the system, that is, not mapping such memory into user space (e.g., QEMU). In the long run, we'll want to handle such pages also properly in the other events where the kernel might access them. -- Thanks, David / dhildenb