lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <71e9b2c8-0cc4-4646-88f0-7780e108e610@amazon.com>
Date: Fri, 1 Nov 2024 12:29:23 -0700
From: "Manwaring, Derek" <derekmn@...zon.com>
To: <dave.hansen@...el.com>
CC: <ackerleytng@...gle.com>, <agordeev@...ux.ibm.com>,
	<aou@...s.berkeley.edu>, <borntraeger@...ux.ibm.com>, <bp@...en8.de>,
	<canellac@...zon.at>, <catalin.marinas@....com>, <chenhuacai@...nel.org>,
	<corbet@....net>, <dave.hansen@...ux.intel.com>, <david@...hat.com>,
	<derekmn@...zon.com>, <elena.reshetova@...el.com>,
	<gerald.schaefer@...ux.ibm.com>, <gor@...ux.ibm.com>, <graf@...zon.com>,
	<hca@...ux.ibm.com>, <hpa@...or.com>, <jgowans@...zon.com>,
	<jthoughton@...gle.com>, <kalyazin@...zon.com>, <kernel@...0n.name>,
	<kvm@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>,
	<linux-doc@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
	<linux-kselftest@...r.kernel.org>, <linux-mm@...ck.org>,
	<linux-riscv@...ts.infradead.org>, <linux-s390@...r.kernel.org>,
	<linux-trace-kernel@...r.kernel.org>, <loongarch@...ts.linux.dev>,
	<luto@...nel.org>, <mathieu.desnoyers@...icios.com>, <mhiramat@...nel.org>,
	<mingo@...hat.com>, <mlipp@...zon.at>, <palmer@...belt.com>,
	<paul.walmsley@...ive.com>, <pbonzini@...hat.com>, <peterz@...radead.org>,
	<quic_eberman@...cinc.com>, <rostedt@...dmis.org>, <roypat@...zon.co.uk>,
	<rppt@...nel.org>, <seanjc@...gle.com>, <shuah@...nel.org>,
	<svens@...ux.ibm.com>, <tabba@...gle.com>, <tglx@...utronix.de>,
	<vannapurve@...gle.com>, <will@...nel.org>, <x86@...nel.org>,
	<xmarcalx@...zon.com>
Subject: Re: [RFC PATCH v3 0/6] Direct Map Removal for guest_memfd

On 2024-11-01 at 18:43+0000, Dave Hansen wrote:
> On 11/1/24 11:31, Manwaring, Derek wrote:
> > From that standpoint I'm still tempted to turn the question around a bit
> > for the host kernel's perspective. Like if the host kernel should not
> > (and indeed cannot with TDX controls in place) access guest private
> > memory, why not remove it from the direct map?
>
> Pretend that the machine check warts aren't there.
>
> It costs performance and complexity, for an only theoretical gain.  This
> is especially true for a VMM that's not doing a just doing confidential
> guests.  You fracture the direct map to pieces forever (for now).

I'm hopeful we'll navigate the complexity in a worthwhile way for the
non-CoCo case. Assuming we get there and have the option to remove from
direct map, users with CoCo hardware could choose if they want to do
both on their host. For me that's a sensible choice, but maybe that's
just me.

As far as performance, are you talking about just the fracturing or
something beyond that? The data Mike brought to LSFMMBPF 2023 showed the
perf impact from direct map fragmentation for memfd_secret isn't "that
bad" [1].

Derek


[1] https://lwn.net/Articles/931406/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ