From: Gregory Price <gourry@gourry.net>
To: Ira Weiny <iweiny@fastmail.com>
Cc: Ackerley Tng <ackerleytng@google.com>,
Dave Jiang <dave.jiang@intel.com>,
fvdl@google.com, linux-cxl@vger.kernel.org,
nvdimm@lists.linux.dev, djbw@kernel.org, iweiny@kernel.org,
pasha.tatashin@soleen.com, mclapinski@google.com,
rppt@kernel.org, joao.m.martins@oracle.com, jic23@kernel.org,
john@groves.net, rick.p.edgecombe@intel.com
Subject: Re: [RFC PATCH 00/12] dax: Add DAX to guest memfd support for KVM
Date: Sun, 10 May 2026 10:40:15 -0400 [thread overview]
Message-ID: <agCYz5O36zLATni6@gourry-fedora-PF4VCD3F> (raw)
In-Reply-To: <69fd37c5cfa4a_1d1951006d@xwing.notmuch>
On Thu, May 07, 2026 at 08:09:25PM -0500, Ira Weiny wrote:
>
> 2) What you propose above does not give the gmem 'protection' for CoCo's.
> So yea that is the bigger issue.
>
Realistically, what you actually want is to add:
private_dax.c
+
MEMORY_DEVICE_CONFIDENTIAL
And just make sure they work together to produce:
a) open() works -> produces an FD
b) no direct-mappings, struct page exists, can be accessed by KVM
c) all userland operations fault (memory is never in direct map)
d) unbind explicitly zeroes or calls a registered sanitize() func
But this adds a new dax mode and a new ZONE_DEVICE mode.
A private node with NP_OPT_NOMAP might be cleaner, but you still have to
do the hotplug/memremap dance either way.
~Gregory
prev parent reply other threads:[~2026-05-10 14:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-23 17:02 [RFC PATCH 00/12] dax: Add DAX to guest memfd support for KVM Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 01/12] dax: rate limit dev_dax_huge_fault() output Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 02/12] dax: Save the kva from memremap Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 03/12] dax: Add fallocate support to device dax Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 04/12] dax: Move dax_pgoff_to_phys() to dax bus to be used by dev dax Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 05/12] dax: Add dax_operations and supporting functions to device dax Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 06/12] dax: Add helper to determine if a 'struct file' supports dax Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 07/12] KVM: guest_memfd: Add setup of daxfd when binding gmem Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 08/12] fs: allow char dev to go through fallocate Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 09/12] dax: Add dax_get_dev_dax() helper function Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 10/12] kvm: Implement dax support for KVM faulting Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 11/12] kvm: Add daxfd support for supported flags Dave Jiang
2026-04-23 17:02 ` [RFC PATCH 12/12] selftest/kvm: Add daxfd support for gmem selftest Dave Jiang
2026-04-23 17:27 ` [RFC PATCH 00/12] dax: Add DAX to guest memfd support for KVM Pasha Tatashin
2026-04-23 18:08 ` Dave Jiang
2026-04-23 18:21 ` Dave Jiang
2026-04-24 3:43 ` Gregory Price
2026-04-24 17:38 ` Frank van der Linden
2026-04-29 13:21 ` Ira Weiny
2026-04-29 23:58 ` Gregory Price
2026-04-24 17:13 ` Frank van der Linden
2026-04-24 18:23 ` Dave Jiang
2026-04-24 20:01 ` Frank van der Linden
2026-04-24 20:59 ` Dave Jiang
2026-05-06 20:23 ` Ackerley Tng
2026-05-06 20:37 ` Dave Jiang
2026-05-08 1:09 ` Ira Weiny
2026-05-10 14:40 ` Gregory Price [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=agCYz5O36zLATni6@gourry-fedora-PF4VCD3F \
--to=gourry@gourry.net \
--cc=ackerleytng@google.com \
--cc=dave.jiang@intel.com \
--cc=djbw@kernel.org \
--cc=fvdl@google.com \
--cc=iweiny@fastmail.com \
--cc=iweiny@kernel.org \
--cc=jic23@kernel.org \
--cc=joao.m.martins@oracle.com \
--cc=john@groves.net \
--cc=linux-cxl@vger.kernel.org \
--cc=mclapinski@google.com \
--cc=nvdimm@lists.linux.dev \
--cc=pasha.tatashin@soleen.com \
--cc=rick.p.edgecombe@intel.com \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox