Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory

[PATCH v8 0/8] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2022-09-15
[PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · David Hildenbrand <hidden> · 2022-09-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-09-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · "Andy Lutomirski" <luto@kernel.org> · 2022-09-21
RE: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Wang, Wei W <hidden> · 2022-09-22
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-23
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-23
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-09-26
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-26
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-09-27
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-30
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-10-13
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-10-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-10-18
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-09-23
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · David Hildenbrand <hidden> · 2022-09-26
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A. Shutemov <hidden> · 2022-09-26
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · David Hildenbrand <hidden> · 2022-09-26
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-09-27
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A. Shutemov <hidden> · 2022-09-28
RE: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Wang, Wei W <hidden> · 2022-09-22
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-09-22
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-09-23
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-23
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-09-30
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-09-30
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-03
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A. Shutemov <hidden> · 2022-10-03
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-04
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Fuad Tabba <hidden> · 2022-10-06
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A. Shutemov <hidden> · 2022-10-06
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Vlastimil Babka <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Gupta, Pankaj <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-10-17
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Vishal Annapurve <hidden> · 2022-10-18
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-10-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Vishal Annapurve <hidden> · 2022-10-20
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-10-21
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-10-21
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Vishal Annapurve <hidden> · 2022-10-19
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Chao Peng <hidden> · 2022-10-21
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Sean Christopherson <seanjc@google.com> · 2022-10-21
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Kirill A . Shutemov <hidden> · 2022-10-24
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · David Hildenbrand <hidden> · 2022-10-24
Re: [PATCH v8 1/8] mm/memfd: Introduce userspace inaccessible memfd · Vishal Annapurve <hidden> · 2022-11-03
[PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Bagas Sanjaya <hidden> · 2022-09-16
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-09-16
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Fuad Tabba <hidden> · 2022-09-26
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-09-26
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Isaku Yamahata <hidden> · 2022-09-29
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Sean Christopherson <seanjc@google.com> · 2022-09-29
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-05
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-05
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Fuad Tabba <hidden> · 2022-10-06
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-06
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-06
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Sean Christopherson <seanjc@google.com> · 2022-10-06
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-07
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Sean Christopherson <seanjc@google.com> · 2022-10-07
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-07
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-08
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-08
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-10-10
Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-12
[PATCH v8 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Bagas Sanjaya <hidden> · 2022-09-16
Re: [PATCH v8 3/8] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Chao Peng <hidden> · 2022-09-16
[PATCH v8 4/8] KVM: Use gfn instead of hva for mmu_notifier_retry · Chao Peng <hidden> · 2022-09-15
[PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Fuad Tabba <hidden> · 2022-09-26
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Chao Peng <hidden> · 2022-09-26
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Fuad Tabba <hidden> · 2022-10-11
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Chao Peng <hidden> · 2022-10-12
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Fuad Tabba <hidden> · 2022-10-17
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Sean Christopherson <seanjc@google.com> · 2022-10-17
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Chao Peng <hidden> · 2022-10-19
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Fuad Tabba <hidden> · 2022-10-19
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Sean Christopherson <seanjc@google.com> · 2022-10-19
Re: [PATCH v8 5/8] KVM: Register/unregister the guest private memory regions · Fuad Tabba <hidden> · 2022-10-19
[PATCH v8 6/8] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 6/8] KVM: Update lpage info when private/shared memory are mixed · Isaku Yamahata <hidden> · 2022-09-29
Re: [PATCH v8 6/8] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2022-09-30
[PATCH v8 7/8] KVM: Handle page fault for private memory · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 7/8] KVM: Handle page fault for private memory · Sean Christopherson <seanjc@google.com> · 2022-10-14
Re: [PATCH v8 7/8] KVM: Handle page fault for private memory · Chao Peng <hidden> · 2022-10-17
[PATCH v8 8/8] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2022-09-15
Re: [PATCH v8 8/8] KVM: Enable and expose KVM_MEM_PRIVATE · Jarkko Sakkinen <jarkko@kernel.org> · 2022-10-04
Re: [PATCH v8 8/8] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2022-10-10
Re: [PATCH v8 8/8] KVM: Enable and expose KVM_MEM_PRIVATE · Fuad Tabba <hidden> · 2022-10-06
Re: [PATCH v8 8/8] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2022-10-10

From: Jarkko Sakkinen <jarkko@kernel.org>
Date: 2022-10-05 13:04:10
Also in: kvm, linux-doc, linux-fsdevel, linux-mm, lkml, qemu-devel

On Thu, Sep 15, 2022 at 10:29:07PM +0800, Chao Peng wrote:

In memory encryption usage, guest memory may be encrypted with special
key and can be accessed only by the VM itself. We call such memory
private memory. It's valueless and sometimes can cause problem to allow
userspace to access guest private memory. This patch extends the KVM
memslot definition so that guest private memory can be provided though
an inaccessible_notifier enlightened file descriptor (fd), without being
mmaped into userspace.

This new extension, indicated by the new flag KVM_MEM_PRIVATE, adds two
additional KVM memslot fields private_fd/private_offset to allow
userspace to specify that guest private memory provided from the
private_fd and guest_phys_addr mapped at the private_offset of the
private_fd, spanning a range of memory_size.

The extended memslot can still have the userspace_addr(hva). When use, a
single memslot can maintain both private memory through private
fd(private_fd/private_offset) and shared memory through
hva(userspace_addr). Whether the private or shared part is visible to
guest is maintained by other KVM code.

Since there is no userspace mapping for private fd so we cannot
get_user_pages() to get the pfn in KVM, instead we add a new
inaccessible_notifier in the internal memslot structure and rely on it
to get pfn by interacting with the memory file systems.

Together with the change, a new config HAVE_KVM_PRIVATE_MEM is added and
right now it is selected on X86_64 for Intel TDX usage.

To make code maintenance easy, internally we use a binary compatible
alias struct kvm_user_mem_region to handle both the normal and the
'_ext' variants.

Co-developed-by: Yu Zhang <redacted>
Signed-off-by: Yu Zhang <redacted>
Signed-off-by: Chao Peng <redacted>

What if userspace_addr would contain address of an extension structure,
if the flag is set, instead of shared address? I.e. interpret that field
differently (could be turned into union too ofc).

That idea could be at least re-used, if there's ever any new KVM_MEM_*
flags that would need an extension.

E.g. have struct kvm_userspace_memory_private, which contains shared
address, fd and the offset.

BR, Jarkko

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help