| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <689cc75bee26e_20a6d929463@iweiny-mobl.notmuch> Date: Wed, 13 Aug 2025 12:11:55 -0500 From: Ira Weiny <ira.weiny@...el.com> To: Fuad Tabba <tabba@...gle.com>, Michael Roth <michael.roth@....com> CC: Vishal Annapurve <vannapurve@...gle.com>, Ackerley Tng <ackerleytng@...gle.com>, <kvm@...r.kernel.org>, <linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>, <x86@...nel.org>, <linux-fsdevel@...r.kernel.org>, <aik@....com>, <ajones@...tanamicro.com>, <akpm@...ux-foundation.org>, <amoorthy@...gle.com>, <anthony.yznaga@...cle.com>, <anup@...infault.org>, <aou@...s.berkeley.edu>, <bfoster@...hat.com>, <binbin.wu@...ux.intel.com>, <brauner@...nel.org>, <catalin.marinas@....com>, <chao.p.peng@...el.com>, <chenhuacai@...nel.org>, <dave.hansen@...el.com>, <david@...hat.com>, <dmatlack@...gle.com>, <dwmw@...zon.co.uk>, <erdemaktas@...gle.com>, <fan.du@...el.com>, <fvdl@...gle.com>, <graf@...zon.com>, <haibo1.xu@...el.com>, <hch@...radead.org>, <hughd@...gle.com>, <ira.weiny@...el.com>, <isaku.yamahata@...el.com>, <jack@...e.cz>, <james.morse@....com>, <jarkko@...nel.org>, <jgg@...pe.ca>, <jgowans@...zon.com>, <jhubbard@...dia.com>, <jroedel@...e.de>, <jthoughton@...gle.com>, <jun.miao@...el.com>, <kai.huang@...el.com>, <keirf@...gle.com>, <kent.overstreet@...ux.dev>, <kirill.shutemov@...el.com>, <liam.merwick@...cle.com>, <maciej.wieczor-retman@...el.com>, <mail@...iej.szmigiero.name>, <maz@...nel.org>, <mic@...ikod.net>, <mpe@...erman.id.au>, <muchun.song@...ux.dev>, <nikunj@....com>, <nsaenz@...zon.es>, <oliver.upton@...ux.dev>, <palmer@...belt.com>, <pankaj.gupta@....com>, <paul.walmsley@...ive.com>, <pbonzini@...hat.com>, <pdurrant@...zon.co.uk>, <peterx@...hat.com>, <pgonda@...gle.com>, <pvorel@...e.cz>, <qperret@...gle.com>, <quic_cvanscha@...cinc.com>, <quic_eberman@...cinc.com>, <quic_mnalajal@...cinc.com>, <quic_pderrin@...cinc.com>, <quic_pheragu@...cinc.com>, <quic_svaddagi@...cinc.com>, <quic_tsoni@...cinc.com>, <richard.weiyang@...il.com>, <rick.p.edgecombe@...el.com>, <rientjes@...gle.com>, <roypat@...zon.co.uk>, <rppt@...nel.org>, <seanjc@...gle.com>, <shuah@...nel.org>, <steven.price@....com>, <steven.sistare@...cle.com>, <suzuki.poulose@....com>, <thomas.lendacky@....com>, <usama.arif@...edance.com>, <vbabka@...e.cz>, <viro@...iv.linux.org.uk>, <vkuznets@...hat.com>, <wei.w.wang@...el.com>, <will@...nel.org>, <willy@...radead.org>, <xiaoyao.li@...el.com>, <yan.y.zhao@...el.com>, <yilun.xu@...el.com>, <yuzenghui@...wei.com>, <zhiquan1.li@...el.com> Subject: Re: [RFC PATCH v2 02/51] KVM: guest_memfd: Introduce and use shareability to guard faulting Fuad Tabba wrote: > Hi, > > On Thu, 3 Jul 2025 at 05:12, Michael Roth <michael.roth@....com> wrote: > > > > On Wed, Jul 02, 2025 at 05:46:23PM -0700, Vishal Annapurve wrote: > > > On Wed, Jul 2, 2025 at 4:25 PM Michael Roth <michael.roth@....com> wrote: > > > > > > > > On Wed, Jun 11, 2025 at 02:51:38PM -0700, Ackerley Tng wrote: > > > > > Michael Roth <michael.roth@....com> writes: > > > > > > > > > > > On Wed, May 14, 2025 at 04:41:41PM -0700, Ackerley Tng wrote: [snip] > > > > > > The mtree contents seems to get stored in the same manner in either case so > > > > > > performance-wise only the overhead of a few userspace<->kernel switches > > > > > > would be saved. Are there any other reasons? > > > > > > > > > > > > Otherwise, maybe just settle on SHARED as a documented default (since at > > > > > > least non-CoCo VMs would be able to reliably benefit) and let > > > > > > CoCo/GUEST_MEMFD_FLAG_SUPPORT_SHARED VMs set PRIVATE at whatever > > > > > > granularity makes sense for the architecture/guest configuration. > > > > > > > > > > > > > > > > Because shared pages are split once any memory is allocated, having a > > > > > way to INIT_PRIVATE could avoid the split and then merge on > > > > > conversion. I feel that is enough value to have this config flag, what > > > > > do you think? > > > > > > > > > > I guess we could also have userspace be careful not to do any allocation > > > > > before converting. > > > > (Re-visiting this with the assumption that we *don't* intend to use mmap() to > > populate memory (in which case you can pretty much ignore my previous > > response)) > > > > I'm still not sure where the INIT_PRIVATE flag comes into play. For SNP, > > userspace already defaults to marking everything private pretty close to > > guest_memfd creation time, so the potential for allocations to occur > > in-between seems small, but worth confirming. > > > > But I know in the past there was a desire to ensure TDX/SNP could > > support pre-allocating guest_memfd memory (and even pre-faulting via > > KVM_PRE_FAULT_MEMORY), but I think that could still work right? The > > fallocate() handling could still avoid the split if the whole hugepage > > is private, though there is a bit more potential for that fallocate() > > to happen before userspace does the "manually" shared->private > > conversion. I'll double-check on that aspect, but otherwise, is there > > still any other need for it? > > It's not just about performance. I think that the need is more a > matter of having a consistent API with the hypervisors guest_memfd is > going to support. Memory in guest_memfd is shared by default, but in > pKVM for example, it's private by default. Therefore, it would be good ^^^^^^^^^^^^^^^^ And Coco's as well right? Ira > to have a way to ensure that all guest_memfd allocations can be made > private from the get-go. > > Cheers, > /fuad > [snip]
Powered by blists - more mailing lists