From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0711DC433F5 for ; Thu, 29 Sep 2022 23:22:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 288858D0002; Thu, 29 Sep 2022 19:22:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 211146B0081; Thu, 29 Sep 2022 19:22:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 063118D0002; Thu, 29 Sep 2022 19:22:26 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id E54CB6B0080 for ; Thu, 29 Sep 2022 19:22:26 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 8F316413C9 for ; Thu, 29 Sep 2022 23:22:26 +0000 (UTC) X-FDA: 79966699092.15.82A90D3 Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com [209.85.216.41]) by imf13.hostedemail.com (Postfix) with ESMTP id C83A920006 for ; Thu, 29 Sep 2022 23:22:24 +0000 (UTC) Received: by mail-pj1-f41.google.com with SMTP id u12so2719792pjj.1 for ; Thu, 29 Sep 2022 16:22:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date; bh=SlBvqIbtpL0VufXgwK7uhVH38JuonCmEli0InnRVEwc=; b=WuAt0WRwYyROULHsLoKuJv2kXZVaCxvv5se5SYxucmOEgMFUNx2D57LgdDwCei2x1H BHZJk6cnqMJ9lpHSGjIAQZn0y8BmTQuG82WIZcNgoFeD7LG4pqgoDjfwNUvpxX0kJLxv Dw+WsZzJyUYdaQkT0re+VcE6b51zajqB6Pihs0d5Dm06lt/3y15zlDRlEVhaJYcITjqq kxupICcV/19shZioX2psCPJiZdpZ4ysq5/1T3jM0Xx0pSi+GIDFyiPzVO05s6m98CDTT tOo/5JDD8RVKU0DNuMgu6l56RXQ8C5tSDlMssCXWcmrz1Q8KJiW+10QJLFQH8nbm/WCu b7Pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date; bh=SlBvqIbtpL0VufXgwK7uhVH38JuonCmEli0InnRVEwc=; b=c0Mlc8jAs55Fd1ftx+UPIK41RY2iK3IWiYXbeCrG6MyaLtJXJ3lR3XjzKUmKmDEdn8 IOqHfIDSgb2TYStFi4DmYO/dNLrk4CoIsX5JOP62QkCLGdVNdHBbytPI5dSvZkwi5hN0 OthnccGX4R+/c3e5VvZSXW3u7ZSf7K7oTfgIV7OdTynBKTzPNURzJbUjji0BBUmo4GBZ JrB1ndKdz3fWG+r7ShAYaa6onWQxQyJoGC+GAqiQ+zjJF9YpQHPqbCI/79wiR9XrEO+V vRpEuYFZGQ/X9KjavegFr4/+hT2oBOeuALNj6BOh2lM7UmmsZloac2s2/TPWL2KFCxX0 zhdw== X-Gm-Message-State: ACrzQf1kN0/9glnvogMqE3OtzALW/NryHa2FJrnpnOsv95FEVjDNYYEH vLYHG7Col9ybHngeBsOJMZBNkA== X-Google-Smtp-Source: AMsMyM75zZcPQQjlBQckiGdn+LExa+Ehm1TbE+ovPavYyibrIT8X85CNF5p+NDaTg0PkeD+6UnKilA== X-Received: by 2002:a17:90b:1d81:b0:205:f381:7372 with SMTP id pf1-20020a17090b1d8100b00205f3817372mr11503541pjb.165.1664493743484; Thu, 29 Sep 2022 16:22:23 -0700 (PDT) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id g11-20020a17090a290b00b001f319e9b9e5sm4062149pjd.16.2022.09.29.16.22.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Sep 2022 16:22:22 -0700 (PDT) Date: Thu, 29 Sep 2022 23:22:19 +0000 From: Sean Christopherson To: Isaku Yamahata Cc: Chao Peng , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , Michael Roth , mhocko@suse.com, Muchun Song , wei.w.wang@intel.com Subject: Re: [PATCH v8 2/8] KVM: Extend the memslot to support fd-based private memory Message-ID: References: <20220915142913.2213336-1-chao.p.peng@linux.intel.com> <20220915142913.2213336-3-chao.p.peng@linux.intel.com> <20220929224516.GA2260388@ls.amr.corp.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220929224516.GA2260388@ls.amr.corp.intel.com> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1664493744; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SlBvqIbtpL0VufXgwK7uhVH38JuonCmEli0InnRVEwc=; b=n0RB4ZeBkYPv5HllOaXkcgOMLT6p7L9MHcCXQwMw5MeGkXDOXbvc+kwRtMBvUbwOPevQcZ 9FdGqs+oZ/kBJ7I0/bgH7iKmRK3mmbfqCzyF5/ZArRitP9J1e62FLn5j1QyJv4luWpht0x L8pcaH8ZY1nOlw3i3lZo2XK1EqGoGJk= ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=WuAt0WRw; spf=pass (imf13.hostedemail.com: domain of seanjc@google.com designates 209.85.216.41 as permitted sender) smtp.mailfrom=seanjc@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1664493744; a=rsa-sha256; cv=none; b=UpP0ZxP7AF2pFTMQLu0Z4kzqH4a47wxFHBz4B63hJPqhy89+upntRCkKtIX3CVHv5IAr47 /9i9/ObjW1uEP9YXw6qoTe3o+HKDQU3VmlozBcufkMFk/2B0nCbCuU7cnR+5c3tfeMogM0 8N4TxA2gcsCqYZ7hJFgde5tBISPCeIM= Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=WuAt0WRw; spf=pass (imf13.hostedemail.com: domain of seanjc@google.com designates 209.85.216.41 as permitted sender) smtp.mailfrom=seanjc@google.com; dmarc=pass (policy=reject) header.from=google.com X-Rspam-User: X-Stat-Signature: bajnrqejdtge48ea6tj16mzmoagb9ckr X-Rspamd-Queue-Id: C83A920006 X-Rspamd-Server: rspam08 X-HE-Tag: 1664493744-974015 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Sep 29, 2022, Isaku Yamahata wrote: > On Thu, Sep 15, 2022 at 10:29:07PM +0800, > Chao Peng wrote: > > @@ -4645,14 +4672,20 @@ static long kvm_vm_ioctl(struct file *filp, > > break; > > } > > case KVM_SET_USER_MEMORY_REGION: { > > - struct kvm_userspace_memory_region kvm_userspace_mem; > > + struct kvm_user_mem_region mem; > > + unsigned long size = sizeof(struct kvm_userspace_memory_region); > > + > > + kvm_sanity_check_user_mem_region_alias(); > > > > r = -EFAULT; > > - if (copy_from_user(&kvm_userspace_mem, argp, > > - sizeof(kvm_userspace_mem))) > > + if (copy_from_user(&mem, argp, size); > > + goto out; > > + > > + r = -EINVAL; > > + if (mem.flags & KVM_MEM_PRIVATE) > > goto out; > > Nit: It's better to check if padding is zero. Maybe rename it to reserved. > > + if (mem.pad1 || memchr_inv(mem.pad2, 0, sizeof(mem.pad2))) > + goto out; No need, KVM has more or less settled on using flags instead "reserving" bytes. E.g. if/when another fancy feature comes along, we'll add another KVM_MEM_XYZ and only consume the relevant fields when the flag is set. Reserving bytes doesn't work very well because it assumes that '0' is an invalid value, e.g. if the future expansion is for a non-private file descriptor, then we'd need a new flag even if KVM reserved bytes since fd=0 is valid. The only reason to bother with pad2[14] at this time is to avoid having to define yet another struct if/when the struct needs to expand again. The struct definition will still need to be changed, but at least we won't end up with struct kvm_userspace_memory_region_really_extended.