From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF594C3ABD8 for ; Fri, 16 May 2025 20:26:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4B1DC6B00D9; Fri, 16 May 2025 16:26:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 442C16B00DA; Fri, 16 May 2025 16:26:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 950E96B00DB; Fri, 16 May 2025 16:26:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 4C5046B00D9 for ; Fri, 16 May 2025 16:26:18 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id C9BD9161343 for ; Fri, 16 May 2025 20:26:18 +0000 (UTC) X-FDA: 83449903236.29.BC70FE8 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) by imf22.hostedemail.com (Postfix) with ESMTP id E8A85C0005 for ; Fri, 16 May 2025 20:26:16 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=QlVdtTf5; spf=pass (imf22.hostedemail.com: domain of 3Z58naAsKCIwqs0u71uE93ww44w1u.s421y3AD-220Bqs0.47w@flex--ackerleytng.bounces.google.com designates 209.85.210.201 as permitted sender) smtp.mailfrom=3Z58naAsKCIwqs0u71uE93ww44w1u.s421y3AD-220Bqs0.47w@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1747427177; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uNYsA1VxpeAmKMsl0ZmuzjWNkULRjyT0q4ZSttGXwmE=; b=fw/6lck49H9bH3tK/20/KmItGcv6WLeUPx8f1lJA5vc2nJPi5NRCpKDseaDJyQfwXk1OhR Ln2rUSR6KMhatGiT792WWTXjoKU9KiYtNAMFY5vqyVWr/Arq8M19C76gRqpFm7U2RBRyBB nk5+GJw9OjFFhIPLr5QY9kQI4OEy5LM= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=QlVdtTf5; spf=pass (imf22.hostedemail.com: domain of 3Z58naAsKCIwqs0u71uE93ww44w1u.s421y3AD-220Bqs0.47w@flex--ackerleytng.bounces.google.com designates 209.85.210.201 as permitted sender) smtp.mailfrom=3Z58naAsKCIwqs0u71uE93ww44w1u.s421y3AD-220Bqs0.47w@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1747427177; a=rsa-sha256; cv=none; b=HdGZwEcCl9Bn3S8YZWCYscqBhxkAa2JVctmWOTBKdRdNOVRLM4ecPre7CEX9L6H2vW8gD8 fX3R4cMPKLBQ7K+GzlKH0iZncFU7kQkzWwZSHdxrNUd8i2jrxsutogYxx/W/wK4fEU56zb Q8aerWrlNjeCi7faDvoHIkz+288odsU= Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-740270e168aso2348350b3a.1 for ; Fri, 16 May 2025 13:26:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1747427176; x=1748031976; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=uNYsA1VxpeAmKMsl0ZmuzjWNkULRjyT0q4ZSttGXwmE=; b=QlVdtTf57OkdTUsF6Dwn4nv8L7BGhkgSN/3Gu3mP+9rFUJQrj7MJSGHeVe0ceZd5J/ hJavEXteYugdpdDrwj5jQC5MeX9TkjPhGSt3Bu99Ct04cafLSvs0a7MwZ+7TJ/ifVOLh TipIBxlNrv6uY5n80p3RwbTBM3J9ueMTv0n8JdsuO09RZIi6P1O9vUiEdZt5BlSdpwem LdjpTEyIHiCdS81z6xmAhEc6r+7Q4EAJVuHEMV1DLjASk9RclijShpwI6sGKZ7XYJyTo NepvxYRCP3KvoANAhmTU4G17TkNVexmXvZhsVVLgLszOFyquJt4P7JuM+bPAnr3VTx07 15sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747427176; x=1748031976; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=uNYsA1VxpeAmKMsl0ZmuzjWNkULRjyT0q4ZSttGXwmE=; b=RnMPwnWThm1b4QmUXzRU1wJcmFQCxroGmKKeO2NQE6Xx5CibQGsQjWqpZ2rlvMmI2u ecqLsH5R0lROlz7mEAzqo1fXby2OyzjVegyOSAcQVWEnm4MEXFZMivdHCLkiXpdxhTmR hn5bqDMOyndLHTIuAt9IrkZ+so6xqhbME9KuMv+xDySjVBb2bIBq8wK/YGj0XtcznBa1 jQkb2Fr3sN9TN6nIDi7s2Cy/lEPLXG85vqDAKp9Wdy4eaPOHkHLNIqsgYlCb1iI2tSzC twMXEP00a2Sz7bFKskrxA4plNaw/KEw3NwMQdEtomwMUAx5FyPcejC3n11sBbjfxYpGm VBww== X-Forwarded-Encrypted: i=1; AJvYcCVqLAW2QPJdRJqH8wfHu9b2RYkGpntXZwAPa40DEFVKYPdnnXEY0232oRXMK+FUzg4z0pbCEF9/FQ==@kvack.org X-Gm-Message-State: AOJu0YzqGfo+6EqALYjwgHdOnUUz29hYuobYyOZ+Ko3YSHeypMZYkf3n NtGUFDWkH2tHfBgFnuhFxo1FNSFlyFMUo62Bzx7A4d/EPod+P1tRmGjG62u//iwS/o0zIEFmwX2 Pzsuhv+pRtxzKw4zp04yTyhn0ow== X-Google-Smtp-Source: AGHT+IGfoQoSez5L7XMlxA74tcaMgsb6OuotCbmC/vXVp/yg3sAHFsjCX4IagThUsKW7q3KLy4Ee5VF0Th4MiQ5ZJw== X-Received: from pfgu25.prod.google.com ([2002:a05:6a00:999:b0:736:38eb:5860]) (user=ackerleytng job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:3c96:b0:73e:30af:f479 with SMTP id d2e1a72fcca58-742a98ad9famr5898497b3a.19.1747427175604; Fri, 16 May 2025 13:26:15 -0700 (PDT) Date: Fri, 16 May 2025 13:26:14 -0700 In-Reply-To: <682799177f074_345d2c29482@iweiny-mobl.notmuch> Mime-Version: 1.0 References: <6827969540b5d_345b8829485@iweiny-mobl.notmuch> <682799177f074_345d2c29482@iweiny-mobl.notmuch> Message-ID: Subject: Re: [RFC PATCH v2 00/51] 1G page support for guest_memfd From: Ackerley Tng To: Ira Weiny , kvm@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-fsdevel@vger.kernel.org, afranji@google.com Cc: aik@amd.com, ajones@ventanamicro.com, akpm@linux-foundation.org, amoorthy@google.com, anthony.yznaga@oracle.com, anup@brainfault.org, aou@eecs.berkeley.edu, bfoster@redhat.com, binbin.wu@linux.intel.com, brauner@kernel.org, catalin.marinas@arm.com, chao.p.peng@intel.com, chenhuacai@kernel.org, dave.hansen@intel.com, david@redhat.com, dmatlack@google.com, dwmw@amazon.co.uk, erdemaktas@google.com, fan.du@intel.com, fvdl@google.com, graf@amazon.com, haibo1.xu@intel.com, hch@infradead.org, hughd@google.com, ira.weiny@intel.com, isaku.yamahata@intel.com, jack@suse.cz, james.morse@arm.com, jarkko@kernel.org, jgg@ziepe.ca, jgowans@amazon.com, jhubbard@nvidia.com, jroedel@suse.de, jthoughton@google.com, jun.miao@intel.com, kai.huang@intel.com, keirf@google.com, kent.overstreet@linux.dev, kirill.shutemov@intel.com, liam.merwick@oracle.com, maciej.wieczor-retman@intel.com, mail@maciej.szmigiero.name, maz@kernel.org, mic@digikod.net, michael.roth@amd.com, mpe@ellerman.id.au, muchun.song@linux.dev, nikunj@amd.com, nsaenz@amazon.es, oliver.upton@linux.dev, palmer@dabbelt.com, pankaj.gupta@amd.com, paul.walmsley@sifive.com, pbonzini@redhat.com, pdurrant@amazon.co.uk, peterx@redhat.com, pgonda@google.com, pvorel@suse.cz, qperret@google.com, quic_cvanscha@quicinc.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, quic_svaddagi@quicinc.com, quic_tsoni@quicinc.com, richard.weiyang@gmail.com, rick.p.edgecombe@intel.com, rientjes@google.com, roypat@amazon.co.uk, rppt@kernel.org, seanjc@google.com, shuah@kernel.org, steven.price@arm.com, steven.sistare@oracle.com, suzuki.poulose@arm.com, tabba@google.com, thomas.lendacky@amd.com, usama.arif@bytedance.com, vannapurve@google.com, vbabka@suse.cz, viro@zeniv.linux.org.uk, vkuznets@redhat.com, wei.w.wang@intel.com, will@kernel.org, willy@infradead.org, xiaoyao.li@intel.com, yan.y.zhao@intel.com, yilun.xu@intel.com, yuzenghui@huawei.com, zhiquan1.li@intel.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: E8A85C0005 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: chkke4opf7jmrpdga4ggah9ufbd9cq33 X-HE-Tag: 1747427176-782530 X-HE-Meta: U2FsdGVkX19D64QTxpFWjhpz/eNGbGiR/fCk6bqGZpnVtoBZCpx6KZ9nvJktqad8ManJFZTUFwl20vOuMf87vB9it3nLoGNcJJarmH1nnimk7gOmc4x+x6lEbn8GRFBHA14U/k/dKdt7ik7/73l6fw9jlAB89+i8+0Pl7SWvi6ybnDTfke6xVe3o/VoThvOZ8L9Qu4V2cTNzPpT4qbC/Yt0wcGskDmBrlN8/ijxk5tvygtyPmCTm7fgLMPjUoxIlAG+C8RidXLkLo+U2JkkzQOFCXLOGMIC3IjgjFSQfmynsDK5wzlp5TPiO34FquIqY3uQCA5WzXOeZ9DsGFQVjyBjbdtlp2oLXkMIiCBSE5M4ukDO0yHAoK3VpYjglwRFNExaj7a1KRHtoJE07WWcjnUxDiZTlv6SR/pOKYNZhrNlBB1WpAwwyAblrY+TwdBp8EEfBTr5Z9kvAadXUjL+FEKhyGvx3T+6Qdlw8QIhmLj3120PyKyjcVctKtncLBTQYBb2G6VMpwtKNdlndNSCVeJhlnf1JP85qj+UTyAwTgeTrKEgDVO1l4v2gZQPc3bYUkJWdqY19bgnlRoL6S5V/VEcW0T1DbtSRs/4gzn3bI7H4dnuJtXhR7FmhY+9cUYu1k3fz3ITabTHx7yYnsjqUF5sv0YfEUcZGTz3HSKJ43nxYTBredEfIK5lxbJqsIq4tY9hApoMITIAUZfNm8c9zhJWdQ0dTnmvV30X7YP1vzpBgX479PRqgfLI0xN26CbdPiJKkfiYRQfeLCYe+01qR5SebmIhBeqCNXU5HbQDg6xqYlPxQ3esqbSn1yVk5origf+E1wxyrEYt12IJeT8gv4dZZ1LcHQdKeh6zPftxHfiPuYrzQjKm9HQOuBVhHbuI2f2hErFJ+s1hcazBe9euoWWvPyZ2LSNGO3IN2esM8fuFfPXVwL7RegogmOjUZzhdXRq0Ve7Lq0I64mSMcu6o +USLLpAR 8FRN1lX4P/cvbsuxzMbFmFq0xw00+uYJLpxJNR+6ilITXCcB5CPCsisc8bS82ZW+RPDFeRcvPcw4coTNcEIrBiGvPlOw9awambhF5Wk75H2NrRnonITZoM9zQvw56qFKXTjysuM+Zx9GDP92g5Aq9QGdF9rzNSueJiveXK5kANeOn9lAZwx+H4Tpc3D00qG3/l+mpI/topbSx/dnUc3LUW5LS9nxcm5fi4McGqQ5a3gb4gXI7mjwlh3ZER/BHua+topnK3xZs1QAjHXZ3Ajp7kRmbaRykXGSz4ju2TaSgLu4mffS4oSrqIkbI1xipzDlUw175LHckV8qp/A5RZvWYHqxbDDXufnLvtR3sfYZK3Szs3Q8ZaryZ/T719wTaLTKKwB8GuqEqqhROC2uI0ffWVjSRsgXzb+NKQH7j82WAhi5vOFBMmhkEMpgfJJQT63+FpHRmz/gopQzoBgPYgtosX1SQy8gojt9DyPY7zs0y1j7rkQjbi0rZxyDG7ERJLRj9hlbPB5tsya/hDftLg6gO3EzJVo/GGTvT+qChvHPXK8ZKoZy2EmmaSSgQHTKqz6gYcOcQaeu8Dk2HgGyTyVGybcL8L9YSAo80EmX+tO+jxYGaYbD+LeIZrm9Z0CjbbN7jhknxt7cmZbY/bdiLcHMtHa7nrjJKRgvcMlyOx7elmeDRnI6POIijg6Qh7RwxhqPwy/Q5ZcL15tgt1J/fxH1qKco4aqfpe9dDtt8bzHX1JpAy7xf0TLJcALzErX8XrbkGYXU4ZXSYSxPOjUBcqvY5y7dsbg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Ira Weiny writes: > Ira Weiny wrote: >> Ackerley Tng wrote: >> > Hello, >> > >> > This patchset builds upon discussion at LPC 2024 and many guest_memfd >> > upstream calls to provide 1G page support for guest_memfd by taking >> > pages from HugeTLB. >> > >> > This patchset is based on Linux v6.15-rc6, and requires the mmap support >> > for guest_memfd patchset (Thanks Fuad!) [1]. >> >> Trying to manage dependencies I find that Ryan's just released series[1] >> is required to build this set. >> >> [1] https://lore.kernel.org/all/cover.1747368092.git.afranji@google.com/ >> >> Specifically this patch: >> https://lore.kernel.org/all/1f42c32fc18d973b8ec97c8be8b7cd921912d42a.1747368092.git.afranji@google.com/ >> >> defines >> >> alloc_anon_secure_inode() > > Perhaps Ryan's set is not required? Just that patch? > > It looks like Ryan's 2/13 is the same as your 1/51 patch? > > https://lore.kernel.org/all/754b4898c3362050071f6dd09deb24f3c92a41c3.1747368092.git.afranji@google.com/ > > I'll pull 1/13 and see where I get. > > Ira > >> >> Am I wrong in that? >> My bad, this patch was missing from this series: >From bd629d1ec6ffb7091a5f996dc7835abed8467f3e Mon Sep 17 00:00:00 2001 Message-ID: From: Ackerley Tng Date: Wed, 7 May 2025 07:59:28 -0700 Subject: [RFC PATCH v2 1/1] fs: Refactor to provide function that allocates a secure anonymous inode alloc_anon_secure_inode() returns an inode after running checks in security_inode_init_security_anon(). Also refactor secretmem's file creation process to use the new function. Signed-off-by: David Hildenbrand Signed-off-by: Ackerley Tng Change-Id: I4eb8622775bc3d544ec695f453ffd747d9490e40 --- fs/anon_inodes.c | 22 ++++++++++++++++------ include/linux/fs.h | 1 + mm/secretmem.c | 9 +-------- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c index 583ac81669c2..4c3110378647 100644 --- a/fs/anon_inodes.c +++ b/fs/anon_inodes.c @@ -55,17 +55,20 @@ static struct file_system_type anon_inode_fs_type = { .kill_sb = kill_anon_super, }; -static struct inode *anon_inode_make_secure_inode( - const char *name, - const struct inode *context_inode) +static struct inode *anon_inode_make_secure_inode(struct super_block *s, + const char *name, const struct inode *context_inode, + bool fs_internal) { struct inode *inode; int error; - inode = alloc_anon_inode(anon_inode_mnt->mnt_sb); + inode = alloc_anon_inode(s); if (IS_ERR(inode)) return inode; - inode->i_flags &= ~S_PRIVATE; + + if (!fs_internal) + inode->i_flags &= ~S_PRIVATE; + error = security_inode_init_security_anon(inode, &QSTR(name), context_inode); if (error) { @@ -75,6 +78,12 @@ static struct inode *anon_inode_make_secure_inode( return inode; } +struct inode *alloc_anon_secure_inode(struct super_block *s, const char *name) +{ + return anon_inode_make_secure_inode(s, name, NULL, true); +} +EXPORT_SYMBOL_GPL(alloc_anon_secure_inode); + static struct file *__anon_inode_getfile(const char *name, const struct file_operations *fops, void *priv, int flags, @@ -88,7 +97,8 @@ static struct file *__anon_inode_getfile(const char *name, return ERR_PTR(-ENOENT); if (make_inode) { - inode = anon_inode_make_secure_inode(name, context_inode); + inode = anon_inode_make_secure_inode(anon_inode_mnt->mnt_sb, + name, context_inode, false); if (IS_ERR(inode)) { file = ERR_CAST(inode); goto err; diff --git a/include/linux/fs.h b/include/linux/fs.h index 016b0fe1536e..0fded2e3c661 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3550,6 +3550,7 @@ extern int simple_write_begin(struct file *file, struct address_space *mapping, extern const struct address_space_operations ram_aops; extern int always_delete_dentry(const struct dentry *); extern struct inode *alloc_anon_inode(struct super_block *); +extern struct inode *alloc_anon_secure_inode(struct super_block *, const char *); extern int simple_nosetlease(struct file *, int, struct file_lease **, void **); extern const struct dentry_operations simple_dentry_operations; diff --git a/mm/secretmem.c b/mm/secretmem.c index 1b0a214ee558..c0e459e58cb6 100644 --- a/mm/secretmem.c +++ b/mm/secretmem.c @@ -195,18 +195,11 @@ static struct file *secretmem_file_create(unsigned long flags) struct file *file; struct inode *inode; const char *anon_name = "[secretmem]"; - int err; - inode = alloc_anon_inode(secretmem_mnt->mnt_sb); + inode = alloc_anon_secure_inode(secretmem_mnt->mnt_sb, anon_name); if (IS_ERR(inode)) return ERR_CAST(inode); - err = security_inode_init_security_anon(inode, &QSTR(anon_name), NULL); - if (err) { - file = ERR_PTR(err); - goto err_free_inode; - } - file = alloc_file_pseudo(inode, secretmem_mnt, "secretmem", O_RDWR, &secretmem_fops); if (IS_ERR(file)) -- 2.49.0.1101.gccaa498523-goog >> > >> > For ease of testing, this series is also available, stitched together, >> > at https://github.com/googleprodkernel/linux-cc/tree/gmem-1g-page-support-rfc-v2 >> > >> >> I went digging in your git tree and then found Ryan's set. So thanks for >> the git tree. :-D Glad that helped! >> >> However, it seems this add another dependency which should be managed in >> David's email of dependencies? This is a good idea. David, do you think these two patches should be managed as a separate patch series in the email of dependencies? + (left out of RFCv2, but is above) "fs: Refactor to provide function that allocates a secure anonymous inode" + 01/51 "KVM: guest_memfd: Make guest mem use guest mem inodes instead of anonymous inodes" They're being used by a few patch series now. >> >> Ira >>