| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <fc0bb268-07b7-41ef-9a82-791d381f56ac@amazon.com>
Date: Fri, 3 Oct 2025 18:23:57 +0100
From: Nikita Kalyazin <kalyazin@...zon.com>
To: Paolo Bonzini <pbonzini@...hat.com>, Marc Zyngier <maz@...nel.org>,
"Oliver Upton" <oliver.upton@...ux.dev>, Huacai Chen <chenhuacai@...nel.org>,
"Michael Ellerman" <mpe@...erman.id.au>, Anup Patel <anup@...infault.org>,
"Paul Walmsley" <paul.walmsley@...ive.com>, Palmer Dabbelt
<palmer@...belt.com>, Albert Ou <aou@...s.berkeley.edu>, Sean Christopherson
<seanjc@...gle.com>, Alexander Viro <viro@...iv.linux.org.uk>, Christian
Brauner <brauner@...nel.org>, "Matthew Wilcox (Oracle)"
<willy@...radead.org>, "Andrew Morton" <akpm@...ux-foundation.org>
CC: <kvm@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>,
<kvmarm@...ts.linux.dev>, <linux-mips@...r.kernel.org>,
<linuxppc-dev@...ts.ozlabs.org>, <kvm-riscv@...ts.infradead.org>,
<linux-riscv@...ts.infradead.org>, <linux-fsdevel@...r.kernel.org>,
<linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>, Xiaoyao Li
<xiaoyao.li@...el.com>, Xu Yilun <yilun.xu@...el.com>, Chao Peng
<chao.p.peng@...ux.intel.com>, Fuad Tabba <tabba@...gle.com>, Jarkko Sakkinen
<jarkko@...nel.org>, Anish Moorthy <amoorthy@...gle.com>, David Matlack
<dmatlack@...gle.com>, Yu Zhang <yu.c.zhang@...ux.intel.com>, Isaku Yamahata
<isaku.yamahata@...el.com>, Mickaël Salaün
<mic@...ikod.net>, Vlastimil Babka <vbabka@...e.cz>, Vishal Annapurve
<vannapurve@...gle.com>, Ackerley Tng <ackerleytng@...gle.com>, "Maciej
Szmigiero" <mail@...iej.szmigiero.name>, David Hildenbrand
<david@...hat.com>, Quentin Perret <qperret@...gle.com>, Michael Roth
<michael.roth@....com>, Wang <wei.w.wang@...el.com>, Liam Merwick
<liam.merwick@...cle.com>, "Isaku Yamahata" <isaku.yamahata@...il.com>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Subject: Re: [PATCH 15/34] KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for
guest-specific backing memory
On 05/11/2023 16:30, Paolo Bonzini wrote:
> From: Sean Christopherson <seanjc@...gle.com>
>
> Introduce an ioctl(), KVM_CREATE_GUEST_MEMFD, to allow creating file-based
> memory that is tied to a specific KVM virtual machine and whose primary
> purpose is to serve guest memory.
...
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index f1a575d39b3b..8f46d757a2c5 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
...
> -static int check_memory_region_flags(const struct kvm_userspace_memory_region2 *mem)
> +static int check_memory_region_flags(struct kvm *kvm,
> + const struct kvm_userspace_memory_region2 *mem)
> {
> u32 valid_flags = KVM_MEM_LOG_DIRTY_PAGES;
>
> + if (kvm_arch_has_private_mem(kvm))
> + valid_flags |= KVM_MEM_GUEST_MEMFD;
> +
> + /* Dirty logging private memory is not currently supported. */
> + if (mem->flags & KVM_MEM_GUEST_MEMFD)
> + valid_flags &= ~KVM_MEM_LOG_DIRTY_PAGES;
I was wondering whether this restriction is still required at this stage
or can be lifted in cases where the guest memory is accessible by the
host. Specifically, it would be useful to support differential memory
snapshots based on dirty page tracking in Firecracker [1] or in live
migration. As an experiment, I removed the check and was able to
produce a diff snapshot and restore a Firecracker VM from it.
[1]
https://github.com/firecracker-microvm/firecracker/blob/main/docs/snapshotting/snapshot-support.md#creating-diff-snapshots
> +
> #ifdef __KVM_HAVE_READONLY_MEM
> valid_flags |= KVM_MEM_READONLY;
> #endif
> @@ -2018,7 +2029,7 @@ int __kvm_set_memory_region(struct kvm *kvm,
> int as_id, id;
> int r;
>
> - r = check_memory_region_flags(mem);
> + r = check_memory_region_flags(kvm, mem);
> if (r)
> return r;
Powered by blists - more mailing lists