From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756040AbcGGCm3 (ORCPT ); Wed, 6 Jul 2016 22:42:29 -0400 Received: from mga03.intel.com ([134.134.136.65]:43759 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751504AbcGGCm2 (ORCPT ); Wed, 6 Jul 2016 22:42:28 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,322,1464678000"; d="scan'208";a="1012207677" Subject: Re: [PATCH 0/2] KVM: MMU: support VMAs that got remap_pfn_range-ed To: Paolo Bonzini , Neo Jia References: <1467291711-3230-1-git-send-email-pbonzini@redhat.com> <20160705054147.GA27138@nvidia.com> <577C664E.3080802@linux.intel.com> <20160706021839.GA9064@nvidia.com> <577C6E66.60601@linux.intel.com> <20160706025750.GA9457@nvidia.com> <577C82BE.1060900@linux.intel.com> <6c882628-57bd-b309-5156-519a1405ecec@redhat.com> Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Kirti Wankhede , Andrea Arcangeli , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= From: Xiao Guangrong Message-ID: <577DC03C.1000602@linux.intel.com> Date: Thu, 7 Jul 2016 10:36:44 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0 MIME-Version: 1.0 In-Reply-To: <6c882628-57bd-b309-5156-519a1405ecec@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 07/06/2016 07:48 PM, Paolo Bonzini wrote: > > > On 06/07/2016 06:02, Xiao Guangrong wrote: >>>> >>>>> >>>>> May I ask you what the exact issue you have with this interface for >>>>> Intel to support >>>>> your own GPU virtualization? >>>> >>>> Intel's vGPU can work with this framework. We really appreciate your >>>> / nvidia's >>>> contribution. >>> >>> Then, I don't think we should embargo Paolo's patch. >> >> This patchset is specific for the framework design, i.e, mapping memory when >> fault happens rather than mmap(), and this design is exact what we are >> discussing for nearly two days. > > I disagree, this patch fixes a bug because what Neo is doing is legal. > It may not be the design that will be committed, but the bug they found > in KVM is real. > I just worried if we really need fault-on-demand for device memory, i.e, if device memory overcommit is safe enough. It lacks a graceful way to recover the workload if the resource is really overloaded. Unlike with normal memory, host kernel and guest kernel can not do anything except killing the VM under this case. So the VM get crashed due to device emulation, that is not safe as the device can be accessed in userspace even with unprivileged user, it is vulnerable in data center.