lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Zyir9FOnMJoSJreD@kernel.org>
Date: Mon, 4 Nov 2024 13:11:48 +0200
From: Mike Rapoport <rppt@...nel.org>
To: "Gowans, James" <jgowans@...zon.com>
Cc: "jgg@...pe.ca" <jgg@...pe.ca>,
	"quic_eberman@...cinc.com" <quic_eberman@...cinc.com>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
	"brauner@...nel.org" <brauner@...nel.org>,
	"anthony.yznaga@...cle.com" <anthony.yznaga@...cle.com>,
	"steven.sistare@...cle.com" <steven.sistare@...cle.com>,
	"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"Durrant, Paul" <pdurrant@...zon.co.uk>,
	"Woodhouse, David" <dwmw@...zon.co.uk>,
	"pbonzini@...hat.com" <pbonzini@...hat.com>,
	"seanjc@...gle.com" <seanjc@...gle.com>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	"Saenz Julienne, Nicolas" <nsaenz@...zon.es>,
	"Graf (AWS), Alexander" <graf@...zon.de>,
	"viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
	"jack@...e.cz" <jack@...e.cz>,
	"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: Re: [PATCH 05/10] guestmemfs: add file mmap callback

On Sat, Nov 02, 2024 at 08:24:15AM +0000, Gowans, James wrote:
> On Fri, 2024-11-01 at 10:42 -0300, Jason Gunthorpe wrote:
> > 
> > On Fri, Nov 01, 2024 at 01:01:00PM +0000, Gowans, James wrote:
> > 
> > > Thanks Jason, that sounds perfect. I'll work on the next rev which will:
> > > - expose a filesystem which owns reserved/persistent memory, just like
> > > this patch.
> > 
> > Is this step needed?
> > 
> > If the guest memfd is already told to get 1G pages in some normal way,
> > why do we need a dedicated pool just for the KHO filesystem?
> > 
> > Back to my suggestion, can't KHO simply freeze the guest memfd and
> > then extract the memory layout, and just use the normal allocator?
> > 
> > Or do you have a hard requirement that only KHO allocated memory can
> > be preserved across kexec?
> 
> KHO can persist any memory ranges which are not MOVABLE. Provided that
> guest_memfd does non-movable allocations then serialising and persisting
> should be possible.
> 
> There are other requirements here, specifically the ability to be
> *guaranteed* GiB-level allocations, have the guest memory out of the
> direct map for secret hiding, and remove the struct page overhead.
> Struct page overhead could be handled via HVO. But considering that the
> memory must be out of the direct map it seems unnecessary to have struct
> pages, and unnecessary to have it managed by an existing allocator.

Having memory out of direct map does not preclude manipulations of struct
page unless that memory is completely out of the kernel control (e.g.
excluded by mem=X) and this is not necessarily the case even for VM hosts.

It's not not necessary to manage the memory using an existing allocator,
but I think a specialized allocator should not be a part of guestmemfs.`
 
> JG

-- 
Sincerely yours,
Mike.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ