From: Alexandru Elisei <alexandru.elisei@arm.com>
To: Shivank Garg <shivankg@amd.com>
Cc: "Matthew Wilcox (Oracle)" <willy@infradead.org>,
Jan Kara <jack@suse.cz>,
Andrew Morton <akpm@linux-foundation.org>,
Vlastimil Babka <vbabka@kernel.org>,
Suren Baghdasaryan <surenb@google.com>,
Michal Hocko <mhocko@suse.com>,
Brendan Jackman <jackmanb@google.com>,
Johannes Weiner <hannes@cmpxchg.org>, Zi Yan <ziy@nvidia.com>,
David Hildenbrand <david@kernel.org>,
Matthew Brost <matthew.brost@intel.com>,
Joshua Hahn <joshua.hahnjy@gmail.com>,
Rakie Kim <rakie.kim@sk.com>, Byungchul Park <byungchul@sk.com>,
Gregory Price <gourry@gourry.net>,
Ying Huang <ying.huang@linux.alibaba.com>,
Alistair Popple <apopple@nvidia.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Chao Peng <chao.p.peng@linux.intel.com>,
Nikunj A Dadhania <nikunj@amd.com>,
Ira Weiny <ira.weiny@intel.com>,
Michael Roth <michael.roth@amd.com>,
Pankaj Gupta <pankaj.gupta@amd.com>,
Ackerley Tng <ackerleytng@google.com>,
Fuad Tabba <tabba@google.com>,
Sean Christopherson <seanjc@google.com>,
Vishal Annapurve <vannapurve@google.com>,
Nikita Kalyazin <nikita.kalyazin@linux.dev>,
Patrick Roy <patrick.roy@linux.dev>,
Pratik Sampat <prsampat@amd.com>,
Ashish Kalra <Ashish.Kalra@amd.com>,
linux-fsdevel@vger.kernel.org, linux-coco@lists.linux.dev,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, linux-kselftest@vger.kernel.org
Subject: Re: [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs
Date: Mon, 15 Jun 2026 11:43:14 +0100 [thread overview]
Message-ID: <ai_XK__RTXMCEcCG@raptor> (raw)
In-Reply-To: <20260611-shivank-gmem-migrate-v1-0-2d266bfc6f95@amd.com>
Hi,
On Thu, Jun 11, 2026 at 01:05:07PM +0000, Shivank Garg wrote:
> guest_memfd folios are currently marked unmovable, so the kernel cannot
> perform NUMA-balancing, memory compaction, etc. This is unavoidable for
> confidential VMs (SEV-SNP, TDX), since memory is encrypted and copying it
> needs firmware assistance. However, for non-confidential VMs (like
> Firecracker), we can migrate the folios.
>
> This series enables folio migration for non-confidential guest_memfd and
> also lays the groundwork for migrating confidential guest_memfd later.
> Once firmware-assisted copying support is available, those VMs can be
> made movable, the confidential folio content can be copied separately,
> and the destination folio marked with FOLIO_CONTENT_COPIED so
> __migrate_folio() skips the host-side folio_mc_copy().
I always thought that one of the nice things about using guest_memfd as a
memory backend, as opposed to host userspace mappings, is that the host
cannot unmap VM memory because of KSM, automatic NUMA balancing, hugepage
collapse, compaction, etc, acting on the host userspace mapping of the
VM memory, and outside of the VMM's or KVM's control.
I think it would be useful to preserve this behaviour, even in the absence
of confidential VMs (i.e, guest_memfd file descriptor created with
GUEST_MEMFD_FLAG_MMAP).
Thanks,
Alex
>
> Testing
> -------
> Host: 7.1-rc7 + this, 2 NUMA nodes
>
> - KVM selftest: allocate folios on node 0, migrate them to node 1 and
> back and verify resulting NUMA node and the folio contents at each
> step.
>
> - Firecracker [1]: booted a microVM backed by guest_memfd. While the
> guest was running, forced host-side migration of its folios via
> migratepages(8) and explicit move_pages(2) of guest_memfd
> pages. Verify with /proc/firecracker_pid/numa_maps.
>
> [1] https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hiding
> and change builder.rs to remove GUEST_MEMFD_FLAG_NO_DIRECT_MAP from
> vm.create_guest_memfd()
>
> Best regards,
> Shivank
>
> Signed-off-by: Shivank Garg <shivankg@amd.com>
> ---
> Shivank Garg (3):
> mm: split AS_UNMOVABLE back out of AS_INACCESSIBLE
> KVM: guest_memfd: support folio migration for non-confidential VMs
> KVM: selftests: exercise guest_memfd folio migration
>
> include/linux/pagemap.h | 24 ++++++--
> mm/compaction.c | 12 ++--
> mm/migrate.c | 2 +-
> tools/testing/selftests/kvm/guest_memfd_test.c | 77 ++++++++++++++++++++++++++
> virt/kvm/guest_memfd.c | 49 ++++++++++++++--
> 5 files changed, 149 insertions(+), 15 deletions(-)
> ---
> base-commit: 4549871118cf616eecdd2d939f78e3b9e1dddc48
> change-id: 20260611-shivank-gmem-migrate-8c1c519b30a6
>
> Best regards,
> --
> Shivank Garg <shivankg@amd.com>
>
>
next prev parent reply other threads:[~2026-06-15 10:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-11 13:05 [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs Shivank Garg
2026-06-11 13:05 ` [PATCH RFC 1/3] mm: split AS_UNMOVABLE back out of AS_INACCESSIBLE Shivank Garg
2026-06-11 13:05 ` [PATCH RFC 2/3] KVM: guest_memfd: support folio migration for non-confidential VMs Shivank Garg
2026-06-11 13:05 ` [PATCH RFC 3/3] KVM: selftests: exercise guest_memfd folio migration Shivank Garg
2026-06-15 10:43 ` Alexandru Elisei [this message]
2026-06-15 11:04 ` [PATCH RFC 0/3] KVM: guest_memfd: folio migration for non-confidential VMs Alexandru Elisei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ai_XK__RTXMCEcCG@raptor \
--to=alexandru.elisei@arm.com \
--cc=Ashish.Kalra@amd.com \
--cc=ackerleytng@google.com \
--cc=akpm@linux-foundation.org \
--cc=apopple@nvidia.com \
--cc=byungchul@sk.com \
--cc=chao.p.peng@linux.intel.com \
--cc=david@kernel.org \
--cc=gourry@gourry.net \
--cc=hannes@cmpxchg.org \
--cc=ira.weiny@intel.com \
--cc=jack@suse.cz \
--cc=jackmanb@google.com \
--cc=joshua.hahnjy@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=matthew.brost@intel.com \
--cc=mhocko@suse.com \
--cc=michael.roth@amd.com \
--cc=nikita.kalyazin@linux.dev \
--cc=nikunj@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=patrick.roy@linux.dev \
--cc=pbonzini@redhat.com \
--cc=prsampat@amd.com \
--cc=rakie.kim@sk.com \
--cc=seanjc@google.com \
--cc=shivankg@amd.com \
--cc=shuah@kernel.org \
--cc=surenb@google.com \
--cc=tabba@google.com \
--cc=vannapurve@google.com \
--cc=vbabka@kernel.org \
--cc=willy@infradead.org \
--cc=ying.huang@linux.alibaba.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox