From: Peter Xu <peterx@redhat.com>
To: James Houghton <jthoughton@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
Sean Christopherson <seanjc@google.com>,
Jonathan Corbet <corbet@lwn.net>, Marc Zyngier <maz@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>,
Yan Zhao <yan.y.zhao@intel.com>,
Nikita Kalyazin <kalyazin@amazon.com>,
Anish Moorthy <amoorthy@google.com>,
Peter Gonda <pgonda@google.com>,
David Matlack <dmatlack@google.com>, Wei W <wei.w.wang@intel.com>,
kvm@vger.kernel.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev
Subject: Re: [PATCH v1 00/13] KVM: Introduce KVM Userfault
Date: Thu, 16 Jan 2025 18:31:15 -0500 [thread overview]
Message-ID: <Z4mWw8NXCoV-pONI@x1n> (raw)
In-Reply-To: <CADrL8HWRavCoZ_NtXJvcLOvjOiGDCor6ucWeEqkecA3VDY-adg@mail.gmail.com>
On Thu, Jan 16, 2025 at 02:51:11PM -0800, James Houghton wrote:
> I guess this might not work if QEMU *needs* to use HugeTLB for
> whatever reason, but Google's hypervisor just needs 1G pages; it
> doesn't matter where they come from really.
I see now. Yes I suppose it works for QEMU too.
[...]
> > In that case, looks like userfaultfd can support CoCo on device emulations
> > by sticking with virtual-address traps like before, at least from that
> > specific POV.
>
> Yeah, I don't think the userfaultfd API needs to change to support
> gmem, because it's going to be using the VMAs / user mappings of gmem.
There's other things I am still thinking on how the notification could
happen when CoCo is enabled, that especially when there's no vcpu context.
The first thing is any PV interfaces, and what's currently in my mind is
kvmclock. I suppose that could work like untrusted dmas, so that when the
hypervisor wants to read/update the clock struct, it'll access a shared
page and then the guest can move it from/to to a private page. Or I'm not
sure whether such information is proven to be not sensitive data, so the
guest can directly use a permanent shared page for such purpose (in which
case should still be part of guest memory, hence access to it can be
trapped just like other shared pages via userfaultfd).
The other thing is after I read the SEV-TIO then I found it could be easy
to implement page faults for trusted devices now. For example, the white
paper said the host IOMMU will be responsible to translating trusted
devices' DMA into GPA/GVA, I think it means KVM would somehow share the
secondary pgtable to the IOMMU, and probably when DMA sees a missing page
it can now easily generate a page fault to the secondary page table.
However the question is this is a DMA op and it definitely also doesn't
have a vcpu context. So the question is how to trap it.
So.. maybe (fd, offset) support might still be needed at some point, which
can be more future proof. But I don't think I have a solid mind yet.
--
Peter Xu
prev parent reply other threads:[~2025-01-16 23:31 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-04 19:13 [PATCH v1 00/13] KVM: Introduce KVM Userfault James Houghton
2024-12-04 19:13 ` [PATCH v1 01/13] KVM: Add KVM_MEM_USERFAULT memslot flag and bitmap James Houghton
2024-12-05 11:52 ` kernel test robot
2024-12-05 14:22 ` kernel test robot
2024-12-06 22:46 ` James Houghton
2024-12-04 19:13 ` [PATCH v1 02/13] KVM: Add KVM_MEMORY_EXIT_FLAG_USERFAULT James Houghton
2024-12-04 19:13 ` [PATCH v1 03/13] KVM: Allow late setting of KVM_MEM_USERFAULT on guest_memfd memslot James Houghton
2024-12-04 19:13 ` [PATCH v1 04/13] KVM: Advertise KVM_CAP_USERFAULT in KVM_CHECK_EXTENSION James Houghton
2024-12-04 19:13 ` [PATCH v1 05/13] KVM: x86/mmu: Add support for KVM_MEM_USERFAULT James Houghton
2024-12-04 19:13 ` [PATCH v1 06/13] KVM: arm64: " James Houghton
2024-12-04 23:07 ` Oliver Upton
2024-12-05 23:31 ` James Houghton
2024-12-06 0:45 ` Oliver Upton
2024-12-04 19:13 ` [PATCH v1 07/13] KVM: selftests: Fix vm_mem_region_set_flags docstring James Houghton
2024-12-04 19:13 ` [PATCH v1 08/13] KVM: selftests: Fix prefault_mem logic James Houghton
2024-12-04 19:13 ` [PATCH v1 09/13] KVM: selftests: Add va_start/end into uffd_desc James Houghton
2024-12-04 19:13 ` [PATCH v1 10/13] KVM: selftests: Add KVM Userfault mode to demand_paging_test James Houghton
2024-12-14 22:46 ` kernel test robot
2024-12-04 19:13 ` [PATCH v1 11/13] KVM: selftests: Inform set_memory_region_test of KVM_MEM_USERFAULT James Houghton
2024-12-04 19:13 ` [PATCH v1 12/13] KVM: selftests: Add KVM_MEM_USERFAULT + guest_memfd toggle tests James Houghton
2024-12-04 19:13 ` [PATCH v1 13/13] KVM: Documentation: Add KVM_CAP_USERFAULT and KVM_MEM_USERFAULT details James Houghton
2024-12-07 1:38 ` Bagas Sanjaya
2024-12-24 21:07 ` [PATCH v1 00/13] KVM: Introduce KVM Userfault Peter Xu
2025-01-02 17:53 ` James Houghton
2025-01-16 20:19 ` Peter Xu
2025-01-16 20:32 ` Peter Xu
2025-01-16 22:16 ` Sean Christopherson
2025-01-16 23:04 ` James Houghton
2025-01-16 23:17 ` Peter Xu
2025-01-16 23:46 ` Sean Christopherson
2025-01-16 22:51 ` James Houghton
2025-01-16 23:31 ` Peter Xu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z4mWw8NXCoV-pONI@x1n \
--to=peterx@redhat.com \
--cc=amoorthy@google.com \
--cc=corbet@lwn.net \
--cc=dmatlack@google.com \
--cc=jthoughton@google.com \
--cc=kalyazin@amazon.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=pgonda@google.com \
--cc=seanjc@google.com \
--cc=wei.w.wang@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).