From patchwork Tue Jul 18 23:44:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 13317871 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30F04C001DC for ; Tue, 18 Jul 2023 23:48:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BACA38D001F; Tue, 18 Jul 2023 19:48:35 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B5DBA8D0012; Tue, 18 Jul 2023 19:48:35 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9FE4C8D001F; Tue, 18 Jul 2023 19:48:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 910CE8D0012 for ; Tue, 18 Jul 2023 19:48:35 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 57FC28051C for ; Tue, 18 Jul 2023 23:48:35 +0000 (UTC) X-FDA: 81026374590.20.57A1239 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) by imf07.hostedemail.com (Postfix) with ESMTP id 7AF9240029 for ; Tue, 18 Jul 2023 23:48:32 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=osgDTqFd; spf=pass (imf07.hostedemail.com: domain of 3zyS3ZAYKCCIQC8LHAEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3zyS3ZAYKCCIQC8LHAEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--seanjc.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1689724112; h=from:from:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=kNioK2g9uNSVoz4fz3Z0hsZYDZVWPADHE8SV+5umY4Y=; b=ana+Vw+o2Hmd04AJ2dq7cWQwt9idIWyftCQDOs5y9doclX6zyEJ2t+pzL4LgDuv14eQJbX SvJXidHi5E4tvG6vkl5et2aWYbZbkx/H6SnJ7EOeA0ELIQkk753YrtdAJ6Nt+UAqdBJPPb dyMwqzXT6VxuROuPv2ShjFBmNZg1N8A= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1689724112; a=rsa-sha256; cv=none; b=IQmJKguZwwKWgQN//yFXV8AOc+OLaH40VNQdQbe77a5FcdfHeKLiRscJvHZbH5vkREdMuF E3KdL5L3z0KxzAYKq/syYnjwpLlojPmAQRj3/7lTxe9KNrxm/GH6TBCalfZbsgsStNeKGc mkPdLMbjubRqE5ERhEB9iWkR99lrAGE= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=osgDTqFd; spf=pass (imf07.hostedemail.com: domain of 3zyS3ZAYKCCIQC8LHAEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--seanjc.bounces.google.com designates 209.85.214.201 as permitted sender) smtp.mailfrom=3zyS3ZAYKCCIQC8LHAEMMEJC.AMKJGLSV-KKIT8AI.MPE@flex--seanjc.bounces.google.com; dmarc=pass (policy=reject) header.from=google.com Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-1b8a4571c1aso33123735ad.0 for ; Tue, 18 Jul 2023 16:48:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1689724111; x=1692316111; h=cc:to:from:subject:message-id:mime-version:date:reply-to:from:to:cc :subject:date:message-id:reply-to; bh=kNioK2g9uNSVoz4fz3Z0hsZYDZVWPADHE8SV+5umY4Y=; b=osgDTqFdq8IUMbfc5np0SJw5OdVmryzKJlMbpWPj1r+bA24M0IJWiJbXigx+jJyQ5r VlxW0vuMxM/BQlBSs2+AumxHcyWajcOP9JXOkoHqOoO5ZyUcko/ezFKjsqiJkNtv/xwh Y36DMIRI0Q59f7++kPXdwd59QUGKV3Guy/2lgpB3TxpICSaTd3h59fkFiz7MblIecyH8 n7z4KTAocelQbqspLYM5QVY6G/2MvezetA6jqdURrMQiYzDhQ6XI2ghHbJziqFDRtHCX N3lBCweEXoqVHi335cB6PiCMKD3JW4ZiPc0eG4mYnlS454U3dCWqPiIky3zkEczL9g5Z g/Ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689724111; x=1692316111; h=cc:to:from:subject:message-id:mime-version:date:reply-to :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=kNioK2g9uNSVoz4fz3Z0hsZYDZVWPADHE8SV+5umY4Y=; b=CBwU+emfP57P1nFXEaMO/y4cY/jmBhJLzGfhLRe30VBaFmvV2OtRlPLvO0OpwfSnfs VeWnuEdXKl2+lmImXldg5D+rpFWxizLkpjCZyHbRP/W7WttuOfoPqyY/sP5joBQ9aFgP iUs9XXphro4+LaPwDLIt2ZpL0Aw8BTiICFGdwGrVGWAByf6vMHMh3lgO58uVwC53mHdm vuB2ixvR0WxbXQppKvtvzbXPyQChsjKyqskgdGeNt03I+tsudaoUfJhSDurREzbecTcg AugQc4eMzwIqxnXTSDN0rU6of/Gnp/A/NQWfiJkTNAPAKxcW0G2CB6x0dpI6MswlzwNN 8y5w== X-Gm-Message-State: ABy/qLbrJb5nwh2CwsZBPpc1iDoKSo0msm3riU1tYzxAL8+HE0dls1YQ r+cZrP1FmtWG4IbWEjOQ92/+gQynMx0= X-Google-Smtp-Source: APBJJlGfvW12PoU1cgYxoig33TTppXu/jdZjVA/UYCNl9+6h2sdMFpEn0Y/2jF1wf15jCGzWeLtg2m+RbUw= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:ec8c:b0:1b8:95fc:d0f with SMTP id x12-20020a170902ec8c00b001b895fc0d0fmr7816plg.7.1689724111171; Tue, 18 Jul 2023 16:48:31 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 18 Jul 2023 16:44:43 -0700 Mime-Version: 1.0 X-Mailer: git-send-email 2.41.0.255.g8b1d071c50-goog Message-ID: <20230718234512.1690985-1-seanjc@google.com> Subject: [RFC PATCH v11 00/29] KVM: guest_memfd() and per-page attributes From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Huacai Chen , Michael Ellerman , Anup Patel , Paul Walmsley , Palmer Dabbelt , Albert Ou , Sean Christopherson , "Matthew Wilcox (Oracle)" , Andrew Morton , Paul Moore , James Morris , "Serge E. Hallyn" Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-mips@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, kvm-riscv@lists.infradead.org, linux-riscv@lists.infradead.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Chao Peng , Fuad Tabba , Jarkko Sakkinen , Yu Zhang , Vishal Annapurve , Ackerley Tng , Maciej Szmigiero , Vlastimil Babka , David Hildenbrand , Quentin Perret , Michael Roth , Wang , Liam Merwick , Isaku Yamahata , "Kirill A . Shutemov" X-Rspamd-Queue-Id: 7AF9240029 X-Rspam-User: X-Stat-Signature: bpan8mzptjjxa3uwa4mq95txw8bkzc3z X-Rspamd-Server: rspam03 X-HE-Tag: 1689724112-687686 X-HE-Meta: U2FsdGVkX19euYAC4TZrtoJKaYOeFpSSqDtPNDNjZbcM+uWanw9L2Z4WvWDTXQW9Vcla5P4HVjoKiRn01LNR69iw51aNRjg1pbsv4O+P44Ityzzi2pHxv564GhMS5sEJh8+vRNHDFjOmq2xs1cFylDzKq+x4vvhiyYgN8gTc/5KjbR6eK9LaYHTMGZLNkhkmSAJ5DKFDwhmHJW2Dpz5/5KDWpwXUPUotrsZn6Elu8f7aAKQeYTOXku6rcbva7lGav7SwW73lAT+rIe+32CUSkqPiYItZIxZZWcwAdR78E7CAKtVb1kmL0FOWApJ23aY66iGpddClxY3S2qGhJVaE53+FPmj/lTfOgUY5DLZpIunG9+j/8g2f5VUCyhlNVO301EBjrOdJ8wH4PW0bLFILAObKPgY4y4898VjkSntP5Bj6b2O60nIlWf1mcN9MIqCPRLmhXE864DVCVv+Eevozn5TIHbE9rrUU5bLESs2OAl2BTHSb5/whB70tzHRvKEKl+3oqXQrXaURuj3U0F5qdJGHPtFIx9yD3wrU6i3m1QUO77Y/SYuWieLnS/c2ioQD0RPn6jpm03NGCdqv5d0L7JskH/GY0b4+mzz2yynNtXhyY5R49MUybCkjoo23se99xEQdCPtFGRj01BIjXc3SYkHt1PnAoP2kb2GImVwHIxl3nY/kgelnW/rD2y42L9QSn2RZpyGslekcyHH3BMKgF4sVrw1yPEw4kDOQ6pr8httEg0jKLPu+AfveAd2goZ8qCnt/TzDxYJOlsVP1akffRkENTH3enrTcE8Q0gY44TAJTU8WxpUYjYcPZOn8YDdwj/0ZWwiihHJ3MVlbyxwMGwPH5rzwNz7JsoJET1xH/NhRF4TX3yQLXQiOQKHYgfFaUbWoslMdJ1D83om+w3NMN2dEt2tFdcK4ggY+4o0qo/gJI2CNhjMphOdMIyCNeVVFuyPRtht2x23vtsXGs7P9Q 4Bbdp0lS OTxwFg7Gi845ZMim1haaKAyAY7Fk36K+T6zrA6Ml/3e+TcMgmHIQyyjzP66k9vX/9y0VrTrQfpqg0ZpKDgaprygoCC/nnPmBNz87Cf9rXD+Nfa+0AZfM4GGKOJBrS398j7DITYFtS5jpkl5enwcBS/jr6FlF/HbCKKibhoVpWQUIeflsAXOVVcBHYkNRO0H9uX/VPSuzvc2CPb7lVPJ1g0WtLD/tsYROn1l7N8iiFtM1vllEY2PXFHkKfecWjIspr/cVlp5CLrPPMA9+BTSYRgK6faXNPmRjIp3GwnW/YMm4VhDXy2b4DAm253O+BCJv45M2ofXTPxCU0cFqIlIuLBdFATlryhz2JfIJPhFSI65EV+8zXGQ7DZB3q1WuEwC19c86E3UwviOb+0ykT29hX3F7ZJoBqh6nZqobXmB4/jehtzU2kxM4K5ZDLPWYp+vHoKWCS5yAGH/HCTg+SOqXxqSA/7KArZkV9gwYj45vBVJpHWjLwHSAwkFOaEvCse8I8Pmzhv8cejr8vTmv3UMG+x0980XqKSdbAZWQ73V4q/3hD4ghRGynAqzuAPoBbSJ9KKj9Ad82P8NirC5wlmPx0o8kCBFbbglrsI6C6hYchrOz9L0UcDxNjSUFnQa3jgkNjlgnMbXV0MwIG2uwFXoxtYATsQ9kzv79l/Z5/UGBMQiE+YgGF2Gw+xaJooIwyA6xMBKP/Z/SawW3bPvW+j2fQhm8UJydvYSo03sEmveoFByev3/eBn9/PwZrV3fThxRswRRZhFK6cq5k1S2Vjjy1In2zUkeT9WNtDwUM8oJ+Aqrkf2DCOWeHLavkIDVvHmf96vaONbK9JV22rbOZApXth+rtIf9WYg8TjKJQtYtxE7Gm16APId7pBlor4bIRcvBrtU2WSr9l9Ty0otLE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: This is the next iteration of implementing fd-based (instead of vma-based) memory for KVM guests. If you want the full background of why we are doing this, please go read the v10 cover letter[1]. The biggest change from v10 is to implement the backing storage in KVM itself, and expose it via a KVM ioctl() instead of a "generic" sycall. See link[2] for details on why we pivoted to a KVM-specific approach. Key word is "biggest". Relative to v10, there are many big changes. Highlights below (I can't remember everything that got changed at this point). Tagged RFC as there are a lot of empty changelogs, and a lot of missing documentation. And ideally, we'll have even more tests before merging. There are also several gaps/opens (to be discussed in tomorrow's PUCK). v11: - Test private<=>shared conversions *without* doing fallocate() - PUNCH_HOLE all memory between iterations of the conversion test so that KVM doesn't retain pages in the guest_memfd - Rename hugepage control to be a very generic ALLOW_HUGEPAGE, instead of giving it a THP or PMD specific name. - Fold in fixes from a lot of people (thank you!) - Zap SPTEs *before* updating attributes to ensure no weirdness, e.g. if KVM handles a page fault and looks at inconsistent attributes - Refactor MMU interaction with attributes updates to reuse much of KVM's framework for mmu_notifiers. [1] https://lore.kernel.org/all/20221202061347.1070246-1-chao.p.peng@linux.intel.com [2] https://lore.kernel.org/all/ZEM5Zq8oo+xnApW9@google.com Ackerley Tng (1): KVM: selftests: Test KVM exit behavior for private memory/access Chao Peng (7): KVM: Use gfn instead of hva for mmu_notifier_retry KVM: Add KVM_EXIT_MEMORY_FAULT exit KVM: Introduce per-page memory attributes KVM: x86: Disallow hugepages when memory attributes are mixed KVM: x86/mmu: Handle page fault for private memory KVM: selftests: Add KVM_SET_USER_MEMORY_REGION2 helper KVM: selftests: Expand set_memory_region_test to validate guest_memfd() Sean Christopherson (18): KVM: Wrap kvm_gfn_range.pte in a per-action union KVM: Tweak kvm_hva_range and hva_handler_t to allow reusing for gfn ranges KVM: PPC: Drop dead code related to KVM_ARCH_WANT_MMU_NOTIFIER KVM: Convert KVM_ARCH_WANT_MMU_NOTIFIER to CONFIG_KVM_GENERIC_MMU_NOTIFIER KVM: Introduce KVM_SET_USER_MEMORY_REGION2 mm: Add AS_UNMOVABLE to mark mapping as completely unmovable security: Export security_inode_init_security_anon() for use by KVM KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for guest-specific backing memory KVM: Add transparent hugepage support for dedicated guest memory KVM: Drop superfluous __KVM_VCPU_MULTIPLE_ADDRESS_SPACE macro KVM: Allow arch code to track number of memslot address spaces per VM KVM: x86: Add support for "protected VMs" that can utilize private memory KVM: selftests: Drop unused kvm_userspace_memory_region_find() helper KVM: selftests: Convert lib's mem regions to KVM_SET_USER_MEMORY_REGION2 KVM: selftests: Add support for creating private memslots KVM: selftests: Introduce VM "shape" to allow tests to specify the VM type KVM: selftests: Add GUEST_SYNC[1-6] macros for synchronizing more data KVM: selftests: Add basic selftest for guest_memfd() Vishal Annapurve (3): KVM: selftests: Add helpers to convert guest memory b/w private and shared KVM: selftests: Add helpers to do KVM_HC_MAP_GPA_RANGE hypercalls (x86) KVM: selftests: Add x86-only selftest for private memory conversions Documentation/virt/kvm/api.rst | 114 ++++ arch/arm64/include/asm/kvm_host.h | 2 - arch/arm64/kvm/Kconfig | 2 +- arch/arm64/kvm/mmu.c | 2 +- arch/mips/include/asm/kvm_host.h | 2 - arch/mips/kvm/Kconfig | 2 +- arch/mips/kvm/mmu.c | 2 +- arch/powerpc/include/asm/kvm_host.h | 2 - arch/powerpc/kvm/Kconfig | 8 +- arch/powerpc/kvm/book3s_hv.c | 2 +- arch/powerpc/kvm/powerpc.c | 5 +- arch/riscv/include/asm/kvm_host.h | 2 - arch/riscv/kvm/Kconfig | 2 +- arch/riscv/kvm/mmu.c | 2 +- arch/x86/include/asm/kvm_host.h | 17 +- arch/x86/include/uapi/asm/kvm.h | 3 + arch/x86/kvm/Kconfig | 14 +- arch/x86/kvm/debugfs.c | 2 +- arch/x86/kvm/mmu/mmu.c | 287 +++++++- arch/x86/kvm/mmu/mmu_internal.h | 4 + arch/x86/kvm/mmu/mmutrace.h | 1 + arch/x86/kvm/mmu/tdp_mmu.c | 8 +- arch/x86/kvm/vmx/vmx.c | 11 +- arch/x86/kvm/x86.c | 24 +- include/linux/kvm_host.h | 129 +++- include/linux/pagemap.h | 11 + include/uapi/linux/kvm.h | 50 ++ include/uapi/linux/magic.h | 1 + mm/compaction.c | 4 + mm/migrate.c | 2 + security/security.c | 1 + tools/testing/selftests/kvm/Makefile | 3 + tools/testing/selftests/kvm/dirty_log_test.c | 2 +- .../testing/selftests/kvm/guest_memfd_test.c | 114 ++++ .../selftests/kvm/include/kvm_util_base.h | 141 +++- .../testing/selftests/kvm/include/test_util.h | 5 + .../selftests/kvm/include/ucall_common.h | 12 + .../selftests/kvm/include/x86_64/processor.h | 15 + .../selftests/kvm/kvm_page_table_test.c | 2 +- tools/testing/selftests/kvm/lib/kvm_util.c | 230 ++++--- tools/testing/selftests/kvm/lib/memstress.c | 3 +- .../selftests/kvm/set_memory_region_test.c | 99 +++ .../kvm/x86_64/private_mem_conversions_test.c | 408 +++++++++++ .../kvm/x86_64/private_mem_kvm_exits_test.c | 115 ++++ .../kvm/x86_64/ucna_injection_test.c | 2 +- virt/kvm/Kconfig | 17 + virt/kvm/Makefile.kvm | 1 + virt/kvm/dirty_ring.c | 2 +- virt/kvm/guest_mem.c | 635 ++++++++++++++++++ virt/kvm/kvm_main.c | 384 +++++++++-- virt/kvm/kvm_mm.h | 38 ++ 51 files changed, 2700 insertions(+), 246 deletions(-) create mode 100644 tools/testing/selftests/kvm/guest_memfd_test.c create mode 100644 tools/testing/selftests/kvm/x86_64/private_mem_conversions_test.c create mode 100644 tools/testing/selftests/kvm/x86_64/private_mem_kvm_exits_test.c create mode 100644 virt/kvm/guest_mem.c base-commit: fdf0eaf11452d72945af31804e2a1048ee1b574c