From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56B1DCE79D8 for ; Wed, 20 Sep 2023 14:24:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B404C6B017F; Wed, 20 Sep 2023 10:24:17 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id AC8F96B0180; Wed, 20 Sep 2023 10:24:17 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 943776B0181; Wed, 20 Sep 2023 10:24:17 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 7F7E56B017F for ; Wed, 20 Sep 2023 10:24:17 -0400 (EDT) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 43AA0120D0B for ; Wed, 20 Sep 2023 14:24:17 +0000 (UTC) X-FDA: 81257195754.26.5CB6D90 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf01.hostedemail.com (Postfix) with ESMTP id 3EA604007C for ; Wed, 20 Sep 2023 14:24:11 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jT9x9QWY; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf01.hostedemail.com: domain of 3igALZQYKCOUZLHUQJNVVNSL.JVTSPUbe-TTRcHJR.VYN@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3igALZQYKCOUZLHUQJNVVNSL.JVTSPUbe-TTRcHJR.VYN@flex--seanjc.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695219851; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=DOI6e5Fz0eSccYOGv0a2XgOrMIQyrqURVkPdu4XpUSk=; b=sVjMLTx+b1tDxv4GnqVGKUtnESm5TRyPMVBdfqmwYujocXILtldv3m2NMGpQTHUtg+7toT +O6co6zko7xonNJvd9jYWD7iJdO2UxRXzaS38PN0TxXxkhbLEprcqrBFC9HSVxTjAyHQ7D dl91s3qFf68AtVBRZEoxg4rxijEBe0c= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=jT9x9QWY; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf01.hostedemail.com: domain of 3igALZQYKCOUZLHUQJNVVNSL.JVTSPUbe-TTRcHJR.VYN@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3igALZQYKCOUZLHUQJNVVNSL.JVTSPUbe-TTRcHJR.VYN@flex--seanjc.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695219851; a=rsa-sha256; cv=none; b=53idluAMBMc1R+ClBxzXYLH+JDLdR1uwE0rbRyrVAYiT8QLVoWa0pY0cejT45/1+B8ysPx L/RBXIwaaZ8OTy6flrU/Cgh07FkWOqaKi1EWWiI5NZartDnTqrvbkUeP0lZTebbPxtON1k A9O13yD1MQLAuOXEIjmA6Od+pmdMtoc= Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1c40ac5b6e7so58167475ad.0 for ; Wed, 20 Sep 2023 07:24:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1695219850; x=1695824650; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=DOI6e5Fz0eSccYOGv0a2XgOrMIQyrqURVkPdu4XpUSk=; b=jT9x9QWY0hHVm7hsKat5+/XTcLZUXdfglpNj9jAe5pCOKUIKOWpeDPxJArrwn8tc13 4fTDpsoQD9QketFdTMVuDLnInVyBeNqAFk/FWfkzO8wI1ogn5AhKw8F6C85iUGauZu7L LzZkerWhOXPAp28YDvr3bxlocFkp+3OzVYAWRBifMpCCgFwzI1kRFQzjwHFtKhnmWaWw eHbmhtNkWI+jL/dtmWlUspfAzlqrFJTpjo4NljflC0rze+JRXWUxq8jDFZfON4miqZPx ygOcEW/Wo1eJnmErTd+Rpfr1uvATZEidp5EepEa4OSZtX9CMDtpXzVCpZy1NIOhxc5zq fpAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695219850; x=1695824650; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=DOI6e5Fz0eSccYOGv0a2XgOrMIQyrqURVkPdu4XpUSk=; b=kzUYvyIcsTuFxIDACsiVIq6BBSMAQ6IFDwQ7DNzDLEaJMF4BtGiOOuEgNSeHoE8k7A 4z5BZJ0JqHy46kXNR/+/aV1P545UXYoAMAU8TPr8VecnkuM+5xaDCZG5zW3NyixJ9Th1 n194iuqnBOhjeXEdiyo2VJgR2P61VW1Np3IOyWHPk4sCs0sXwBUROFAVGxoKSG/dve9Y uBXr7THdts5jQ4UqdQcRAQHOQrUVT/NOWx5vBrw+TstjR3w8kfFeclh0fvTUn4ZiEah4 lPtoO1jDJm6w4USp8aRpvjKKnyxSjiLsDsAJibp7AwLT0KqyYNmf3plJf9IwkykTychF PviQ== X-Gm-Message-State: AOJu0Ywhy9KtY+tmdwQijdckDeZqMDmqKa+tUbOcfSCCaRTAI87KzuIG Qd+ldH33ZYdPqYKsLQJ9anXP/4bgC+U= X-Google-Smtp-Source: AGHT+IG+7+KaIB01fLVIPGeb7tjb/zu/hrsNFs+xXo/mmyM/aDSVQYbb0kWI4ACm+gkgu18FM/xCEI0V+P0= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:f203:b0:1c0:ac09:4032 with SMTP id m3-20020a170902f20300b001c0ac094032mr25326plc.9.1695219850013; Wed, 20 Sep 2023 07:24:10 -0700 (PDT) Date: Wed, 20 Sep 2023 07:24:08 -0700 In-Reply-To: Mime-Version: 1.0 References: <20230914015531.1419405-1-seanjc@google.com> <20230914015531.1419405-15-seanjc@google.com> Message-ID: Subject: Re: [RFC PATCH v12 14/33] KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for guest-specific backing memory From: Sean Christopherson To: Binbin Wu Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Paolo Bonzini , Marc Zyngier , Oliver Upton , Huacai Chen , Michael Ellerman , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , "Matthew Wilcox (Oracle)" , Andrew Morton , Paul Moore , James Morris , "Serge E. Hallyn" , Chao Peng , Fuad Tabba , Jarkko Sakkinen , Anish Moorthy , Yu Zhang , Isaku Yamahata , Xu Yilun , Vlastimil Babka , Vishal Annapurve , Ackerley Tng , Maciej Szmigiero , David Hildenbrand , Quentin Perret , Michael Roth , Wang , Liam Merwick , Isaku Yamahata , "Kirill A . Shutemov" Content-Type: text/plain; charset="us-ascii" X-Rspamd-Queue-Id: 3EA604007C X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: ppgaexh41rwhrwo4oor79iqyufwtpmhj X-HE-Tag: 1695219851-527376 X-HE-Meta: U2FsdGVkX1/9nkx2LkGbZMCv0Vf/tLmhhMSImGeMM4T+TcHe7srYzbue2mCoMs+A10TkZrpqk34WOq3KYiTVEh89eavy/mkFeobVolDwObEPmGo8k3JlvqSusyz58Ni/HoyD6gsvfwSbUwxo+D2EThvLXFnfLaCyk/cF6T3yVhrxPkCDx1H4yhdB1ZswC0Bdk7gY44eqlx7n/wHqI4XFty0hcFgF4eAgH1P/GiMTj7hsWw6SMQ6r6gvWSsp4sG+lBD7rZs23eQD4FnMH+vvWbUodTzDiJDDIPJH+zmUOiTn/lR0T58xEIzLcGps9JIcMTQQj06b1j+fKpE9zU8itROfcCjr8QGHhjj44VOHKV7z+/OT4FEUhTJH+zWWkR5D/K7J11ST+XgUGAXaQ8bslj8AjjIsXv7jXj0afAeG1KxuYILCwLyrWeLDMmXlsGvI+kbSRwtwtfGz63Tn1+D8g/opy3cLdJbi+18Ed/iLf3nwV9W5WJgi6iGN2mZy7fhKSSiWh9KaLo3U/oIRfe6P4NYFzVEy10oSvFGaNMWXGdRyzB6FxLFMGl0eHECTR+riFdpj8SwH5885l1eaxfca5ViImg1s4HsO+oNnCypqnQMm4ey7L/5K4+5ETVUnHL4yNcCXolZp1X74kdiPKgGhS51HlYwPtItxL9/tFe+TEJTHP9GOLN2ie2BqrCA6iL2MgnyxgYPlBkWDNRmx8n1YROmRdBUFy6iLOSWQKZHs5+cWgJKh/HThidSIyR0+QHLrTRw+1yTLqpbNHyWzF7AmCOazci3Z9aaTWdZJ77Cr7emjx1gQgDmYJDRS9NH0d9p904Ejt7bkMSXspJ49ZzcPvNE6iSxQGH9sx2tJ6A9VfHQNRd0QdV0q/Ngml+CiUDYMVBIE2WcbgpdyTtYYPJBZfIbTxUDWVkyYZOf530uFyk3t7i8xhGworDdjfFCaS63jHHr+D1NxECtyY1MKPP7d 3IlGkzcg HFe8NSN/wic+lrL7ukZTG13toQEH3jvKeiqtRZ+oNtgsCscV0IUWbwDV9EVbtHGDJYqe/+p6U6TsA1nbDZ9xeO6OEeULp0DpQbUBLeIZtYYQtABEmSZ8+tED/GK58ITvfRJY7DUXFmkMqfCseRQOatl36O9yoIdTcmtKqowVd/ljlXNis28Rhu4K4kixTK9sH2r6VhtYDJOjKsYC+He/+63NdAT5i+IhZu0fC+dK+iGhaEcwGMLUL6rSXKRU3WT/ceqxHCsjWvPFzosP4tRgwhfvqktCjYFMKr0Wu5caZo8wWExP/hZJBzhyfnSa7FMA2JxvI71G1COBTxLHJf7RvcX6dxZevEJbJNB0etet6AjDo4KQU7+lyLq8TsxyntHHATYekvKAXbaK80L1eYJy4Ug7NIGrGIoBwSgUNKDuZq4zvzXrIRrvQqegQWqTG1fMP2iQ/Ag1rmadILq6BZU5Fd18O85wOG/9smU+SLabrYl40oft1zeXeC6IlUx+H5GRVf/bJCogAtNHrTcD10161rJ5uPlKIcJw0s3oRmJvwyg17c6RcbS22gIK6zums3n8RQ2xSTY3PKSYWfqAfOO637wTaKKd9vR8X20f9uTGrg6O8vgqseMahhTo7YYedTOFuwqDlsSnHBRPJlYlXbVWsaCCIFvVPSAYAvRtJKzNJp4zYQ2v4IEcl+4HV+Sf1plHyNg2kfAVt7hRH0kMCvklWGunRSFMPU1qNOhBFRdkZPYWBzyHSFwmQeDBHv95olCRHAPXDLFYjKKk/ucZ9zCXD51nKmQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Sep 19, 2023, Binbin Wu wrote: > > > On 9/14/2023 9:55 AM, Sean Christopherson wrote: > [...] > > + > > +static void kvm_gmem_invalidate_begin(struct kvm_gmem *gmem, pgoff_t start, > > + pgoff_t end) > > +{ > > + struct kvm_memory_slot *slot; > > + struct kvm *kvm = gmem->kvm; > > + unsigned long index; > > + bool flush = false; > > + > > + KVM_MMU_LOCK(kvm); > > + > > + kvm_mmu_invalidate_begin(kvm); > > + > > + xa_for_each_range(&gmem->bindings, index, slot, start, end - 1) { > > + pgoff_t pgoff = slot->gmem.pgoff; > > + > > + struct kvm_gfn_range gfn_range = { > > + .start = slot->base_gfn + max(pgoff, start) - pgoff, > > + .end = slot->base_gfn + min(pgoff + slot->npages, end) - pgoff, > > + .slot = slot, > > + .may_block = true, > > + }; > > + > > + flush |= kvm_mmu_unmap_gfn_range(kvm, &gfn_range); > > + } > > + > > + if (flush) > > + kvm_flush_remote_tlbs(kvm); > > + > > + KVM_MMU_UNLOCK(kvm); > > +} > > + > > +static void kvm_gmem_invalidate_end(struct kvm_gmem *gmem, pgoff_t start, > > + pgoff_t end) > > +{ > > + struct kvm *kvm = gmem->kvm; > > + > > + KVM_MMU_LOCK(kvm); > > + if (xa_find(&gmem->bindings, &start, end - 1, XA_PRESENT)) > > + kvm_mmu_invalidate_end(kvm); > kvm_mmu_invalidate_begin() is called unconditionally in > kvm_gmem_invalidate_begin(), > but kvm_mmu_invalidate_end() is not here. > This makes the kvm_gmem_invalidate_{begin, end}() calls asymmetric. Another ouch :-( And there should be no need to acquire mmu_lock() unconditionally, the inode's mutex protects the bindings, not mmu_lock. I'll get a fix posted today. I think KVM can also add a sanity check to detect unresolved invalidations, e.g. diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 7ba1ab1832a9..2a2d18070856 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1381,8 +1381,13 @@ static void kvm_destroy_vm(struct kvm *kvm) * No threads can be waiting in kvm_swap_active_memslots() as the * last reference on KVM has been dropped, but freeing * memslots would deadlock without this manual intervention. + * + * If the count isn't unbalanced, i.e. KVM did NOT unregister between + * a start() and end(), then there shouldn't be any in-progress + * invalidations. */ WARN_ON(rcuwait_active(&kvm->mn_memslots_update_rcuwait)); + WARN_ON(!kvm->mn_active_invalidate_count && kvm->mmu_invalidate_in_progress); kvm->mn_active_invalidate_count = 0; #else kvm_flush_shadow_all(kvm); or an alternative style if (kvm->mn_active_invalidate_count) kvm->mn_active_invalidate_count = 0; else WARN_ON(kvm->mmu_invalidate_in_progress) > > + KVM_MMU_UNLOCK(kvm); > > +} > > + > > +static long kvm_gmem_punch_hole(struct inode *inode, loff_t offset, loff_t len) > > +{ > > + struct list_head *gmem_list = &inode->i_mapping->private_list; > > + pgoff_t start = offset >> PAGE_SHIFT; > > + pgoff_t end = (offset + len) >> PAGE_SHIFT; > > + struct kvm_gmem *gmem; > > + > > + /* > > + * Bindings must stable across invalidation to ensure the start+end > > + * are balanced. > > + */ > > + filemap_invalidate_lock(inode->i_mapping); > > + > > + list_for_each_entry(gmem, gmem_list, entry) { > > + kvm_gmem_invalidate_begin(gmem, start, end); > > + kvm_gmem_invalidate_end(gmem, start, end); > > + } > Why to loop for each gmem in gmem_list here? > > IIUIC, offset is the offset according to the inode, it is only meaningful to > the inode passed in, i.e, it is only meaningful to the gmem binding with the > inode, not others. The code is structured to allow for multiple gmem instances per inode. This isn't actually possible in the initial code base, but it's on the horizon[*]. I included the list-based infrastructure in this initial series to ensure that guest_memfd can actually support multiple files per inode, and to minimize the churn when the "link" support comes along. [*] https://lore.kernel.org/all/cover.1691446946.git.ackerleytng@google.com