From: Lorenzo Stoakes <ljs@kernel.org>
To: "Kalyazin, Nikita" <kalyazin@amazon.co.uk>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"kvmarm@lists.linux.dev" <kvmarm@lists.linux.dev>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"kernel@xen0n.name" <kernel@xen0n.name>,
"linux-riscv@lists.infradead.org"
<linux-riscv@lists.infradead.org>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"loongarch@lists.linux.dev" <loongarch@lists.linux.dev>,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"corbet@lwn.net" <corbet@lwn.net>,
"maz@kernel.org" <maz@kernel.org>,
"oupton@kernel.org" <oupton@kernel.org>,
"joey.gouly@arm.com" <joey.gouly@arm.com>,
"suzuki.poulose@arm.com" <suzuki.poulose@arm.com>,
"yuzenghui@huawei.com" <yuzenghui@huawei.com>,
"catalin.marinas@arm.com" <catalin.marinas@arm.com>,
"will@kernel.org" <will@kernel.org>,
"seanjc@google.com" <seanjc@google.com>,
"tglx@kernel.org" <tglx@kernel.org>,
"mingo@redhat.com" <mingo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"luto@kernel.org" <luto@kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"willy@infradead.org" <willy@infradead.org>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"david@kernel.org" <david@kernel.org>,
"lorenzo.stoakes@oracle.com" <lorenzo.stoakes@oracle.com>,
"vbabka@kernel.org" <vbabka@kernel.org>,
"rppt@kernel.org" <rppt@kernel.org>,
"surenb@google.com" <surenb@google.com>,
"mhocko@suse.com" <mhocko@suse.com>,
"ast@kernel.org" <ast@kernel.org>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"andrii@kernel.org" <andrii@kernel.org>,
"martin.lau@linux.dev" <martin.lau@linux.dev>,
"eddyz87@gmail.com" <eddyz87@gmail.com>,
"song@kernel.org" <song@kernel.org>,
"yonghong.song@linux.dev" <yonghong.song@linux.dev>,
"john.fastabend@gmail.com" <john.fastabend@gmail.com>,
"kpsingh@kernel.org" <kpsingh@kernel.org>,
"sdf@fomichev.me" <sdf@fomichev.me>,
"haoluo@google.com" <haoluo@google.com>,
"jolsa@kernel.org" <jolsa@kernel.org>,
"jgg@ziepe.ca" <jgg@ziepe.ca>,
"jhubbard@nvidia.com" <jhubbard@nvidia.com>,
"peterx@redhat.com" <peterx@redhat.com>,
"jannh@google.com" <jannh@google.com>,
"pfalcato@suse.de" <pfalcato@suse.de>,
"skhan@linuxfoundation.org" <skhan@linuxfoundation.org>,
"riel@surriel.com" <riel@surriel.com>,
"ryan.roberts@arm.com" <ryan.roberts@arm.com>,
"jgross@suse.com" <jgross@suse.com>,
"yu-cheng.yu@intel.com" <yu-cheng.yu@intel.com>,
"kas@kernel.org" <kas@kernel.org>,
"coxu@redhat.com" <coxu@redhat.com>,
"ackerleytng@google.com" <ackerleytng@google.com>,
"yosry@kernel.org" <yosry@kernel.org>,
"ajones@ventanamicro.com" <ajones@ventanamicro.com>,
"maobibo@loongson.cn" <maobibo@loongson.cn>,
"tabba@google.com" <tabba@google.com>,
"prsampat@amd.com" <prsampat@amd.com>,
"wu.fei9@sanechips.com.cn" <wu.fei9@sanechips.com.cn>,
"mlevitsk@redhat.com" <mlevitsk@redhat.com>,
"jmattson@google.com" <jmattson@google.com>,
"jthoughton@google.com" <jthoughton@google.com>,
"agordeev@linux.ibm.com" <agordeev@linux.ibm.com>,
"alex@ghiti.fr" <alex@ghiti.fr>,
"aou@eecs.berkeley.edu" <aou@eecs.berkeley.edu>,
"borntraeger@linux.ibm.com" <borntraeger@linux.ibm.com>,
"chenhuacai@kernel.org" <chenhuacai@kernel.org>,
"baolu.lu@linux.intel.com" <baolu.lu@linux.intel.com>,
"dev.jain@arm.com" <dev.jain@arm.com>,
"gor@linux.ibm.com" <gor@linux.ibm.com>,
"hca@linux.ibm.com" <hca@linux.ibm.com>,
"palmer@dabbelt.com" <palmer@dabbelt.com>,
"pjw@kernel.org" <pjw@kernel.org>,
"shijie@os.amperecomputing.com" <shijie@os.amperecomputing.com>,
"svens@linux.ibm.com" <svens@linux.ibm.com>,
"thuth@redhat.com" <thuth@redhat.com>,
"yang@os.amperecomputing.com" <yang@os.amperecomputing.com>,
"Liam.Howlett@oracle.com" <Liam.Howlett@oracle.com>,
"urezki@gmail.com" <urezki@gmail.com>,
"zhengqi.arch@bytedance.com" <zhengqi.arch@bytedance.com>,
"gerald.schaefer@linux.ibm.com" <gerald.schaefer@linux.ibm.com>,
"jiayuan.chen@shopee.com" <jiayuan.chen@shopee.com>,
"lenb@kernel.org" <lenb@kernel.org>,
"pavel@kernel.org" <pavel@kernel.org>,
"rafael@kernel.org" <rafael@kernel.org>,
"yangyicong@hisilicon.com" <yangyicong@hisilicon.com>,
"vannapurve@google.com" <vannapurve@google.com>,
"jackmanb@google.com" <jackmanb@google.com>,
"patrick.roy@linux.dev" <patrick.roy@linux.dev>,
"Thomson, Jack" <jackabt@amazon.co.uk>,
"Itazuri, Takahiro" <itazur@amazon.co.uk>,
"Manwaring, Derek" <derekmn@amazon.com>,
Nikita Kalyazin <nikita.kalyazin@linux.dev>
Subject: Re: [PATCH v12 00/16] Direct Map Removal Support for guest_memfd
Date: Tue, 21 Apr 2026 14:40:21 +0100 [thread overview]
Message-ID: <aed88qcV6PjEIHnd@lucifer> (raw)
In-Reply-To: <20260410151746.61150-1-kalyazin@amazon.com>
On Fri, Apr 10, 2026 at 03:17:47PM +0000, Kalyazin, Nikita wrote:
> From: Nikita Kalyazin <nikita.kalyazin@linux.dev>
>
> [ based on kvm/next ]
Hm, given this touches a fair bit of mm, I wonder if we shouldn't try to do this
through the mm tree?
In any case, we definitely need a rebase on something not-next :) if not mm then
Linus's tree at least maybe?
I'm seeing a lot of conflicts against mm-unstable, it can't b4 shazam even patch
1 and in Linus's tree it's failing at an mm patch (mm: introduce
AS_NO_DIRECT_MAP).
That and 'KVM: selftests: Add guest_memfd based vm_mem_backing_src_types' won't
apply, but that one's trivial at least.
Obviously we're in the merge window right now so maybe best to do any rebasing a
little after 7.1-rc1?
Cheers, Lorenzo
>
> Unmapping virtual machine guest memory from the host kernel's direct map
> is a successful mitigation against Spectre-style transient execution
> issues: if the kernel page tables do not contain entries pointing to
> guest memory, then any attempted speculative read through the direct map
> will necessarily be blocked by the MMU before any observable
> microarchitectural side-effects happen. This means that Spectre-gadgets
> and similar cannot be used to target virtual machine memory. Roughly
> 60% of speculative execution issues fall into this category [1, Table
> 1].
>
> This patch series extends guest_memfd with the ability to remove its
> memory from the host kernel's direct map, to be able to attain the above
> protection for KVM guests running inside guest_memfd.
>
> Additionally, a Firecracker branch with support for these VMs can be
> found on GitHub [2].
>
> For more details, please refer to the v5 cover letter. No substantial
> changes in design have taken place since.
>
> See also related write() syscall support in guest_memfd [3] where
> the interoperation between the two features is described.
>
> Changes since v11:
> - Ackerley/Sashiko: fix previously missed __set_pages_* argument update
> in __kernel_map_pages (patch 1)
> - David: disallow large folios in folio_zap_direct_map (patch 2)
> - David/Sashiko: check for folio_is_zone_device if mapping is NULL in
> gup_fast_folio_allowed (patch 4)
> - Ackerley/Sashiko: kvm_arch_gmem_supports_no_direct_map to return
> false for SEV-SNP (patch 8).
> - David: replace a redundant check for GUEST_MEMFD_FLAG_NO_DIRECT_MAP
> with a WARN_ON_ONCE (patch 10)
> - David: assert the folio is locked when zapping direct map (patch 10)
> - Ackerley/Sashiko: reorder operations to "zap then prepare" and
> "invalidate then restore" (patch 10)
>
> v11: https://lore.kernel.org/kvm/20260317141031.514-1-kalyazin@amazon.com
> v10: https://lore.kernel.org/kvm/20260126164445.11867-1-kalyazin@amazon.com
> v9: https://lore.kernel.org/kvm/20260114134510.1835-1-kalyazin@amazon.com
> v8: https://lore.kernel.org/kvm/20251205165743.9341-1-kalyazin@amazon.com
> v7: https://lore.kernel.org/kvm/20250924151101.2225820-1-patrick.roy@campus.lmu.de
> v6: https://lore.kernel.org/kvm/20250912091708.17502-1-roypat@amazon.co.uk
> v5: https://lore.kernel.org/kvm/20250828093902.2719-1-roypat@amazon.co.uk
> v4: https://lore.kernel.org/kvm/20250221160728.1584559-1-roypat@amazon.co.uk
> RFCv3: https://lore.kernel.org/kvm/20241030134912.515725-1-roypat@amazon.co.uk
> RFCv2: https://lore.kernel.org/kvm/20240910163038.1298452-1-roypat@amazon.co.uk
> RFCv1: https://lore.kernel.org/kvm/20240709132041.3625501-1-roypat@amazon.co.uk
>
> [1] https://download.vusec.net/papers/quarantine_raid23.pdf
> [2] https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hiding
> [3] https://lore.kernel.org/kvm/20251114151828.98165-1-kalyazin@amazon.com
>
> Nikita Kalyazin (4):
> set_memory: set_direct_map_* to take address
> set_memory: add folio_{zap,restore}_direct_map helpers
> mm/secretmem: make use of folio_{zap,restore}_direct_map
> mm/gup: drop local variable in gup_fast_folio_allowed
>
> Patrick Roy (12):
> mm/gup: drop secretmem optimization from gup_fast_folio_allowed
> mm: introduce AS_NO_DIRECT_MAP
> KVM: guest_memfd: Add stub for kvm_arch_gmem_invalidate
> KVM: x86: define kvm_arch_gmem_supports_no_direct_map()
> KVM: arm64: define kvm_arch_gmem_supports_no_direct_map()
> KVM: guest_memfd: Add flag to remove from direct map
> KVM: selftests: load elf via bounce buffer
> KVM: selftests: set KVM_MEM_GUEST_MEMFD in vm_mem_add() if guest_memfd
> != -1
> KVM: selftests: Add guest_memfd based vm_mem_backing_src_types
> KVM: selftests: cover GUEST_MEMFD_FLAG_NO_DIRECT_MAP in existing
> selftests
> KVM: selftests: stuff vm_mem_backing_src_type into vm_shape
> KVM: selftests: Test guest execution from direct map removed gmem
>
> Documentation/virt/kvm/api.rst | 21 +++---
> arch/arm64/include/asm/kvm_host.h | 13 ++++
> arch/arm64/include/asm/set_memory.h | 7 +-
> arch/arm64/mm/pageattr.c | 19 +++--
> arch/loongarch/include/asm/set_memory.h | 7 +-
> arch/loongarch/mm/pageattr.c | 25 +++----
> arch/riscv/include/asm/set_memory.h | 7 +-
> arch/riscv/mm/pageattr.c | 17 +++--
> arch/s390/include/asm/set_memory.h | 7 +-
> arch/s390/mm/pageattr.c | 13 ++--
> arch/x86/include/asm/kvm_host.h | 6 ++
> arch/x86/include/asm/set_memory.h | 7 +-
> arch/x86/kvm/x86.c | 7 ++
> arch/x86/mm/pat/set_memory.c | 27 +++----
> include/linux/kvm_host.h | 14 ++++
> include/linux/pagemap.h | 16 ++++
> include/linux/secretmem.h | 18 -----
> include/linux/set_memory.h | 22 +++++-
> include/uapi/linux/kvm.h | 1 +
> kernel/power/snapshot.c | 4 +-
> lib/buildid.c | 8 +-
> mm/execmem.c | 6 +-
> mm/gup.c | 47 ++++++------
> mm/memory.c | 45 +++++++++++
> mm/mlock.c | 2 +-
> mm/secretmem.c | 18 ++---
> mm/vmalloc.c | 11 ++-
> .../testing/selftests/kvm/guest_memfd_test.c | 17 ++++-
> .../testing/selftests/kvm/include/kvm_util.h | 37 ++++++---
> .../testing/selftests/kvm/include/test_util.h | 8 ++
> tools/testing/selftests/kvm/lib/elf.c | 8 +-
> tools/testing/selftests/kvm/lib/io.c | 23 ++++++
> tools/testing/selftests/kvm/lib/kvm_util.c | 59 ++++++++-------
> tools/testing/selftests/kvm/lib/test_util.c | 8 ++
> tools/testing/selftests/kvm/lib/x86/sev.c | 1 +
> .../selftests/kvm/pre_fault_memory_test.c | 1 +
> .../selftests/kvm/set_memory_region_test.c | 52 ++++++++++++-
> .../kvm/x86/private_mem_conversions_test.c | 7 +-
> virt/kvm/guest_memfd.c | 75 +++++++++++++++++--
> 39 files changed, 489 insertions(+), 202 deletions(-)
>
>
> base-commit: 24f9515de8778410e4b84c85b196c9850d2c1e18
> --
> 2.50.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Lorenzo Stoakes <ljs@kernel.org>
To: "Kalyazin, Nikita" <kalyazin@amazon.co.uk>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"kvmarm@lists.linux.dev" <kvmarm@lists.linux.dev>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"kernel@xen0n.name" <kernel@xen0n.name>,
"linux-riscv@lists.infradead.org"
<linux-riscv@lists.infradead.org>,
"linux-s390@vger.kernel.org" <linux-s390@vger.kernel.org>,
"loongarch@lists.linux.dev" <loongarch@lists.linux.dev>,
"linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"corbet@lwn.net" <corbet@lwn.net>,
"maz@kernel.org" <maz@kernel.org>,
"oupton@kernel.org" <oupton@kernel.org>,
"joey.gouly@arm.com" <joey.gouly@arm.com>,
"suzuki.poulose@arm.com" <suzuki.poulose@arm.com>,
"yuzenghui@huawei.com" <yuzenghui@huawei.com>,
"catalin.marinas@arm.com" <catalin.marinas@arm.com>,
"will@kernel.org" <will@kernel.org>,
"seanjc@google.com" <seanjc@google.com>,
"tglx@kernel.org" <tglx@kernel.org>,
"mingo@redhat.com" <mingo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"luto@kernel.org" <luto@kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"willy@infradead.org" <willy@infradead.org>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"david@kernel.org" <david@kernel.org>,
"lorenzo.stoakes@oracle.com" <lorenzo.stoakes@oracle.com>,
"vbabka@kernel.org" <vbabka@kernel.org>,
"rppt@kernel.org" <rppt@kernel.org>,
"surenb@google.com" <surenb@google.com>,
"mhocko@suse.com" <mhocko@suse.com>,
"ast@kernel.org" <ast@kernel.org>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"andrii@kernel.org" <andrii@kernel.org>,
"martin.lau@linux.dev" <martin.lau@linux.dev>,
"eddyz87@gmail.com" <eddyz87@gmail.com>,
"song@kernel.org" <song@kernel.org>,
"yonghong.song@linux.dev" <yonghong.song@linux.dev>,
"john.fastabend@gmail.com" <john.fastabend@gmail.com>,
"kpsingh@kernel.org" <kpsingh@kernel.org>,
"sdf@fomichev.me" <sdf@fomichev.me>,
"haoluo@google.com" <haoluo@google.com>,
"jolsa@kernel.org" <jolsa@kernel.org>,
"jgg@ziepe.ca" <jgg@ziepe.ca>,
"jhubbard@nvidia.com" <jhubbard@nvidia.com>,
"peterx@redhat.com" <peterx@redhat.com>,
"jannh@google.com" <jannh@google.com>,
"pfalcato@suse.de" <pfalcato@suse.de>,
"skhan@linuxfoundation.org" <skhan@linuxfoundation.org>,
"riel@surriel.com" <riel@surriel.com>,
"ryan.roberts@arm.com" <ryan.roberts@arm.com>,
"jgross@suse.com" <jgross@suse.com>,
"yu-cheng.yu@intel.com" <yu-cheng.yu@intel.com>,
"kas@kernel.org" <kas@kernel.org>,
"coxu@redhat.com" <coxu@redhat.com>,
"ackerleytng@google.com" <ackerleytng@google.com>,
"yosry@kernel.org" <yosry@kernel.org>,
"ajones@ventanamicro.com" <ajones@ventanamicro.com>,
"maobibo@loongson.cn" <maobibo@loongson.cn>,
"tabba@google.com" <tabba@google.com>,
"prsampat@amd.com" <prsampat@amd.com>,
"wu.fei9@sanechips.com.cn" <wu.fei9@sanechips.com.cn>,
"mlevitsk@redhat.com" <mlevitsk@redhat.com>,
"jmattson@google.com" <jmattson@google.com>,
"jthoughton@google.com" <jthoughton@google.com>,
"agordeev@linux.ibm.com" <agordeev@linux.ibm.com>,
"alex@ghiti.fr" <alex@ghiti.fr>,
"aou@eecs.berkeley.edu" <aou@eecs.berkeley.edu>,
"borntraeger@linux.ibm.com" <borntraeger@linux.ibm.com>,
"chenhuacai@kernel.org" <chenhuacai@kernel.org>,
"baolu.lu@linux.intel.com" <baolu.lu@linux.intel.com>,
"dev.jain@arm.com" <dev.jain@arm.com>,
"gor@linux.ibm.com" <gor@linux.ibm.com>,
"hca@linux.ibm.com" <hca@linux.ibm.com>,
"palmer@dabbelt.com" <palmer@dabbelt.com>,
"pjw@kernel.org" <pjw@kernel.org>,
"shijie@os.amperecomputing.com" <shijie@os.amperecomputing.com>,
"svens@linux.ibm.com" <svens@linux.ibm.com>,
"thuth@redhat.com" <thuth@redhat.com>,
"yang@os.amperecomputing.com" <yang@os.amperecomputing.com>,
"Liam.Howlett@oracle.com" <Liam.Howlett@oracle.com>,
"urezki@gmail.com" <urezki@gmail.com>,
"zhengqi.arch@bytedance.com" <zhengqi.arch@bytedance.com>,
"gerald.schaefer@linux.ibm.com" <gerald.schaefer@linux.ibm.com>,
"jiayuan.chen@shopee.com" <jiayuan.chen@shopee.com>,
"lenb@kernel.org" <lenb@kernel.org>,
"pavel@kernel.org" <pavel@kernel.org>,
"rafael@kernel.org" <rafael@kernel.org>,
"yangyicong@hisilicon.com" <yangyicong@hisilicon.com>,
"vannapurve@google.com" <vannapurve@google.com>,
"jackmanb@google.com" <jackmanb@google.com>,
"patrick.roy@linux.dev" <patrick.roy@linux.dev>,
"Thomson, Jack" <jackabt@amazon.co.uk>,
"Itazuri, Takahiro" <itazur@amazon.co.uk>,
"Manwaring, Derek" <derekmn@amazon.com>,
Nikita Kalyazin <nikita.kalyazin@linux.dev>
Subject: Re: [PATCH v12 00/16] Direct Map Removal Support for guest_memfd
Date: Tue, 21 Apr 2026 14:40:21 +0100 [thread overview]
Message-ID: <aed88qcV6PjEIHnd@lucifer> (raw)
In-Reply-To: <20260410151746.61150-1-kalyazin@amazon.com>
On Fri, Apr 10, 2026 at 03:17:47PM +0000, Kalyazin, Nikita wrote:
> From: Nikita Kalyazin <nikita.kalyazin@linux.dev>
>
> [ based on kvm/next ]
Hm, given this touches a fair bit of mm, I wonder if we shouldn't try to do this
through the mm tree?
In any case, we definitely need a rebase on something not-next :) if not mm then
Linus's tree at least maybe?
I'm seeing a lot of conflicts against mm-unstable, it can't b4 shazam even patch
1 and in Linus's tree it's failing at an mm patch (mm: introduce
AS_NO_DIRECT_MAP).
That and 'KVM: selftests: Add guest_memfd based vm_mem_backing_src_types' won't
apply, but that one's trivial at least.
Obviously we're in the merge window right now so maybe best to do any rebasing a
little after 7.1-rc1?
Cheers, Lorenzo
>
> Unmapping virtual machine guest memory from the host kernel's direct map
> is a successful mitigation against Spectre-style transient execution
> issues: if the kernel page tables do not contain entries pointing to
> guest memory, then any attempted speculative read through the direct map
> will necessarily be blocked by the MMU before any observable
> microarchitectural side-effects happen. This means that Spectre-gadgets
> and similar cannot be used to target virtual machine memory. Roughly
> 60% of speculative execution issues fall into this category [1, Table
> 1].
>
> This patch series extends guest_memfd with the ability to remove its
> memory from the host kernel's direct map, to be able to attain the above
> protection for KVM guests running inside guest_memfd.
>
> Additionally, a Firecracker branch with support for these VMs can be
> found on GitHub [2].
>
> For more details, please refer to the v5 cover letter. No substantial
> changes in design have taken place since.
>
> See also related write() syscall support in guest_memfd [3] where
> the interoperation between the two features is described.
>
> Changes since v11:
> - Ackerley/Sashiko: fix previously missed __set_pages_* argument update
> in __kernel_map_pages (patch 1)
> - David: disallow large folios in folio_zap_direct_map (patch 2)
> - David/Sashiko: check for folio_is_zone_device if mapping is NULL in
> gup_fast_folio_allowed (patch 4)
> - Ackerley/Sashiko: kvm_arch_gmem_supports_no_direct_map to return
> false for SEV-SNP (patch 8).
> - David: replace a redundant check for GUEST_MEMFD_FLAG_NO_DIRECT_MAP
> with a WARN_ON_ONCE (patch 10)
> - David: assert the folio is locked when zapping direct map (patch 10)
> - Ackerley/Sashiko: reorder operations to "zap then prepare" and
> "invalidate then restore" (patch 10)
>
> v11: https://lore.kernel.org/kvm/20260317141031.514-1-kalyazin@amazon.com
> v10: https://lore.kernel.org/kvm/20260126164445.11867-1-kalyazin@amazon.com
> v9: https://lore.kernel.org/kvm/20260114134510.1835-1-kalyazin@amazon.com
> v8: https://lore.kernel.org/kvm/20251205165743.9341-1-kalyazin@amazon.com
> v7: https://lore.kernel.org/kvm/20250924151101.2225820-1-patrick.roy@campus.lmu.de
> v6: https://lore.kernel.org/kvm/20250912091708.17502-1-roypat@amazon.co.uk
> v5: https://lore.kernel.org/kvm/20250828093902.2719-1-roypat@amazon.co.uk
> v4: https://lore.kernel.org/kvm/20250221160728.1584559-1-roypat@amazon.co.uk
> RFCv3: https://lore.kernel.org/kvm/20241030134912.515725-1-roypat@amazon.co.uk
> RFCv2: https://lore.kernel.org/kvm/20240910163038.1298452-1-roypat@amazon.co.uk
> RFCv1: https://lore.kernel.org/kvm/20240709132041.3625501-1-roypat@amazon.co.uk
>
> [1] https://download.vusec.net/papers/quarantine_raid23.pdf
> [2] https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hiding
> [3] https://lore.kernel.org/kvm/20251114151828.98165-1-kalyazin@amazon.com
>
> Nikita Kalyazin (4):
> set_memory: set_direct_map_* to take address
> set_memory: add folio_{zap,restore}_direct_map helpers
> mm/secretmem: make use of folio_{zap,restore}_direct_map
> mm/gup: drop local variable in gup_fast_folio_allowed
>
> Patrick Roy (12):
> mm/gup: drop secretmem optimization from gup_fast_folio_allowed
> mm: introduce AS_NO_DIRECT_MAP
> KVM: guest_memfd: Add stub for kvm_arch_gmem_invalidate
> KVM: x86: define kvm_arch_gmem_supports_no_direct_map()
> KVM: arm64: define kvm_arch_gmem_supports_no_direct_map()
> KVM: guest_memfd: Add flag to remove from direct map
> KVM: selftests: load elf via bounce buffer
> KVM: selftests: set KVM_MEM_GUEST_MEMFD in vm_mem_add() if guest_memfd
> != -1
> KVM: selftests: Add guest_memfd based vm_mem_backing_src_types
> KVM: selftests: cover GUEST_MEMFD_FLAG_NO_DIRECT_MAP in existing
> selftests
> KVM: selftests: stuff vm_mem_backing_src_type into vm_shape
> KVM: selftests: Test guest execution from direct map removed gmem
>
> Documentation/virt/kvm/api.rst | 21 +++---
> arch/arm64/include/asm/kvm_host.h | 13 ++++
> arch/arm64/include/asm/set_memory.h | 7 +-
> arch/arm64/mm/pageattr.c | 19 +++--
> arch/loongarch/include/asm/set_memory.h | 7 +-
> arch/loongarch/mm/pageattr.c | 25 +++----
> arch/riscv/include/asm/set_memory.h | 7 +-
> arch/riscv/mm/pageattr.c | 17 +++--
> arch/s390/include/asm/set_memory.h | 7 +-
> arch/s390/mm/pageattr.c | 13 ++--
> arch/x86/include/asm/kvm_host.h | 6 ++
> arch/x86/include/asm/set_memory.h | 7 +-
> arch/x86/kvm/x86.c | 7 ++
> arch/x86/mm/pat/set_memory.c | 27 +++----
> include/linux/kvm_host.h | 14 ++++
> include/linux/pagemap.h | 16 ++++
> include/linux/secretmem.h | 18 -----
> include/linux/set_memory.h | 22 +++++-
> include/uapi/linux/kvm.h | 1 +
> kernel/power/snapshot.c | 4 +-
> lib/buildid.c | 8 +-
> mm/execmem.c | 6 +-
> mm/gup.c | 47 ++++++------
> mm/memory.c | 45 +++++++++++
> mm/mlock.c | 2 +-
> mm/secretmem.c | 18 ++---
> mm/vmalloc.c | 11 ++-
> .../testing/selftests/kvm/guest_memfd_test.c | 17 ++++-
> .../testing/selftests/kvm/include/kvm_util.h | 37 ++++++---
> .../testing/selftests/kvm/include/test_util.h | 8 ++
> tools/testing/selftests/kvm/lib/elf.c | 8 +-
> tools/testing/selftests/kvm/lib/io.c | 23 ++++++
> tools/testing/selftests/kvm/lib/kvm_util.c | 59 ++++++++-------
> tools/testing/selftests/kvm/lib/test_util.c | 8 ++
> tools/testing/selftests/kvm/lib/x86/sev.c | 1 +
> .../selftests/kvm/pre_fault_memory_test.c | 1 +
> .../selftests/kvm/set_memory_region_test.c | 52 ++++++++++++-
> .../kvm/x86/private_mem_conversions_test.c | 7 +-
> virt/kvm/guest_memfd.c | 75 +++++++++++++++++--
> 39 files changed, 489 insertions(+), 202 deletions(-)
>
>
> base-commit: 24f9515de8778410e4b84c85b196c9850d2c1e18
> --
> 2.50.1
>
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2026-04-21 13:40 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 15:17 [PATCH v12 00/16] Direct Map Removal Support for guest_memfd Kalyazin, Nikita
2026-04-10 15:17 ` Kalyazin, Nikita
2026-04-10 15:17 ` [PATCH v12 01/16] set_memory: set_direct_map_* to take address Kalyazin, Nikita
2026-04-10 15:17 ` Kalyazin, Nikita
2026-04-21 14:43 ` Lorenzo Stoakes
2026-04-21 14:43 ` Lorenzo Stoakes
2026-04-10 15:18 ` [PATCH v12 02/16] set_memory: add folio_{zap,restore}_direct_map helpers Kalyazin, Nikita
2026-04-10 15:18 ` Kalyazin, Nikita
2026-04-10 15:18 ` [PATCH v12 03/16] mm/secretmem: make use of folio_{zap,restore}_direct_map Kalyazin, Nikita
2026-04-10 15:18 ` Kalyazin, Nikita
2026-04-10 15:18 ` [PATCH v12 04/16] mm/gup: drop secretmem optimization from gup_fast_folio_allowed Kalyazin, Nikita
2026-04-10 15:18 ` Kalyazin, Nikita
2026-04-10 15:18 ` [PATCH v12 05/16] mm/gup: drop local variable in gup_fast_folio_allowed Kalyazin, Nikita
2026-04-10 15:18 ` Kalyazin, Nikita
2026-04-10 15:18 ` [PATCH v12 06/16] mm: introduce AS_NO_DIRECT_MAP Kalyazin, Nikita
2026-04-10 15:18 ` Kalyazin, Nikita
2026-04-10 15:19 ` [PATCH v12 07/16] KVM: guest_memfd: Add stub for kvm_arch_gmem_invalidate Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-10 15:19 ` [PATCH v12 08/16] KVM: x86: define kvm_arch_gmem_supports_no_direct_map() Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-10 15:19 ` [PATCH v12 09/16] KVM: arm64: " Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-21 16:55 ` Marc Zyngier
2026-04-21 16:55 ` Marc Zyngier
2026-04-10 15:19 ` [PATCH v12 10/16] KVM: guest_memfd: Add flag to remove from direct map Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-21 16:31 ` Sean Christopherson
2026-04-21 16:31 ` Sean Christopherson
2026-04-21 17:08 ` Frank van der Linden
2026-04-21 17:08 ` Frank van der Linden
2026-05-08 8:18 ` Takahiro Itazuri
2026-05-08 8:18 ` Takahiro Itazuri
2026-05-14 16:45 ` Ackerley Tng
2026-05-14 16:45 ` Ackerley Tng
2026-04-10 15:19 ` [PATCH v12 11/16] KVM: selftests: load elf via bounce buffer Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-10 15:19 ` [PATCH v12 12/16] KVM: selftests: set KVM_MEM_GUEST_MEMFD in vm_mem_add() if guest_memfd != -1 Kalyazin, Nikita
2026-04-10 15:19 ` Kalyazin, Nikita
2026-04-10 15:20 ` [PATCH v12 13/16] KVM: selftests: Add guest_memfd based vm_mem_backing_src_types Kalyazin, Nikita
2026-04-10 15:20 ` Kalyazin, Nikita
2026-04-10 15:20 ` [PATCH v12 14/16] KVM: selftests: cover GUEST_MEMFD_FLAG_NO_DIRECT_MAP in existing selftests Kalyazin, Nikita
2026-04-10 15:20 ` Kalyazin, Nikita
2026-04-10 15:20 ` [PATCH v12 15/16] KVM: selftests: stuff vm_mem_backing_src_type into vm_shape Kalyazin, Nikita
2026-04-10 15:20 ` Kalyazin, Nikita
2026-04-10 15:20 ` [PATCH v12 16/16] KVM: selftests: Test guest execution from direct map removed gmem Kalyazin, Nikita
2026-04-10 15:20 ` Kalyazin, Nikita
2026-04-21 13:40 ` Lorenzo Stoakes [this message]
2026-04-21 13:40 ` [PATCH v12 00/16] Direct Map Removal Support for guest_memfd Lorenzo Stoakes
2026-04-21 16:36 ` Sean Christopherson
2026-04-21 16:36 ` Sean Christopherson
2026-05-06 8:07 ` Takahiro Itazuri
2026-05-06 8:07 ` Takahiro Itazuri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aed88qcV6PjEIHnd@lucifer \
--to=ljs@kernel.org \
--cc=Liam.Howlett@oracle.com \
--cc=ackerleytng@google.com \
--cc=agordeev@linux.ibm.com \
--cc=ajones@ventanamicro.com \
--cc=akpm@linux-foundation.org \
--cc=alex@ghiti.fr \
--cc=andrii@kernel.org \
--cc=aou@eecs.berkeley.edu \
--cc=ast@kernel.org \
--cc=baolu.lu@linux.intel.com \
--cc=borntraeger@linux.ibm.com \
--cc=bp@alien8.de \
--cc=bpf@vger.kernel.org \
--cc=catalin.marinas@arm.com \
--cc=chenhuacai@kernel.org \
--cc=corbet@lwn.net \
--cc=coxu@redhat.com \
--cc=daniel@iogearbox.net \
--cc=dave.hansen@linux.intel.com \
--cc=david@kernel.org \
--cc=derekmn@amazon.com \
--cc=dev.jain@arm.com \
--cc=eddyz87@gmail.com \
--cc=gerald.schaefer@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=haoluo@google.com \
--cc=hca@linux.ibm.com \
--cc=hpa@zytor.com \
--cc=itazur@amazon.co.uk \
--cc=jackabt@amazon.co.uk \
--cc=jackmanb@google.com \
--cc=jannh@google.com \
--cc=jgg@ziepe.ca \
--cc=jgross@suse.com \
--cc=jhubbard@nvidia.com \
--cc=jiayuan.chen@shopee.com \
--cc=jmattson@google.com \
--cc=joey.gouly@arm.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=jthoughton@google.com \
--cc=kalyazin@amazon.co.uk \
--cc=kas@kernel.org \
--cc=kernel@xen0n.name \
--cc=kpsingh@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=lenb@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-pm@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=linux-s390@vger.kernel.org \
--cc=loongarch@lists.linux.dev \
--cc=lorenzo.stoakes@oracle.com \
--cc=luto@kernel.org \
--cc=maobibo@loongson.cn \
--cc=martin.lau@linux.dev \
--cc=maz@kernel.org \
--cc=mhocko@suse.com \
--cc=mingo@redhat.com \
--cc=mlevitsk@redhat.com \
--cc=nikita.kalyazin@linux.dev \
--cc=oupton@kernel.org \
--cc=palmer@dabbelt.com \
--cc=patrick.roy@linux.dev \
--cc=pavel@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=pfalcato@suse.de \
--cc=pjw@kernel.org \
--cc=prsampat@amd.com \
--cc=rafael@kernel.org \
--cc=riel@surriel.com \
--cc=rppt@kernel.org \
--cc=ryan.roberts@arm.com \
--cc=sdf@fomichev.me \
--cc=seanjc@google.com \
--cc=shijie@os.amperecomputing.com \
--cc=skhan@linuxfoundation.org \
--cc=song@kernel.org \
--cc=surenb@google.com \
--cc=suzuki.poulose@arm.com \
--cc=svens@linux.ibm.com \
--cc=tabba@google.com \
--cc=tglx@kernel.org \
--cc=thuth@redhat.com \
--cc=urezki@gmail.com \
--cc=vannapurve@google.com \
--cc=vbabka@kernel.org \
--cc=will@kernel.org \
--cc=willy@infradead.org \
--cc=wu.fei9@sanechips.com.cn \
--cc=x86@kernel.org \
--cc=yang@os.amperecomputing.com \
--cc=yangyicong@hisilicon.com \
--cc=yonghong.song@linux.dev \
--cc=yosry@kernel.org \
--cc=yu-cheng.yu@intel.com \
--cc=yuzenghui@huawei.com \
--cc=zhengqi.arch@bytedance.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.