Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory

From:	Sean Christopherson
Subject:	Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory
Date:	Wed, 5 Jan 2022 20:52:39 +0000

On Wed, Jan 05, 2022, Yan Zhao wrote:
> Sorry, maybe I didn't express it clearly.
> 
> As in the kvm_faultin_pfn_private(), 
> static bool kvm_faultin_pfn_private(struct kvm_vcpu *vcpu,
>                                   struct kvm_page_fault *fault,
>                                   bool *is_private_pfn, int *r)
> {
>       int order;
>       int mem_convert_type;
>       struct kvm_memory_slot *slot = fault->slot;
>       long pfn = kvm_memfd_get_pfn(slot, fault->gfn, &order);
>       ...
> }
> Currently, kvm_memfd_get_pfn() is called unconditionally.
> However, if the backend of a private memslot is not memfd, and is device
> fd for example, a different xxx_get_pfn() is required here.

Ya, I've complained about this in a different thread[*].  This should really be
something like kvm_private_fd_get_pfn(), where the underlying ops struct can 
point
at any compatible backing store.

https://lore.kernel.org/all/YcuMUemyBXFYyxCC@google.com/

> Further, though mapped to a private gfn, it might be ok for QEMU to
> access the device fd in hva-based way (or call it MMU access way, e.g.
> read/write/mmap), it's desired that it could use the traditional to get
> pfn without convert the range to a shared one.

No, this is expressly forbidden.  The backing store for a private gfn must not
be accessible by userspace.  It's possible a backing store could support both, 
but
not concurrently, and any conversion must be done without KVM being involved.
In other words, resolving a private gfn must either succeed or fail (exit to
userspace), KVM cannot initiate any conversions.

> pfn = __gfn_to_pfn_memslot(slot, fault->gfn, ...)
>       |->addr = __gfn_to_hva_many (slot, gfn,...)
>       |  pfn = hva_to_pfn (addr,...)
> 
> 
> So, is it possible to recognize such kind of backends in KVM, and to get
> the pfn in traditional way without converting them to shared?
> e.g.
> - specify KVM_MEM_PRIVATE_NONPROTECT to memory regions with such kind
> of backends, or
> - detect the fd type and check if get_pfn is provided. if no, go the
>   traditional way.

No, because the whole point of this is to make guest private memory inaccessible
to host userspace.  Or did I misinterpret your questions?

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Yan Zhao, 2022/01/03
- Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Chao Peng, 2022/01/04
  - Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Yan Zhao, 2022/01/04
    - Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Chao Peng, 2022/01/05
    - Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Yan Zhao, 2022/01/05
    - Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Sean Christopherson <=
    - Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory, Yan Zhao, 2022/01/14

Prev by Date: [PATCH v2 5/7] target/ppc: Add MSR_ILE support to ppc_interrupts_little_endian
Next by Date: [PATCH] docs/can: convert to restructuredText
Previous by thread: Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory
Next by thread: Re: [PATCH v3 kvm/queue 14/16] KVM: Handle page fault for private memory
Index(es):
- Date
- Thread