From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5676BC3DA7A
	for <linux-mm@archiver.kernel.org>; Fri,  6 Jan 2023 04:18:41 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 86C408E0002; Thu,  5 Jan 2023 23:18:40 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 7F4BF8E0001; Thu,  5 Jan 2023 23:18:40 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 695018E0002; Thu,  5 Jan 2023 23:18:40 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 5777A8E0001
	for <linux-mm@kvack.org>; Thu,  5 Jan 2023 23:18:40 -0500 (EST)
Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 5C2E540335
	for <linux-mm@kvack.org>; Fri,  6 Jan 2023 04:18:14 +0000 (UTC)
X-FDA: 80323066908.01.735A511
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
	by imf27.hostedemail.com (Postfix) with ESMTP id AF7DD4000A
	for <linux-mm@kvack.org>; Fri,  6 Jan 2023 04:18:11 +0000 (UTC)
Authentication-Results: imf27.hostedemail.com;
	dkim=pass header.d=intel.com header.s=Intel header.b=XYXna18O;
	dmarc=pass (policy=none) header.from=intel.com;
	spf=none (imf27.hostedemail.com: domain of chao.p.peng@linux.intel.com has no SPF policy when checking 134.134.136.24) smtp.mailfrom=chao.p.peng@linux.intel.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1672978692;
	h=from:from:sender:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=5f7X1SR/U5AkmlJrgL1OZEZWdBpogMAF6f4E1KggfVE=;
	b=5FMsaktNg04YXD5wHvAiEdym1k6jnpN57OKsUJO30+kBtmsPa7skwyTgefKD/nMpsPC0cn
	+kcHU2wQjUOUA/tWAKUgXpzBgZv5Db+mY1eKt1lFLUM4eq85JVBBwkGtOkMkshNysr8IsW
	R6/gJ9vplZmKZckOTVIlIsqzSGODWY0=
ARC-Authentication-Results: i=1;
	imf27.hostedemail.com;
	dkim=pass header.d=intel.com header.s=Intel header.b=XYXna18O;
	dmarc=pass (policy=none) header.from=intel.com;
	spf=none (imf27.hostedemail.com: domain of chao.p.peng@linux.intel.com has no SPF policy when checking 134.134.136.24) smtp.mailfrom=chao.p.peng@linux.intel.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1672978692; a=rsa-sha256;
	cv=none;
	b=zG9ecR7sf6ZVrkFTpfb6Cqs57JcjEeSOJtWypG4ue4G+zwgNPpHRKRid1ZYmoM5becLyDK
	/SBUjBvhXHdzdhoITlx5M20Qa2JdTysii2/1dhbwJHYaXebxqS+uuwePf6LzYHw5nwQ3xA
	RPWS8VGIIEBcvZHdUKUhGLi3331cNDM=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1672978691; x=1704514691;
  h=date:from:to:cc:subject:message-id:reply-to:references:
   mime-version:in-reply-to;
  bh=EJ99zGke5SZh6gZ65kHYJO251QjbQMEaDGPaMs8wAzE=;
  b=XYXna18OBbvJ9ao33ecTUggcVZekpLJRZMpXSyaQCpU4yJraLlA6CcBw
   ExaRfvTPU4nQYmP5JhquUM5I8olhbb/BkUu1EpRid/JVvhO0G1DWPaGOW
   1zuAUet6oefvykPqG52YEsOgSzQ1bIZrw6Oqs6fFzUhMRFScOqta0NevM
   dUd5WZxDG74GWugouRXkmMVN7bX1g1NwfF47lGVscNIFNfcvLrJLeYP7e
   V26piZ9QtkT6DyQqtPVj3VhqA+jir/Xr9NchKDUCa8d7hd8pGwj+CoKV5
   SJpEWlxVW6p63f388EWWLJr0UqSTR3rQvfObpOduzfVo2PsnqlKTcleQM
   g==;
X-IronPort-AV: E=McAfee;i="6500,9779,10581"; a="323651255"
X-IronPort-AV: E=Sophos;i="5.96,304,1665471600"; 
   d="scan'208";a="323651255"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jan 2023 20:18:09 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6500,9779,10581"; a="744504828"
X-IronPort-AV: E=Sophos;i="5.96,304,1665471600"; 
   d="scan'208";a="744504828"
Received: from chaop.bj.intel.com (HELO localhost) ([10.240.193.75])
  by FMSMGA003.fm.intel.com with ESMTP; 05 Jan 2023 20:17:58 -0800
Date: Fri, 6 Jan 2023 12:13:46 +0800
From: Chao Peng <chao.p.peng@linux.intel.com>
To: Vishal Annapurve <vannapurve@google.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org,
	linux-api@vger.kernel.org, linux-doc@vger.kernel.org,
	qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
	Jonathan Corbet <corbet@lwn.net>,
	Sean Christopherson <seanjc@google.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Arnd Bergmann <arnd@arndb.de>,
	Naoya Horiguchi <naoya.horiguchi@nec.com>,
	Miaohe Lin <linmiaohe@huawei.com>, x86@kernel.org,
	"H . Peter Anvin" <hpa@zytor.com>, Hugh Dickins <hughd@google.com>,
	Jeff Layton <jlayton@kernel.org>,
	"J . Bruce Fields" <bfields@fieldses.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Shuah Khan <shuah@kernel.org>, Mike Rapoport <rppt@kernel.org>,
	Steven Price <steven.price@arm.com>,
	"Maciej S . Szmigiero" <mail@maciej.szmigiero.name>,
	Vlastimil Babka <vbabka@suse.cz>,
	Yu Zhang <yu.c.zhang@linux.intel.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com,
	ak@linux.intel.com, david@redhat.com, aarcange@redhat.com,
	ddutile@redhat.com, dhildenb@redhat.com,
	Quentin Perret <qperret@google.com>, tabba@google.com,
	Michael Roth <michael.roth@amd.com>, mhocko@suse.com,
	wei.w.wang@intel.com
Subject: Re: [PATCH v10 9/9] KVM: Enable and expose KVM_MEM_PRIVATE
Message-ID: <20230106041346.GA2288017@chaop.bj.intel.com>
Reply-To: Chao Peng <chao.p.peng@linux.intel.com>
References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com>
 <20221202061347.1070246-10-chao.p.peng@linux.intel.com>
 <CAGtprH_pbSo1HeEFUEB6ZZxm-=NEw+nLZ6ZVvr76=9BeX=AHPA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAGtprH_pbSo1HeEFUEB6ZZxm-=NEw+nLZ6ZVvr76=9BeX=AHPA@mail.gmail.com>
X-Rspamd-Queue-Id: AF7DD4000A
X-Rspamd-Server: rspam09
X-Rspam-User: 
X-Stat-Signature: i15641fjeqn5o1kircwobih3rk88t7n1
X-HE-Tag: 1672978691-362386
X-HE-Meta: U2FsdGVkX191c6HSsiccXnCSvSlYug9z0KB7VHGicgSCyUtsJPaCZ382d5A3a0Hsh+t/Xl1yRGC6XenRQFIRIIaa3xAB+TaCJuoCI+6mAPu6/ICHGDNxyXRbIy4LuONNMUIm/Jt9iRe6ZqZ15mlFGROQ8safXT4KFMVXpF/8HNiLAzlqn8gXZ1rtXtcrZitKtV7tT6WHATtDD1c7kUowioUAtrrXFReHeufHojJEZy2r1ShiacDr+6zVeeWV9u6EQcJSSwBZVlNcPMZR1xWB4Rg+X7VA+ItmpWmw/6CrBy+9GE9upyFg64l4H1P3EBpWSQzIw7f1u/okjr/tA2iyBaP34Zmh4Y4ZLJdX9jsEBl0BLxDhVnEMn7QpcFHrN9Z9fY+FXcK03752gB9EMcIdhn2cLZ8UhIRkCbgJODkjTlLuKfF6LSFhgAPTHX6sCvAujV1mxT2uR09Xlkc3E5lE/cLZstYGdR2NOR4xSyBBL/5+7GJlWYRjJvV3g/4UxR0T+gLxtah6ejW3URVwt7O+I+T9oqyM6ofRG4epVjwG9oRJpqRunpThhj7R1OfmRTPevbBUMSiMNOVDtPFovKDzQOPEL9nHx0GMeYGU5NTyNW4xNDIB3Y/PvpbPUjn0lx0jCTVY+gJqMfy/90m8eVhWO6+b3FqodP9SRnyWHpBkdkSq6aJFxqO5NRpI1T7VuMwoE3R/wU48iFgODAnlVikMt3gDY6XFtxogoNuj9ManSjY2Fwl8b97ZxJBCBOBwXKvdTFHjeANf/A9SG59OXBW9CKwp3/eS6Eace01+kE8T5wvJ9w2d6kuirDta0xC6ZqVcn3JkEIJlXJMzlbMVhH78I5Bg5+hz4/VQ2gU2s88nlCSxw5YcD6Qd+lBkeRJM4tluo+kvmvVaP0HnW0ABP0Xnn8ceDY1lyd+M0PBj7rZeaR2b+eMB2kQOb4y5Xeu5f8N9r2fe2aRlM/VXlw5jNu4
 HTnFWxuY
 PDF48Lzl7fCynUncuqRxz5IW0aQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Jan 05, 2023 at 12:38:30PM -0800, Vishal Annapurve wrote:
> On Thu, Dec 1, 2022 at 10:20 PM Chao Peng <chao.p.peng@linux.intel.com> wrote:
> >
> > +#ifdef CONFIG_HAVE_KVM_RESTRICTED_MEM
> > +static bool restrictedmem_range_is_valid(struct kvm_memory_slot *slot,
> > +                                        pgoff_t start, pgoff_t end,
> > +                                        gfn_t *gfn_start, gfn_t *gfn_end)
> > +{
> > +       unsigned long base_pgoff = slot->restricted_offset >> PAGE_SHIFT;
> > +
> > +       if (start > base_pgoff)
> > +               *gfn_start = slot->base_gfn + start - base_pgoff;
> 
> There should be a check for overflow here in case start is a very big
> value. Additional check can look like:
> if (start >= base_pgoff + slot->npages)
>        return false;
> 
> > +       else
> > +               *gfn_start = slot->base_gfn;
> > +
> > +       if (end < base_pgoff + slot->npages)
> > +               *gfn_end = slot->base_gfn + end - base_pgoff;
> 
> If "end" is smaller than base_pgoff, this can cause overflow and
> return the range as valid. There should be additional check:
> if (end < base_pgoff)
>          return false;

Thanks! Both are good catches. The improved code:

static bool restrictedmem_range_is_valid(struct kvm_memory_slot *slot,
					 pgoff_t start, pgoff_t end,
					 gfn_t *gfn_start, gfn_t *gfn_end)
{
	unsigned long base_pgoff = slot->restricted_offset >> PAGE_SHIFT;

	if (start >= base_pgoff + slot->npages)
		return false;
	else if (start <= base_pgoff)
		*gfn_start = slot->base_gfn;
	else
		*gfn_start = start - base_pgoff + slot->base_gfn;

	if (end <= base_pgoff)
		return false;
	else if (end >= base_pgoff + slot->npages)
		*gfn_end = slot->base_gfn + slot->npages;
	else
		*gfn_end = end - base_pgoff + slot->base_gfn;

	if (*gfn_start >= *gfn_end)
		return false;

	return true;
}

Thanks,
Chao
> 
> 
> > +       else
> > +               *gfn_end = slot->base_gfn + slot->npages;
> > +
> > +       if (*gfn_start >= *gfn_end)
> > +               return false;
> > +
> > +       return true;
> > +}
> > +