qemu/include
David Hildenbrand 23ad8dec8d virtio-mem: Support VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE
With VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE, we signal the VM that reading
unplugged memory is not supported. We have to fail feature negotiation
in case the guest does not support VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE.

First, VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE is required to properly handle
memory backends (or architectures) without support for the shared zeropage
in the hypervisor cleanly. Without the shared zeropage, even reading an
unpopulated virtual memory location can populate real memory and
consequently consume memory in the hypervisor. We have a guaranteed shared
zeropage only on MAP_PRIVATE anonymous memory.

Second, we want VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE to be the default
long-term as even populating the shared zeropage can be problematic: for
example, without THP support (possible) or without support for the shared
huge zeropage with THP (unlikely), the PTE page tables to hold the shared
zeropage entries can consume quite some memory that cannot be reclaimed
easily.

Third, there are other optimizations+features (e.g., protection of
unplugged memory, reducing the total memory slot size and bitmap sizes)
that will require VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE.

We really only support x86 targets with virtio-mem for now (and
Linux similarly only support x86), but that might change soon, so prepare
for different targets already.

Add a new "unplugged-inaccessible" tristate property for x86 targets:
- "off" will keep VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE unset and legacy
  guests working.
- "on" will set VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE and stop legacy guests
  from using the device.
- "auto" selects the default based on support for the shared zeropage.

Warn in case the property is set to "off" and we don't have support for the
shared zeropage.

For existing compat machines, the property will default to "off", to
not change the behavior but eventually warn about a problematic setup.
Short-term, we'll set the property default to "auto" for new QEMU machines.
Mid-term, we'll set the property default to "on" for new QEMU machines.
Long-term, we'll deprecate the parameter and disallow legacy
guests completely.

The property has to match on the migration source and destination. "auto"
will result in the same VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE setting as long
as the qemu command line (esp. memdev) match -- so "auto" is good enough
for migration purposes and the parameter doesn't have to be migrated
explicitly.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20211217134039.29670-3-david@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-01-07 19:30:13 -05:00
..
authz Prefer 'on' | 'off' over 'yes' | 'no' for bool options 2021-01-29 17:07:53 +00:00
block blockjob: drop BlockJob.blk field 2021-12-28 15:18:59 +01:00
chardev ui/dbus: add chardev backend & interface 2021-12-21 10:50:22 +04:00
crypto crypto: Make QCryptoTLSCreds* structures private 2021-06-29 18:30:24 +01:00
disas disas/nios2: Simplify endianess conversion 2021-10-22 18:07:30 +02:00
exec cpu: remove unnecessary #ifdef CONFIG_TCG 2021-12-18 10:57:36 +01:00
fpu softfloat: Add float64r32 arithmetic routines 2021-12-17 17:57:15 +01:00
hw virtio-mem: Support VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE 2022-01-07 19:30:13 -05:00
io io: add qio_channel_readv_full_all_eof & qio_channel_readv_full_all helpers 2021-02-10 09:23:28 +00:00
libdecnumber libdecnumber: Introduce decNumberIntegralToInt128 2021-11-09 10:32:52 +11:00
migration Fixed a QEMU hang when guest poweroff in COLO mode 2021-12-15 10:31:42 +01:00
monitor monitor: introduce HumanReadableText and HMP support 2021-11-02 15:55:13 +00:00
net virtio-net: add support for configure interrupt 2022-01-07 05:19:55 -05:00
qapi monitor: introduce HumanReadableText and HMP support 2021-11-02 15:55:13 +00:00
qemu util/oslib-posix: Support MADV_POPULATE_WRITE for os_mem_prealloc() 2022-01-07 05:19:55 -05:00
qom monitor: Fix find_device_state() for IDs containing slashes 2021-11-10 06:14:51 +01:00
scsi scsi: inline sg_io_sense_from_errno() into the callers. 2021-03-06 11:42:56 +01:00
semihosting semihosting: Move include/hw/semihosting/ -> include/semihosting/ 2021-03-10 15:34:12 +00:00
standard-headers linux-headers: sync VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE 2022-01-07 19:30:13 -05:00
sysemu sysemu: Cleanup qemu_run_machine_init_done_notifiers() 2022-01-04 15:31:33 -08:00
tcg Initial conversion of HMP debugging commands to QMP 2021-11-03 08:04:32 -04:00
ui ui/dbus: add p2p=on/off option 2021-12-21 10:50:22 +04:00
user common-user: Move safe-syscall.* from linux-user 2021-12-20 10:12:24 -08:00
elf.h elf: Add machine type value for LoongArch 2021-12-21 13:17:06 -08:00
glib-compat.h glib-compat: Introduce g_memdup2() wrapper 2021-12-17 11:54:07 +01:00
qemu-common.h qemu-common.h: Update copyright string to 2021 2021-03-09 22:19:24 +01:00
qemu-io.h
trace-tcg.h