Hi, On Thu, Jun 11, 2026 at 01:05:07PM +0000, Shivank Garg wrote: > guest_memfd folios are currently marked unmovable, so the kernel cannot > perform NUMA-balancing, memory compaction, etc. This is unavoidable for > confidential VMs (SEV-SNP, TDX), since memory is encrypted and copying it > needs firmware assistance. However, for non-confidential VMs (like > Firecracker), we can migrate the folios. > > This series enables folio migration for non-confidential guest_memfd and > also lays the groundwork for migrating confidential guest_memfd later. > Once firmware-assisted copying support is available, those VMs can be > made movable, the confidential folio content can be copied separately, > and the destination folio marked with FOLIO_CONTENT_COPIED so > __migrate_folio() skips the host-side folio_mc_copy().
I always thought that one of the nice things about using guest_memfd as a memory backend, as opposed to host userspace mappings, is that the host cannot unmap VM memory because of KSM, automatic NUMA balancing, hugepage collapse, compaction, etc, acting on the host userspace mapping of the VM memory, and outside of the VMM's or KVM's control. I think it would be useful to preserve this behaviour, even in the absence of confidential VMs (i.e, guest_memfd file descriptor created with GUEST_MEMFD_FLAG_MMAP). Thanks, Alex > > Testing > ------- > Host: 7.1-rc7 + this, 2 NUMA nodes > > - KVM selftest: allocate folios on node 0, migrate them to node 1 and > back and verify resulting NUMA node and the folio contents at each > step. > > - Firecracker [1]: booted a microVM backed by guest_memfd. While the > guest was running, forced host-side migration of its folios via > migratepages(8) and explicit move_pages(2) of guest_memfd > pages. Verify with /proc/firecracker_pid/numa_maps. > > [1] > https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hiding > and change builder.rs to remove GUEST_MEMFD_FLAG_NO_DIRECT_MAP from > vm.create_guest_memfd() > > Best regards, > Shivank > > Signed-off-by: Shivank Garg <[email protected]> > --- > Shivank Garg (3): > mm: split AS_UNMOVABLE back out of AS_INACCESSIBLE > KVM: guest_memfd: support folio migration for non-confidential VMs > KVM: selftests: exercise guest_memfd folio migration > > include/linux/pagemap.h | 24 ++++++-- > mm/compaction.c | 12 ++-- > mm/migrate.c | 2 +- > tools/testing/selftests/kvm/guest_memfd_test.c | 77 > ++++++++++++++++++++++++++ > virt/kvm/guest_memfd.c | 49 ++++++++++++++-- > 5 files changed, 149 insertions(+), 15 deletions(-) > --- > base-commit: 4549871118cf616eecdd2d939f78e3b9e1dddc48 > change-id: 20260611-shivank-gmem-migrate-8c1c519b30a6 > > Best regards, > -- > Shivank Garg <[email protected]> > >
