From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E15E8C4361B for ; Mon, 7 Dec 2020 14:49:46 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A3F7623380 for ; Mon, 7 Dec 2020 14:49:46 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A3F7623380 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=arm.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Type: Content-Transfer-Encoding:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:Date:Message-ID:From: References:To:Subject:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=XWvcVVy0QwUmkp57cAQehtlm7t6YUzCLnVIl1H4ygok=; b=g2D8+d6rs254ohFzcl0WYP+bl CZ4iuZhVfFQ15u2JG9vaQZma8rlICi5yArWTZSgzQkeIujQZ4a2hqYQm9CmDkyCsvlTsSOLuZk9q0 h1W6RC2m+5I83dCWX+nbBkH0KFFrY0lkboFGgf4FnB3E9ONHWaSE+WFqoLi9C2tTx3+w97daq9rTA mi6ONX7cvbSwb+yhA7LDEo3jhvUUtuQeJuxTbElDH8Na9YZeWGH5wrEt+OW2x5sBjMSdLA4JHOzkK DyaMwa8UbtVimrYrTfx8OSgFu3vJZx8wnZ6kbZ5GLj5Mw0WD1y1huWxDLvqgLwwtM4OHEcB/d8Bu9 W0XxOaZdQ==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kmHoX-0004EF-Pz; Mon, 07 Dec 2020 14:48:33 +0000 Received: from foss.arm.com ([217.140.110.172]) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kmHoU-0004DC-OO for linux-arm-kernel@lists.infradead.org; Mon, 07 Dec 2020 14:48:31 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A000F11D4; Mon, 7 Dec 2020 06:48:24 -0800 (PST) Received: from [192.168.1.179] (unknown [172.31.20.19]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D26E63F774; Mon, 7 Dec 2020 06:48:22 -0800 (PST) Subject: Re: [PATCH v5 0/2] MTE support for KVM guest To: Haibo Xu References: <20201119153901.53705-1-steven.price@arm.com> <20201119184248.4bycy6ouvaxqdiiy@kamzik.brq.redhat.com> From: Steven Price Message-ID: <46fd98a2-ee39-0086-9159-b38c406935ab@arm.com> Date: Mon, 7 Dec 2020 14:48:21 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Language: en-GB X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201207_094830_896437_52E58DD8 X-CRM114-Status: GOOD ( 30.65 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Andrew Jones , lkml - Kernel Mailing List , Juan Quintela , Marc Zyngier , Richard Henderson , QEMU Developers , "Dr. David Alan Gilbert" , Catalin Marinas , Thomas Gleixner , Will Deacon , kvmarm , arm-mail-list , Dave Martin Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On 04/12/2020 08:25, Haibo Xu wrote: > On Fri, 20 Nov 2020 at 17:51, Steven Price wrote: >> >> On 19/11/2020 19:11, Marc Zyngier wrote: >>> On 2020-11-19 18:42, Andrew Jones wrote: >>>> On Thu, Nov 19, 2020 at 03:45:40PM +0000, Peter Maydell wrote: >>>>> On Thu, 19 Nov 2020 at 15:39, Steven Price wrote: >>>>>> This series adds support for Arm's Memory Tagging Extension (MTE) to >>>>>> KVM, allowing KVM guests to make use of it. This builds on the >>>>> existing >>>>>> user space support already in v5.10-rc1, see [1] for an overview. >>>>> >>>>>> The change to require the VMM to map all guest memory PROT_MTE is >>>>>> significant as it means that the VMM has to deal with the MTE tags >>>>> even >>>>>> if it doesn't care about them (e.g. for virtual devices or if the VMM >>>>>> doesn't support migration). Also unfortunately because the VMM can >>>>>> change the memory layout at any time the check for PROT_MTE/VM_MTE has >>>>>> to be done very late (at the point of faulting pages into stage 2). >>>>> >>>>> I'm a bit dubious about requring the VMM to map the guest memory >>>>> PROT_MTE unless somebody's done at least a sketch of the design >>>>> for how this would work on the QEMU side. Currently QEMU just >>>>> assumes the guest memory is guest memory and it can access it >>>>> without special precautions... >>>>> >>>> >>>> There are two statements being made here: >>>> >>>> 1) Requiring the use of PROT_MTE when mapping guest memory may not fit >>>> QEMU well. >>>> >>>> 2) New KVM features should be accompanied with supporting QEMU code in >>>> order to prove that the APIs make sense. >>>> >>>> I strongly agree with (2). While kvmtool supports some quick testing, it >>>> doesn't support migration. We must test all new features with a migration >>>> supporting VMM. >>>> >>>> I'm not sure about (1). I don't feel like it should be a major problem, >>>> but (2). >> >> (1) seems to be contentious whichever way we go. Either PROT_MTE isn't >> required in which case it's easy to accidentally screw up migration, or >> it is required in which case it's difficult to handle normal guest >> memory from the VMM. I get the impression that probably I should go back >> to the previous approach - sorry for the distraction with this change. >> >> (2) isn't something I'm trying to skip, but I'm limited in what I can do >> myself so would appreciate help here. Haibo is looking into this. >> > > Hi Steven, > > Sorry for the later reply! > > I have finished the POC for the MTE migration support with the assumption > that all the memory is mapped with PROT_MTE. But I got stuck in the test > with a FVP setup. Previously, I successfully compiled a test case to verify > the basic function of MTE in a guest. But these days, the re-compiled test > can't be executed by the guest(very weird). The short plan to verify > the migration > is to set the MTE tags on one page in the guest, and try to dump the migrated > memory contents. Hi Haibo, Sounds like you are making good progress - thanks for the update. Have you thought about how the PROT_MTE mappings might work if QEMU itself were to use MTE? My worry is that we end up with MTE in a guest preventing QEMU from using MTE itself (because of the PROT_MTE mappings). I'm hoping QEMU can wrap its use of guest memory in a sequence which disables tag checking (something similar will be needed for the "protected VM" use case anyway), but this isn't something I've looked into. > I will update the status later next week! Great, I look forward to hearing how it goes. Thanks, Steve _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel