From patchwork Fri Feb 21 16:07:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985842 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 56EE91FBEB0; Fri, 21 Feb 2025 16:09:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.218 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154169; cv=none; b=RZLVMM+fq0v3aT7DjYMNQ9RwJ4HIT88G0EPq4syKiGIykKMvBYHB/WH3hm4cEDs2F5VMhvqv8tg385zUtjl1XFxZnB7nWT2+/sURBmAG2momVormm9LyXB5yFEPKPaSzzrPADhLbJN1ms61z1dCgBLS3gPC2Bxk5qivZpe6ZeAc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154169; c=relaxed/simple; bh=Pu6HGVQiogGU63MCf6Mx6dL0odXiMy1GgrBdxomprgo=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=l3qLb5RSy056hTV3cX53kOeGrHorKzmsvGZrZ8s4hoRuHDbaKesYWB4NharCsmZyVAQWh3yu5kWPRldFYgNu+VCu6hUhbFW1G9mDaAgNk8kUsTPfeQSZ4ExZ7y+2IPNfkWs+n9Zk6uaY1iDBz6yJkMlD1Huz2PLkWWTzUfoMAyA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=Ptk5y1vs; arc=none smtp.client-ip=99.78.197.218 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="Ptk5y1vs" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154168; x=1771690168; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=H8EJounnNVCHbSPBe6inBfgnScOOplPgupbAfsLZMsM=; b=Ptk5y1vsvGy7AxAq2YPfZdPqHLqFj+9PtJ2lvZNWuXGC4kMWmyIlhDYn NZsb2g1+Cz4JSzeKs/B9s3ExfTkEoreTWUBWDnq6MdbeFVbJ4mh5dHomp d2VnxJansec96Mf8KHsN13VHPdHyl32ubs8S38XnFwhw+prNw9fwlP+Yh s=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="379576522" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:23 +0000 Received: from EX19MTAUWA002.ant.amazon.com [10.0.38.20:37109] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.55.141:2525] with esmtp (Farcaster) id 78cc7798-b6c2-4e9f-88b9-8c9c17bd29c6; Fri, 21 Feb 2025 16:09:22 +0000 (UTC) X-Farcaster-Flow-ID: 78cc7798-b6c2-4e9f-88b9-8c9c17bd29c6 Received: from EX19D003UWB004.ant.amazon.com (10.13.138.24) by EX19MTAUWA002.ant.amazon.com (10.250.64.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:12 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWB004.ant.amazon.com (10.13.138.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:12 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:12 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 3843B401F3; Fri, 21 Feb 2025 16:09:05 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 01/12] mm: introduce AS_NO_DIRECT_MAP Date: Fri, 21 Feb 2025 16:07:14 +0000 Message-ID: <20250221160728.1584559-2-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add AS_NO_DIRECT_MAP for mappings where direct map entries of folios are set to not present . Currently, mappings that match this description are secretmem mappings (memfd_secret()). Later, some guest_memfd configurations will also fall into this category. Reject this new type of mappings in all locations that currently reject secretmem mappings, on the assumption that if secretmem mappings are rejected somewhere, it is precisely because of an inability to deal with folios without direct map entries. Use a new flag instead of overloading AS_INACCESSIBLE (which is already set by guest_memfd) because not all guest_memfd mappings will end up being direct map removed (e.g. in pKVM setups, parts of guest_memfd that can be mapped to userspace should also be GUP-able, and generally not have restrictions on who can access it). Signed-off-by: Patrick Roy --- include/linux/pagemap.h | 16 ++++++++++++++++ lib/buildid.c | 4 ++-- mm/gup.c | 6 +++++- mm/mlock.c | 3 ++- 4 files changed, 25 insertions(+), 4 deletions(-) base-commit: da40655874b54a2b563f8ceb3ed839c6cd38e0b4 diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h index 47bfc6b1b632..903b41e89cf8 100644 --- a/include/linux/pagemap.h +++ b/include/linux/pagemap.h @@ -210,6 +210,7 @@ enum mapping_flags { AS_STABLE_WRITES = 7, /* must wait for writeback before modifying folio contents */ AS_INACCESSIBLE = 8, /* Do not attempt direct R/W access to the mapping */ + AS_NO_DIRECT_MAP = 9, /* Folios in the mapping are not in the direct map */ /* Bits 16-25 are used for FOLIO_ORDER */ AS_FOLIO_ORDER_BITS = 5, AS_FOLIO_ORDER_MIN = 16, @@ -335,6 +336,21 @@ static inline bool mapping_inaccessible(struct address_space *mapping) return test_bit(AS_INACCESSIBLE, &mapping->flags); } +static inline void mapping_set_no_direct_map(struct address_space *mapping) +{ + set_bit(AS_NO_DIRECT_MAP, &mapping->flags); +} + +static inline bool mapping_no_direct_map(struct address_space *mapping) +{ + return test_bit(AS_NO_DIRECT_MAP, &mapping->flags); +} + +static inline bool vma_is_no_direct_map(const struct vm_area_struct *vma) +{ + return vma->vm_file && mapping_no_direct_map(vma->vm_file->f_mapping); +} + static inline gfp_t mapping_gfp_mask(struct address_space * mapping) { return mapping->gfp_mask; diff --git a/lib/buildid.c b/lib/buildid.c index c4b0f376fb34..80b5d805067f 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -65,8 +65,8 @@ static int freader_get_folio(struct freader *r, loff_t file_off) freader_put_folio(r); - /* reject secretmem folios created with memfd_secret() */ - if (secretmem_mapping(r->file->f_mapping)) + /* reject secretmem folios created with memfd_secret() or guest_memfd() */ + if (secretmem_mapping(r->file->f_mapping) || mapping_no_direct_map(r->file->f_mapping)) return -EFAULT; r->folio = filemap_get_folio(r->file->f_mapping, file_off >> PAGE_SHIFT); diff --git a/mm/gup.c b/mm/gup.c index 3883b307780e..7ddaf93c5b6a 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -1283,7 +1283,7 @@ static int check_vma_flags(struct vm_area_struct *vma, unsigned long gup_flags) if ((gup_flags & FOLL_LONGTERM) && vma_is_fsdax(vma)) return -EOPNOTSUPP; - if (vma_is_secretmem(vma)) + if (vma_is_secretmem(vma) || vma_is_no_direct_map(vma)) return -EFAULT; if (write) { @@ -2849,6 +2849,10 @@ static bool gup_fast_folio_allowed(struct folio *folio, unsigned int flags) */ if (check_secretmem && secretmem_mapping(mapping)) return false; + + if (mapping_no_direct_map(mapping)) + return false; + /* The only remaining allowed file system is shmem. */ return !reject_file_backed || shmem_mapping(mapping); } diff --git a/mm/mlock.c b/mm/mlock.c index cde076fa7d5e..07a351491d9d 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -474,7 +474,8 @@ static int mlock_fixup(struct vma_iterator *vmi, struct vm_area_struct *vma, if (newflags == oldflags || (oldflags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm) || - vma_is_dax(vma) || vma_is_secretmem(vma) || (oldflags & VM_DROPPABLE)) + vma_is_dax(vma) || vma_is_secretmem(vma) || vma_is_no_direct_map(vma) || + (oldflags & VM_DROPPABLE)) /* don't set VM_LOCKED or VM_LOCKONFAULT and don't count */ goto out; From patchwork Fri Feb 21 16:07:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985844 Received: from smtp-fw-9106.amazon.com (smtp-fw-9106.amazon.com [207.171.188.206]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 209FA212D8A; Fri, 21 Feb 2025 16:09:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=207.171.188.206 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154173; cv=none; b=FrMHLOo8lJAkIXHYd9yCWebBSTqK5R12nKvSmAaQ9AW1FcmDFws0yRh6kz4Op9HkXXu/KhIviGKRypBbQPakhtN/+NTCYeVAoC6TbjowJRYz8cTk03WOTXqm0vJhZI5jCPj9AR4+T2OZnbQylAEJw4bElir1vu0OcZLgQUmGkFc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154173; c=relaxed/simple; bh=XBeY8+oEwhKifncEyH8TEyPQTC55c9NIYUhaXkomxbk=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=s3m0ignA867CMxfnQsX1y3+fGGmRhn9uoGqFZylirwZZ8k6CYb+H6QGBFulU3at03TjlWQeVeLWSm2e+SPZzf+mv93qLmorvZ9ecZ3uon+xUimLJ/r/r4+mWlcgOlcI668F5tRE3J7Y/hKC3YhBqytyUqpyE02WlBCLsdBYoPrE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=VBuFyyQ/; arc=none smtp.client-ip=207.171.188.206 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="VBuFyyQ/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154172; x=1771690172; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Kfd1Zplwy2qRjve62vAKobnSTBEdWZ73b7NbT1dhvg4=; b=VBuFyyQ/RiXrGxoRFd3jFqQl8VOZN+JzF5X4U/SzWP6JTRDu8edc9N0R hj+eR1ftKjUquf2N2bETwqewzYMSxZvGS7HCC/lW4Ei1b7E1kvOZ7KZjA bDU8kVh37biKiWzeR/aiBajKIXN+pbed1AKK13fG1yQ6mJYofsQ/WPQwS g=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="800876125" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-9106.sea19.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:27 +0000 Received: from EX19MTAUWA002.ant.amazon.com [10.0.38.20:57570] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.55.141:2525] with esmtp (Farcaster) id 034d3b2a-db78-4a01-a02f-f39d1fe30c84; Fri, 21 Feb 2025 16:09:26 +0000 (UTC) X-Farcaster-Flow-ID: 034d3b2a-db78-4a01-a02f-f39d1fe30c84 Received: from EX19D020UWA003.ant.amazon.com (10.13.138.254) by EX19MTAUWA002.ant.amazon.com (10.250.64.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:21 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D020UWA003.ant.amazon.com (10.13.138.254) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:20 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:20 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 05B8B401F3; Fri, 21 Feb 2025 16:09:12 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 02/12] mm/secretmem: set AS_NO_DIRECT_MAP instead of special-casing Date: Fri, 21 Feb 2025 16:07:15 +0000 Message-ID: <20250221160728.1584559-3-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Make secretmem set AS_NO_DIRECT_MAP on its struct address_space, to drop all the vma_is_secretmem()/secretmem_mapping() checks that are based on checking explicitly for the secretmem ops structures. This drops a optimization in gup_fast_folio_allowed() where secretmem_mapping() was only called if CONFIG_SECRETMEM=y. secretmem is enabled by default since commit b758fe6df50d ("mm/secretmem: make it on by default"), so the secretmem check did not actually end up elided in most cases anymore anyway. Signed-off-by: Patrick Roy --- include/linux/secretmem.h | 18 ------------------ lib/buildid.c | 2 +- mm/gup.c | 14 +------------- mm/mlock.c | 3 +-- mm/secretmem.c | 6 +----- 5 files changed, 4 insertions(+), 39 deletions(-) diff --git a/include/linux/secretmem.h b/include/linux/secretmem.h index e918f96881f5..0ae1fb057b3d 100644 --- a/include/linux/secretmem.h +++ b/include/linux/secretmem.h @@ -4,28 +4,10 @@ #ifdef CONFIG_SECRETMEM -extern const struct address_space_operations secretmem_aops; - -static inline bool secretmem_mapping(struct address_space *mapping) -{ - return mapping->a_ops == &secretmem_aops; -} - -bool vma_is_secretmem(struct vm_area_struct *vma); bool secretmem_active(void); #else -static inline bool vma_is_secretmem(struct vm_area_struct *vma) -{ - return false; -} - -static inline bool secretmem_mapping(struct address_space *mapping) -{ - return false; -} - static inline bool secretmem_active(void) { return false; diff --git a/lib/buildid.c b/lib/buildid.c index 80b5d805067f..33f173a607ad 100644 --- a/lib/buildid.c +++ b/lib/buildid.c @@ -66,7 +66,7 @@ static int freader_get_folio(struct freader *r, loff_t file_off) freader_put_folio(r); /* reject secretmem folios created with memfd_secret() or guest_memfd() */ - if (secretmem_mapping(r->file->f_mapping) || mapping_no_direct_map(r->file->f_mapping)) + if (mapping_no_direct_map(r->file->f_mapping)) return -EFAULT; r->folio = filemap_get_folio(r->file->f_mapping, file_off >> PAGE_SHIFT); diff --git a/mm/gup.c b/mm/gup.c index 7ddaf93c5b6a..b1483a876740 100644 --- a/mm/gup.c +++ b/mm/gup.c @@ -1283,7 +1283,7 @@ static int check_vma_flags(struct vm_area_struct *vma, unsigned long gup_flags) if ((gup_flags & FOLL_LONGTERM) && vma_is_fsdax(vma)) return -EOPNOTSUPP; - if (vma_is_secretmem(vma) || vma_is_no_direct_map(vma)) + if (vma_is_no_direct_map(vma)) return -EFAULT; if (write) { @@ -2786,7 +2786,6 @@ static bool gup_fast_folio_allowed(struct folio *folio, unsigned int flags) { bool reject_file_backed = false; struct address_space *mapping; - bool check_secretmem = false; unsigned long mapping_flags; /* @@ -2798,14 +2797,6 @@ static bool gup_fast_folio_allowed(struct folio *folio, unsigned int flags) reject_file_backed = true; /* We hold a folio reference, so we can safely access folio fields. */ - - /* secretmem folios are always order-0 folios. */ - if (IS_ENABLED(CONFIG_SECRETMEM) && !folio_test_large(folio)) - check_secretmem = true; - - if (!reject_file_backed && !check_secretmem) - return true; - if (WARN_ON_ONCE(folio_test_slab(folio))) return false; @@ -2847,9 +2838,6 @@ static bool gup_fast_folio_allowed(struct folio *folio, unsigned int flags) * At this point, we know the mapping is non-null and points to an * address_space object. */ - if (check_secretmem && secretmem_mapping(mapping)) - return false; - if (mapping_no_direct_map(mapping)) return false; diff --git a/mm/mlock.c b/mm/mlock.c index 07a351491d9d..a43f308be70d 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -474,8 +474,7 @@ static int mlock_fixup(struct vma_iterator *vmi, struct vm_area_struct *vma, if (newflags == oldflags || (oldflags & VM_SPECIAL) || is_vm_hugetlb_page(vma) || vma == get_gate_vma(current->mm) || - vma_is_dax(vma) || vma_is_secretmem(vma) || vma_is_no_direct_map(vma) || - (oldflags & VM_DROPPABLE)) + vma_is_dax(vma) || vma_is_no_direct_map(vma) || (oldflags & VM_DROPPABLE)) /* don't set VM_LOCKED or VM_LOCKONFAULT and don't count */ goto out; diff --git a/mm/secretmem.c b/mm/secretmem.c index 1b0a214ee558..ea4c04d469b1 100644 --- a/mm/secretmem.c +++ b/mm/secretmem.c @@ -136,11 +136,6 @@ static int secretmem_mmap(struct file *file, struct vm_area_struct *vma) return 0; } -bool vma_is_secretmem(struct vm_area_struct *vma) -{ - return vma->vm_ops == &secretmem_vm_ops; -} - static const struct file_operations secretmem_fops = { .release = secretmem_release, .mmap = secretmem_mmap, @@ -214,6 +209,7 @@ static struct file *secretmem_file_create(unsigned long flags) mapping_set_gfp_mask(inode->i_mapping, GFP_HIGHUSER); mapping_set_unevictable(inode->i_mapping); + mapping_set_no_direct_map(inode->i_mapping); inode->i_op = &secretmem_iops; inode->i_mapping->a_ops = &secretmem_aops; From patchwork Fri Feb 21 16:07:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985843 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 36043211A26; Fri, 21 Feb 2025 16:09:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.218 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154172; cv=none; b=Ks8xwvJCdCwDb3fxhZJoXb682AnjrC0ZTDSvje4G5ARYHKN+xjzG/PxkGnqBkEGtj7xerfr6AH85wp5R+PQR57JC0xCjrkBw8pXWNl7XHzc11ocBAHZQbeqG/JLI6GxRz95XyFICp1eNnQ5SfKdSnYbvhvdJTths6XvTvtxM6Pw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154172; c=relaxed/simple; bh=5xu2DgSOMI3V8WHrDma2TrRQsns4tlbOewE04d9bHWQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=OKT4BfkRE8qzoLZe0FkdfMrnIuH6M+1r8Y+uPNPksWkz0zyGudjRE18z1/vTbOXHKZuLKzHrUjaN6KyG+1zAguBjmpmJpRyLt/1LyuGvUhXhDPkg2c8zaGhDCeMZqjLhQtk8VOUQimksTOJuxbbwFTIZdQTcN6TJOKvzc7JFCDE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=LbhPhfYM; arc=none smtp.client-ip=99.78.197.218 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="LbhPhfYM" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154171; x=1771690171; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=nm9zNepSUdoA1TQLI0kM62WN+98N1j5Ykxo1Wq9f3hY=; b=LbhPhfYMRus1+SkF6PaJHW1VumwEoPAibRsMp7wNjKM6WF4R2i0s1AWc Gw4ZbnV/VotrBW3NAN9T8qvIXOQGvkpQp8sOk0fLZp3lyCQYbE2RR4OI4 Td+mZSiOl3jOns0N/dnLkdP7EDrF/uh/q4BIl3WCJPMSWLiGObuCxOgEK I=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="379576549" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:30 +0000 Received: from EX19MTAUWB001.ant.amazon.com [10.0.7.35:14255] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.11.69:2525] with esmtp (Farcaster) id 2f8b5d22-ec9a-4b09-902a-79e210123256; Fri, 21 Feb 2025 16:09:28 +0000 (UTC) X-Farcaster-Flow-ID: 2f8b5d22-ec9a-4b09-902a-79e210123256 Received: from EX19D003UWB001.ant.amazon.com (10.13.138.92) by EX19MTAUWB001.ant.amazon.com (10.250.64.248) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:28 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWB001.ant.amazon.com (10.13.138.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:28 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:28 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id A35CC404C9; Fri, 21 Feb 2025 16:09:20 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 03/12] KVM: guest_memfd: Add flag to remove from direct map Date: Fri, 21 Feb 2025 16:07:16 +0000 Message-ID: <20250221160728.1584559-4-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add KVM_GMEM_NO_DIRECT_MAP flag for KVM_CREATE_GUEST_MEMFD() ioctl. When set, guest_memfd folios will be removed from the direct map after preparation, with direct map entries only restored when the folios are freed. To ensure these folios do not end up in places where the kernel cannot deal with them, set AS_NO_DIRECT_MAP on the guest_memfd's struct address_space if KVM_GMEM_NO_DIRECT_MAP is requested. Note that this flag causes removal of direct map entries for all guest_memfd folios independent of whether they are "shared" or "private" (although current guest_memfd only supports either all folios in the "shared" state, or all folios in the "private" state if !IS_ENABLED(CONFIG_KVM_GMEM_SHARED_MEM)). The usecase for removing direct map entries of also the shared parts of guest_memfd are a special type of non-CoCo VM where, host userspace is trusted to have access to all of guest memory, but where Spectre-style transient execution attacks through the host kernel's direct map should still be mitigated. Note that KVM retains access to guest memory via userspace mappings of guest_memfd, which are reflected back into KVM's memslots via userspace_addr. This is needed for things like MMIO emulation on x86_64 to work. Previous iterations attempted to instead have KVM temporarily restore direct map entries whenever such an access to guest memory was needed, but this turned out to have a significant performance impact, as well as additional complexity due to needing to refcount direct map reinsertion operations and making them play nicely with gmem truncations. This iteration also doesn't have KVM perform TLB flushes after direct map manipulations. This is because TLB flushes resulted in a up to 40x elongation of page faults in guest_memfd (scaling with the number of CPU cores), or a 5x elongation of memory population. On the one hand, TLB flushes are not needed for functional correctness (the virt->phys mapping technically stays "correct", the kernel should simply to not it for a while), so this is a correct optimization to make. On the other hand, it means that the desired protection from Spectre-style attacks is not perfect, as an attacker could try to prevent a stale TLB entry from getting evicted, keeping it alive until the page it refers to is used by the guest for some sensitive data, and then targeting it using a spectre-gadget. Signed-off-by: Patrick Roy --- include/uapi/linux/kvm.h | 2 ++ virt/kvm/guest_memfd.c | 28 +++++++++++++++++++++++++++- 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 117937a895da..4654c01a0a01 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1573,6 +1573,8 @@ struct kvm_create_guest_memfd { __u64 reserved[6]; }; +#define KVM_GMEM_NO_DIRECT_MAP (1ULL << 0) + #define KVM_PRE_FAULT_MEMORY _IOWR(KVMIO, 0xd5, struct kvm_pre_fault_memory) struct kvm_pre_fault_memory { diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 30b47ff0e6d2..bd7d361c9bb7 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -4,6 +4,7 @@ #include #include #include +#include #include "kvm_mm.h" @@ -42,8 +43,23 @@ static int __kvm_gmem_prepare_folio(struct kvm *kvm, struct kvm_memory_slot *slo return 0; } +static bool kvm_gmem_test_no_direct_map(struct inode *inode) +{ + return ((unsigned long) inode->i_private) & KVM_GMEM_NO_DIRECT_MAP; +} + static inline void kvm_gmem_mark_prepared(struct folio *folio) { + struct inode *inode = folio_inode(folio); + + if (kvm_gmem_test_no_direct_map(inode)) { + int r = set_direct_map_valid_noflush(folio_page(folio, 0), folio_nr_pages(folio), + false); + + if (!r) + folio_set_private(folio); + } + folio_mark_uptodate(folio); } @@ -479,6 +495,10 @@ static void kvm_gmem_free_folio(struct folio *folio) kvm_pfn_t pfn = page_to_pfn(page); int order = folio_order(folio); + if (folio_test_private(folio)) + WARN_ON_ONCE(set_direct_map_valid_noflush(folio_page(folio, 0), + folio_nr_pages(folio), true)); + kvm_arch_gmem_invalidate(pfn, pfn + (1ul << order)); } #endif @@ -552,6 +572,9 @@ static int __kvm_gmem_create(struct kvm *kvm, loff_t size, u64 flags) /* Unmovable mappings are supposed to be marked unevictable as well. */ WARN_ON_ONCE(!mapping_unevictable(inode->i_mapping)); + if (flags & KVM_GMEM_NO_DIRECT_MAP) + mapping_set_no_direct_map(inode->i_mapping); + kvm_get_kvm(kvm); gmem->kvm = kvm; xa_init(&gmem->bindings); @@ -571,7 +594,10 @@ int kvm_gmem_create(struct kvm *kvm, struct kvm_create_guest_memfd *args) { loff_t size = args->size; u64 flags = args->flags; - u64 valid_flags = 0; + u64 valid_flags = KVM_GMEM_NO_DIRECT_MAP; + + if (!can_set_direct_map()) + valid_flags &= ~KVM_GMEM_NO_DIRECT_MAP; if (flags & ~valid_flags) return -EINVAL; From patchwork Fri Feb 21 16:07:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985845 Received: from smtp-fw-52002.amazon.com (smtp-fw-52002.amazon.com [52.119.213.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4FCD41FAC51; Fri, 21 Feb 2025 16:09:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.150 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154187; cv=none; b=iFvysKYeOjMqUyfi+bZdlbOtUeQzIGrFFapUW6LAPT92kLhvMjb6Ymq3H6SnG2dLXbojOo/Xl5VDi3anzDAKpam2ecY6uks8iFDnBH5DRgBy9cJsim5t8f4U2Fy7+tg8p9SKVH4YvObiifuoLluK8NbyvjGRrKcBqn/C0vyGAh0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154187; c=relaxed/simple; bh=lD39blZXZH445//XcOmyibr7Yw4FHmMDKh+gwbgueYU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=S+LJiFOZqBwvQFp/I/Xn0k+ZcN5rTvzXiVDZWfc8qW6krNcrW0GClujS9sQUt10CZp/0mmMrsrGo1Hr4Mof+vUAVXYtNJPLkVeAjgpbLs4YULf7STWstYNEv6ekvBaxd5e2ruJqoCjoXudaW5aoBsLLQGEkyVB/NucFyBsx1QN0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=KpUc7lgn; arc=none smtp.client-ip=52.119.213.150 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="KpUc7lgn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154186; x=1771690186; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5Lxw3QwOdwCmgolpoFT5r+0SQOlcE3s27pqIYNolM4s=; b=KpUc7lgn5EU+kEA3+MN6vlvrGeXAdK99t15rfJuzLJfILJtzgelMQYcN MUAw4E6dMxS8dhZ9cO0fan1r8ADmdIeSM7AWlrlYcp+SUsMz5W3TuEHEo /ieEooqLNFCEOVvrUlE/DbvH5pOgMjlKURtW6PKztHDhLTkMYSYDxcyvl Q=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="699167429" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52002.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:41 +0000 Received: from EX19MTAUWC001.ant.amazon.com [10.0.38.20:58310] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.55.141:2525] with esmtp (Farcaster) id 0c629e67-bcab-4233-b9fa-68409832e265; Fri, 21 Feb 2025 16:09:39 +0000 (UTC) X-Farcaster-Flow-ID: 0c629e67-bcab-4233-b9fa-68409832e265 Received: from EX19D020UWC002.ant.amazon.com (10.13.138.147) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:37 +0000 Received: from EX19MTAUEB001.ant.amazon.com (10.252.135.35) by EX19D020UWC002.ant.amazon.com (10.13.138.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:36 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.43.8.2) by mail-relay.amazon.com (10.252.135.35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:36 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id A7DCF404C9; Fri, 21 Feb 2025 16:09:28 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 04/12] KVM: Add capability to discover KVM_GMEM_NO_DIRECT_MAP support Date: Fri, 21 Feb 2025 16:07:17 +0000 Message-ID: <20250221160728.1584559-5-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a capability to let userspace discover whether guest_memfd supports removing its folios from the direct map. Support depends on guest_memfd itself being supported, but also on whether KVM can manipulate the direct map at page granularity at all (possible most of the time, just arm64 is a notable outlier where its impossible if the direct map has been setup using hugepages, as arm64 cannot break these apart due to break-before-make semantics). Signed-off-by: Patrick Roy --- include/uapi/linux/kvm.h | 1 + virt/kvm/kvm_main.c | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 4654c01a0a01..fb02a93546d8 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -930,6 +930,7 @@ struct kvm_enable_cap { #define KVM_CAP_X86_APIC_BUS_CYCLES_NS 237 #define KVM_CAP_X86_GUEST_MODE 238 #define KVM_CAP_GMEM_SHARED_MEM 239 +#define KVM_CAP_GMEM_NO_DIRECT_MAP 240 struct kvm_irq_routing_irqchip { __u32 irqchip; diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 3e40acb9f5c0..32ca1c921ab0 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -65,6 +65,7 @@ #include #include +#include /* Worst case buffer size needed for holding an integer. */ @@ -4823,6 +4824,10 @@ static int kvm_vm_ioctl_check_extension_generic(struct kvm *kvm, long arg) return kvm_supported_mem_attributes(kvm); #endif #ifdef CONFIG_KVM_PRIVATE_MEM + case KVM_CAP_GMEM_NO_DIRECT_MAP: + if (!can_set_direct_map()) + return false; + fallthrough; case KVM_CAP_GUEST_MEMFD: return !kvm || kvm_arch_has_private_mem(kvm); #endif From patchwork Fri Feb 21 16:07:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985846 Received: from smtp-fw-52005.amazon.com (smtp-fw-52005.amazon.com [52.119.213.156]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5BC9F1DED6F; Fri, 21 Feb 2025 16:10:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.156 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154203; cv=none; b=t1ZfwJWOyXFlS8dDfbZg5bWhkThlbUdjsfSxR2WD2BFJWxek0Gq/twIpgpEn2jvvXM0jDC7tAOaXTer+aTG8NWoKnDhgaSLsbBqI8s7q9gLugmHI9oUasu5KnMoTbxjYUqkRxCrqKapVWJr+N3WlyiDqF5gqeVr3WmeOJxnPzr0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154203; c=relaxed/simple; bh=dIOAfK5l5sMZ60sYBpNsqkLigE4M7dUL8qlJb1jIvmQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DaMyPtPt/vtTzY6V8QGS6vxPVA39QJyeG0k9F551Ha0FUujW/Zvnbs4MBqnz4mehHHTY4NuQ5rG7pAVIBZlDQtKgI/a8lG/OqamybmzzRbyAn1H6KghLeBUKxr8tnWBVlpDdlO6C/uuE3oMuhfU/op4Q6lpasxM6HoLqe6f05e8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=JMea8GlX; arc=none smtp.client-ip=52.119.213.156 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="JMea8GlX" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154202; x=1771690202; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Wwl9CfOz4nL59ff0Ja+pcR3q7EpeB2Q7d6wZSz1xGZE=; b=JMea8GlX2dVqjI1nB9GKEjIc7wW4hhhUfASVZqak7aglAUM3I5Wp2U0z GZnoJFgRI6bF+eggp6n2ImidCvy3ai8P+KNY7N841rFamPyd0fTk3HWyZ nspGaaYvnNfGwUKxtttGiUQw2n8M1S4ec/UhcR/bc26H4tPJw6KT9IKUt o=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="720844356" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52005.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:59 +0000 Received: from EX19MTAEUB001.ant.amazon.com [10.0.43.254:12663] by smtpin.naws.eu-west-1.prod.farcaster.email.amazon.dev [10.0.36.43:2525] with esmtp (Farcaster) id 192c89ae-60a6-433f-922e-de8d53f429b1; Fri, 21 Feb 2025 16:09:57 +0000 (UTC) X-Farcaster-Flow-ID: 192c89ae-60a6-433f-922e-de8d53f429b1 Received: from EX19D014EUC002.ant.amazon.com (10.252.51.161) by EX19MTAEUB001.ant.amazon.com (10.252.51.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:45 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D014EUC002.ant.amazon.com (10.252.51.161) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:44 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:44 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 8AF5E404D5; Fri, 21 Feb 2025 16:09:36 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 05/12] KVM: Documentation: document KVM_GMEM_NO_DIRECT_MAP flag Date: Fri, 21 Feb 2025 16:07:18 +0000 Message-ID: <20250221160728.1584559-6-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Signed-off-by: Patrick Roy --- Documentation/virt/kvm/api.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 2b52eb77e29c..fc0d2314fae6 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6388,6 +6388,19 @@ a single guest_memfd file, but the bound ranges must not overlap). See KVM_SET_USER_MEMORY_REGION2 for additional details. +The following flags are defined: + +KVM_GMEM_NO_DIRECT_MAP + Ensure memory backing this guest_memfd inode is unmapped from the kernel's + address space. Check KVM_CAP_GMEM_NO_DIRECT_MAP for support. + +Errors: + + ========== =============================================================== + EINVAL The specified `flags` were invalid or not supported. + ========== =============================================================== + + 4.143 KVM_PRE_FAULT_MEMORY --------------------------- From patchwork Fri Feb 21 16:07:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985847 Received: from smtp-fw-80009.amazon.com (smtp-fw-80009.amazon.com [99.78.197.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2E5941FF7BE; Fri, 21 Feb 2025 16:10:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.220 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154203; cv=none; b=LVjPJ0AjoniA1/79zubdfP6TuPBSTmhU00Y2xivEGsG4yJ9QZoSgVEAyfBjaIIKue3B6kav2dkL0qSyZq44188SAyI4wav7OP5UBReLSWSSdRXtAEp+cq2osXimX3RFxc98hvVvM5VXOZth0/+PaPwsQTmIvXXmHIeTXp8+iKiY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154203; c=relaxed/simple; bh=VDcPMXQybEm3GGDB4UYUuW18irMxI1IXP/e4b6JOcSU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gz4h3VefFj7a8a8eGLtOsYHj+1ExaP0mZKDE4AHzlWoidh7IoIrWdHSgh4RR8q5+7VEzJtjzbCH4iXQRJpxuA93pGjNrG5+7UZHmumM1kg5ew0OJw+pB6U1ZRKjavpQSc5jwhTysbGSNlfdaVR5uL3W4jsxsF9V2eiw1RPLdjmE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=YUeHcL3Z; arc=none smtp.client-ip=99.78.197.220 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="YUeHcL3Z" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154202; x=1771690202; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BANXS/j3GyDpPFNip1mF1wVudzuNk8XiTmPfvkONALE=; b=YUeHcL3Zfp0aOYuABAEMvX/A90effDNCwcKIcnbescQCmIT5FD6QUCLt jQz7zJbvQlwl3RJU0Lu7kUNFri+7hpii2o7gUFkfDdLT71Y1RXTj2vdOs 4QQIcQbEANkP6OysoykpJ0Yi88AlqpCxnwIQzgi2SU3BFPmiY/btOZyKr E=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="174721379" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80009.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:09:57 +0000 Received: from EX19MTAEUC001.ant.amazon.com [10.0.43.254:2561] by smtpin.naws.eu-west-1.prod.farcaster.email.amazon.dev [10.0.2.102:2525] with esmtp (Farcaster) id 637de5e4-6bbf-4399-b51a-8701d5206b05; Fri, 21 Feb 2025 16:09:56 +0000 (UTC) X-Farcaster-Flow-ID: 637de5e4-6bbf-4399-b51a-8701d5206b05 Received: from EX19D015EUB001.ant.amazon.com (10.252.51.114) by EX19MTAEUC001.ant.amazon.com (10.252.51.193) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:09:53 +0000 Received: from EX19MTAUEC001.ant.amazon.com (10.252.135.222) by EX19D015EUB001.ant.amazon.com (10.252.51.114) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:09:52 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:09:52 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id A16AF404C9; Fri, 21 Feb 2025 16:09:44 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 06/12] KVM: selftests: load elf via bounce buffer Date: Fri, 21 Feb 2025 16:07:19 +0000 Message-ID: <20250221160728.1584559-7-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 If guest memory is backed using a VMA that does not allow GUP (e.g. a userspace mapping of guest_memfd when the fd was allocated using KVM_GMEM_NO_DIRECT_MAP), then directly loading the test ELF binary into it via read(2) potentially does not work. To nevertheless support loading binaries in this cases, do the read(2) syscall using a bounce buffer, and then memcpy from the bounce buffer into guest memory. Signed-off-by: Patrick Roy --- .../testing/selftests/kvm/include/test_util.h | 1 + tools/testing/selftests/kvm/lib/elf.c | 8 +++---- tools/testing/selftests/kvm/lib/io.c | 23 +++++++++++++++++++ 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/tools/testing/selftests/kvm/include/test_util.h b/tools/testing/selftests/kvm/include/test_util.h index 3e473058849f..51f34c34b5a2 100644 --- a/tools/testing/selftests/kvm/include/test_util.h +++ b/tools/testing/selftests/kvm/include/test_util.h @@ -46,6 +46,7 @@ do { \ ssize_t test_write(int fd, const void *buf, size_t count); ssize_t test_read(int fd, void *buf, size_t count); +ssize_t test_read_bounce(int fd, void *buf, size_t count); int test_seq_read(const char *path, char **bufp, size_t *sizep); void __printf(5, 6) test_assert(bool exp, const char *exp_str, diff --git a/tools/testing/selftests/kvm/lib/elf.c b/tools/testing/selftests/kvm/lib/elf.c index f34d926d9735..e829fbe0a11e 100644 --- a/tools/testing/selftests/kvm/lib/elf.c +++ b/tools/testing/selftests/kvm/lib/elf.c @@ -31,7 +31,7 @@ static void elfhdr_get(const char *filename, Elf64_Ehdr *hdrp) * the real size of the ELF header. */ unsigned char ident[EI_NIDENT]; - test_read(fd, ident, sizeof(ident)); + test_read_bounce(fd, ident, sizeof(ident)); TEST_ASSERT((ident[EI_MAG0] == ELFMAG0) && (ident[EI_MAG1] == ELFMAG1) && (ident[EI_MAG2] == ELFMAG2) && (ident[EI_MAG3] == ELFMAG3), "ELF MAGIC Mismatch,\n" @@ -79,7 +79,7 @@ static void elfhdr_get(const char *filename, Elf64_Ehdr *hdrp) offset_rv = lseek(fd, 0, SEEK_SET); TEST_ASSERT(offset_rv == 0, "Seek to ELF header failed,\n" " rv: %zi expected: %i", offset_rv, 0); - test_read(fd, hdrp, sizeof(*hdrp)); + test_read_bounce(fd, hdrp, sizeof(*hdrp)); TEST_ASSERT(hdrp->e_phentsize == sizeof(Elf64_Phdr), "Unexpected physical header size,\n" " hdrp->e_phentsize: %x\n" @@ -146,7 +146,7 @@ void kvm_vm_elf_load(struct kvm_vm *vm, const char *filename) /* Read in the program header. */ Elf64_Phdr phdr; - test_read(fd, &phdr, sizeof(phdr)); + test_read_bounce(fd, &phdr, sizeof(phdr)); /* Skip if this header doesn't describe a loadable segment. */ if (phdr.p_type != PT_LOAD) @@ -187,7 +187,7 @@ void kvm_vm_elf_load(struct kvm_vm *vm, const char *filename) " expected: 0x%jx", n1, errno, (intmax_t) offset_rv, (intmax_t) phdr.p_offset); - test_read(fd, addr_gva2hva(vm, phdr.p_vaddr), + test_read_bounce(fd, addr_gva2hva(vm, phdr.p_vaddr), phdr.p_filesz); } } diff --git a/tools/testing/selftests/kvm/lib/io.c b/tools/testing/selftests/kvm/lib/io.c index fedb2a741f0b..a89b43cc2ebc 100644 --- a/tools/testing/selftests/kvm/lib/io.c +++ b/tools/testing/selftests/kvm/lib/io.c @@ -155,3 +155,26 @@ ssize_t test_read(int fd, void *buf, size_t count) return num_read; } + +/* Test read via intermediary buffer + * + * Same as test_read, except read(2)s happen into a bounce buffer that is memcpy'd + * to buf. For use with buffers that cannot be GUP'd (e.g. guest_memfd VMAs if + * guest_memfd was allocated with KVM_GMEM_NO_DIRECT_MAP). + */ +ssize_t test_read_bounce(int fd, void *buf, size_t count) +{ + void *bounce_buffer; + ssize_t num_read; + + TEST_ASSERT(count >= 0, "Unexpected count, count: %li", count); + + bounce_buffer = malloc(count); + TEST_ASSERT(bounce_buffer != NULL, "Failed to allocate bounce buffer"); + + num_read = test_read(fd, bounce_buffer, count); + memcpy(buf, bounce_buffer, num_read); + free(bounce_buffer); + + return num_read; +} From patchwork Fri Feb 21 16:07:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985848 Received: from smtp-fw-52002.amazon.com (smtp-fw-52002.amazon.com [52.119.213.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4E7851EF099; Fri, 21 Feb 2025 16:10:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.150 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154221; cv=none; b=fcNDJWAq8EXbHDzk/O+ES7KKWQaz9mFDLOD7Soi9tnwq1ptDzzyTIftnEA751QwigzghyPryJVJ1Ooop5RLsLllUsG4qhFQEXBKJvveIc15YTRDw/H6tnW38w2iPgrCh6O3EWm7tz0rY9tRTi7YXy7bJ0daDBM6Tgmgq9JNH2SQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154221; c=relaxed/simple; bh=o/25r44HHmTA+zIWiTV7GqISu1Yr5K+HeKjpNMYFa1M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=KCuCsUXnlh1D7ufWvg5WtbDQYOBprr3KFZLQNOjmWAgVqWreLE6UzflQ7S0F6oJ/RZQ6/8CGIaxaUXquLDUTQKMvsaJ2aS9/UDO607jMU2fcinJYGaapE/9sqe/I6ikFWMH39vapmMJRui/h4XfIseJHcZ0Wb7slHdFNg2mhJsg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=fqCdnUhl; arc=none smtp.client-ip=52.119.213.150 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="fqCdnUhl" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154220; x=1771690220; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=fTeO7fM5OXcvlrI4w+CQtL7i/X1oLAgYLsigYYriVEA=; b=fqCdnUhlJ59SQM4veVeWP7HzhqXWzfoazAbyEioMImPUIdVZEXX7aqJe Ax2Vt5+ciUg4cb6ev78rLIZf+s42ivE1RjipQGa5RPmEceMkKA6n2j4k7 FTAOSM8so7lEJ2zBeNo/vYLKXEWOgGjfe/oYKnlvtWdXxC6XrfHcz9fAQ I=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="699167547" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52002.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:16 +0000 Received: from EX19MTAUWC002.ant.amazon.com [10.0.21.151:13311] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.35.58:2525] with esmtp (Farcaster) id 8a833927-0542-4e93-bbef-d01ab08ea01f; Fri, 21 Feb 2025 16:10:15 +0000 (UTC) X-Farcaster-Flow-ID: 8a833927-0542-4e93-bbef-d01ab08ea01f Received: from EX19D003UWC002.ant.amazon.com (10.13.138.169) by EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:00 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWC002.ant.amazon.com (10.13.138.169) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:00 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:00 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 6B722404D5; Fri, 21 Feb 2025 16:09:52 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 07/12] KVM: selftests: set KVM_MEM_GUEST_MEMFD in vm_mem_add() if guest_memfd != -1 Date: Fri, 21 Feb 2025 16:07:20 +0000 Message-ID: <20250221160728.1584559-8-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Have vm_mem_add() always set KVM_MEM_GUEST_MEMFD in the memslot flags if a guest_memfd is passed in as an argument. This eliminates the possibility where a guest_memfd instance is passed to vm_mem_add(), but it ends up being ignored because the flags argument does not specify KVM_MEM_GUEST_MEMFD at the same time. This makes it easy to support more scenarios in which no vm_mem_add() is not passed a guest_memfd instance, but is expected to allocate one. Currently, this only happens if guest_memfd == -1 but flags & KVM_MEM_GUEST_MEMFD != 0, but later vm_mem_add() will gain support for loading the test code itself into guest_memfd (via KVM_GMEM_SHARED_MEM) if requested via a special vm_mem_backing_src_type, at which point having to make sure the src_type and flags are in-sync becomes cumbersome. Signed-off-by: Patrick Roy --- tools/testing/selftests/kvm/lib/kvm_util.c | 26 +++++++++++++--------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 33fefeb3ca44..ebdf38e2983b 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -1017,22 +1017,26 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, region->backing_src_type = src_type; - if (flags & KVM_MEM_GUEST_MEMFD) { - if (guest_memfd < 0) { + if (guest_memfd < 0) { + if (flags & KVM_MEM_GUEST_MEMFD) { uint32_t guest_memfd_flags = 0; TEST_ASSERT(!guest_memfd_offset, "Offset must be zero when creating new guest_memfd"); guest_memfd = vm_create_guest_memfd(vm, mem_size, guest_memfd_flags); - } else { - /* - * Install a unique fd for each memslot so that the fd - * can be closed when the region is deleted without - * needing to track if the fd is owned by the framework - * or by the caller. - */ - guest_memfd = dup(guest_memfd); - TEST_ASSERT(guest_memfd >= 0, __KVM_SYSCALL_ERROR("dup()", guest_memfd)); } + } else { + /* + * Install a unique fd for each memslot so that the fd + * can be closed when the region is deleted without + * needing to track if the fd is owned by the framework + * or by the caller. + */ + guest_memfd = dup(guest_memfd); + TEST_ASSERT(guest_memfd >= 0, __KVM_SYSCALL_ERROR("dup()", guest_memfd)); + } + + if (guest_memfd > 0) { + flags |= KVM_MEM_GUEST_MEMFD; region->region.guest_memfd = guest_memfd; region->region.guest_memfd_offset = guest_memfd_offset; From patchwork Fri Feb 21 16:07:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985849 Received: from smtp-fw-80009.amazon.com (smtp-fw-80009.amazon.com [99.78.197.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4BA620FAB7; Fri, 21 Feb 2025 16:10:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=99.78.197.220 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154225; cv=none; b=PC05c113JGyn6d54vySTyO+CKJ2cr4FJrYVYZNaHFZiVU8zrT17amq3wLAcp+5oZxJWQ1NQ5sK29L2IJF+qIqY7Lf9v/yWS/TUarjOrL53UQJdjhq2gqMYZxGkZgjtFvo8Ru3WyF5z7O1o8psLeWnxc2uH2t8aZTfB1rWr/aq48= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154225; c=relaxed/simple; bh=pgtBpu5UrQJXfKgE2HtqeyL2jdK0lWVfWOBeyUWTPPo=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=G1KNkU0CxGrk1S9IwUT2fXJTVB/E0Qkw6F77GVqni84kRFxOaQ+dFAF5/34Gj8/4ZKZ6kW2hsDThDyNzFzH89RVzKZHEXj96NikF5gWegcPc77vvs7OO+9l1NDTOnq1Tk2LbVdKeBIveXaLszjolqYcL1uexJBiob7GZswQ9hqM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=rCb+sl59; arc=none smtp.client-ip=99.78.197.220 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="rCb+sl59" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154223; x=1771690223; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3r9gSHkXzH1oVByFnRKt2AIla6FqFTK9LPPa6WWUwJA=; b=rCb+sl59wf3Q/vIUxDMGomUL5N10ZINoICQ6X7hfw93s0V/GLr79epEm CUBzUpAbGIPa9V+V4ZRLHSGN0VmQ9MnK5IM17ZILc9RkfTNCHUdRi3MXB r0JC2R+eB5LyC5V1PsUx99FulA4A8qfIanPmUaZWFs6XppHQvc8R2BAZk U=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="174721555" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-80009.pdx80.corp.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:23 +0000 Received: from EX19MTAUWC001.ant.amazon.com [10.0.38.20:7610] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.18.70:2525] with esmtp (Farcaster) id 8e51e2fa-4e3e-47fa-ae1a-9f5d1237fa92; Fri, 21 Feb 2025 16:10:23 +0000 (UTC) X-Farcaster-Flow-ID: 8e51e2fa-4e3e-47fa-ae1a-9f5d1237fa92 Received: from EX19D003UWB003.ant.amazon.com (10.13.138.116) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:08 +0000 Received: from EX19MTAUWB002.ant.amazon.com (10.250.64.231) by EX19D003UWB003.ant.amazon.com (10.13.138.116) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:08 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.214) by mail-relay.amazon.com (10.250.64.228) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:08 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 6AC21404C9; Fri, 21 Feb 2025 16:10:00 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 08/12] KVM: selftests: Add guest_memfd based vm_mem_backing_src_types Date: Fri, 21 Feb 2025 16:07:21 +0000 Message-ID: <20250221160728.1584559-9-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Allow selftests to configure their memslots such that userspace_addr is set to a MAP_SHARED mapping of the guest_memfd that's associated with the memslot. This setup is the configuration for non-CoCo VMs, where all guest memory is backed by a guest_memfd whose folios are all marked shared, but KVM is still able to access guest memory to provide functionality such as MMIO emulation on x86. Add backing types for normal guest_memfd, as well as direct map removed guest_memfd. If KVM_CAP_MEMORY_ATTRIBUTES is available, explicitly set gmem-enabled memslots to private, as otherwise guest page faults will be resolved by GUP-ing the guest_memfd VMA (instead of using the special VMA-less guest_memfd fault code in the KVM MMU), but this is not always supported (e.g. if direct map entries are not available). Signed-off-by: Patrick Roy --- .../testing/selftests/kvm/include/kvm_util.h | 10 +++ .../testing/selftests/kvm/include/test_util.h | 7 ++ tools/testing/selftests/kvm/lib/kvm_util.c | 67 ++++++++++--------- tools/testing/selftests/kvm/lib/test_util.c | 8 +++ 4 files changed, 62 insertions(+), 30 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index 4c4e5a847f67..baeddec7c264 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -544,6 +544,16 @@ static inline uint64_t vm_get_stat(struct kvm_vm *vm, const char *stat_name) void vm_create_irqchip(struct kvm_vm *vm); +static inline bool backing_src_guest_memfd_flags(enum vm_mem_backing_src_type t) +{ + switch (t) { + case VM_MEM_SRC_GUEST_MEMFD_NO_DIRECT_MAP: + return KVM_GMEM_NO_DIRECT_MAP; + default: + return 0; + } +} + static inline int __vm_create_guest_memfd(struct kvm_vm *vm, uint64_t size, uint64_t flags) { diff --git a/tools/testing/selftests/kvm/include/test_util.h b/tools/testing/selftests/kvm/include/test_util.h index 51f34c34b5a2..2469df886d7a 100644 --- a/tools/testing/selftests/kvm/include/test_util.h +++ b/tools/testing/selftests/kvm/include/test_util.h @@ -133,6 +133,8 @@ enum vm_mem_backing_src_type { VM_MEM_SRC_ANONYMOUS_HUGETLB_16GB, VM_MEM_SRC_SHMEM, VM_MEM_SRC_SHARED_HUGETLB, + VM_MEM_SRC_GUEST_MEMFD, + VM_MEM_SRC_GUEST_MEMFD_NO_DIRECT_MAP, NUM_SRC_TYPES, }; @@ -164,6 +166,11 @@ static inline bool backing_src_is_shared(enum vm_mem_backing_src_type t) return vm_mem_backing_src_alias(t)->flag & MAP_SHARED; } +static inline bool backing_src_is_guest_memfd(enum vm_mem_backing_src_type t) +{ + return t == VM_MEM_SRC_GUEST_MEMFD || t == VM_MEM_SRC_GUEST_MEMFD_NO_DIRECT_MAP; +} + static inline bool backing_src_can_be_huge(enum vm_mem_backing_src_type t) { return t != VM_MEM_SRC_ANONYMOUS && t != VM_MEM_SRC_SHMEM; diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index ebdf38e2983b..0900809bf6ac 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -970,6 +970,34 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, alignment = 1; #endif + if (guest_memfd < 0) { + if ((flags & KVM_MEM_GUEST_MEMFD) || backing_src_is_guest_memfd(src_type)) { + uint32_t guest_memfd_flags = backing_src_guest_memfd_flags(src_type); + + TEST_ASSERT(!guest_memfd_offset, + "Offset must be zero when creating new guest_memfd"); + guest_memfd = vm_create_guest_memfd(vm, mem_size, guest_memfd_flags); + } + } else { + /* + * Install a unique fd for each memslot so that the fd + * can be closed when the region is deleted without + * needing to track if the fd is owned by the framework + * or by the caller. + */ + guest_memfd = dup(guest_memfd); + TEST_ASSERT(guest_memfd >= 0, __KVM_SYSCALL_ERROR("dup()", guest_memfd)); + } + + if (guest_memfd > 0) { + flags |= KVM_MEM_GUEST_MEMFD; + + region->region.guest_memfd = guest_memfd; + region->region.guest_memfd_offset = guest_memfd_offset; + } else { + region->region.guest_memfd = -1; + } + /* * When using THP mmap is not guaranteed to returned a hugepage aligned * address so we have to pad the mmap. Padding is not needed for HugeTLB @@ -985,10 +1013,13 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, if (alignment > 1) region->mmap_size += alignment; - region->fd = -1; - if (backing_src_is_shared(src_type)) + if (backing_src_is_guest_memfd(src_type)) + region->fd = guest_memfd; + else if (backing_src_is_guest_memfd(src_type)) region->fd = kvm_memfd_alloc(region->mmap_size, src_type == VM_MEM_SRC_SHARED_HUGETLB); + else + region->fd = -1; region->mmap_start = mmap(NULL, region->mmap_size, PROT_READ | PROT_WRITE, @@ -1016,34 +1047,6 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, } region->backing_src_type = src_type; - - if (guest_memfd < 0) { - if (flags & KVM_MEM_GUEST_MEMFD) { - uint32_t guest_memfd_flags = 0; - TEST_ASSERT(!guest_memfd_offset, - "Offset must be zero when creating new guest_memfd"); - guest_memfd = vm_create_guest_memfd(vm, mem_size, guest_memfd_flags); - } - } else { - /* - * Install a unique fd for each memslot so that the fd - * can be closed when the region is deleted without - * needing to track if the fd is owned by the framework - * or by the caller. - */ - guest_memfd = dup(guest_memfd); - TEST_ASSERT(guest_memfd >= 0, __KVM_SYSCALL_ERROR("dup()", guest_memfd)); - } - - if (guest_memfd > 0) { - flags |= KVM_MEM_GUEST_MEMFD; - - region->region.guest_memfd = guest_memfd; - region->region.guest_memfd_offset = guest_memfd_offset; - } else { - region->region.guest_memfd = -1; - } - region->unused_phy_pages = sparsebit_alloc(); if (vm_arch_has_protected_memory(vm)) region->protected_phy_pages = sparsebit_alloc(); @@ -1063,6 +1066,10 @@ void vm_mem_add(struct kvm_vm *vm, enum vm_mem_backing_src_type src_type, guest_paddr, (uint64_t) region->region.memory_size, region->region.guest_memfd); + if (region->region.guest_memfd != -1 && kvm_has_cap(KVM_CAP_MEMORY_ATTRIBUTES)) + vm_set_memory_attributes(vm, region->region.guest_phys_addr, + region->region.memory_size, KVM_MEMORY_ATTRIBUTE_PRIVATE); + /* Add to quick lookup data structures */ vm_userspace_mem_region_gpa_insert(&vm->regions.gpa_tree, region); vm_userspace_mem_region_hva_insert(&vm->regions.hva_tree, region); diff --git a/tools/testing/selftests/kvm/lib/test_util.c b/tools/testing/selftests/kvm/lib/test_util.c index 8ed0b74ae837..1a5b0d5d5f91 100644 --- a/tools/testing/selftests/kvm/lib/test_util.c +++ b/tools/testing/selftests/kvm/lib/test_util.c @@ -279,6 +279,14 @@ const struct vm_mem_backing_src_alias *vm_mem_backing_src_alias(uint32_t i) */ .flag = MAP_SHARED, }, + [VM_MEM_SRC_GUEST_MEMFD] = { + .name = "guest_memfd", + .flag = MAP_SHARED, + }, + [VM_MEM_SRC_GUEST_MEMFD_NO_DIRECT_MAP] = { + .name = "guest_memfd_no_direct_map", + .flag = MAP_SHARED, + } }; _Static_assert(ARRAY_SIZE(aliases) == NUM_SRC_TYPES, "Missing new backing src types?"); From patchwork Fri Feb 21 16:07:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985850 Received: from smtp-fw-9106.amazon.com (smtp-fw-9106.amazon.com [207.171.188.206]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3462021B19F; Fri, 21 Feb 2025 16:10:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=207.171.188.206 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154229; cv=none; b=VddD8i9YIeGUlCaL+GvcBPyQ0ubksWv0JAHKWN6TY3WN9416Ytuu432Y9J5mPYUBL0kWW8T6nUY3HAyQ+BNZwfBnt06NxptDUOdcguG7Ftxic2wV9kWh9Ktts6X7+MHH7vXFB9FZzYE1UIXb1wb0ILpU9tmkN4gdjlB3sPVvbDM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154229; c=relaxed/simple; bh=07lJeeACe1a95zJsqKDAXrMFA7mDFkuSUgx1rjDtF+0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=J3VQmLs2a7LxTpHUXmwa9cjaXasO/wAE5+utG6VpezNH9ZWxPUQHZO8GGLKtuBKAPqPLXG+5+FwLUP7dPYThRNvfCzkBq2+fzdDcStl6MJGlwrhar2m2fn5U75EwS4FuFQ3kH7MwYtr6voMoeMiV12SOAxP1OskBy1BB2iNIm7I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=pL0aK6A5; arc=none smtp.client-ip=207.171.188.206 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="pL0aK6A5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154228; x=1771690228; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Ja26SD1LkstMzg7caBxkDELTiamVDEIabNDvf2YYiSw=; b=pL0aK6A53aOqdAGQdMrMNESg117TGIrfq3mIIBtmimBr+SkzeZgZ2lEQ xwLlwUSrkW/FjAY/GSRHf43WGOEa9fztkRuaiN2zp/ppIMCuchInymvfF eGUqK346dZOKdCv65Eb5akbgAaFdG4BBJEA8QK8D9ayzeIQDuGGavDZez 0=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="800876442" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.25.36.210]) by smtp-border-fw-9106.sea19.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:27 +0000 Received: from EX19MTAUWB002.ant.amazon.com [10.0.7.35:3160] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.11.69:2525] with esmtp (Farcaster) id 4ef8c8ea-1f16-4851-968a-399d7ce84f9d; Fri, 21 Feb 2025 16:10:26 +0000 (UTC) X-Farcaster-Flow-ID: 4ef8c8ea-1f16-4851-968a-399d7ce84f9d Received: from EX19D003UWB001.ant.amazon.com (10.13.138.92) by EX19MTAUWB002.ant.amazon.com (10.250.64.231) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:16 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWB001.ant.amazon.com (10.13.138.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:16 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:16 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id 9767F404C9; Fri, 21 Feb 2025 16:10:08 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 09/12] KVM: selftests: stuff vm_mem_backing_src_type into vm_shape Date: Fri, 21 Feb 2025 16:07:22 +0000 Message-ID: <20250221160728.1584559-10-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use one of the padding fields in struct vm_shape to carry an enum vm_mem_backing_src_type value, to give the option to overwrite the default of VM_MEM_SRC_ANONYMOUS in __vm_create(). Overwriting this default will allow tests to create VMs where the test code is backed by mmap'd guest_memfd instead of anonymous memory. Signed-off-by: Patrick Roy --- .../testing/selftests/kvm/include/kvm_util.h | 19 ++++++++++--------- tools/testing/selftests/kvm/lib/kvm_util.c | 2 +- tools/testing/selftests/kvm/lib/x86/sev.c | 1 + .../selftests/kvm/pre_fault_memory_test.c | 1 + 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing/selftests/kvm/include/kvm_util.h index baeddec7c264..170e43d0bdf1 100644 --- a/tools/testing/selftests/kvm/include/kvm_util.h +++ b/tools/testing/selftests/kvm/include/kvm_util.h @@ -180,7 +180,7 @@ enum vm_guest_mode { struct vm_shape { uint32_t type; uint8_t mode; - uint8_t pad0; + uint8_t src_type; uint16_t pad1; }; @@ -188,14 +188,15 @@ kvm_static_assert(sizeof(struct vm_shape) == sizeof(uint64_t)); #define VM_TYPE_DEFAULT 0 -#define VM_SHAPE(__mode) \ -({ \ - struct vm_shape shape = { \ - .mode = (__mode), \ - .type = VM_TYPE_DEFAULT \ - }; \ - \ - shape; \ +#define VM_SHAPE(__mode) \ +({ \ + struct vm_shape shape = { \ + .mode = (__mode), \ + .type = VM_TYPE_DEFAULT, \ + .src_type = VM_MEM_SRC_ANONYMOUS \ + }; \ + \ + shape; \ }) #if defined(__aarch64__) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 0900809bf6ac..43c7af269beb 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -420,7 +420,7 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint32_t nr_runnable_vcpus, vm = ____vm_create(shape); - vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, 0); + vm_userspace_mem_region_add(vm, shape.src_type, 0, 0, nr_pages, 0); for (i = 0; i < NR_MEM_REGIONS; i++) vm->memslots[i] = 0; diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index e9535ee20b7f..802e9db18235 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -118,6 +118,7 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, struct vm_shape shape = { .mode = VM_MODE_DEFAULT, .type = type, + .src_type = VM_MEM_SRC_ANONYMOUS, }; struct kvm_vm *vm; struct kvm_vcpu *cpus[1]; diff --git a/tools/testing/selftests/kvm/pre_fault_memory_test.c b/tools/testing/selftests/kvm/pre_fault_memory_test.c index 0350a8896a2f..d403f8d2f26f 100644 --- a/tools/testing/selftests/kvm/pre_fault_memory_test.c +++ b/tools/testing/selftests/kvm/pre_fault_memory_test.c @@ -68,6 +68,7 @@ static void __test_pre_fault_memory(unsigned long vm_type, bool private) const struct vm_shape shape = { .mode = VM_MODE_DEFAULT, .type = vm_type, + .src_type = VM_MEM_SRC_ANONYMOUS, }; struct kvm_vcpu *vcpu; struct kvm_run *run; From patchwork Fri Feb 21 16:07:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985851 Received: from smtp-fw-52003.amazon.com (smtp-fw-52003.amazon.com [52.119.213.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D15CB21B1AC; Fri, 21 Feb 2025 16:10:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.152 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154231; cv=none; b=g2ST/uWU90Kqh59GCXCFxCZOJ4SbVbM/5RWTZlHiBjzX8yVJeN0fCIKIKiV965lrWUrTWT3rtUz4t3CbIAxWZm44/MkbGkTjLd+WdPHaRsl2B53dtmE7kduQMu57NUCN0JkqBMs+icE3RtG2nCKHDj0r4oOURsvyqA4wuixiSQA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154231; c=relaxed/simple; bh=bbIVRYL8HcyT6MQvZ6nFMNJ2D27lb3VKCpz3qUBzb6E=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=CY5jQXCfm9Dw5ZN1CW/l8jc4MbafqDdNuVM7sMFT+SadB0JG4FJ7ZV2iS6DUchZMlyLO79+p314NVtR38f9FAsH601J/B2tivlZz61IiOP22ydG1+9SWMaLSRKOhgG8E5YN2PJpbhjvgNzVhjk0kjzmNfmQynC1hLDdL+Ps1iu4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=r6teND8v; arc=none smtp.client-ip=52.119.213.152 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="r6teND8v" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154229; x=1771690229; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ME/kRw8cLTb8MhNQKJaRb/2Fz6mJpWbtU0d0jgLL2rk=; b=r6teND8vAQbCzYOknIYKxgAQql/84Ee73f+SEjG8CIcppQ8MHZub/CG5 /QwoNr5PPjij0WK2lBIWHtSfEmnaZh0l5lef1ZQPcljvV/L1jIv3JLOtB F5rh+9QR9w/BLHOHwrQxyr3LKCholwMblyeEuSbllWNXXEMiHZc/vaY7m A=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="68171971" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52003.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:27 +0000 Received: from EX19MTAEUA002.ant.amazon.com [10.0.10.100:11823] by smtpin.naws.eu-west-1.prod.farcaster.email.amazon.dev [10.0.30.133:2525] with esmtp (Farcaster) id 30f1aa8e-25c6-4aeb-b42f-8993fd44c7bb; Fri, 21 Feb 2025 16:10:26 +0000 (UTC) X-Farcaster-Flow-ID: 30f1aa8e-25c6-4aeb-b42f-8993fd44c7bb Received: from EX19D022EUA002.ant.amazon.com (10.252.50.201) by EX19MTAEUA002.ant.amazon.com (10.252.50.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:26 +0000 Received: from EX19MTAUEC002.ant.amazon.com (10.252.135.146) by EX19D022EUA002.ant.amazon.com (10.252.50.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:25 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.43.8.6) by mail-relay.amazon.com (10.252.135.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:24 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id BED16404C9; Fri, 21 Feb 2025 16:10:16 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 10/12] KVM: selftests: adjust test_create_guest_memfd_invalid Date: Fri, 21 Feb 2025 16:07:23 +0000 Message-ID: <20250221160728.1584559-11-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 BIT(0) is now a valid flag, corresponding to KVM_GMEM_NO_DIRECT_MAP, so adjust test_create_guest_memfd_invalid to no longer assert it as an invalid flag. Signed-off-by: Patrick Roy --- tools/testing/selftests/kvm/guest_memfd_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/guest_memfd_test.c b/tools/testing/selftests/kvm/guest_memfd_test.c index 38c501e49e0e..b2e7d4c96802 100644 --- a/tools/testing/selftests/kvm/guest_memfd_test.c +++ b/tools/testing/selftests/kvm/guest_memfd_test.c @@ -170,7 +170,7 @@ static void test_create_guest_memfd_invalid(struct kvm_vm *vm) size); } - for (flag = BIT(0); flag; flag <<= 1) { + for (flag = BIT(1); flag; flag <<= 1) { fd = __vm_create_guest_memfd(vm, page_size, flag); TEST_ASSERT(fd == -1 && errno == EINVAL, "guest_memfd() with flag '0x%lx' should fail with EINVAL", From patchwork Fri Feb 21 16:07:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985852 Received: from smtp-fw-52004.amazon.com (smtp-fw-52004.amazon.com [52.119.213.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 75E451D79B4; Fri, 21 Feb 2025 16:10:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.154 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154240; cv=none; b=B+P+/PldU1kEY1OhHSkE6AkbbgptckHyEhYr+Qmsxi3keCPR8SXvwEDkWPULFK9ZPWoHoilnDY443vXPnhU66YWRjVNM9EvLOoVYGL0qrGddVswno+2C7R5ReYeGNfJLTHF3QWOQ19c5OZOXojIT7LrG8tTKPteV8q7EZKY00Rw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154240; c=relaxed/simple; bh=KKe0DJ8IaCvUGP3A2reEUBMv3+LU6Z5Y42CoH8pCrDQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=P+TXwkl/KzkAEniVMA8wcskLC5ZR1Yu5lWD8Zr5OLAqfZjtptIOmA83ZEEYVvvmW7F3/icRXGtmSjbvtCw9K05+hQyct1GImT2YQle8pqSKUHCk/i5ZMUAXJUtLSORyQqgAs6cMEKJz6pVAcTk0YyVNS4vEsKsbT1oz9Q5TzsBk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=rd+Jqww4; arc=none smtp.client-ip=52.119.213.154 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="rd+Jqww4" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154239; x=1771690239; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5Ov1AvdkmE8RFNxbKfIF7ZP8moMSsOr7uZcMJB7/AEA=; b=rd+Jqww4Nyn/aVBZJX/U2f7bpYslaWY0Pu5ACLdAVVzC0sWXC0gklX3I LD0KhEVcuACMQOINkIem5JVu0TelLiH2jXnlR9ovBTaqZfHybYIDqmVvb ZZ+LbOU0CJY6ZapTUcbxdGeUqBDHxeZkEGv9vCLZKZVrcJS2H5eMT9/zI Q=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="273295679" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.2]) by smtp-border-fw-52004.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:34 +0000 Received: from EX19MTAUWB001.ant.amazon.com [10.0.7.35:36548] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.29.24:2525] with esmtp (Farcaster) id e2af6afa-729d-4911-8577-61bddf574a96; Fri, 21 Feb 2025 16:10:32 +0000 (UTC) X-Farcaster-Flow-ID: e2af6afa-729d-4911-8577-61bddf574a96 Received: from EX19D003UWC004.ant.amazon.com (10.13.138.150) by EX19MTAUWB001.ant.amazon.com (10.250.64.248) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:32 +0000 Received: from EX19MTAUWA002.ant.amazon.com (10.250.64.202) by EX19D003UWC004.ant.amazon.com (10.13.138.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:32 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.203) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:32 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id BB555404D5; Fri, 21 Feb 2025 16:10:24 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 11/12] KVM: selftests: set KVM_GMEM_NO_DIRECT_MAP in mem conversion tests Date: Fri, 21 Feb 2025 16:07:24 +0000 Message-ID: <20250221160728.1584559-12-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Cover the scenario that the guest can fault in and write gmem-backed guest memory even if its direct map removed. Signed-off-by: Patrick Roy --- .../selftests/kvm/x86/private_mem_conversions_test.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/x86/private_mem_conversions_test.c b/tools/testing/selftests/kvm/x86/private_mem_conversions_test.c index 82a8d88b5338..dfc78781e93b 100644 --- a/tools/testing/selftests/kvm/x86/private_mem_conversions_test.c +++ b/tools/testing/selftests/kvm/x86/private_mem_conversions_test.c @@ -367,7 +367,7 @@ static void *__test_mem_conversions(void *__vcpu) } static void test_mem_conversions(enum vm_mem_backing_src_type src_type, uint32_t nr_vcpus, - uint32_t nr_memslots) + uint32_t nr_memslots, uint64_t gmem_flags) { /* * Allocate enough memory so that each vCPU's chunk of memory can be @@ -394,7 +394,7 @@ static void test_mem_conversions(enum vm_mem_backing_src_type src_type, uint32_t vm_enable_cap(vm, KVM_CAP_EXIT_HYPERCALL, (1 << KVM_HC_MAP_GPA_RANGE)); - memfd = vm_create_guest_memfd(vm, memfd_size, 0); + memfd = vm_create_guest_memfd(vm, memfd_size, gmem_flags); for (i = 0; i < nr_memslots; i++) vm_mem_add(vm, src_type, BASE_DATA_GPA + slot_size * i, @@ -477,7 +477,8 @@ int main(int argc, char *argv[]) } } - test_mem_conversions(src_type, nr_vcpus, nr_memslots); + test_mem_conversions(src_type, nr_vcpus, nr_memslots, 0); + test_mem_conversions(src_type, nr_vcpus, nr_memslots, KVM_GMEM_NO_DIRECT_MAP); return 0; } From patchwork Fri Feb 21 16:07:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Patrick Roy X-Patchwork-Id: 13985853 Received: from smtp-fw-52002.amazon.com (smtp-fw-52002.amazon.com [52.119.213.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 65B001F1535; Fri, 21 Feb 2025 16:10:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=52.119.213.150 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154246; cv=none; b=vDvve1Vt0+iB4DhpWCO93w6K79w3EB+cKrh6HUl67hbcYJO5CiPzeM/78rhua/EoeMRUTyEkoZr8ybexO9YgPTxxIjIfTw54FqlwyK7zC9QkgLF6KAIOIgq1ok3UfC9G2yBQYsdukbag49OYxurk0ie5b+6BcXBhqZEIu5+rhRc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1740154246; c=relaxed/simple; bh=haXYXj2KNnNM53EccSTxVj7puXHBh3hhQL/qUprzXn8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=UH1159z2m5bm3jqoqO+me+rjLoGt7Cr8SNr9tVdnPAs6ge9NQXALwjLMdU2Jo3pbCMQRdeqfYCae900u4osMfN+FjO7AxKl/MIy1nPx2e8kWCbuqGIHTNlFESEIo2I6ogpkXafJYOu5PkVpucFZMJ0XHHLY3TkpCuWDJAuYMxf8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk; spf=pass smtp.mailfrom=amazon.co.uk; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b=qF6YWADD; arc=none smtp.client-ip=52.119.213.150 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=amazon.co.uk Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amazon.co.uk header.i=@amazon.co.uk header.b="qF6YWADD" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt; s=amazon201209; t=1740154246; x=1771690246; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=GG+iBbH6CBZj8qfdCgUkXoIISA49vkr1DaWwQ2vmohw=; b=qF6YWADDZdWUrPA7tPGh21okWh2I1shkMlVwVhFo4oUfsCeeZYK7TNHk TbLyjzwV4iYvkfIMbef/9Z76add7g7V42zzlM1st5k8siUKnFV4CWCLQo WD4pZkKi4QNdHWS2HqXFRQFlIsjOCx6eC4WGhh9XZp5ijAb/15PCTgjgj M=; X-IronPort-AV: E=Sophos;i="6.13,305,1732579200"; d="scan'208";a="699167651" Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52002.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Feb 2025 16:10:41 +0000 Received: from EX19MTAUWC002.ant.amazon.com [10.0.21.151:6686] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.48.97:2525] with esmtp (Farcaster) id 69e45197-d4c5-4ea5-a690-28fa854e89d7; Fri, 21 Feb 2025 16:10:40 +0000 (UTC) X-Farcaster-Flow-ID: 69e45197-d4c5-4ea5-a690-28fa854e89d7 Received: from EX19D003UWB004.ant.amazon.com (10.13.138.24) by EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39; Fri, 21 Feb 2025 16:10:40 +0000 Received: from EX19MTAUWC002.ant.amazon.com (10.250.64.143) by EX19D003UWB004.ant.amazon.com (10.13.138.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1544.14; Fri, 21 Feb 2025 16:10:39 +0000 Received: from email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (10.25.36.210) by mail-relay.amazon.com (10.250.64.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.39 via Frontend Transport; Fri, 21 Feb 2025 16:10:39 +0000 Received: from ua2d7e1a6107c5b.ant.amazon.com (dev-dsk-roypat-1c-dbe2a224.eu-west-1.amazon.com [172.19.88.180]) by email-imr-corp-prod-pdx-all-2b-c1559d0e.us-west-2.amazon.com (Postfix) with ESMTPS id B70BB404C9; Fri, 21 Feb 2025 16:10:32 +0000 (UTC) From: Patrick Roy To: , , CC: Patrick Roy , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v4 12/12] KVM: selftests: Test guest execution from direct map removed gmem Date: Fri, 21 Feb 2025 16:07:25 +0000 Message-ID: <20250221160728.1584559-13-roypat@amazon.co.uk> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250221160728.1584559-1-roypat@amazon.co.uk> References: <20250221160728.1584559-1-roypat@amazon.co.uk> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a selftest that loads itself into guest_memfd (via KVM_GMEM_SHARED_MEM) and triggers an MMIO exit when executed. This exercises x86 MMIO emulation code inside KVM for guest_memfd-backed memslots where the guest_memfd folios are direct map removed. Particularly, it validates that x86 MMIO emulation code (guest page table walks + instruction fetch) correctly accesses gmem through the VMA that's been reflected into the memslot's userspace_addr field (instead of trying to do direct map accesses). Signed-off-by: Patrick Roy --- .../selftests/kvm/set_memory_region_test.c | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/tools/testing/selftests/kvm/set_memory_region_test.c b/tools/testing/selftests/kvm/set_memory_region_test.c index bc440d5aba57..16bbfe117a17 100644 --- a/tools/testing/selftests/kvm/set_memory_region_test.c +++ b/tools/testing/selftests/kvm/set_memory_region_test.c @@ -603,6 +603,42 @@ static void test_mmio_during_vectoring(void) kvm_vm_free(vm); } + +static void guest_code_trigger_mmio(void) +{ + /* + * Read some GPA that is not backed by a memslot. KVM consider this + * as MMIO and tell userspace to emulate the read. + */ + READ_ONCE(*((uint64_t *)MEM_REGION_GPA)); + + GUEST_DONE(); +} + +static void test_guest_memfd_mmio(void) +{ + struct kvm_vm *vm; + struct kvm_vcpu *vcpu; + struct vm_shape shape = { + .mode = VM_MODE_DEFAULT, + .type = KVM_X86_SW_PROTECTED_VM, + .src_type = VM_MEM_SRC_GUEST_MEMFD_NO_DIRECT_MAP, + }; + pthread_t vcpu_thread; + + pr_info("Testing MMIO emulation for instructions in gmem\n"); + + vm = __vm_create_shape_with_one_vcpu(shape, &vcpu, 0, guest_code_trigger_mmio); + + virt_map(vm, MEM_REGION_GPA, MEM_REGION_GPA, 1); + + pthread_create(&vcpu_thread, NULL, vcpu_worker, vcpu); + + /* If the MMIO read was successfully emulated, the vcpu thread will exit */ + pthread_join(vcpu_thread, NULL); + + kvm_vm_free(vm); +} #endif int main(int argc, char *argv[]) @@ -630,6 +666,10 @@ int main(int argc, char *argv[]) (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM))) { test_add_private_memory_region(); test_add_overlapping_private_memory_regions(); + if (kvm_has_cap(KVM_CAP_GMEM_SHARED_MEM) && kvm_has_cap(KVM_CAP_GMEM_NO_DIRECT_MAP)) + test_guest_memfd_mmio(); + else + pr_info("Skipping tests requiring KVM_CAP_GMEM_SHARED_MEM | KVM_CAP_GMEM_NO_DIRECT_MAP"); } else { pr_info("Skipping tests for KVM_MEM_GUEST_MEMFD memory regions\n"); }