Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM

[PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2022-12-02
[PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Fuad Tabba <hidden> · 2022-12-06
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-07
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2022-12-13
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-19
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2022-12-19
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-20
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2022-12-20
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-21
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2022-12-22
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Vlastimil Babka <hidden> · 2023-01-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Kirill A. Shutemov <hidden> · 2023-01-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Vlastimil Babka <hidden> · 2023-02-13
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2023-01-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Sean Christopherson <seanjc@google.com> · 2023-01-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Vlastimil Babka <hidden> · 2023-01-24
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Sean Christopherson <seanjc@google.com> · 2022-12-22
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Huang, Kai <hidden> · 2022-12-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2022-12-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Kirill A. Shutemov <hidden> · 2023-01-23
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Vlastimil Babka <hidden> · 2023-02-13
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Michael Roth <hidden> · 2023-02-13
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Sean Christopherson <seanjc@google.com> · 2023-01-13
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2023-01-17
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Sean Christopherson <seanjc@google.com> · 2023-01-17
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2023-01-18
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Isaku Yamahata <hidden> · 2023-01-18
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Alexey Kardashevskiy <hidden> · 2023-02-22
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Chao Peng <hidden> · 2023-02-24
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Nikunj A. Dadhania <hidden> · 2023-02-16
Re: [PATCH v10 1/9] mm: Introduce memfd_restricted system call to create restricted user memory · Michael Roth <hidden> · 2023-03-20
[PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Fabiano Rosas <hidden> · 2022-12-06
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2022-12-07
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Fuad Tabba <hidden> · 2022-12-06
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2022-12-07
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Borislav Petkov <bp@alien8.de> · 2022-12-16
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2022-12-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Borislav Petkov <bp@alien8.de> · 2022-12-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2022-12-20
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chenyi Qiang <hidden> · 2022-12-28
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2023-01-03
RE: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Wang, Wei W <hidden> · 2023-01-03
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-01-03
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2023-01-05
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-01-13
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Binbin Wu <hidden> · 2023-01-17
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Chao Peng <hidden> · 2023-01-17
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-01-17
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Isaku Yamahata <hidden> · 2023-02-09
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-02-10
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Isaku Yamahata <hidden> · 2023-02-13
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-02-14
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Nicolas Saenz Julienne <hidden> · 2023-05-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-05-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Nicolas Saenz Julienne <hidden> · 2023-05-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Sean Christopherson <seanjc@google.com> · 2023-05-19
Re: [PATCH v10 2/9] KVM: Introduce per-page memory attributes · Nicolas Saenz Julienne <hidden> · 2023-05-23
[PATCH v10 4/9] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 4/9] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Fuad Tabba <hidden> · 2022-12-06
Re: [PATCH v10 4/9] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Chao Peng <hidden> · 2022-12-07
Re: [PATCH v10 4/9] KVM: Add KVM_EXIT_MEMORY_FAULT exit · Sean Christopherson <seanjc@google.com> · 2023-01-13
[PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Fuad Tabba <hidden> · 2022-12-05
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-06
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Fuad Tabba <hidden> · 2022-12-06
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-07
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Xiaoyao Li <hidden> · 2022-12-08
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-08
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Xiaoyao Li <hidden> · 2022-12-13
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-19
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Borislav Petkov <bp@alien8.de> · 2022-12-19
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-20
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Borislav Petkov <bp@alien8.de> · 2022-12-20
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2022-12-21
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2023-01-05
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2023-01-06
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Sean Christopherson <seanjc@google.com> · 2023-01-09
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2023-01-10
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Vishal Annapurve <hidden> · 2023-01-10
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Sean Christopherson <seanjc@google.com> · 2023-01-13
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Chao Peng <hidden> · 2023-01-17
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2023-01-20
Re: [PATCH v10 3/9] KVM: Extend the memslot to support fd-based private memory · Jarkko Sakkinen <jarkko@kernel.org> · 2023-01-20
[PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Fuad Tabba <hidden> · 2022-12-05
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Chao Peng <hidden> · 2022-12-06
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Fuad Tabba <hidden> · 2022-12-06
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Chao Peng <hidden> · 2022-12-09
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Isaku Yamahata <hidden> · 2022-12-07
Re: [PATCH v10 5/9] KVM: Use gfn instead of hva for mmu_notifier_retry · Chao Peng <hidden> · 2022-12-07
[PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Yuan Yao <hidden> · 2022-12-07
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Chao Peng <hidden> · 2022-12-08
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Yuan Yao <hidden> · 2022-12-09
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Fuad Tabba <hidden> · 2022-12-07
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Chao Peng <hidden> · 2022-12-08
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Fuad Tabba <hidden> · 2022-12-09
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Chao Peng <hidden> · 2022-12-12
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Huang, Kai <hidden> · 2022-12-13
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Chao Peng <hidden> · 2022-12-19
Re: [PATCH v10 6/9] KVM: Unmap existing mappings when change the memory attributes · Sean Christopherson <seanjc@google.com> · 2023-01-13
[PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Isaku Yamahata <hidden> · 2022-12-05
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2022-12-06
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Isaku Yamahata <hidden> · 2022-12-07
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2022-12-08
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Sean Christopherson <seanjc@google.com> · 2023-01-13
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Sean Christopherson <seanjc@google.com> · 2023-01-13
Re: [PATCH v10 7/9] KVM: Update lpage info when private/shared memory are mixed · Chao Peng <hidden> · 2023-01-28
[PATCH v10 8/9] KVM: Handle page fault for private memory · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Yuan Yao <hidden> · 2022-12-08
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Chao Peng <hidden> · 2022-12-08
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Yuan Yao <hidden> · 2022-12-09
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Fuad Tabba <hidden> · 2022-12-09
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Chao Peng <hidden> · 2022-12-12
Re: [PATCH v10 8/9] KVM: Handle page fault for private memory · Sean Christopherson <seanjc@google.com> · 2023-01-13
[PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2022-12-02
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Fuad Tabba <hidden> · 2022-12-09
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Vishal Annapurve <hidden> · 2023-01-05
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2023-01-06
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Sean Christopherson <seanjc@google.com> · 2023-01-14
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2023-01-17
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Sean Christopherson <seanjc@google.com> · 2023-01-17
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2023-01-18
Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE · Chao Peng <hidden> · 2023-01-28
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-01-14
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Kirill A. Shutemov <hidden> · 2023-01-16
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2023-01-17
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Fuad Tabba <hidden> · 2023-01-17
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Isaku Yamahata <hidden> · 2023-01-19
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-01-19
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Isaku Yamahata <hidden> · 2023-01-19
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-01-24
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Isaku Yamahata <hidden> · 2023-02-08
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Michael Roth <hidden> · 2023-02-13
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2023-02-21
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Michael Roth <hidden> · 2023-03-23
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2023-03-24
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-04-12
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Chao Peng <hidden> · 2023-04-17
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-04-17
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Liam Merwick <hidden> · 2023-01-24
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-01-25
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Kirill A. Shutemov <hidden> · 2023-01-25
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Liam Merwick <hidden> · 2023-01-25
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-04-13
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Kirill A. Shutemov <hidden> · 2023-04-13
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Mike Rapoport <rppt@kernel.org> · 2023-02-16
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · David Hildenbrand <hidden> · 2023-02-16
Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM · Sean Christopherson <seanjc@google.com> · 2023-02-22

From: Sean Christopherson <seanjc@google.com>
Date: 2023-02-22 21:53:24
Also in: kvm, linux-arch, linux-doc, linux-fsdevel, linux-mm, lkml, qemu-devel

On Thu, Feb 16, 2023, David Hildenbrand wrote:

On 16.02.23 06:13, Mike Rapoport wrote:

quoted

Hi,

On Fri, Dec 02, 2022 at 02:13:38PM +0800, Chao Peng wrote:

quoted

This patch series implements KVM guest private memory for confidential
computing scenarios like Intel TDX[1]. If a TDX host accesses
TDX-protected guest memory, machine check can happen which can further
crash the running host system, this is terrible for multi-tenant
configurations. The host accesses include those from KVM userspace like
QEMU. This series addresses KVM userspace induced crash by introducing
new mm and KVM interfaces so KVM userspace can still manage guest memory
via a fd-based approach, but it can never access the guest memory
content.

Sorry for jumping late.

Unless I'm missing something, hibernation will also cause an machine check
when there is TDX-protected memory in the system. When the hibernation
creates memory snapshot it essentially walks all physical pages and saves
their contents, so for TDX memory this will trigger machine check, right?

For hibernation specifically, I think that should be handled elsewhere as hibernation
is simply incompatible with TDX, SNP, pKVM, etc. without paravirtualizing the
guest, as none of those technologies support auto-export a la s390.  I suspect
the right approach is to disallow hibernation if KVM is running any protected guests.

I recall bringing that up in the past (also memory access due to kdump,
/prov/kcore) and was told that the main focus for now is preventing
unprivileged users from crashing the system, that is, not mapping such
memory into user space (e.g., QEMU). In the long run, we'll want to handle
such pages also properly in the other events where the kernel might access
them.

Ya, unless someone strongly objects, the plan is to essentially treat "attacks"
from privileged users as out of to scope for initial support, and then iterate
as needed to fix/enable more features.

FWIW, read accesses, e.g. kdump, should be ok for TDX and SNP as they both play
nice with "bad" reads.  pKVM is a different beast though as I believe any access
to guest private memory will fault.  But my understanding is that this series
would be a big step forward for pKVM, which currently doesn't have any safeguards.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help