linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Matthew Wilcox <willy-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
To: Dave Chinner <david-FqsqvQoI3Ljby3iVrkZq2A@public.gmane.org>
Cc: jack-AlSwsSmVLrQ@public.gmane.org,
	kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	david-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	linux-nvdimm-y27Ovi1pjclAfugRpC6u6w@public.gmane.org,
	jasowang-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	qemu-devel-qX2TKyscuCcdnm+yROfE0A@public.gmane.org,
	virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
	adilger kernel
	<adilger.kernel-m1MBpc4rdrD3fQ9qLvQP4Q@public.gmane.org>,
	zwisler-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
	eblake-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	darrick wong
	<darrick.wong-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
	mst-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org,
	linux-acpi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	linux-ext4-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	riel-ebMLmSuQjDVBDgjK7y7TUQ@public.gmane.org,
	stefanha-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	imammedo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	lcapitulino-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	kwolf-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	nilal-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	tytso-3s7WtUTddSA@public.gmane.org,
	xiaoguangrong eric
	<xiaoguangrong.eric-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
	rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	linux-xfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
Subject: Re: [PATCH v3 0/5] kvm "virtio pmem" device
Date: Sun, 13 Jan 2019 15:38:21 -0800	[thread overview]
Message-ID: <20190113233820.GX6310@bombadil.infradead.org> (raw)
In-Reply-To: <20190113232902.GD4205@dastard>

On Mon, Jan 14, 2019 at 10:29:02AM +1100, Dave Chinner wrote:
> Until you have images (and hence host page cache) shared between
> multiple guests. People will want to do this, because it means they
> only need a single set of pages in host memory for executable
> binaries rather than a set of pages per guest. Then you have
> multiple guests being able to detect residency of the same set of
> pages. If the guests can then, in any way, control eviction of the
> pages from the host cache, then we have a guest-to-guest information
> leak channel.

I don't think we should ever be considering something that would allow a
guest to evict page's from the host's pagecache [1].  The guest should
be able to kick its own references to the host's pagecache out of its
own pagecache, but not be able to influence whether the host or another
guest has a read-only mapping cached.

[1] Unless the guest is allowed to modify the host's file; obviously
truncation, holepunching, etc are going to evict pages from the host's
page cache.

WARNING: multiple messages have this Message-ID (diff)
From: Matthew Wilcox <willy@infradead.org>
To: Dave Chinner <david@fromorbit.com>
Cc: Pankaj Gupta <pagupta@redhat.com>,
	linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	qemu-devel@nongnu.org, linux-nvdimm@ml01.01.org,
	linux-fsdevel@vger.kernel.org,
	virtualization@lists.linux-foundation.org,
	linux-acpi@vger.kernel.org, linux-ext4@vger.kernel.org,
	linux-xfs@vger.kernel.org, jack@suse.cz, stefanha@redhat.com,
	dan j williams <dan.j.williams@intel.com>,
	riel@surriel.com, nilal@redhat.com, kwolf@redhat.com,
	pbonzini@redhat.com, zwisler@kernel.org,
	vishal l verma <vishal.l.verma@intel.com>,
	dave jiang <dave.jiang@intel.com>,
	david@redhat.com, jmoyer@redhat.com,
	xiaoguangrong eric <xiaoguangrong.eric@gmail.com>,
	hch@infradead.org, mst@redhat.com, jasowang@redhat.com,
	lcapitulino@redhat.com, imammedo@redhat.com, eblake@redhat.com,
	tytso@mit.edu, adilger kernel <adilger.kernel@dilger.ca>,
	darrick wong <darrick.wong@oracle.com>,
	rjw@rjwysocki.net
Subject: Re: [PATCH v3 0/5] kvm "virtio pmem" device
Date: Sun, 13 Jan 2019 15:38:21 -0800	[thread overview]
Message-ID: <20190113233820.GX6310@bombadil.infradead.org> (raw)
Message-ID: <20190113233821.kLhbQxWQVNDgdaLdW54o6gVoFVwKMvcknagT3S8lPKY@z> (raw)
In-Reply-To: <20190113232902.GD4205@dastard>

On Mon, Jan 14, 2019 at 10:29:02AM +1100, Dave Chinner wrote:
> Until you have images (and hence host page cache) shared between
> multiple guests. People will want to do this, because it means they
> only need a single set of pages in host memory for executable
> binaries rather than a set of pages per guest. Then you have
> multiple guests being able to detect residency of the same set of
> pages. If the guests can then, in any way, control eviction of the
> pages from the host cache, then we have a guest-to-guest information
> leak channel.

I don't think we should ever be considering something that would allow a
guest to evict page's from the host's pagecache [1].  The guest should
be able to kick its own references to the host's pagecache out of its
own pagecache, but not be able to influence whether the host or another
guest has a read-only mapping cached.

[1] Unless the guest is allowed to modify the host's file; obviously
truncation, holepunching, etc are going to evict pages from the host's
page cache.

  parent reply	other threads:[~2019-01-13 23:38 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-09 14:47 [PATCH v3 0/5] kvm "virtio pmem" device Pankaj Gupta
2019-01-09 14:47 ` [PATCH v3 1/5] libnvdimm: nd_region flush callback support Pankaj Gupta
2019-01-09 14:47 ` [PATCH v3 2/5] virtio-pmem: Add virtio pmem driver Pankaj Gupta
2019-01-14 15:54   ` Michael S. Tsirkin
2019-01-14 15:54     ` Michael S. Tsirkin
     [not found]     ` <20190114105314-mutt-send-email-mst-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2019-01-15  6:33       ` Pankaj Gupta
2019-01-15  6:33         ` Pankaj Gupta
2019-01-09 14:47 ` [PATCH v3 3/5] libnvdimm: add nd_region buffered dax_dev flag Pankaj Gupta
2019-01-09 14:47 ` [PATCH v3 4/5] ext4: disable map_sync for virtio pmem Pankaj Gupta
2019-01-09 14:47 ` [PATCH v3 5/5] xfs: " Pankaj Gupta
2019-01-09 14:47   ` Pankaj Gupta
2019-01-09 16:26   ` Darrick J. Wong
2019-01-09 18:08     ` Pankaj Gupta
     [not found] ` <20190109144736.17452-1-pagupta-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-10  1:26   ` [PATCH v3 0/5] kvm "virtio pmem" device Dave Chinner
2019-01-10  1:26     ` Dave Chinner
2019-01-10  2:40     ` Rik van Riel
2019-01-10  2:40       ` Rik van Riel
2019-01-10 10:17     ` Jan Kara
2019-01-10 10:17       ` Jan Kara
     [not found]       ` <20190110101757.GC15790-4I4JzKEfoa/jFM9bn6wA6Q@public.gmane.org>
2019-01-13  1:38         ` Pankaj Gupta
2019-01-13  1:38           ` Pankaj Gupta
     [not found]           ` <1354249849.63357171.1547343519970.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-13  1:43             ` Dan Williams
2019-01-13  1:43               ` Dan Williams
     [not found]               ` <CAPcyv4hwcgTUpgNCefCGu4DvgkYBp5b=f+hJ+FC=s5APYKoycg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2019-01-13  2:17                 ` [Qemu-devel] " Pankaj Gupta
2019-01-13  2:17                   ` Pankaj Gupta
     [not found]                   ` <540171952.63371441.1547345866585.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-14  9:55                     ` Jan Kara
2019-01-14  9:55                       ` Jan Kara
     [not found]                       ` <20190114095520.GC13316-4I4JzKEfoa/jFM9bn6wA6Q@public.gmane.org>
2019-01-14 10:16                         ` Pankaj Gupta
2019-01-14 10:16                           ` Pankaj Gupta
2019-01-11  7:45     ` Pankaj Gupta
2019-01-11  7:45       ` Pankaj Gupta
     [not found]       ` <1326478078.61913951.1547192704870.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-13 23:29         ` Dave Chinner
2019-01-13 23:29           ` Dave Chinner
2019-01-13 23:38           ` Matthew Wilcox [this message]
2019-01-13 23:38             ` Matthew Wilcox
     [not found]             ` <20190113233820.GX6310-PfSpb0PWhxZc2C7mugBRk2EX/6BAtgUQ@public.gmane.org>
2019-01-14  2:50               ` Dave Chinner
2019-01-14  2:50                 ` Dave Chinner
2019-01-14  7:15               ` Pankaj Gupta
2019-01-14  7:15                 ` Pankaj Gupta
     [not found]                 ` <942065073.64011540.1547450140670.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-14 21:25                   ` Dave Chinner
2019-01-14 21:25                     ` Dave Chinner
2019-01-14 21:35                     ` Dan Williams
2019-01-14 21:35                       ` Dan Williams
     [not found]                       ` <CAPcyv4jtPcLV-s0sKNHwwk0ug7GLBV6699dpm1h3r2xSo879dg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2019-01-14 22:21                         ` Dave Chinner
2019-01-14 22:21                           ` Dave Chinner
2019-01-15  2:19                           ` Michael S. Tsirkin
2019-01-15  2:19                             ` Michael S. Tsirkin
     [not found]                             ` <20190114205031-mutt-send-email-mst-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2019-01-15  5:37                               ` [Qemu-devel] " Pankaj Gupta
2019-01-15  5:37                                 ` Pankaj Gupta
2019-01-15  5:35                           ` Pankaj Gupta
2019-01-15  5:35                             ` Pankaj Gupta
     [not found]                             ` <1684638419.64320214.1547530506805.JavaMail.zimbra-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2019-01-15 20:42                               ` Dave Chinner
2019-01-15 20:42                                 ` Dave Chinner
2019-02-04 22:56 ` security implications of caching with virtio pmem (was Re: [PATCH v3 0/5] kvm "virtio pmem" device) Michael S. Tsirkin
2019-02-05  7:29   ` [Qemu-devel] " Pankaj Gupta
2019-02-06 14:00   ` David Hildenbrand
2019-02-06 18:01     ` Michael S. Tsirkin
2019-02-11  7:29   ` [Qemu-devel] " Pankaj Gupta
2019-02-11 22:29     ` Dave Chinner
2019-02-11 22:58       ` David Hildenbrand
2019-02-11 23:07         ` Michael S. Tsirkin
  -- strict thread matches above, loose matches on Subject: below --
2019-01-09 13:50 [PATCH v3 0/5] kvm "virtio pmem" device Pankaj Gupta

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190113233820.GX6310@bombadil.infradead.org \
    --to=willy-wegcikhe2lqwvfeawa7xhq@public.gmane.org \
    --cc=adilger.kernel-m1MBpc4rdrD3fQ9qLvQP4Q@public.gmane.org \
    --cc=darrick.wong-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org \
    --cc=david-FqsqvQoI3Ljby3iVrkZq2A@public.gmane.org \
    --cc=david-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=eblake-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
    --cc=imammedo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=jack-AlSwsSmVLrQ@public.gmane.org \
    --cc=jasowang-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=kwolf-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=lcapitulino-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=linux-acpi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-ext4-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-nvdimm-y27Ovi1pjclAfugRpC6u6w@public.gmane.org \
    --cc=linux-xfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=mst-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=nilal-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=qemu-devel-qX2TKyscuCcdnm+yROfE0A@public.gmane.org \
    --cc=riel-ebMLmSuQjDVBDgjK7y7TUQ@public.gmane.org \
    --cc=rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org \
    --cc=stefanha-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=tytso-3s7WtUTddSA@public.gmane.org \
    --cc=virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
    --cc=xiaoguangrong.eric-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
    --cc=zwisler-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).