From: Marc Zyngier <maz@kernel.org>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Sean Christopherson <seanjc@google.com>,
Oliver Upton <oliver.upton@linux.dev>,
kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org,
kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org,
Ira Weiny <ira.weiny@intel.com>, Gavin Shan <gshan@redhat.com>,
Shivank Garg <shivankg@amd.com>, Vlastimil Babka <vbabka@suse.cz>,
Xiaoyao Li <xiaoyao.li@intel.com>,
David Hildenbrand <david@redhat.com>,
Fuad Tabba <tabba@google.com>,
Ackerley Tng <ackerleytng@google.com>,
Tao Chan <chentao@kylinos.cn>,
James Houghton <jthoughton@google.com>
Subject: Re: [PATCH v17 00/24] KVM: Enable mmap() for guest_memfd
Date: Wed, 27 Aug 2025 14:08:09 +0100 [thread overview]
Message-ID: <86frdcewue.wl-maz@kernel.org> (raw)
In-Reply-To: <87b10d94-dca2-4ecb-a86f-b38c5c90e0cf@redhat.com>
On Wed, 27 Aug 2025 09:43:54 +0100,
Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> On 7/30/25 00:54, Sean Christopherson wrote:
> > Paolo,
> >
> > The arm64 patches have been Reviewed-by Marc, and AFAICT the x86 side of
> > things is a go. Barring a screwup on my end, this just needs your approval.
> >
> > Assuming everything looks good, it'd be helpful to get this into kvm/next
> > shortly after rc1. The x86 Kconfig changes in particular create semantic
> > conflicts with in-flight series.
> >
> >
> > Add support for host userspace mapping of guest_memfd-backed memory for VM
> > types that do NOT use support KVM_MEMORY_ATTRIBUTE_PRIVATE (which isn't
> > precisely the same thing as CoCo VMs, since x86's SEV-MEM and SEV-ES have
> > no way to detect private vs. shared).
> >
> > mmap() support paves the way for several evolving KVM use cases:
> >
> > * Allows VMMs like Firecracker to run guests entirely backed by
> > guest_memfd [1]. This provides a unified memory management model for
> > both confidential and non-confidential guests, simplifying VMM design.
> >
> > * Enhanced Security via direct map removal: When combined with Patrick's
> > series for direct map removal [2], this provides additional hardening
> > against Spectre-like transient execution attacks by eliminating the
> > need for host kernel direct maps of guest memory.
> >
> > * Lays the groundwork for *restricted* mmap() support for guest_memfd-backed
> > memory on CoCo platforms [3] that permit in-place
> > sharing of guest memory with the host.
> >
> > Based on kvm/queue.
>
> Applied to kvm/next, thanks!
Can you please create a stable branch for these patches? It is quite
likely that whatever I queue for 6.18 will conflict with that, and I'd
like to be able to resolve the conflicts myself.
Thanks,
M.
--
Without deviation from the norm, progress is not possible.
next prev parent reply other threads:[~2025-08-27 13:08 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-29 22:54 [PATCH v17 00/24] KVM: Enable mmap() for guest_memfd Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 01/24] KVM: Rename CONFIG_KVM_PRIVATE_MEM to CONFIG_KVM_GUEST_MEMFD Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 02/24] KVM: x86: Have all vendor neutral sub-configs depend on KVM_X86, not just KVM Sean Christopherson
2025-07-31 8:08 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 03/24] KVM: x86: Select KVM_GENERIC_PRIVATE_MEM directly from KVM_SW_PROTECTED_VM Sean Christopherson
2025-07-31 8:08 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 04/24] KVM: x86: Select TDX's KVM_GENERIC_xxx dependencies iff CONFIG_KVM_INTEL_TDX=y Sean Christopherson
2025-07-31 8:07 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 05/24] KVM: Rename CONFIG_KVM_GENERIC_PRIVATE_MEM to CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 06/24] KVM: Rename kvm_slot_can_be_private() to kvm_slot_has_gmem() Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 07/24] KVM: Fix comments that refer to slots_lock Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 08/24] KVM: Fix comment that refers to kvm uapi header path Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 09/24] KVM: x86: Enable KVM_GUEST_MEMFD for all 64-bit builds Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 10/24] KVM: guest_memfd: Add plumbing to host to map guest_memfd pages Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 11/24] KVM: guest_memfd: Track guest_memfd mmap support in memslot Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 12/24] KVM: x86/mmu: Rename .private_max_mapping_level() to .gmem_max_mapping_level() Sean Christopherson
2025-07-31 8:15 ` Fuad Tabba
2025-07-31 8:29 ` David Hildenbrand
2025-07-31 8:33 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 13/24] KVM: x86/mmu: Hoist guest_memfd max level/order helpers "up" in mmu.c Sean Christopherson
2025-07-31 7:59 ` David Hildenbrand
2025-07-31 8:06 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 14/24] KVM: x86/mmu: Enforce guest_memfd's max order when recovering hugepages Sean Christopherson
2025-07-30 7:33 ` Xiaoyao Li
2025-07-31 8:06 ` David Hildenbrand
2025-07-31 8:10 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 15/24] KVM: x86/mmu: Extend guest_memfd's max mapping level to shared mappings Sean Christopherson
2025-07-30 7:36 ` Xiaoyao Li
2025-07-31 8:01 ` David Hildenbrand
2025-07-31 8:05 ` Fuad Tabba
2025-07-29 22:54 ` [PATCH v17 16/24] KVM: x86/mmu: Handle guest page faults for guest_memfd with shared memory Sean Christopherson
2025-07-30 7:37 ` Xiaoyao Li
2025-07-29 22:54 ` [PATCH v17 17/24] KVM: arm64: Refactor user_mem_abort() Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 18/24] KVM: arm64: Handle guest_memfd-backed guest page faults Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 19/24] KVM: arm64: nv: Handle VNCR_EL2-triggered faults backed by guest_memfd Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 20/24] KVM: arm64: Enable support for guest_memfd backed memory Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 21/24] KVM: Allow and advertise support for host mmap() on guest_memfd files Sean Christopherson
2025-07-29 22:54 ` [PATCH v17 22/24] KVM: selftests: Do not use hardcoded page sizes in guest_memfd test Sean Christopherson
2025-07-30 11:04 ` Xiaoyao Li
2025-07-29 22:54 ` [PATCH v17 23/24] KVM: selftests: guest_memfd mmap() test when mmap is supported Sean Christopherson
2025-07-30 11:39 ` Xiaoyao Li
2025-07-30 12:57 ` Sean Christopherson
2025-07-31 7:49 ` Xiaoyao Li
2025-08-07 8:12 ` Shivank Garg
2025-07-29 22:54 ` [PATCH v17 24/24] KVM: selftests: Add guest_memfd testcase to fault-in on !mmap()'d memory Sean Christopherson
2025-07-30 8:20 ` Xiaoyao Li
2025-07-30 15:51 ` Fuad Tabba
2026-03-30 6:21 ` Zenghui Yu
2026-04-17 16:47 ` Sean Christopherson
2026-05-12 7:28 ` Zenghui Yu
2026-05-12 15:53 ` Sean Christopherson
2025-07-30 21:34 ` [PATCH v17 00/24] KVM: Enable mmap() for guest_memfd Ackerley Tng
2025-07-30 22:44 ` Ackerley Tng
2025-08-27 8:43 ` Paolo Bonzini
2025-08-27 12:57 ` Sean Christopherson
2025-08-27 13:08 ` Marc Zyngier [this message]
2025-08-27 13:11 ` Paolo Bonzini
2025-08-27 13:14 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86frdcewue.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=ackerleytng@google.com \
--cc=chentao@kylinos.cn \
--cc=david@redhat.com \
--cc=gshan@redhat.com \
--cc=ira.weiny@intel.com \
--cc=jthoughton@google.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=seanjc@google.com \
--cc=shivankg@amd.com \
--cc=tabba@google.com \
--cc=vbabka@suse.cz \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.