| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z4lsxgFSdiqpNtdG@x1n> Date: Thu, 16 Jan 2025 15:32:06 -0500 From: Peter Xu <peterx@...hat.com> To: James Houghton <jthoughton@...gle.com> Cc: Paolo Bonzini <pbonzini@...hat.com>, Sean Christopherson <seanjc@...gle.com>, Jonathan Corbet <corbet@....net>, Marc Zyngier <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, Yan Zhao <yan.y.zhao@...el.com>, Nikita Kalyazin <kalyazin@...zon.com>, Anish Moorthy <amoorthy@...gle.com>, Peter Gonda <pgonda@...gle.com>, David Matlack <dmatlack@...gle.com>, Wei W <wei.w.wang@...el.com>, kvm@...r.kernel.org, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, kvmarm@...ts.linux.dev Subject: Re: [PATCH v1 00/13] KVM: Introduce KVM Userfault On Thu, Jan 16, 2025 at 03:19:49PM -0500, Peter Xu wrote: > James, > > Sorry for a late reply. > > I still do have one or two pure questions, but nothing directly relevant to > your series. > > On Thu, Jan 02, 2025 at 12:53:11PM -0500, James Houghton wrote: > > So I'm not pushing for KVM Userfault to replace userfaultfd; it's not > > worth the extra/duplicated complexity. And at LPC, Paolo and Sean > > indicated that this direction was indeed wrong. I have another way to > > make this work in mind. :) > > Do you still want to share it, more or less? :) > > > > > For the gmem case, userfaultfd cannot be used, so KVM Userfault isn't > > replacing it. And as of right now anyway, KVM Userfault *does* provide > > a complete post-copy system for gmem. > > > > When gmem pages can be mapped into userspace, for post-copy to remain > > functional, userspace-mapped gmem will need userfaultfd integration. > > Keep in mind that even after this integration happens, userfaultfd > > alone will *not* be a complete post-copy solution, as vCPU faults > > won't be resolved via the userspace page tables. > > Do you know in context of CoCo, whether a private page can be accessed at > all outside of KVM? > > I think I'm pretty sure now a private page can never be mapped to > userspace. However, can another module like vhost-kernel access it during > postcopy? My impression of that is still a yes, but then how about > vhost-user? > > Here, the "vhost-kernel" part represents a question on whether private > pages can be accessed at all outside KVM. While "vhost-user" part > represents a question on whether, if the previous vhost-kernel question > answers as "yes it can", such access attempt can happen in another > process/task (hence, not only does it lack KVM context, but also not > sharing the same task context). Right after I sent it, I just recalled whenever a device needs to access the page, it needs to be converted to shared pages first.. So I suppose the questions were not valid at all! It is not about the context but that the pages will be shared always whenever a device in whatever form will access it.. Fundamentally I'm thinking about whether userfaultfd must support (fd, offset) tuple. Now I suppose it's not, because vCPUs accessing private/shared will all exit to userspace, while all non-vCPU / devices can access shared pages only. In that case, looks like userfaultfd can support CoCo on device emulations by sticking with virtual-address traps like before, at least from that specific POV. -- Peter Xu
Powered by blists - more mailing lists