From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4E4ACC433EF for ; Tue, 23 Nov 2021 08:55:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B0E7A6B0073; Tue, 23 Nov 2021 03:55:15 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A97F36B0074; Tue, 23 Nov 2021 03:55:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9380B6B0075; Tue, 23 Nov 2021 03:55:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0003.hostedemail.com [216.40.44.3]) by kanga.kvack.org (Postfix) with ESMTP id 7E54C6B0073 for ; Tue, 23 Nov 2021 03:55:15 -0500 (EST) Received: from smtpin07.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay01.hostedemail.com (Postfix) with ESMTP id 3FDB6180FF4DC for ; Tue, 23 Nov 2021 08:55:05 +0000 (UTC) X-FDA: 78839585328.07.EE145C6 Received: from mail-wr1-f50.google.com (mail-wr1-f50.google.com [209.85.221.50]) by imf08.hostedemail.com (Postfix) with ESMTP id E78F73000249 for ; Tue, 23 Nov 2021 08:55:00 +0000 (UTC) Received: by mail-wr1-f50.google.com with SMTP id i5so37684281wrb.2 for ; Tue, 23 Nov 2021 00:55:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=sender:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=BqjTDota6qXyAvZTc5GkJOlaJlVWffG7A+eb5cGOB4I=; b=hFdqHn9RNEZSqmlr5iDLMvf0Vh/+AoriBzrucJDGFvvIJzpz2aAWz7zCwMcTOr+R34 6j7hJ9fO5kHUgK7EB0/daaP7kC1zOgykiLKdxfc87gJDPQoyALSWcczHDm9U0BSYJokp AYs2XlP5glYCiNr0o9z00QBu/ifYKPDURHskwgpc+6Gn6RND+kHujM/yXBMtesmOY/qw xD+0iG3/gZa85Jdlli0QkI8k/btW15XtTW9xX1W3cJOR27cMXzr4GgO0atHXR5uypfHq HS1mH2y+lrz1qzuP7LB1a47LCmEbc+GawVY+0evta3MLP0+p9x32ab6JPgNFuPo2gcKI 7omA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:sender:message-id:date:mime-version:user-agent :subject:content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=BqjTDota6qXyAvZTc5GkJOlaJlVWffG7A+eb5cGOB4I=; b=NIO9D+j5juJbLhufxBosZMf+12NmzGm14PjgO8ELAzCetChkAA/2HEFZ/kqkrgX3LW 8Z4fZkufU2lWMiTmbUkIUZQ1WidO+DnTSnOgw2Vcf0C1QdGfFxBQcZjemXjGCdWYWyqX k7DA5BMUiu4YEPEZD8JkWbsxJWXBLb6AD3P6lt+1RRRLtTdo8pJ1QYYLyIVgunBLWh+L M54+cuLujwuLNo9h0Z6wsjHkLXqwlfnmt/V6T1xaLk3P7TuWU2nk4fkoyxglOkaMNTes nFOOJng4djqyMmuOazK3ZHrKGMOuQ6Vw7+qw+Ls95xXlBI2HOMOxt78iNBbNg+iDq/0x 4DBA== X-Gm-Message-State: AOAM532cp9X91kjYjU/HGtbMTyOGjFdhCNKK5jLCi5Qk5LThmGze4/v/ EwBPpoSERwkpjLZ1Bqkw01p5OEEyZ1U= X-Google-Smtp-Source: ABdhPJywg45Zdyiao5yHIoV/TWl9Lu4GeLuq7tkwSYZ5N0X3GzMOpvzt3xNpQ/xwFgF2+cvecBOasQ== X-Received: by 2002:adf:d84c:: with SMTP id k12mr5341362wrl.24.1637657703555; Tue, 23 Nov 2021 00:55:03 -0800 (PST) Received: from ?IPV6:2001:b07:add:ec09:c399:bc87:7b6c:fb2a? ([2001:b07:add:ec09:c399:bc87:7b6c:fb2a]) by smtp.googlemail.com with ESMTPSA id n1sm502199wmq.6.2021.11.23.00.54.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 23 Nov 2021 00:55:03 -0800 (PST) Message-ID: <5f6f43a1-bb4c-f498-2aba-4c93ab57fc98@gnu.org> Date: Tue, 23 Nov 2021 09:54:52 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.2.0 Subject: Re: [RFC v2 PATCH 01/13] mm/shmem: Introduce F_SEAL_GUEST Content-Language: en-US To: Chao Peng , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, qemu-devel@nongnu.org Cc: Jonathan Corbet , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, john.ji@intel.com, susie.li@intel.com, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com References: <20211119134739.20218-1-chao.p.peng@linux.intel.com> <20211119134739.20218-2-chao.p.peng@linux.intel.com> From: Paolo Bonzini In-Reply-To: <20211119134739.20218-2-chao.p.peng@linux.intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: E78F73000249 X-Stat-Signature: bc6ogpw9t8rb7kxpee8u86ifsxugs4w1 Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=hFdqHn9R; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gnu.org (policy=none); spf=pass (imf08.hostedemail.com: domain of paolo.bonzini@gmail.com designates 209.85.221.50 as permitted sender) smtp.mailfrom=paolo.bonzini@gmail.com X-HE-Tag: 1637657700-98925 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 11/19/21 14:47, Chao Peng wrote: > +static void guest_invalidate_page(struct inode *inode, > + struct page *page, pgoff_t start, pgoff_t end) > +{ > + struct shmem_inode_info *info = SHMEM_I(inode); > + > + if (!info->guest_ops || !info->guest_ops->invalidate_page_range) > + return; > + > + start = max(start, page->index); > + end = min(end, page->index + thp_nr_pages(page)) - 1; > + > + info->guest_ops->invalidate_page_range(inode, info->guest_owner, > + start, end); > +} The lack of protection makes the API quite awkward to use; the usual way to do this is with refcount_inc_not_zero (aka kvm_get_kvm_safe). Can you use the shmem_inode_info spinlock to protect against this? If register/unregister take the spinlock, the invalidate and fallocate can take a reference under the same spinlock, like this: if (!info->guest_ops) return; spin_lock(&info->lock); ops = info->guest_ops; if (!ops) { spin_unlock(&info->lock); return; } /* Calls kvm_get_kvm_safe. */ r = ops->get_guest_owner(info->guest_owner); spin_unlock(&info->lock); if (r < 0) return; start = max(start, page->index); end = min(end, page->index + thp_nr_pages(page)) - 1; ops->invalidate_page_range(inode, info->guest_owner, start, end); ops->put_guest_owner(info->guest_owner); Considering that you have to take a mutex anyway in patch 13, and that the critical section here is very small, the extra indirect calls are cheaper than walking the vm_list; and it makes the API clearer. Paolo