From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BBF6DC83F1B for ; Mon, 14 Jul 2025 07:43:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 15FA46B007B; Mon, 14 Jul 2025 03:43:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1110B6B0089; Mon, 14 Jul 2025 03:43:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F41CE6B008A; Mon, 14 Jul 2025 03:43:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id E16976B007B for ; Mon, 14 Jul 2025 03:43:49 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 2FA971602D4 for ; Mon, 14 Jul 2025 07:43:49 +0000 (UTC) X-FDA: 83662080978.24.FF14AC3 Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) by imf25.hostedemail.com (Postfix) with ESMTP id 5EBE0A0007 for ; Mon, 14 Jul 2025 07:43:47 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=khfNo2P+; spf=pass (imf25.hostedemail.com: domain of tabba@google.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=tabba@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752479027; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=c3n8ur35WlJXxN48wV7a1ksueuqBtEVY/pvsx7vZS2c=; b=Xu9Wboqv6DGj1tQ5N6BS4jjL3Icrd9Wp5EJIn/2h9E+J5CFM3NlFzy9OZeo2S6ZE3lmiIT hYOqQn4btpRHfzqwXyj9DKmeAByjcL7UkvV6NHqXAhwTipttqY7oRlZIX5WeEizbxN0g9I hvlhu9bQBdSYoQwFOT3f7rRCR5Rfvj4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752479027; a=rsa-sha256; cv=none; b=QGlU0vFh5uJO6IFqIMAvb2/gaS4vy3r2eZqxzEF6rB/DjKzptpPH/jVhy28SocX3PUsJBg 1hSpBWZalB8P7LmnbsZ4AQr8tXtn/B+uN/F2zKxPeJqXYyPW6BG8PyFBQVbGx1cWWYhRwH /+f8pvqqZ6du0HPqP8ZThsu+IpDcrnw= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=khfNo2P+; spf=pass (imf25.hostedemail.com: domain of tabba@google.com designates 209.85.160.175 as permitted sender) smtp.mailfrom=tabba@google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-4ab3855fca3so612681cf.1 for ; Mon, 14 Jul 2025 00:43:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1752479026; x=1753083826; darn=kvack.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=c3n8ur35WlJXxN48wV7a1ksueuqBtEVY/pvsx7vZS2c=; b=khfNo2P+Hflx/Lqw2daYy1MbLvNkHfaM0fnSJYjEi2hefDIHhKA1hXFaaq0RBx57np O6q1wdyBXhzMAQwXKkd4Nbn3VsoltlSjlnCnMZuz2042j7d4b00LrYKTp4v39CRJVa1K eoqHIUDiZg1eWy7yoHC23VryShgb+Se1ZeROhFrSyj5QTRKvP7crSgRqXXZ5PaEfHWhI mPRh8Bbb3yKO54Crgt71fuby4JBJu0UdTeqsOZB5XVQzuDaOXyprZ2HpOyzDELs4zWUm nr1MNks4JAKoSxVD8AthCtrdB8NiyAaWl03TxYGVVv7t6aibGx/Alynf6UfV4XZvIeGS v14g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752479026; x=1753083826; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=c3n8ur35WlJXxN48wV7a1ksueuqBtEVY/pvsx7vZS2c=; b=OZJi/koCCCuiTVVTZa87JSQnJJNbf6wBUoKvlGMFJnAX0i3dlC+v/0VHvqBg8mMwAv ldPKapF3VNuPgB4Dtvy/CWkEw6/5KoRtOvZpBnI99WqLjt34VhEDySzoivy6VBEwax+2 zUNBfiElQHQrQLmGwLrW3HylmR0Mcusv6fcVKqu6BUjvDX6bpJM2dFhlKLCJMKEnzTX9 g2PWc8tgDwZjMqae7yXXurknnAVUFIXQxfrrDGlaLKp/IF3jiJssPIj2J88yWuCO3PWu Vdsy85/htxei65MuS5dH2GlE7RILANWqVMQ8Hnxhwo9XBGb7OlhbWMsYBuneR7TRuRby L35g== X-Forwarded-Encrypted: i=1; AJvYcCWi7S24L270BxITKXSmrphyOu/rGQK2Z2JOjQYTUjrB52sxGYqIZq8hWzTht+WegbgCXMoXAW3W2A==@kvack.org X-Gm-Message-State: AOJu0Yww9ImHq09ldohXsmYOJlS02LkOpogOTn1BCuw4mwtxe7Uskd8j +zm1wKYb6FAWzsGTXDKo0dmdpIhcnPO0H8+xX13K/rK8ewgm9se3xB3Qyqhf7wdCKQ10/NXEEPR tU4Nyqsp6YvnuCGw1O5hMQRiz3vvK+xU30/XzEuDO X-Gm-Gg: ASbGncsm3//6Pj/Tq1q5Ytnl4YrlqdDklnhhhqc0yO8L+sqb2r+GlbiBobJcOjuFQyx Af+SqhcaU7gh+lzwe2LuAw3E6pBp9CqZSLrLyder92NaPqTYqVobqAPtC7/h7UIWYil7zp7IeGg WqBIAlbfQ/bpTVuIrTuWfWEgL2picLe1N54CTW9DqoRmSWwvIZqat9TQCTQekSKADMjHCeVMDIO sz2T38= X-Google-Smtp-Source: AGHT+IHZIX9RI0TnyvMf+ARf3WYRNyQhLo11e35YR15synL7j0UDgLvWSoCAnl1yZlle4Zkk5jSk1V0g6QRxltnOhdE= X-Received: by 2002:ac8:7fc6:0:b0:48d:8f6e:ece7 with SMTP id d75a77b69052e-4ab544362a6mr4595061cf.3.1752479023731; Mon, 14 Jul 2025 00:43:43 -0700 (PDT) MIME-Version: 1.0 References: <20250709105946.4009897-1-tabba@google.com> <20250709105946.4009897-17-tabba@google.com> <865xfyadjv.wl-maz@kernel.org> In-Reply-To: <865xfyadjv.wl-maz@kernel.org> From: Fuad Tabba Date: Mon, 14 Jul 2025 08:42:00 +0100 X-Gm-Features: Ac12FXyjoYpzT_P-oaUrzRgkOcTbxS1Ta0rucFG3EteXkZMxtRhRlP_YmBV37o0 Message-ID: Subject: Re: [PATCH v13 16/20] KVM: arm64: Handle guest_memfd-backed guest page faults To: Marc Zyngier Cc: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev, pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 5EBE0A0007 X-Rspam-User: X-Rspamd-Server: rspam09 X-Stat-Signature: 95i6aaiiwsr91fxzptknweeojbgqtspn X-HE-Tag: 1752479027-30901 X-HE-Meta: U2FsdGVkX18QFDhwpEHpL7UL/QOrWNTGokdB2Yp4gG5pbNazlLByL1M2L09MKwx9pmaeyuPAHUbQUBemrkLX4mq79IqbvXz/qkcekRv5HWJOC+O7oLmVhwkZHUuDnp+dOfd1iMSpSa5411zJ0Rkjrw2FPKOqwnz9kvmE5OkovQrsxWWs06fDooMC2e1Z3oevufh39Z9zRI6bbu3DlI1WVb3S9NqVkf9L99ExrGYeX1mz3AW9J9vFZOgBbfWPFounocTEDfi5jBshWVRR/ByJLAE52WvLVRGtfO1lvxXX4+2kfIRhTmmi1omU3+lO8A7KMNkmwHkSuxOsjd8q1aS3lOQAiDLxDOy+iMZuWspN8g+rAq2thqb9eLNW4CMcGgfzUcHU5IVHaQkboGHpdKfGC6jCO6xd+Aw+Om9YM/RcrLSDfm9MAkPDeHfC1E4WyhnCma7pnmWysSkvjjybT/LKQxLQviAJ8hMivTKH1bqxi4R/xjyLf9GxyWR0ENFDL6emXCcj0xZXIbyV1MQPJFLgSyokqc/ZNbbuGqTiQW50OI9t5fqFSDdBslHTKXnRxtG7B6Ih+DPIMPcnEEcPM/zJ1gewTvczzhcTKIRCbSVVoQbjWgCNfVCNVdZOQbXIbhwXfbL5bsUtbskSxqeX9quqgwDSp/7AG5QGzpqOjYhdybijj6pna6Q6Q7IWPRfzhzlgjILmMJaJFPmSdUrwMmdMt/ldmGnS9a5Fvq/CkzHuS2PU328Vr4/caF5psw+5IzSoMkqPG9B8Gw1UCb3YQom7K38PZhBaq4sGIG6e0fNHgaNPmRexBJweD21uS55VCP7UTAwwbdgdw1bWuwz+vWRN+t+Lj4Hha+DXeER6BcGq4Gp5atfUcqJuwVYaGWHsJiOA3A3DeBnHqKrAoSQoW6V7YhhAPL1766YPs/XHA1eevUEnWZhWrvi/7YzO4AxWo1s9pI9NRrRP+gJpYtGpqez 3DZZM/Av GpmwB6tlQQUCxv+w/WZ2zIXI/j3TekmqG31GEVGFZgG0Bp+H4TThRvUcQzyQQQemU1vn/64TUGAzeYDl4U1knLif85Ho9LM/8KdgM414h8Xz/7aoxKd0ei7dCe3Khx8k74JoL0cmcZxhlogDoxZfVoKVe2JnkT5ENJXzj9eB18S7MxOB30zUygY4bhQpgDWoumszofte7gaFs/ZeoliuiDFQfAo5EiIvynz8xC9rEUTTxhALpBszn+BW7XuqARvtCN9Sokxy9ba8GqQcsIAfjCNFAp1di/JTnDokVE1j2ZhqaxBZnPs9sjdu+scbmiYOCaoY3cIzxviAbMzGLU8dG7JL1+e5TY6h2nKuibsokFbB2ipoZkGHAfJZ3cZS6G9osmk/9 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi Marc, On Fri, 11 Jul 2025 at 17:38, Marc Zyngier wrote: > > On Wed, 09 Jul 2025 11:59:42 +0100, > Fuad Tabba wrote: > > > > Add arm64 architecture support for handling guest page faults on memory > > slots backed by guest_memfd. > > > > This change introduces a new function, gmem_abort(), which encapsulates > > the fault handling logic specific to guest_memfd-backed memory. The > > kvm_handle_guest_abort() entry point is updated to dispatch to > > gmem_abort() when a fault occurs on a guest_memfd-backed memory slot (as > > determined by kvm_slot_has_gmem()). > > > > Until guest_memfd gains support for huge pages, the fault granule for > > these memory regions is restricted to PAGE_SIZE. > > > > Reviewed-by: Gavin Shan > > Reviewed-by: James Houghton > > Signed-off-by: Fuad Tabba > > --- > > arch/arm64/kvm/mmu.c | 82 ++++++++++++++++++++++++++++++++++++++++++-- > > 1 file changed, 79 insertions(+), 3 deletions(-) > > > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > > index 58662e0ef13e..71f8b53683e7 100644 > > --- a/arch/arm64/kvm/mmu.c > > +++ b/arch/arm64/kvm/mmu.c > > @@ -1512,6 +1512,78 @@ static void adjust_nested_fault_perms(struct kvm_s2_trans *nested, > > *prot |= kvm_encode_nested_level(nested); > > } > > > > +#define KVM_PGTABLE_WALK_MEMABORT_FLAGS (KVM_PGTABLE_WALK_HANDLE_FAULT | KVM_PGTABLE_WALK_SHARED) > > + > > +static int gmem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, > > + struct kvm_s2_trans *nested, > > + struct kvm_memory_slot *memslot, bool is_perm) > > +{ > > + bool write_fault, exec_fault, writable; > > + enum kvm_pgtable_walk_flags flags = KVM_PGTABLE_WALK_MEMABORT_FLAGS; > > + enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R; > > + struct kvm_pgtable *pgt = vcpu->arch.hw_mmu->pgt; > > + struct page *page; > > + struct kvm *kvm = vcpu->kvm; > > + void *memcache; > > + kvm_pfn_t pfn; > > + gfn_t gfn; > > + int ret; > > + > > + ret = prepare_mmu_memcache(vcpu, true, &memcache); > > + if (ret) > > + return ret; > > + > > + if (nested) > > + gfn = kvm_s2_trans_output(nested) >> PAGE_SHIFT; > > + else > > + gfn = fault_ipa >> PAGE_SHIFT; > > + > > + write_fault = kvm_is_write_fault(vcpu); > > + exec_fault = kvm_vcpu_trap_is_exec_fault(vcpu); > > + > > + if (write_fault && exec_fault) { > > + kvm_err("Simultaneous write and execution fault\n"); > > + return -EFAULT; > > + } > > I don't think we need to cargo-cult this stuff. This cannot happen > architecturally (data and instruction aborts are two different > exceptions, so you can't have both at the same time), and is only > there because we were young and foolish when we wrote this crap. > > Now that we (the royal We) are only foolish, we can save a few bits by > dropping it. Or turn it into a VM_BUG_ON() if you really want to keep > it. Will do, but if you agree, I'll go with a VM_WARN_ON_ONCE() since VM_BUG_ON is going away [1][2] [1] https://lore.kernel.org/all/b247be59-c76e-4eb8-8a6a-f0129e330b11@redhat.com/ [2] https://lore.kernel.org/all/20250604140544.688711-1-david@redhat.com/T/#u > > + > > + if (is_perm && !write_fault && !exec_fault) { > > + kvm_err("Unexpected L2 read permission error\n"); > > + return -EFAULT; > > + } > > Again, this is copying something that was always a bit crap: > > - it's not an "error", it's a permission fault > - it's not "L2", it's "stage-2" > > But this should equally be turned into an assertion, ideally in a > single spot. See below for the usual untested hack. Will do, but like above, with VM_WARN_ON_ONCE() if you agree. Thanks! /fuad > Thanks, > > M. > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > index b92ce4d9b4e01..c79dc8fd45d5a 100644 > --- a/arch/arm64/kvm/mmu.c > +++ b/arch/arm64/kvm/mmu.c > @@ -1540,16 +1540,7 @@ static int gmem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, > > write_fault = kvm_is_write_fault(vcpu); > exec_fault = kvm_vcpu_trap_is_exec_fault(vcpu); > - > - if (write_fault && exec_fault) { > - kvm_err("Simultaneous write and execution fault\n"); > - return -EFAULT; > - } > - > - if (is_perm && !write_fault && !exec_fault) { > - kvm_err("Unexpected L2 read permission error\n"); > - return -EFAULT; > - } > + VM_BUG_ON(write_fault && exec_fault); > > ret = kvm_gmem_get_pfn(kvm, memslot, gfn, &pfn, &page, NULL); > if (ret) { > @@ -1616,11 +1607,6 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, > exec_fault = kvm_vcpu_trap_is_exec_fault(vcpu); > VM_BUG_ON(write_fault && exec_fault); > > - if (fault_is_perm && !write_fault && !exec_fault) { > - kvm_err("Unexpected L2 read permission error\n"); > - return -EFAULT; > - } > - > /* > * Permission faults just need to update the existing leaf entry, > * and so normally don't require allocations from the memcache. The > @@ -2035,6 +2021,9 @@ int kvm_handle_guest_abort(struct kvm_vcpu *vcpu) > goto out_unlock; > } > > + VM_BUG_ON(kvm_vcpu_trap_is_permission_fault(vcpu) && > + !write_fault && !kvm_vcpu_trap_is_exec_fault(vcpu)); > + > if (kvm_slot_has_gmem(memslot)) > ret = gmem_abort(vcpu, fault_ipa, nested, memslot, > esr_fsc_is_permission_fault(esr)); > > -- > Without deviation from the norm, progress is not possible.