From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: David Stevens <stevensd@chromium.org>,
Yu Zhang <yu.c.zhang@linux.intel.com>,
Isaku Yamahata <isaku.yamahata@gmail.com>,
Zhi Wang <zhi.wang.linux@gmail.com>,
Maxim Levitsky <mlevitsk@redhat.com>,
kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Subject: Re: [PATCH v10 4/8] KVM: mmu: Improve handling of non-refcounted pfns
Date: Fri, 23 Feb 2024 10:00:01 -0800 [thread overview]
Message-ID: <ZdjdIYNEA7k2Fmnu@google.com> (raw)
In-Reply-To: <5580a562-b6ac-448d-a8fe-cedc32d33bab@redhat.com>
On Fri, Feb 23, 2024, Paolo Bonzini wrote:
> On 2/21/24 08:25, David Stevens wrote:
> > + } else if (!kfp->refcounted_page &&
> > + !kfp->guarded_by_mmu_notifier &&
> > + !allow_unsafe_mappings) {
> > + r = -EFAULT;
>
> Why is allow_unsafe_mappings desirable at all?
It's for use cases where memory is hidden from the kernel and managed by userspace,
e.g. where AWS uses /dev/mem (I think) to map guest memory. From a kernel
perspective, that is unsafe because KVM won't do the right thing if userspace
unmaps memory while it is exposed to L2 via a pfn in vmcs02.
I suggested allow_unsafe_mappings as a way to make upstream KVM safe by default,
without completely breaking support for AWS and friends.
next prev parent reply other threads:[~2024-02-23 18:00 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-21 7:25 [PATCH v10 0/8] KVM: allow mapping non-refcounted pages David Stevens
2024-02-21 7:25 ` [PATCH v10 1/8] KVM: Assert that a page's refcount is elevated when marking accessed/dirty David Stevens
2024-02-21 7:25 ` [PATCH v10 2/8] KVM: Relax BUG_ON argument validation David Stevens
2024-02-21 7:25 ` [PATCH v10 3/8] KVM: mmu: Introduce kvm_follow_pfn() David Stevens
2024-02-21 7:25 ` [PATCH v10 4/8] KVM: mmu: Improve handling of non-refcounted pfns David Stevens
2024-02-23 9:48 ` Paolo Bonzini
2024-02-23 18:00 ` Sean Christopherson [this message]
2024-02-21 7:25 ` [PATCH v10 5/8] KVM: Migrate kvm_vcpu_map to __kvm_follow_pfn David Stevens
2024-02-21 7:25 ` [PATCH v10 5/8] KVM: Migrate kvm_vcpu_map() to kvm_follow_pfn() David Stevens
2024-02-21 7:25 ` [PATCH v10 6/8] KVM: x86: Migrate to __kvm_follow_pfn David Stevens
2024-02-21 7:25 ` [PATCH v10 6/8] KVM: x86: Migrate to kvm_follow_pfn() David Stevens
2024-02-21 7:25 ` [PATCH v10 7/8] KVM: x86/mmu: Track if sptes refer to refcounted pages David Stevens
2024-02-23 10:00 ` Paolo Bonzini
2024-02-23 18:03 ` Sean Christopherson
2024-02-23 17:36 ` Sean Christopherson
2024-02-21 7:25 ` [PATCH v10 8/8] KVM: x86/mmu: Handle non-refcounted pages David Stevens
2024-02-23 9:44 ` [PATCH v10 0/8] KVM: allow mapping " Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZdjdIYNEA7k2Fmnu@google.com \
--to=seanjc@google.com \
--cc=isaku.yamahata@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=stevensd@chromium.org \
--cc=yu.c.zhang@linux.intel.com \
--cc=zhi.wang.linux@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.