lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260203181618.GY2328995@ziepe.ca>
Date: Tue, 3 Feb 2026 14:16:18 -0400
From: Jason Gunthorpe <jgg@...pe.ca>
To: Xu Yilun <yilun.xu@...ux.intel.com>
Cc: Sean Christopherson <seanjc@...gle.com>,
	Ackerley Tng <ackerleytng@...gle.com>,
	Alexey Kardashevskiy <aik@....com>, cgroups@...r.kernel.org,
	kvm@...r.kernel.org, linux-doc@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-kselftest@...r.kernel.org, linux-mm@...ck.org,
	linux-trace-kernel@...r.kernel.org, x86@...nel.org,
	akpm@...ux-foundation.org, binbin.wu@...ux.intel.com, bp@...en8.de,
	brauner@...nel.org, chao.p.peng@...el.com, chenhuacai@...nel.org,
	corbet@....net, dave.hansen@...el.com, dave.hansen@...ux.intel.com,
	david@...hat.com, dmatlack@...gle.com, erdemaktas@...gle.com,
	fan.du@...el.com, fvdl@...gle.com, haibo1.xu@...el.com,
	hannes@...xchg.org, hch@...radead.org, hpa@...or.com,
	hughd@...gle.com, ira.weiny@...el.com, isaku.yamahata@...el.com,
	jack@...e.cz, james.morse@....com, jarkko@...nel.org,
	jgowans@...zon.com, jhubbard@...dia.com, jroedel@...e.de,
	jthoughton@...gle.com, jun.miao@...el.com, kai.huang@...el.com,
	keirf@...gle.com, kent.overstreet@...ux.dev,
	liam.merwick@...cle.com, maciej.wieczor-retman@...el.com,
	mail@...iej.szmigiero.name, maobibo@...ngson.cn,
	mathieu.desnoyers@...icios.com, maz@...nel.org, mhiramat@...nel.org,
	mhocko@...nel.org, mic@...ikod.net, michael.roth@....com,
	mingo@...hat.com, mlevitsk@...hat.com, mpe@...erman.id.au,
	muchun.song@...ux.dev, nikunj@....com, nsaenz@...zon.es,
	oliver.upton@...ux.dev, palmer@...belt.com, pankaj.gupta@....com,
	paul.walmsley@...ive.com, pbonzini@...hat.com, peterx@...hat.com,
	pgonda@...gle.com, prsampat@....com, pvorel@...e.cz,
	qperret@...gle.com, richard.weiyang@...il.com,
	rick.p.edgecombe@...el.com, rientjes@...gle.com,
	rostedt@...dmis.org, roypat@...zon.co.uk, rppt@...nel.org,
	shakeel.butt@...ux.dev, shuah@...nel.org, steven.price@....com,
	steven.sistare@...cle.com, suzuki.poulose@....com, tabba@...gle.com,
	tglx@...utronix.de, thomas.lendacky@....com, vannapurve@...gle.com,
	vbabka@...e.cz, viro@...iv.linux.org.uk, vkuznets@...hat.com,
	wei.w.wang@...el.com, will@...nel.org, willy@...radead.org,
	wyihan@...gle.com, xiaoyao.li@...el.com, yan.y.zhao@...el.com,
	yilun.xu@...el.com, yuzenghui@...wei.com, zhiquan1.li@...el.com
Subject: Re: [RFC PATCH v1 05/37] KVM: guest_memfd: Wire up
 kvm_get_memory_attributes() to per-gmem attributes

On Tue, Feb 03, 2026 at 05:56:37PM +0800, Xu Yilun wrote:
> > +1.  For guest_memfd, we initially defined per-VM memory attributes to track
> > private vs. shared.  But as Ackerley noted, we are in the process of deprecating
> > that support, e.g. by making it incompatible with various guest_memfd features,
> > in favor of having each guest_memfd instance track the state of a given page.
> > 
> > The original guest_memfd design was that it would _only_ hold private pages, and
> > so tracking private vs. shared in guest_memfd didn't make any sense.  As we've
> > pivoted to in-place conversion, tracking private vs. shared in the guest_memfd
> > has basically become mandatory.  We could maaaaaybe make it work with per-VM
> > attributes, but it would be insanely complex.
> > 
> > For a dmabuf fd, the story is the same as guest_memfd.  Unless private vs. shared
> > is all or nothing, and can never change, then the only entity that can track that
> > info is the owner of the dmabuf.  And even if the private vs. shared attributes
> > are constant, tracking it external to KVM makes sense, because then the provider
> > can simply hardcode %true/%false.  
> 
> For CoCo-VM and Tee-IO, I'm wondering if host or KVM has to maintain
> the private/shared attribute for "assigned MMIO". I'm not naming them
> "host MMIO" cause unlike RAM host never needs to access them, either in
> private manner or shared manner.
> 
> Traditionally, host maps these MMIOs only because KVM needs HVA->HPA
> mapping to find pfn and setup KVM MMU.

This is not actually completely true, the host mapping still ends up
being used by KVM if it happens to trap and emulate a MMIO touching
instruction.

It really shouldn't do this, but there is a whole set of complex
machinery in KVM and qemu to handle this case.

For example if the MSI-X window is not properly aligned then you have
some MMIO that is trapped and must be reflected to real HW.

So the sharable parts of the BAR should still end up being mmaped into
userspace, I think.

Which means we need VFIO to know what they are, and hopefully it is
just static based on the TDISP reports..

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ