From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8F4ACC7EE2A for ; Wed, 25 Jun 2025 21:47:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 07CE36B00AD; Wed, 25 Jun 2025 17:47:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0546F6B00BE; Wed, 25 Jun 2025 17:47:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EAC8D6B00C0; Wed, 25 Jun 2025 17:47:11 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id DA1F36B00AD for ; Wed, 25 Jun 2025 17:47:11 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 6240EBB576 for ; Wed, 25 Jun 2025 21:47:11 +0000 (UTC) X-FDA: 83595259062.08.9F77E09 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) by imf15.hostedemail.com (Postfix) with ESMTP id 92BFDA0004 for ; Wed, 25 Jun 2025 21:47:09 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=XmyLIoxL; spf=pass (imf15.hostedemail.com: domain of 3XG5caAsKCPMVXfZmgZtoibbjjbgZ.Xjhgdips-hhfqVXf.jmb@flex--ackerleytng.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3XG5caAsKCPMVXfZmgZtoibbjjbgZ.Xjhgdips-hhfqVXf.jmb@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1750888029; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JaElZIlxs13I2jfOVX0lSC6FgKZKsuNp0z88behp5kM=; b=SL3enAg3Mt8GVY8tvYt4IMBzNu1dmykuMp9BjOx1+Br36MlRO9RAe0dl/NCdu6FBKVGVug rMwHueB4/r1ThWG6taaFpIxzwznQ1FOTX5d+sVjTE9eN3zkVnO4Sy/8Uaske3dob2dfxa+ fpVEpcC4mGwlq0NV2tM5LXamPIMVNqQ= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=XmyLIoxL; spf=pass (imf15.hostedemail.com: domain of 3XG5caAsKCPMVXfZmgZtoibbjjbgZ.Xjhgdips-hhfqVXf.jmb@flex--ackerleytng.bounces.google.com designates 209.85.216.74 as permitted sender) smtp.mailfrom=3XG5caAsKCPMVXfZmgZtoibbjjbgZ.Xjhgdips-hhfqVXf.jmb@flex--ackerleytng.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1750888029; a=rsa-sha256; cv=none; b=OhUMxW+SOVop90yvcj0mLDy7c+YW/ZAYu329/BbspgSrMlmvOU+Nux0X9rshELZORMvZfy nqgl6rt5zFuSEf3x9xmCk5rgmKHvSgjYrayjR6MroXZrV6PrcI2+UfGfVUyvHHyhqgCB0E 1F4LxUcI6GoU3bYiPcbkNFG1SfR/whw= Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-311ef4fb5fdso221214a91.1 for ; Wed, 25 Jun 2025 14:47:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1750888028; x=1751492828; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=JaElZIlxs13I2jfOVX0lSC6FgKZKsuNp0z88behp5kM=; b=XmyLIoxLLWJwgmsUq1Mt2uv1q650pynNpAsJCfgycIuTLwlv2+Y2+60v/RBJSzFsSI JiwNhQic//1uMcudHocSjVEQR7WMbsHKZsz3oZU5sPpb1sQ/HQ/jIJ6f7nwvU0y0uff0 LsQwpRN/j94KHzRsDWV0om/IvrWsCuYFo68AUiheDTQA9hjev45NOWkjgxWE2+vh7LsU akY/ixnBripp22575IzUGXkPcqm07hAYwrMIArS+vd4QrOu3OxaBxsxurNb/EqpoQwSa C+qwYwdXenum74eV7+aaRfMSeqPMnH4Q1yeBmVAhbdnX+lw2CU6VDkyZXyOtlMgrCUkU OgdQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750888028; x=1751492828; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=JaElZIlxs13I2jfOVX0lSC6FgKZKsuNp0z88behp5kM=; b=JEKcrPz/K7jJE645ZwikHRxl1pLNMaguAEeXYhbbwQfnPOJ6lXuPyfhlMircKQYjl5 4NKKDnsoS/gYj07rvD3O2c5aoSWxyXJ26smchRo5+4S9lEo/++dDmlB+oTEL0D49zhTI +kHJ2smB3URBVpaU7etbB6yXJnjh3nx/Dl0FU+syQNC0pTrEJb2b1+ovppU/SZ4cttnF NsJ1b0swVh2nThVwYFhSP/GRA3XgecCSJ95M0uLQCPH0jsnkuXG4Iu/++D4JymXqBb+S JtdcKvb5fIwf9x7hWpwsc81QOnV9d+7E/hh3ipxA+PbAbC3qPe1LrvC8z6J0xd7njTDk pGyQ== X-Forwarded-Encrypted: i=1; AJvYcCU6rywiSYHWVaMXUXa/rLQBRfo+GUXVUpfi6cA0JSP5rz8flFirvdvrTd1CvegRdyJfyYKAPEZQMw==@kvack.org X-Gm-Message-State: AOJu0Yw7LHS7PTZra0W5vBrSlEDH9bGQBVeaVpWnNw8GQvgEx1AUhxGS uevjZpExtZ6S2XcESLpTg6TREG6aootTq6al0oz0IlCcS3UVC5DMZmMUM4LIumG8YxMYS3ntRJu Mlu8ge4es30qOklU1VdyYaMBEYw== X-Google-Smtp-Source: AGHT+IHaFOtDsXjNCK8tDRGRC6rpZnF1ravk4aYWxE7y5fg1ChEv8b8QXDGShjJ5f1IXZEq0lP4YBKq+9E7DssxT5w== X-Received: from pjm6.prod.google.com ([2002:a17:90b:2fc6:b0:312:e266:f849]) (user=ackerleytng job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5388:b0:312:e1ec:de44 with SMTP id 98e67ed59e1d1-315f268f485mr5936687a91.27.1750888028344; Wed, 25 Jun 2025 14:47:08 -0700 (PDT) Date: Wed, 25 Jun 2025 14:47:06 -0700 In-Reply-To: <20250611133330.1514028-9-tabba@google.com> Mime-Version: 1.0 References: <20250611133330.1514028-1-tabba@google.com> <20250611133330.1514028-9-tabba@google.com> Message-ID: Subject: Re: [PATCH v12 08/18] KVM: guest_memfd: Allow host to map guest_memfd pages From: Ackerley Tng To: Fuad Tabba , kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com, tabba@google.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 92BFDA0004 X-Stat-Signature: komashqxpznebe613h97uzscxrxjd44g X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1750888029-266942 X-HE-Meta: U2FsdGVkX18JTCMPdcHIUiX/p8UidBTVkEknBjUHlKhtP2Rn4IUbV5te1IqOv1HeJ6LhqVqzv0XMwQitsz4i2pAmGYN8N3Zy1GOlGvcWGhMGSh4MXSwf8qTphLe2oRM0fmcBTx1dSrGRF247griUx4kBLMMsfIC0ZslYsvb1jtmzdixfwC3Si2ICJL7Bi9bJ0MOBZTClxedZub45iN4vMqsNpkJGeS2ISIW5GK1hgaJ/7xxZPCyYcixE7PwS+ulLgh72PKlC6dyMdeuynNyC5hba+knuB1u29kPonX5zWcaiDwllIQNuCZUnPlDzshjHBAbQxdG+KtqbLgRs0cKJADSHl4WPXBOv1bdUD9xxs+KAu9sXgyZD6LoVZK4i4NIbhJaqjNEn07y3CHfG2lextwXM8pAZuPr5NhworIFyn6kmS1uzeeU57JJOTRt3KP5MZ38x2qNaQ1u9IqIyyqCVcIL9JCGnLRxzW5svOpbfxGFKUyHfTgxxQ/hjvoEXVisoXvPx+4worvDCp81saFUX1fs7g6pbnS3wUOa9+m07Fr5wmYvosUZ47HdEUt+oySybF7rmPhqCvzh5uKK8okHOChk8hZpvuXHgiRLzPTlMqA6Z7+Oe/Jn9iMCOyDdJK61fsxUuufyZVAlk9BUnW6bDx7DmPVJ0Rb3IqkR/VwaL6PDz5rX71aQ5Su1AooIUq67QBzm1+US8w0UBFyZyZpfW+LQC9+C0VqDwyjgBuWEVB8YPVQxgNBL/WxkOZaPwJYm3HQ484a2TjVoGmik9lQ48mOd2FOg10aGEiDpsrH2hNxFYtH1BPuTleQaVqG8C5+7eaImMdDBYG8dscEN24VW/aJ+WCK97woD7RvDzuCJ4dSV2X3ymByW1bvKJG7Y24DQmTaRd/FuYLjdl0uzzA1ERLL0CKogXhezkVX7Smq/EuDhlEY8d+mxsH1bLW8HoZJKg74gutPZCRSgsxPLSR1i QRn3N98B fuh4123cQTfM7Ld+ZaGFQcP+BMwbnbpXFICCKqMlPd6Ok5AbWN3QBd4oteC0oxpVctX8rr6SkPkmWsQ+z483qyxHnju0gJsZLYilQD5Y49hw+jCzHK6uuLYeAvdFIDU3QvkT7inMa6bvC74o9tS/lTpTTRptu2bKwv/DW9VBvNsX+uCGPi81bkYqGDPts/0+l25kSMDmLYvJ9PF2n51US/2nqW7BDM+V0w+aRsx6zNbGaIn9UHy0b0do45TfU38EFvLhfZ1RJ9ehdxL0ENvMN8k10XSlh3PIjXWSb3E1Gjb48+fI1duAD0JESyfGP7Zbhq6Zq5FoWXDwctQUIvU/nJLX25wz+0u/mku6rxKaQF1XB7aT4T320JDDSGD4Zu3fZ1AEHm03nWnTcY1tq2xaZLijxmm9a4F0yftm1VmVAD1ytblPAQCmnfnez3FtuNVAQyCpJmqeWETcJYqRBl7CYHRvZL/WcPtFLydMRd/kV0zojv4ash4CpqK57uh8EWFaj75qZ8h1QlTMHgRcEmQL55tV5gjjqZXqWCWY0V7802LfkjStysc0fnmseNfhJl9/IoPJCRP09CUpQ7t4X12710uaaD5rvk3hLINt+/iMPUWdePKSsJjt/tm8HYU4XRwuEH0qOP6IGGWn8wyGyDqP43WVYRf99bde/gdvNna080i5/0nIUAtJ4iefubsTjAaSsKylfzLAJtCZsCdc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Fuad Tabba writes: > This patch enables support for shared memory in guest_memfd, including > mapping that memory from host userspace. > > This functionality is gated by the KVM_GMEM_SHARED_MEM Kconfig option, > and enabled for a given instance by the GUEST_MEMFD_FLAG_SUPPORT_SHARED > flag at creation time. > > Reviewed-by: Gavin Shan > Acked-by: David Hildenbrand > Co-developed-by: Ackerley Tng > Signed-off-by: Ackerley Tng > Signed-off-by: Fuad Tabba > --- > include/linux/kvm_host.h | 13 +++++++ > include/uapi/linux/kvm.h | 1 + > virt/kvm/Kconfig | 4 +++ > virt/kvm/guest_memfd.c | 73 ++++++++++++++++++++++++++++++++++++++++ > 4 files changed, 91 insertions(+) > > [...] > Just want to call out here that I believe HWpoison handling (and kvm_gmem_error_folio()) remains correct after this patch. Would still appreciate a review of the following! > +static vm_fault_t kvm_gmem_fault_shared(struct vm_fault *vmf) > +{ > + struct inode *inode = file_inode(vmf->vma->vm_file); > + struct folio *folio; > + vm_fault_t ret = VM_FAULT_LOCKED; > + > + if (((loff_t)vmf->pgoff << PAGE_SHIFT) >= i_size_read(inode)) > + return VM_FAULT_SIGBUS; > + > + folio = kvm_gmem_get_folio(inode, vmf->pgoff); > + if (IS_ERR(folio)) { > + int err = PTR_ERR(folio); > + > + if (err == -EAGAIN) > + return VM_FAULT_RETRY; > + > + return vmf_error(err); > + } > + > + if (WARN_ON_ONCE(folio_test_large(folio))) { > + ret = VM_FAULT_SIGBUS; > + goto out_folio; > + } > + > + if (!folio_test_uptodate(folio)) { > + clear_highpage(folio_page(folio, 0)); > + kvm_gmem_mark_prepared(folio); > + } > + > + vmf->page = folio_file_page(folio, vmf->pgoff); > + > +out_folio: > + if (ret != VM_FAULT_LOCKED) { > + folio_unlock(folio); > + folio_put(folio); > + } > + > + return ret; > +} > + > [...] This ->fault() callback does not explicitly check for folio_test_hwpoison(), but up the call tree, __do_fault() checks for HWpoison. If the folio is clean, the folio is removed from the filemap. Fault is eventually retried and (hopefully) another non-HWpoison folio will be faulted in. If the folio is dirty, userspace gets a SIGBUS. kvm_gmem_error_folio() calls kvm_gmem_invalidate_begin(), which only unmaps KVM_FILTER_PRIVATE, but IIUC that's okay since after mmap is introduced, * non-Coco VMs will always zap KVM_DIRECT_ROOTS anyway so the HWpoison folio is still zapped from guest page tables * Unmapping from host userspace page tables is handled in memory_failure(), so the next access will lead to a fault, which is handled using a SIGBUS in __do_fault() * Coco VMs can only use guest_memfd for private pages, so there's no change there since private pages still get zapped.