From: Sean Christopherson <seanjc@google.com>
To: Rick P Edgecombe <rick.p.edgecombe@intel.com>
Cc: "kas@kernel.org" <kas@kernel.org>,
Vishal Annapurve <vannapurve@google.com>,
Chao Gao <chao.gao@intel.com>, "x86@kernel.org" <x86@kernel.org>,
"bp@alien8.de" <bp@alien8.de>, Kai Huang <kai.huang@intel.com>,
"mingo@redhat.com" <mingo@redhat.com>,
Yan Y Zhao <yan.y.zhao@intel.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"linux-coco@lists.linux.dev" <linux-coco@lists.linux.dev>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
Isaku Yamahata <isaku.yamahata@intel.com>
Subject: Re: [PATCHv2 00/12] TDX: Enable Dynamic PAMT
Date: Tue, 12 Aug 2025 09:15:16 -0700 [thread overview]
Message-ID: <aJtolM_59M5xVxcY@google.com> (raw)
In-Reply-To: <57755acf553c79d0b337736eb4d6295e61be722f.camel@intel.com>
On Tue, Aug 12, 2025, Rick P Edgecombe wrote:
> On Tue, 2025-08-12 at 09:04 +0100, kas@kernel.org wrote:
> > > > E.g. for things like TDCS pages and to some extent non-leaf S-EPT
> > > > pages, on-demand PAMT management seems reasonable. But for PAMTs that
> > > > are used to track guest-assigned memory, which is the vaaast majority
> > > > of PAMT memory, why not hook guest_memfd?
> > >
> > > This seems fine for 4K page backing. But when TDX VMs have huge page
> > > backing, the vast majority of private memory memory wouldn't need PAMT
> > > allocation for 4K granularity.
> > >
> > > IIUC guest_memfd allocation happening at 2M granularity doesn't
> > > necessarily translate to 2M mapping in guest EPT entries. If the DPAMT
> > > support is to be properly utilized for huge page backings, there is a
> > > value in not attaching PAMT allocation with guest_memfd allocation.
I don't disagree, but the host needs to plan for the worst, especially since the
guest can effectively dictate the max page size of S-EPT mappings. AFAIK, there
are no plans to support memory overcommit for TDX guests, so unless a deployment
wants to roll the dice and hope TDX guests will use hugepages for N% of their
memory, the host will want to reserve 0.4% of guest memory for PAMTs to ensure
it doesn't unintentionally DoS the guest with an OOM condition.
Ditto for any use case that wants to support dirty logging (ugh), because dirty
logging will require demoting all of guest memory to 4KiB mappings.
> > Right.
> >
> > It also requires special handling in many places in core-mm. Like, what
> > happens if THP in guest memfd got split. Who would allocate PAMT for it?
guest_memfd? I don't see why core-mm would need to get involved. And I definitely
don't see how handling page splits in guest_memfd would be more complicated than
handling them in KVM's MMU.
> > Migration will be more complicated too (when we get there).
Which type of migration? Live migration or page migration?
> I actually went down this path too, but the problem I hit was that TDX module
> wants the PAMT page size to match the S-EPT page size.
Right, but over-populating the PAMT would just result in "wasted" memory, correct?
I.e. KVM can always provide more PAMT entries than are needed. Or am I
misunderstanding how dynamic PAMT works?
In other words, IMO, reclaiming PAMT pages on-demand is also a premature optimization
of sorts, as it's not obvious to me that the host would actually be able to take
advantage of the unused memory.
> And the S-EPT size will depend on runtime behavior of the guest. I'm not sure
> why TDX module requires this though. Kirill, I'd be curious to understand the
> constraint more if you recall.
>
> But in any case, it seems there are multiple reasons.
next prev parent reply other threads:[~2025-08-12 16:15 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-09 19:13 [PATCHv2 00/12] TDX: Enable Dynamic PAMT Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 01/12] x86/tdx: Consolidate TDX error handling Kirill A. Shutemov
2025-06-25 17:58 ` Dave Hansen
2025-06-25 20:58 ` Edgecombe, Rick P
2025-06-25 21:27 ` Sean Christopherson
2025-06-25 21:46 ` Edgecombe, Rick P
2025-06-26 9:25 ` kirill.shutemov
2025-06-26 14:46 ` Dave Hansen
2025-06-26 15:51 ` Sean Christopherson
2025-06-26 16:59 ` Dave Hansen
2025-06-27 10:42 ` kirill.shutemov
2025-07-30 18:32 ` Edgecombe, Rick P
2025-07-31 23:31 ` Sean Christopherson
2025-07-31 23:46 ` Edgecombe, Rick P
2025-07-31 23:53 ` Sean Christopherson
2025-08-01 15:03 ` Edgecombe, Rick P
2025-08-06 15:19 ` Sean Christopherson
2025-06-26 0:05 ` Huang, Kai
2025-07-30 18:33 ` Edgecombe, Rick P
2025-06-09 19:13 ` [PATCHv2 02/12] x86/virt/tdx: Allocate page bitmap for Dynamic PAMT Kirill A. Shutemov
2025-06-25 18:06 ` Dave Hansen
2025-06-26 9:25 ` Kirill A. Shutemov
2025-07-31 1:06 ` Edgecombe, Rick P
2025-07-31 4:10 ` Huang, Kai
2025-06-26 11:08 ` Huang, Kai
2025-06-27 10:42 ` kirill.shutemov
2025-06-09 19:13 ` [PATCHv2 03/12] x86/virt/tdx: Allocate reference counters for PAMT memory Kirill A. Shutemov
2025-06-25 19:26 ` Dave Hansen
2025-06-27 11:27 ` Kirill A. Shutemov
2025-06-27 14:03 ` Dave Hansen
2025-06-26 0:53 ` Huang, Kai
2025-06-26 4:48 ` Huang, Kai
2025-06-27 11:35 ` kirill.shutemov
2025-06-09 19:13 ` [PATCHv2 04/12] x86/virt/tdx: Add tdx_alloc/free_page() helpers Kirill A. Shutemov
2025-06-10 2:36 ` Chao Gao
2025-06-10 14:51 ` [PATCHv2.1 " Kirill A. Shutemov
2025-06-25 18:01 ` Dave Hansen
2025-06-25 20:09 ` [PATCHv2 " Dave Hansen
2025-06-26 0:46 ` Chao Gao
2025-06-25 20:02 ` Dave Hansen
2025-06-27 13:00 ` Kirill A. Shutemov
2025-06-27 7:49 ` Adrian Hunter
2025-06-27 13:03 ` Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 05/12] KVM: TDX: Allocate PAMT memory in __tdx_td_init() Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 06/12] KVM: TDX: Allocate PAMT memory in tdx_td_vcpu_init() Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 07/12] KVM: TDX: Preallocate PAMT pages to be used in page fault path Kirill A. Shutemov
2025-06-26 11:21 ` Huang, Kai
2025-07-10 1:34 ` Edgecombe, Rick P
2025-07-10 7:49 ` kirill.shutemov
2025-06-09 19:13 ` [PATCHv2 08/12] KVM: TDX: Handle PAMT allocation in " Kirill A. Shutemov
2025-06-12 12:19 ` Chao Gao
2025-06-12 13:05 ` [PATCHv2.1 " Kirill A. Shutemov
2025-06-25 22:38 ` [PATCHv2 " Edgecombe, Rick P
2025-07-09 14:29 ` kirill.shutemov
2025-07-10 1:33 ` Edgecombe, Rick P
2025-07-10 8:45 ` kirill.shutemov
2025-08-21 19:21 ` Sagi Shahar
2025-08-21 19:35 ` Edgecombe, Rick P
2025-08-21 19:53 ` Sagi Shahar
2025-06-09 19:13 ` [PATCHv2 09/12] KVM: TDX: Reclaim PAMT memory Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 10/12] [NOT-FOR-UPSTREAM] x86/virt/tdx: Account PAMT memory and print it in /proc/meminfo Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 11/12] x86/virt/tdx: Enable Dynamic PAMT Kirill A. Shutemov
2025-06-09 19:13 ` [PATCHv2 12/12] Documentation/x86: Add documentation for TDX's " Kirill A. Shutemov
2025-06-25 13:25 ` [PATCHv2 00/12] TDX: Enable " Kirill A. Shutemov
2025-06-25 22:49 ` Edgecombe, Rick P
2025-06-27 13:05 ` kirill.shutemov
2025-08-08 23:18 ` Edgecombe, Rick P
2025-08-11 6:31 ` kas
2025-08-11 22:30 ` Edgecombe, Rick P
2025-08-12 2:02 ` Sean Christopherson
2025-08-12 2:31 ` Vishal Annapurve
2025-08-12 8:04 ` kas
2025-08-12 15:12 ` Edgecombe, Rick P
2025-08-12 16:15 ` Sean Christopherson [this message]
2025-08-12 18:39 ` Edgecombe, Rick P
2025-08-12 22:00 ` Vishal Annapurve
2025-08-12 23:34 ` Edgecombe, Rick P
2025-08-13 0:18 ` Vishal Annapurve
2025-08-13 0:51 ` Edgecombe, Rick P
2025-08-12 18:44 ` Vishal Annapurve
2025-08-13 8:09 ` Kiryl Shutsemau
2025-08-13 7:49 ` Kiryl Shutsemau
2025-08-12 8:03 ` kas
2025-08-13 22:43 ` Edgecombe, Rick P
2025-08-13 23:31 ` Dave Hansen
2025-08-14 0:14 ` Edgecombe, Rick P
2025-08-14 10:55 ` Kiryl Shutsemau
2025-08-15 1:03 ` Edgecombe, Rick P
2025-08-20 15:31 ` Sean Christopherson
2025-08-20 16:35 ` Edgecombe, Rick P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aJtolM_59M5xVxcY@google.com \
--to=seanjc@google.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kas@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=vannapurve@google.com \
--cc=x86@kernel.org \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).