From: Sean Christopherson <seanjc@google.com>
To: Alexandru Elisei <alexandru.elisei@arm.com>
Cc: Shivank Garg <shivankg@amd.com>,
"Matthew Wilcox (Oracle)" <willy@infradead.org>,
Jan Kara <jack@suse.cz>,
Andrew Morton <akpm@linux-foundation.org>,
Vlastimil Babka <vbabka@kernel.org>,
Suren Baghdasaryan <surenb@google.com>,
Michal Hocko <mhocko@suse.com>,
Brendan Jackman <jackmanb@google.com>,
Johannes Weiner <hannes@cmpxchg.org>, Zi Yan <ziy@nvidia.com>,
David Hildenbrand <david@kernel.org>,
Matthew Brost <matthew.brost@intel.com>,
Joshua Hahn <joshua.hahnjy@gmail.com>,
Rakie Kim <rakie.kim@sk.com>, Byungchul Park <byungchul@sk.com>,
Gregory Price <gourry@gourry.net>,
Ying Huang <ying.huang@linux.alibaba.com>,
Alistair Popple <apopple@nvidia.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Chao Peng <chao.p.peng@linux.intel.com>,
Nikunj A Dadhania <nikunj@amd.com>,
Ira Weiny <ira.weiny@intel.com>,
Michael Roth <michael.roth@amd.com>,
Pankaj Gupta <pankaj.gupta@amd.com>,
Ackerley Tng <ackerleytng@google.com>,
Fuad Tabba <tabba@google.com>,
Vishal Annapurve <vannapurve@google.com>,
Nikita Kalyazin <nikita.kalyazin@linux.dev>,
Patrick Roy <patrick.roy@linux.dev>,
Pratik Sampat <prsampat@amd.com>,
Ashish Kalra <Ashish.Kalra@amd.com>,
linux-fsdevel@vger.kernel.org, linux-coco@lists.linux.dev,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, linux-kselftest@vger.kernel.org
Subject: Re: [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs
Date: Mon, 15 Jun 2026 10:39:27 -0700 [thread overview]
Message-ID: <ajA4z_Wkb93cTW4m@google.com> (raw)
In-Reply-To: <ai_aczmeH2IA6JaB@raptor>
On Mon, Jun 15, 2026, Alexandru Elisei wrote:
> Hi,
>
> On Mon, Jun 15, 2026 at 11:43:14AM +0100, Alexandru Elisei wrote:
> > Hi,
> >
> > On Thu, Jun 11, 2026 at 01:05:07PM +0000, Shivank Garg wrote:
> > > guest_memfd folios are currently marked unmovable, so the kernel cannot
> > > perform NUMA-balancing, memory compaction, etc. This is unavoidable for
> > > confidential VMs (SEV-SNP, TDX), since memory is encrypted and copying it
> > > needs firmware assistance. However, for non-confidential VMs (like
> > > Firecracker), we can migrate the folios.
> > >
> > > This series enables folio migration for non-confidential guest_memfd and
> > > also lays the groundwork for migrating confidential guest_memfd later.
> > > Once firmware-assisted copying support is available, those VMs can be
> > > made movable, the confidential folio content can be copied separately,
> > > and the destination folio marked with FOLIO_CONTENT_COPIED so
> > > __migrate_folio() skips the host-side folio_mc_copy().
> >
> > I always thought that one of the nice things about using guest_memfd as a
> > memory backend, as opposed to host userspace mappings, is that the host
> > cannot unmap VM memory because of KSM, automatic NUMA balancing, hugepage
> > collapse, compaction, etc, acting on the host userspace mapping of the
> > VM memory, and outside of the VMM's or KVM's control.
+1000. It's not just "nice to have", it's a core design principle of guest_memfd.
> > I think it would be useful to preserve this behaviour, even in the absence
> > of confidential VMs (i.e, guest_memfd file descriptor created with
> > GUEST_MEMFD_FLAG_MMAP).
>
> Just to be clear, I was thinking that it might be useful for both
> behaviours to exist (migratable and non-migratable) for non-confidential
> VMs, and allow KVM or userspace to decide which they prefer for a
> guest_memfd.
For the purposes of this discussion, we should separate the physical act of
migrating pages from the features that trigger migration. As I said in last week's
guest-memfd call, I am a-ok with supporting page migration as a mechanism, but I
am dead set against supporting NUMA balancing, KSM, LRU-based swap/reclaim, and
anything else that goes against the goal of guest-first memory.
If userspace wants mm/ functionality, then use anon, memfd, hugetlb, shmem, etc.
Shivank, what's the immediate motivation for this series?
next prev parent reply other threads:[~2026-06-15 17:39 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-11 13:05 [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs Shivank Garg
2026-06-11 13:05 ` [PATCH RFC 1/3] mm: split AS_UNMOVABLE back out of AS_INACCESSIBLE Shivank Garg
2026-06-11 13:05 ` [PATCH RFC 2/3] KVM: guest_memfd: support folio migration for non-confidential VMs Shivank Garg
2026-06-15 18:35 ` David Hildenbrand (Arm)
2026-06-11 13:05 ` [PATCH RFC 3/3] KVM: selftests: exercise guest_memfd folio migration Shivank Garg
2026-06-15 10:43 ` [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs Alexandru Elisei
2026-06-15 11:04 ` Alexandru Elisei
2026-06-15 17:39 ` Sean Christopherson [this message]
2026-06-15 18:24 ` David Hildenbrand (Arm)
2026-06-15 18:30 ` David Hildenbrand (Arm)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ajA4z_Wkb93cTW4m@google.com \
--to=seanjc@google.com \
--cc=Ashish.Kalra@amd.com \
--cc=ackerleytng@google.com \
--cc=akpm@linux-foundation.org \
--cc=alexandru.elisei@arm.com \
--cc=apopple@nvidia.com \
--cc=byungchul@sk.com \
--cc=chao.p.peng@linux.intel.com \
--cc=david@kernel.org \
--cc=gourry@gourry.net \
--cc=hannes@cmpxchg.org \
--cc=ira.weiny@intel.com \
--cc=jack@suse.cz \
--cc=jackmanb@google.com \
--cc=joshua.hahnjy@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=matthew.brost@intel.com \
--cc=mhocko@suse.com \
--cc=michael.roth@amd.com \
--cc=nikita.kalyazin@linux.dev \
--cc=nikunj@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=patrick.roy@linux.dev \
--cc=pbonzini@redhat.com \
--cc=prsampat@amd.com \
--cc=rakie.kim@sk.com \
--cc=shivankg@amd.com \
--cc=shuah@kernel.org \
--cc=surenb@google.com \
--cc=tabba@google.com \
--cc=vannapurve@google.com \
--cc=vbabka@kernel.org \
--cc=willy@infradead.org \
--cc=ying.huang@linux.alibaba.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox