From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 446BCC3DA41 for ; Tue, 9 Jul 2024 14:48:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D41636B00BA; Tue, 9 Jul 2024 10:48:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CF15B6B00BB; Tue, 9 Jul 2024 10:48:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BB8C86B00BC; Tue, 9 Jul 2024 10:48:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 9D9626B00BA for ; Tue, 9 Jul 2024 10:48:43 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 3228A8191E for ; Tue, 9 Jul 2024 14:48:43 +0000 (UTC) X-FDA: 82320495726.09.AD4BCAA Received: from mail-qv1-f48.google.com (mail-qv1-f48.google.com [209.85.219.48]) by imf02.hostedemail.com (Postfix) with ESMTP id 57C4280028 for ; Tue, 9 Jul 2024 14:48:41 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=crwtNDYF; spf=pass (imf02.hostedemail.com: domain of tabba@google.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=tabba@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1720536506; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mQDI93A4q/1A1DaKZJ+DPuhD646DQrZv7GuiEfk7v3k=; b=8bwjoRCYT1jBaDxe4lIXmjvw39tt8z7pcYySZVLis42Ewmp1MGOS8cRmkBQpLB8ugt01BE eEI/3USkVpYlj+NICYWx/1RwrA13/XK/XIbCsJzeLe/1enabX9ZsDPEAUZLztP5mzu88Oe O29yLPZ5E12dttmVpxjIFMSDMEafwAg= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=crwtNDYF; spf=pass (imf02.hostedemail.com: domain of tabba@google.com designates 209.85.219.48 as permitted sender) smtp.mailfrom=tabba@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1720536506; a=rsa-sha256; cv=none; b=P8vKTo0hlJeO99QZNwbvBHucBCl2ELuX18R5/1raHLUn4Sax4d+YgmojdYUZPYWlJ783P1 9d8OHALFFRRpjlo9cfgvthSfDSh1xpeNwg043ETPnnyeQSnYq5WATmUr5clyLpOU8mHsPf YY2/d3FszVt9Qz5ggDJU0YGGJ9n19bw= Received: by mail-qv1-f48.google.com with SMTP id 6a1803df08f44-6b5dfa44f24so30644246d6.3 for ; Tue, 09 Jul 2024 07:48:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1720536520; x=1721141320; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=mQDI93A4q/1A1DaKZJ+DPuhD646DQrZv7GuiEfk7v3k=; b=crwtNDYFsaHkYQOdqw2VvbPSuqlHSl1jPGT1oA9RARo2Y0FPPO4eF67PIdJoZkVWZU 1lBeAjvS64YyBDUosHpZ2qLNt+jTFB+th+WGjf2ld+e5IQrmzkp9cj+Hw/XuZPKTlzUI E5QCvDuKrcY3wjAP+xkn4XnbM/AgYSwkLoKD8UaAid6WO9xlPdCBn2IH3bJwVs0XAYrs 76Dg0xlGuVX05EjfBDdMySAXVcGtvalZKJIkPO0F5Qrew/ELJKBlQRaKnx5budMO74QV uksm78fgBCf/Y6BdQVnQE3rA2TAXxn5qzDhJ3P14So1gsekLB60cwHVqZyxbu03ZPeoe 1pxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1720536520; x=1721141320; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mQDI93A4q/1A1DaKZJ+DPuhD646DQrZv7GuiEfk7v3k=; b=lfHDXTlZSakQaCs6yXtbpzVYLdR6LZeLTBL81SY2f6JlzZwD5HV+93E855Jj0U3hB5 K2sILyJ/OxZz3v05kagaegXqIeLHwowABWov4oKmqV6XUR61R+r5F1qHAAk+nuIYjwZx JO4H6ALdtEUXC3sFNQ8jaobzmCFRTmEk196qu2OYQuPs0sUnXABOnvQgcfnSV1sEpWQ+ 44XYoh4gcPzC0MdMpZdMKxp5kiGE+u9IPEP0bpsZihImegn5nfgejNAMI6ZvuYP3wfSP iypTUdjdc9TvJsOQ0xnlJOQgBpkL6ppPvocQzJjpzu+cNdnNtnkqJNNMcJYlFqqAqeRb 7MAg== X-Forwarded-Encrypted: i=1; AJvYcCXb//Qyi40RFW7EUFg2nQwpunzti7KoRkIwn5O4X725wZ35Q6P4cBIyG8QFFXR1xohUsjBo4CgVRquNeTNc/3f0k44= X-Gm-Message-State: AOJu0YxSAcSvlgnOjBDPV+n0ZFh0QXmSZPRxZIwNlH7WBTkN+swCLU43 T9gACqUrPIrbhHzrLqLNngiZLaiH1dDwYHaNOtuQp7R1j1yRRVs1npCIu/McEd7YOFWffpwfKfS wXl5AhtnVpdu5oQHaSOqOX8cbBmmXN8MeF2qv X-Google-Smtp-Source: AGHT+IE02rUhlctlVwBDgEtEerF9V3+vIBytw3xbgIsawGzY84TAJlNr5NIYt475Oj+ghyCqvxioMRmzvcQvywUdNvk= X-Received: by 2002:a05:6214:234b:b0:6b5:e852:7273 with SMTP id 6a1803df08f44-6b61bf51da5mr35694586d6.36.1720536520359; Tue, 09 Jul 2024 07:48:40 -0700 (PDT) MIME-Version: 1.0 References: <20240709132041.3625501-1-roypat@amazon.co.uk> <20240709132041.3625501-9-roypat@amazon.co.uk> In-Reply-To: <20240709132041.3625501-9-roypat@amazon.co.uk> From: Fuad Tabba Date: Tue, 9 Jul 2024 15:48:01 +0100 Message-ID: Subject: Re: [RFC PATCH 8/8] kvm: gmem: Allow restricted userspace mappings To: Patrick Roy Cc: seanjc@google.com, pbonzini@redhat.com, akpm@linux-foundation.org, dwmw@amazon.co.uk, rppt@kernel.org, david@redhat.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, willy@infradead.org, graf@amazon.com, derekmn@amazon.com, kalyazin@amazon.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, dmatlack@google.com, chao.p.peng@linux.intel.com, xmarcalx@amazon.co.uk Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: 57C4280028 X-Stat-Signature: pyz6dgt3jjhuuw4due6t8hopgmyufw8f X-HE-Tag: 1720536521-796291 X-HE-Meta: U2FsdGVkX1+WaQVQhDUAGp839FyYo8N/2amMCg6FJ+hbF5Vb6F2e7SL6hqSYlO2VkcpIhRld9x2jFxcR8aYNGXM2b2865U4PgMnAFniKKAhoZV74/t1WVcLnDeezcY8wrTmZOO9WB/NxecnzVGX1wiuPXPrtvCc6h2QDzckoxrixl6HrWpltz2xp2h19HJEizf/hKgOV7EVFZsYrvFEWxBLev+i3gwE4hlGVk2APci9OFw7EJUAUQEzmZuQAvhctTH3Srfhq29eSRPPr2RD+/pbwssx48D3ik+/r62tODHzjmxzNlqJeAC6ElU0yALZC1+FthMqaC+Etf0k1ycTVZxrBkn2iEzNHpZFa0JNLAoAHulv6z1kzNz/L6BYhuY56Vrz2Y3S1lzyrWe0FwMgNyhZKdgJwWX5KLcYvWvZiJUxJpZp5WZgPBpGXKXG1MC43NWsXKXiwNOS6i9lvUW1cwn8n53yezDaQlnuEE8XL/uCdFT4ce7Xk8JoxdpJYI9pH1noSLMeTuJgo8ii7zyePkgxX3apTyIX8FVrL4NHPqmX6u5HxLs7C2x3XQNXbPLBRKucD9sf/RkPROKtvnWG1RpdTFMGR6NVEagtycsuw74dMYhfRCebfsSC2TKC3jLZH/T0+AZaDvtl1nUTIEseTFQS+KY+Q7uCe1j41hZHrNJYB4Irq+FXpEJize/pB/fejSqWM9G7hfkh4Zh5wSaMpucfKDf3YAZHKltFvNgRtJ45Emn5NZhaEUllXGLaCSH0t40kFAzgMu3hBs2aO+waI0m2uh7fOpshSoVfHQOA9sQYwaLSRPBwobrH5nsB6DIKh/KUeFQRsqUB2lfQzo+uRCFm7CgbbH818aohM8C7Ty7kgYLcmYBsBhdJMUFK5EN4WSjINQOfpD45Z8CuOA7cD4kls1z+BkAeFJVWdh30xHT95gAzZukAUEedqD+lUYnhHCQuqK1FxO1mwLJreHAX UyGsK3DH 1PSEtlF051Ofo/StGhnJiQ3oGzOMiRdxRonDzaoW90PEtilOaGoanFSYwJ0LzWLx2AgRS+KtHqaoS31XwijVW5pWmvlFKhmuySOa2v039U+Sy53Ou4u7J3VngNqdnlPXgxQBawSb19ZSfZkyVXc7D0K7Yv3bOXhYphawyYYzuxxwlQ86KgIA0413Chw+fQxVC0GTxn2dbzBx6Sjyv8sskNWaqPoJPUIMN+spDodtdpNtKpffveEgvRaheMrofJjYC4rQfPulIgvkmtdMS6OHF0VAnsA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hi Patrick, On Tue, Jul 9, 2024 at 2:21=E2=80=AFPM Patrick Roy wr= ote: > > Allow mapping guest_memfd into userspace. Since AS_INACCESSIBLE is set > on the underlying address_space struct, no GUP of guest_memfd will be > possible. This patch allows mapping guest_memfd() unconditionally. Even if it's not guppable, there are other reasons why you wouldn't want to allow this. Maybe a config flag to gate it? e.g., https://lore.kernel.org/all/20240222161047.402609-4-tabba@google.com/ > > Signed-off-by: Patrick Roy > --- > virt/kvm/guest_memfd.c | 31 ++++++++++++++++++++++++++++++- > 1 file changed, 30 insertions(+), 1 deletion(-) > > diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c > index dc9b0c2d0b0e..101ec2b248bf 100644 > --- a/virt/kvm/guest_memfd.c > +++ b/virt/kvm/guest_memfd.c > @@ -319,7 +319,37 @@ static inline struct file *kvm_gmem_get_file(struct = kvm_memory_slot *slot) > return get_file_active(&slot->gmem.file); > } > > +static vm_fault_t kvm_gmem_fault(struct vm_fault *vmf) > +{ > + struct folio *folio; > + > + folio =3D kvm_gmem_get_folio(file_inode(vmf->vma->vm_file), vmf->= pgoff, true); > + > + if (!folio) > + return VM_FAULT_SIGBUS; > + > + vmf->page =3D folio_file_page(folio, vmf->pgoff); > + > + return VM_FAULT_LOCKED; > +} > + > +static const struct vm_operations_struct kvm_gmem_vm_ops =3D { > + .fault =3D kvm_gmem_fault > +}; > + > +static int kvm_gmem_mmap(struct file *file, struct vm_area_struct *vma) > +{ > + if ((vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) =3D=3D 0) > + return -EINVAL; > + > + vm_flags_set(vma, VM_DONTDUMP); > + vma->vm_ops =3D &kvm_gmem_vm_ops; > + > + return 0; > +} > + > static struct file_operations kvm_gmem_fops =3D { > + .mmap =3D kvm_gmem_mmap, > .open =3D generic_file_open, > .release =3D kvm_gmem_release, > .fallocate =3D kvm_gmem_fallocate, > @@ -594,7 +624,6 @@ static int __kvm_gmem_get_pfn(struct file *file, stru= ct kvm_memory_slot *slot, > return -EFAULT; > } > > - gmem =3D file->private_data; Is this intentional? Cheers, /fuad > if (xa_load(&gmem->bindings, index) !=3D slot) { > WARN_ON_ONCE(xa_load(&gmem->bindings, index)); > return -EIO; > -- > 2.45.2 >