qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: lma <lma@suse.de>
To: Peter Xu <peterx@redhat.com>
Cc: qemu-devel@nongnu.org, dgilbert@redhat.com, quintela@redhat.com
Subject: Re: [PATCH 0/3] Postcopy migration: Add userfaultfd- user-mode-only capability
Date: Fri, 15 Oct 2021 17:49:29 +0800	[thread overview]
Message-ID: <e770ceb9a763a8c921a9f3c96de43c3e@suse.de> (raw)
In-Reply-To: <YWk7t8Za3l4bhGIB@t490s>

在 2021-10-15 16:28,Peter Xu 写道:
> On Fri, Oct 15, 2021 at 04:16:15PM +0800, lma wrote:
>> 在 2021-10-15 14:12,Peter Xu 写道:
>> > On Fri, Oct 15, 2021 at 01:38:06PM +0800, lma wrote:
>> > > 在 2021-10-15 07:43,Peter Xu 写道:
>> > > > On Thu, Oct 14, 2021 at 05:15:48PM +0800, Lin Ma wrote:
>> > > > > Since kernel v5.11, Unprivileged user (without SYS_CAP_PTRACE
>> > > > > capability)
>> > > > > must pass UFFD_USER_MODE_ONLY to userfaultd in case
>> > > > > unprivileged_userfaultfd
>> > > > > sysctl knob is 0.
>> > > > > Please refer to https://lwn.net/Articles/819834/ and the kernel
>> > > > > commits:
>> > > > > 37cd0575 userfaultfd: add UFFD_USER_MODE_ONLY
>> > > > > d0d4730a userfaultfd: add user-mode only option to
>> > > > > unprivileged_userfaultfd sysctl knob
>> > > > >
>> > > > > This patch set adds a migration capability to pass UFFD_USER_MODE_ONLY
>> > > > > for postcopy migration.
>> > > >
>> > > > Then it's at least no KVM, no vhost, am I right?  Could I ask is there a
>> > > > real
>> > > > user behind this?  Thanks,
>> > >
>> > > Well, The "user-mode-only" has nothing to do with qemu's user-mode
>> > > emulation.
>> >
>> > I didn't follow why you thought my question was about "user-mode
>> > emulation"..
>> Sorry about the misunderstanding.
> 
> No worry. :)
> 
>> 
>> > To ask in another way: after this new cap set, qemu will get a SIGBUS
>> > and VM
>> > will crash during postcopy migrating as long as either KVM or
>> > vhost-kernel
>> > faulted on any of the missing pages, am I right?
>> 
>> Oops...Yes, you're right. It indeed casues qemu crash on destination 
>> due to
>> fault on missing pages.
>> This patch set and my thought about introducing this cap to qemu are 
>> wrong.
> 
> I can't say it's wrong, it's just that it may need some more thoughts 
> on how to
> make it applicable.
> 
> We'll need to make sure no kernel module will access guest pages, 
> however I
> think it'll be so hard to guarantee.  For example, there can be some 
> read()
> syscall from qemu initiated with guest pages passed in as the buffer 
> (so the
> kernel will fill up the buffer when syscall returns), then if that page 
> is
> missing on dst then that'll also trigger a kernel page fault and it'll 
> crash
> qemu too even if no kvm/vhost-kernel is used.  We'll need to dig out 
> everything
> like that.

Yeah, It's hard to avoid pf in kernel completely.

> The other thing is about my original question on whether it'll be 
> useful in any
> way, and I just worry it won't help anyone, because afaiu any real user 
> of
> migration (I believe it's majorly public/private cloud) will definitely 
> at
> least be kvm based as tcg could be too slow.  Then they'll simply 
> enable the
> unprivileged uffd on the hosts, since even if it's unsafe it'll be at 
> least as
> unsafe as before unprivileged_userfaultfd is introduced.

It seems that this capability is useless for qemu/kvm so far :-)

Thanks for your information!

Lin


      reply	other threads:[~2021-10-15  9:52 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-14  9:15 [PATCH 0/3] Postcopy migration: Add userfaultfd- user-mode-only capability Lin Ma
2021-10-14  9:15 ` [PATCH 1/3] migration: introduce postcopy-uffd-usermode-only capability Lin Ma
2021-10-14  9:15 ` [PATCH 2/3] migration: postcopy-uffd-usermode-only documentation Lin Ma
2021-10-14  9:15 ` [PATCH 3/3] tests: add postcopy-uffd-usermode-only capability into migration-test Lin Ma
2021-10-14 23:43 ` [PATCH 0/3] Postcopy migration: Add userfaultfd- user-mode-only capability Peter Xu
2021-10-15  5:38   ` lma
2021-10-15  6:12     ` Peter Xu
2021-10-15  8:16       ` lma
2021-10-15  8:28         ` Peter Xu
2021-10-15  9:49           ` lma [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=e770ceb9a763a8c921a9f3c96de43c3e@suse.de \
    --to=lma@suse.de \
    --cc=dgilbert@redhat.com \
    --cc=peterx@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=quintela@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).