From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E9F8227FD62 for ; Tue, 29 Jul 2025 22:55:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829733; cv=none; b=tMXzPl2O9UrQXHc+Hdd35dCy5AP/DG1qeS/0mwdEMboZwWIIXhMwSPOw/RttpDtpAC7Ifp71IEAeBxjdKrm9fsMTZkKkyFqDJSQRCcj1i7CRuKGnEq2fu8tJFFv5pkhbJ99yqOiyB4QtVzhBzqSpSS+QL6NUgc0rYw9H3SSN22A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829733; c=relaxed/simple; bh=zIljfq2TSzQaWNnOIy0jWv9y8WWWTpAGeN/SwFO0aV4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Z6iDIoB4InyKJtyay29xI5UYDpDXIoT8TY2QQyoZSAA2YhEZpzxBKRBq8LrQ0FRZ+21HX2BVhecWNWGW1UA28+NGhN2MjsipvpJhaGRuJCHGIVIwSCUkTMwqIDKHxRTwoOrdVKn2b8KJtOENhhhrvPofTbiAX69Pkit2uzZk1CU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=wic7dCqw; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="wic7dCqw" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-23ff063d087so26647005ad.1 for ; Tue, 29 Jul 2025 15:55:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829731; x=1754434531; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=rCpQGzwMKFK4ptMSW9GdDXyar1lj92zeXPJ/+yaFJX4=; b=wic7dCqwUAj5mCmJt1S3/vZm1KBMJ7sFjIXdQmsopWzszH4hYnL5NtGMK+tAJZ8Fnx c0mb4PWJMMtDD/J9HSK+IqIQXUGulZn0MsIkbVUD1k8TvHHvAUMrWt/c06IBRdWKi0ap Epl1mnCy2T5aCqvPPb1wjdp207FJFlY3YVTBvQ36ZDj05XSXjxqniyt2sg+PNBfrxvUM oBsNrlvtCrpFXt35VD3wryl36G6iJe/xpfMbqYxgeZPmXgVVMH8oE/lHoi2lPkTOameB ltRgYXOlK2diaJ/5S2+863ES39oCYQymIsl48L1A6BSlvtsyq+UybQ9mFK8psQr3c0or i8nA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829731; x=1754434531; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=rCpQGzwMKFK4ptMSW9GdDXyar1lj92zeXPJ/+yaFJX4=; b=FEHqzH7XlOr1b9W809Ypm5ta706o4LNu3XfN0s7oDW6vN9VmkPcGYiC7nP/X11biGU FJX22rNo156BQcxu3Z0FTBA0fZyFRI05rekR3Ue3zhcJfUjkgT3JXWsu3SY7TEruwHc+ UOnbzf5JhE9DrAtv0JThHiqSED8ZzWZ8B4DdXK4umQma30xV/rdleroCp8FhMSVcErlA vMbdD5d2rMx8ZfxTYpEvgRARKURSe5eBykNY8sCG0dd6rvCn7GhUYSMn7MNtb4/qlVAT dq3VmxO+MR+Zlfx5bejzJ1bvh925T9Dq7Z/cV9cCtE1KFKCVgaQmQv3taYabG60gNmUQ 0VHw== X-Forwarded-Encrypted: i=1; AJvYcCWqR2+Tj50KefYNmn0qeZad6DUtDdI5jhS7JDIk0ngADPXQsjBfv+Uh2sCrrveWZ21akjAKwmR3fSl40eo=@vger.kernel.org X-Gm-Message-State: AOJu0Yygs6xe/h76EKDNQWbrd5lWbUHn5kOxkb8rFPM5CAJNGW/q9Xhn +ylQ4bODaqCwIzzpfa3qHS5uHUl4+Og8F1I535itDnTF34+feOS+zLXi4QEbUKAHFs2Eb6wd/rO t+KNqmA== X-Google-Smtp-Source: AGHT+IFbj44B83iSbE5A+vqSrciKuaygxoH40sCo6SkWHfvt5hELe3GEpiiE21IydS3tBnU29mqnLgsJFnM= X-Received: from pjbqa11.prod.google.com ([2002:a17:90b:4fcb:b0:31c:2fe4:33bd]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:2a8c:b0:23f:dc56:66e2 with SMTP id d9443c01a7336-24096b2a372mr19186465ad.38.1753829731380; Tue, 29 Jul 2025 15:55:31 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:32 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-2-seanjc@google.com> Subject: [PATCH v17 01/24] KVM: Rename CONFIG_KVM_PRIVATE_MEM to CONFIG_KVM_GUEST_MEMFD From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Rename the Kconfig option CONFIG_KVM_PRIVATE_MEM to CONFIG_KVM_GUEST_MEMFD. The original name implied that the feature only supported "private" memory. However, CONFIG_KVM_PRIVATE_MEM enables guest_memfd in general, which is not exclusively for private memory. Subsequent patches in this series will add guest_memfd support for non-CoCo VMs, whose memory is not private. Renaming the Kconfig option to CONFIG_KVM_GUEST_MEMFD more accurately reflects its broader scope as the main Kconfig option for all guest_memfd-backed memory. This provides clearer semantics for the option and avoids confusion as new features are introduced. Reviewed-by: Ira Weiny Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Vlastimil Babka Reviewed-by: Xiaoyao Li Co-developed-by: David Hildenbrand Signed-off-by: David Hildenbrand Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 2 +- include/linux/kvm_host.h | 14 +++++++------- virt/kvm/Kconfig | 8 ++++---- virt/kvm/Makefile.kvm | 2 +- virt/kvm/kvm_main.c | 4 ++-- virt/kvm/kvm_mm.h | 4 ++-- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index f19a76d3ca0e..7b0f2b3e492d 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2276,7 +2276,7 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_force= d_root_level, int tdp_max_root_level, int tdp_huge_page_level); =20 =20 -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD #define kvm_arch_has_private_mem(kvm) ((kvm)->arch.has_private_mem) #else #define kvm_arch_has_private_mem(kvm) false diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 15656b7fba6c..8cdc0b3cc1b1 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -602,7 +602,7 @@ struct kvm_memory_slot { short id; u16 as_id; =20 -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD struct { /* * Writes protected by kvm->slots_lock. Acquiring a @@ -720,10 +720,10 @@ static inline int kvm_arch_vcpu_memslots_id(struct kv= m_vcpu *vcpu) #endif =20 /* - * Arch code must define kvm_arch_has_private_mem if support for private m= emory - * is enabled. + * Arch code must define kvm_arch_has_private_mem if support for guest_mem= fd is + * enabled. */ -#if !defined(kvm_arch_has_private_mem) && !IS_ENABLED(CONFIG_KVM_PRIVATE_M= EM) +#if !defined(kvm_arch_has_private_mem) && !IS_ENABLED(CONFIG_KVM_GUEST_MEM= FD) static inline bool kvm_arch_has_private_mem(struct kvm *kvm) { return false; @@ -2505,7 +2505,7 @@ bool kvm_arch_post_set_memory_attributes(struct kvm *= kvm, =20 static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) { - return IS_ENABLED(CONFIG_KVM_PRIVATE_MEM) && + return IS_ENABLED(CONFIG_KVM_GUEST_MEMFD) && kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_PRIVATE; } #else @@ -2515,7 +2515,7 @@ static inline bool kvm_mem_is_private(struct kvm *kvm= , gfn_t gfn) } #endif /* CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES */ =20 -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, kvm_pfn_t *pfn, struct page **page, int *max_order); @@ -2528,7 +2528,7 @@ static inline int kvm_gmem_get_pfn(struct kvm *kvm, KVM_BUG_ON(1, kvm); return -EIO; } -#endif /* CONFIG_KVM_PRIVATE_MEM */ +#endif /* CONFIG_KVM_GUEST_MEMFD */ =20 #ifdef CONFIG_HAVE_KVM_ARCH_GMEM_PREPARE int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int m= ax_order); diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index 727b542074e7..e4b400feff94 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -112,19 +112,19 @@ config KVM_GENERIC_MEMORY_ATTRIBUTES depends on KVM_GENERIC_MMU_NOTIFIER bool =20 -config KVM_PRIVATE_MEM +config KVM_GUEST_MEMFD select XARRAY_MULTI bool =20 config KVM_GENERIC_PRIVATE_MEM select KVM_GENERIC_MEMORY_ATTRIBUTES - select KVM_PRIVATE_MEM + select KVM_GUEST_MEMFD bool =20 config HAVE_KVM_ARCH_GMEM_PREPARE bool - depends on KVM_PRIVATE_MEM + depends on KVM_GUEST_MEMFD =20 config HAVE_KVM_ARCH_GMEM_INVALIDATE bool - depends on KVM_PRIVATE_MEM + depends on KVM_GUEST_MEMFD diff --git a/virt/kvm/Makefile.kvm b/virt/kvm/Makefile.kvm index 724c89af78af..d047d4cf58c9 100644 --- a/virt/kvm/Makefile.kvm +++ b/virt/kvm/Makefile.kvm @@ -12,4 +12,4 @@ kvm-$(CONFIG_KVM_ASYNC_PF) +=3D $(KVM)/async_pf.o kvm-$(CONFIG_HAVE_KVM_IRQ_ROUTING) +=3D $(KVM)/irqchip.o kvm-$(CONFIG_HAVE_KVM_DIRTY_RING) +=3D $(KVM)/dirty_ring.o kvm-$(CONFIG_HAVE_KVM_PFNCACHE) +=3D $(KVM)/pfncache.o -kvm-$(CONFIG_KVM_PRIVATE_MEM) +=3D $(KVM)/guest_memfd.o +kvm-$(CONFIG_KVM_GUEST_MEMFD) +=3D $(KVM)/guest_memfd.o diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 6c07dd423458..25a94eed75fd 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -4915,7 +4915,7 @@ static int kvm_vm_ioctl_check_extension_generic(struc= t kvm *kvm, long arg) case KVM_CAP_MEMORY_ATTRIBUTES: return kvm_supported_mem_attributes(kvm); #endif -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD case KVM_CAP_GUEST_MEMFD: return !kvm || kvm_arch_has_private_mem(kvm); #endif @@ -5352,7 +5352,7 @@ static long kvm_vm_ioctl(struct file *filp, case KVM_GET_STATS_FD: r =3D kvm_vm_ioctl_get_stats_fd(kvm); break; -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD case KVM_CREATE_GUEST_MEMFD: { struct kvm_create_guest_memfd guest_memfd; =20 diff --git a/virt/kvm/kvm_mm.h b/virt/kvm/kvm_mm.h index acef3f5c582a..31defb08ccba 100644 --- a/virt/kvm/kvm_mm.h +++ b/virt/kvm/kvm_mm.h @@ -67,7 +67,7 @@ static inline void gfn_to_pfn_cache_invalidate_start(stru= ct kvm *kvm, } #endif /* HAVE_KVM_PFNCACHE */ =20 -#ifdef CONFIG_KVM_PRIVATE_MEM +#ifdef CONFIG_KVM_GUEST_MEMFD void kvm_gmem_init(struct module *module); int kvm_gmem_create(struct kvm *kvm, struct kvm_create_guest_memfd *args); int kvm_gmem_bind(struct kvm *kvm, struct kvm_memory_slot *slot, @@ -91,6 +91,6 @@ static inline void kvm_gmem_unbind(struct kvm_memory_slot= *slot) { WARN_ON_ONCE(1); } -#endif /* CONFIG_KVM_PRIVATE_MEM */ +#endif /* CONFIG_KVM_GUEST_MEMFD */ =20 #endif /* __KVM_MM_H__ */ --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F39C4285CB0 for ; Tue, 29 Jul 2025 22:55:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829735; cv=none; b=rAneDg7cEshYpbdLlssGA4qkxaAzk179xR//8YL3cpuLWas9Av7hw+oSRatwnPhj0726dYtscE1CJX6S6m2F/oOUjtKayJVBjxf0MCIPqn5eTAKPB2YHiAt47Vg7+t+0woZfeKi3hmd5X5wZ98ZRybObu+aLrXEXlTjsIi/qhCk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829735; c=relaxed/simple; bh=KGm9ovBIIPFL/eToRSLYCEL3qJQ5QwWTWLDQ7V661s8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=bPZE7csexlPOoHWRmT+qonfTuJ5DR4tciffK5W7YFvsEC4VHXx+0/Fax37WNBbnFWyvivm2ryqyYsyDIN5MpewpF92Jqg0iupGfGFB9BxVMlC/UEXhsokv67lH5ykg10Gihctrf/Vw9RJtrdippJbD2hR1vtbckokgay0e4+4fQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ZXsa+UtG; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ZXsa+UtG" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-31f2a98d91eso285230a91.3 for ; Tue, 29 Jul 2025 15:55:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829733; x=1754434533; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=OmVLrvkZP9+4Qi6hccAHfp26jMTaOxOppUd09YnTXa4=; b=ZXsa+UtGuymLMNS0ox/NIZyKTi4uKxlfZCXSHJFt6lm58Ixx+YOsXM+rlGcYYi4any i2+G6yjY7u+TC361CyT45hwgUoP9RzFbDCVHQ0h2fit4MgdcdEd6TlV4uWMsj4mPNXJy 02w4TWmhxeVSEy0+V8Ah/kz1pXYZkZUvoV7PUopLSFq4zwHYOG7DwiaW9UR+KH8XKpyK EQsJLFAzXy8h0DkKzV8tNcdj1mHp2fmC6U89p8ijwqQcMn6g9BF3SRE4tnsx4AMVn/vF GQgUuFBhPyRPVzkRvaWwAhqPzSCF0SbI8SC9O2XEJJMZto5dwM4U25HhWbd+uJgDz74y hd2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829733; x=1754434533; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=OmVLrvkZP9+4Qi6hccAHfp26jMTaOxOppUd09YnTXa4=; b=fOzSyjcjZ46gfDzS2yli1tc7BEGXOe99Nj4AB4hHZuvXlkzysPxaRp4hVtZkQRhNd2 cBZbHcZHKUONcAqMzKdwlMweyC75HcshzDbITpsZcBoFNL6bYqK8hodadg0JbPg0FzpS MpppFLeA7o41seymyjpydow8l4jEzye8/rHhbWp8yCQAQJktPmomqLqqwOKzjf1vw5+2 QRj8MTegCRb2kTGRIh1ZBZQA2upm39XpwBn+0YN9rT+r/Gza5nxdEc1pMOqdVZqSVNSG RV8XKo1PRJpjzlQ6rNVwy5xZTODHJGEbPXgIrbeVCvZX9CtM6v7guF3RsqB8hG4tuYn3 3AcA== X-Forwarded-Encrypted: i=1; AJvYcCVzicq/28v3Ww1NIwFDI2DqXJ03TeFszbSrAa4WdW1tpyhUbUX+NiHMU8sG+QuYyvrcJ4uiYw/XnJmca8U=@vger.kernel.org X-Gm-Message-State: AOJu0Yw2wcmRfSHBnIpva4lxBAx8R+e0+2wOOAFNL+Rvyf/PwaQs9MR+ 1uHdiIePXe+yMgSR+o4T/+nA9t+4lb6NzdE/JOyS4ctLavxgsbWJv4jAVNChEtgCbg8KRw8ZcMp NgbXu+g== X-Google-Smtp-Source: AGHT+IGSrd/EFwxUHSw007+6nrRVXNMPdERz2RNXYrRaT6Ik++IdE/tI3gPpnLHNIaoiETPbklCVAOToMMI= X-Received: from pjk7.prod.google.com ([2002:a17:90b:5587:b0:31f:2a78:943]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2689:b0:31e:d9f0:9b92 with SMTP id 98e67ed59e1d1-31f5ddb4545mr1642509a91.14.1753829733349; Tue, 29 Jul 2025 15:55:33 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:33 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-3-seanjc@google.com> Subject: [PATCH v17 02/24] KVM: x86: Have all vendor neutral sub-configs depend on KVM_X86, not just KVM From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Make all vendor neutral KVM x86 configs depend on KVM_X86, not just KVM, i.e. gate them on at least one vendor module being enabled and thus on kvm.ko actually being built. Depending on just KVM allows the user to select the configs even though they won't actually take effect, and more importantly, makes it all too easy to create unmet dependencies. E.g. KVM_GENERIC_PRIVATE_MEM can't be selected by KVM_SW_PROTECTED_VM, because the KVM_GENERIC_MMU_NOTIFIER dependency is select by KVM_X86. Hiding all sub-configs when neither KVM_AMD nor KVM_INTEL is selected also helps communicate to the user that nothing "interesting" is going on, e.g. --- Virtualization Kernel-based Virtual Machine (KVM) support < > KVM for Intel (and compatible) processors support < > KVM for AMD processors support Fixes: ea4290d77bda ("KVM: x86: leave kvm.ko out of the build if no vendor = module is requested") Reviewed-by: David Hildenbrand Reviewed-by: Xiaoyao Li Signed-off-by: Sean Christopherson Reviewed-by: Fuad Tabba --- arch/x86/kvm/Kconfig | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 2c86673155c9..9895fc3cd901 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -74,7 +74,7 @@ config KVM_WERROR # FRAME_WARN, i.e. KVM_WERROR=3Dy with KASAN=3Dy requires special tuning. # Building KVM with -Werror and KASAN is still doable via enabling # the kernel-wide WERROR=3Dy. - depends on KVM && ((EXPERT && !KASAN) || WERROR) + depends on KVM_X86 && ((EXPERT && !KASAN) || WERROR) help Add -Werror to the build flags for KVM. =20 @@ -83,7 +83,7 @@ config KVM_WERROR config KVM_SW_PROTECTED_VM bool "Enable support for KVM software-protected VMs" depends on EXPERT - depends on KVM && X86_64 + depends on KVM_X86 && X86_64 help Enable support for KVM software-protected VMs. Currently, software- protected VMs are purely a development and testing vehicle for @@ -169,7 +169,7 @@ config KVM_AMD_SEV config KVM_IOAPIC bool "I/O APIC, PIC, and PIT emulation" default y - depends on KVM + depends on KVM_X86 help Provides support for KVM to emulate an I/O APIC, PIC, and PIT, i.e. for full in-kernel APIC emulation. @@ -179,7 +179,7 @@ config KVM_IOAPIC config KVM_SMM bool "System Management Mode emulation" default y - depends on KVM + depends on KVM_X86 help Provides support for KVM to emulate System Management Mode (SMM) in virtual machines. This can be used by the virtual machine @@ -189,7 +189,7 @@ config KVM_SMM =20 config KVM_HYPERV bool "Support for Microsoft Hyper-V emulation" - depends on KVM + depends on KVM_X86 default y help Provides KVM support for emulating Microsoft Hyper-V. This allows KVM @@ -203,7 +203,7 @@ config KVM_HYPERV =20 config KVM_XEN bool "Support for Xen hypercall interface" - depends on KVM + depends on KVM_X86 help Provides KVM support for the hosting Xen HVM guests and passing Xen hypercalls to userspace. @@ -213,7 +213,7 @@ config KVM_XEN config KVM_PROVE_MMU bool "Prove KVM MMU correctness" depends on DEBUG_KERNEL - depends on KVM + depends on KVM_X86 depends on EXPERT help Enables runtime assertions in KVM's MMU that are too costly to enable @@ -228,7 +228,7 @@ config KVM_EXTERNAL_WRITE_TRACKING =20 config KVM_MAX_NR_VCPUS int "Maximum number of vCPUs per KVM guest" - depends on KVM + depends on KVM_X86 range 1024 4096 default 4096 if MAXSMP default 1024 --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B44532874FD for ; Tue, 29 Jul 2025 22:55:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829738; cv=none; b=tHmeIwooKCnp3lIY7nXaimn9vGIryc0IMiARJDhQ6bdt4aINh6gvmnkQ8wuBigfCLLOAp+sxPqKEIqNIpgjWsiivyPptiUk1EzxSwn5Ux4HoVwVZpzpPVD2lqxRUJ5Q4YdNe2vVQX9Ob/M48NK9D1tZTv5tqTAV+bYjZNYZEDTE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829738; c=relaxed/simple; bh=WhA8GcOHwnrQQI7pcMt4+3KPgdAVeYE+NdluYFw+Lok=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HqK0WPWLo4j+KEh5l1G/nhMODSMFViL3Bb75IBorUTYz91n3AhOYayMGMzuboj/rl5QBp1PtSCnyv3VTlXzgU88rYqiydb7yUGJpETBhllI63ik65Oo7uWirMADKbmJusQp3703/g6a0KXaqFnDuWsGQwKhsBQ9QZe/F5vrN71s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=w4EdbKiw; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="w4EdbKiw" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2400cbd4241so32352625ad.3 for ; Tue, 29 Jul 2025 15:55:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829735; x=1754434535; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=LS+T/y+NsOpuW4oCoWoDJ8akduRknfqoGYJRkz33V1U=; b=w4EdbKiwW9b3JXJJfV3fmWB98ohg2hmCaxRfHcOPGsYLslOdqvDbhGJb0mfA3B5KSR TGYlBTNUmh/xQfwtOmuLnZLTfC5bxueahgOkiS+KzkWoiHWrUcNv3yX6jFYFqsiDR7gX fOD7G+GpVJ6RpVb8Z4UADjYurvFz1NyjJRnablTFXAEwedKjTd930H5fcyLJCaVsCuKy rsACzgIcVffPE8TcBBwFuvFvb1uXxNDsvS/Q3B1ZlvNbrC116kebSSwZ7REmhPxY8J+6 PNzwNsjQolW3iBwV0yA+3Q2CB18DmS/RkJLiLGy/FJSovLJG4JWA3q9GONhigdj37/vt /Eeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829735; x=1754434535; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LS+T/y+NsOpuW4oCoWoDJ8akduRknfqoGYJRkz33V1U=; b=TXpar8ijIQIjpk2UZlyUQshMND+9nwZTRghxD90quQKKDhJJgutBwpoqM4xLs6Svfq HXpRf1lysVHqCdNBh2zxtR8RK8AN/J67zkrBvgmbEN3T+CezNx4zahPwkKygoFiuDeno yiSm9Uf0PSCcWyv+yqh8XlVaf5c1QOaQEm587Ai6eHIoryMqEJLPHEx/eru0yw/tXyfd mjkkKy3W6MHpArLa0vlnadkSFjyWdimZ1SuqCoJcTOD15UVeMf4vNTd1ByV1csCleqDq Nl2RINTKbZZ6KyMBGpOh6Jaj0s1cNsiUp27wmGvNGCFZ7+UfINQBSjhUlYv3ko6KZT2V iX6A== X-Forwarded-Encrypted: i=1; AJvYcCV3wv/qPN30EaMAJCd3eQcCfwDWuAzFRQcpV6/hR4B8y9+YxilTo8TLrHtgdDXtptOpJF/BuM2KDoKIvhE=@vger.kernel.org X-Gm-Message-State: AOJu0Yx91epT2wvHq3ow+1vLdHyHEJ5pEhZLpK0amgGdQpufvAVf/Kvm apg5i5ft8lvh3KWbYw2E6ThgKJxETpTCroBA5eiwVWWTVtDP+xpJB0PzZmOE5VpDt7IHcPj5xjC bY6E7Fw== X-Google-Smtp-Source: AGHT+IHpmI5t9q8abNBgRyh5X76Xt5TR0J+JP8kdnFD/iZ18CSlsLse7XJRB4ca0uWJ63xXXHrffCkBn52o= X-Received: from plbnb8.prod.google.com ([2002:a17:903:15c8:b0:23e:3914:f342]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e890:b0:224:910:23f0 with SMTP id d9443c01a7336-24096b3d823mr14938045ad.49.1753829734856; Tue, 29 Jul 2025 15:55:34 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:34 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-4-seanjc@google.com> Subject: [PATCH v17 03/24] KVM: x86: Select KVM_GENERIC_PRIVATE_MEM directly from KVM_SW_PROTECTED_VM From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Now that KVM_SW_PROTECTED_VM doesn't have a hidden dependency on KVM_X86, select KVM_GENERIC_PRIVATE_MEM from within KVM_SW_PROTECTED_VM instead of conditionally selecting it from KVM_X86. No functional change intended. Reviewed-by: Xiaoyao Li Reviewed-by: David Hildenbrand Signed-off-by: Sean Christopherson Reviewed-by: Fuad Tabba --- arch/x86/kvm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 9895fc3cd901..402ba00fdf45 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -46,7 +46,6 @@ config KVM_X86 select HAVE_KVM_PM_NOTIFIER if PM select KVM_GENERIC_HARDWARE_ENABLING select KVM_GENERIC_PRE_FAULT_MEMORY - select KVM_GENERIC_PRIVATE_MEM if KVM_SW_PROTECTED_VM select KVM_WERROR if WERROR =20 config KVM @@ -84,6 +83,7 @@ config KVM_SW_PROTECTED_VM bool "Enable support for KVM software-protected VMs" depends on EXPERT depends on KVM_X86 && X86_64 + select KVM_GENERIC_PRIVATE_MEM help Enable support for KVM software-protected VMs. Currently, software- protected VMs are purely a development and testing vehicle for --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 946C6288C10 for ; Tue, 29 Jul 2025 22:55:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829739; cv=none; b=pj25uOkP9N/oXUxZjQcCuCKWjY0ajamG6TiXbxLXc+HtIVJii0d5VtA+yxTktzlV8EHPzWX9i7sxatwoo6LVec8cwV+8WvGHVH8jzs+oLXM3ibUq4JPjI9pC+9YGMvXuxNP3kXDo9g8i/QiSJEettGMlChN2rLQKdK2hJRKuqG8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829739; c=relaxed/simple; bh=PIR7Q1NgOshHJlYu6rpDm4VPA1b0uXtS/tyXN6l8IzA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=ZrpR0mPeiehOZGn04IXtJmp5H4/ney68xUGHttsmxFKfx4gZ8PiX5Xkul/jWdoTOdEpxTu1cT6K6gdi17fGmJY9MkkyjY3wmcu7ayeF986PvyUoMInijNbzeZGBFVYlwQHm7HLVN6ZroWXpcoFg4SNVHfQrenHui64UK12l6sI4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=CdJcqhNP; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="CdJcqhNP" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-31edd69d754so2818441a91.1 for ; Tue, 29 Jul 2025 15:55:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829737; x=1754434537; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=gFnHmY/mnoB77L81qdmfXRRJ+itvZAH1/9yVsOU0ZkM=; b=CdJcqhNPeYdDqywNVFfaGHTsnnFI/kYoSeewkj1xaa7qqjq9eI95hADA8INU53cpFQ xzQ4+TnLVXr/Hwrw6Z7U52lDrp8U7uLYWITjM4bNgTkv1hE7z5ZuPIv413L3kXNoeoSe +fDFlWPQ+K55BxFCNHy/IgBjXrYnolew2kFR0gzJOEUgV3n3jvgwF6X0fl9Gro/SWPm6 MKtsv35P3r8zvNBwUMckVTpdiKE4mEqKNClHpoQgc8FUhxl6Mp0cairryemRAlL5mJpX d8dJzVw47WosBUzv1Kgs/b3+pK2WqqL2vSKDvrL6LIb8X8uTTvuEiBMOQ1SsVy2qSf2X apYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829737; x=1754434537; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=gFnHmY/mnoB77L81qdmfXRRJ+itvZAH1/9yVsOU0ZkM=; b=vnJLlHkyZ0SfwtXdw2eP3LZbxmqk65CUPdnzmpOssIqX+m4IwxEQsZrftSFR5XbTFF hV1kj2PIRLNMWHwYdMWWjKi38//NdLJeXVQInEozp7SN05bgyRpFCTx79dNetDYq+Cw0 9Fw1JqMrkWtlTM5p0cq3eK4XYYqEeykWMy6mLHK/EWRcRDjjW3cLxHjM2FIXaefINeFD lTDMMUslx1gmLHNYyDlXiOYgg+kF/euYlGCL8WXw2y6kJgO3Sj5RyrM86OTLD2y4Rm4A d0UiXH3k//mmuyuuBPOZlNKaacGxUlLGQsnnT3uV9iHyRiLtr2k2O/W/nrgkPCzSgl89 +k9A== X-Forwarded-Encrypted: i=1; AJvYcCXHhxivmXoJpm4HMmBqph6dXKIUDx0qlpjgf7d7lueubOEEAOUQz+Buz9pf8lKiaI90/Am61QCQYQI6cWU=@vger.kernel.org X-Gm-Message-State: AOJu0YwSUWYCAfbNnu/DjHfW5JOtuTcawDOb3adtBDYtz2STUr4q8fPS g+g+N9MdncmT1/rDdQY2SdxbZH/DPQ39VG9nnIbk13FBk9wEI9zoa6gzOQ7vLK3t0wpJMFuSVyz cP/2JoQ== X-Google-Smtp-Source: AGHT+IGW1K6V884yFJ/UsdufteHNa+YJReUfJU48NT0v+IzXl6w7knzHbQRXIxUuwcw5V5T6c1ZnGgjicS4= X-Received: from pjbmf3.prod.google.com ([2002:a17:90b:1843:b0:31f:2efe:cece]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2885:b0:312:639:a058 with SMTP id 98e67ed59e1d1-31f5de49d4dmr1634316a91.27.1753829736661; Tue, 29 Jul 2025 15:55:36 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:35 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-5-seanjc@google.com> Subject: [PATCH v17 04/24] KVM: x86: Select TDX's KVM_GENERIC_xxx dependencies iff CONFIG_KVM_INTEL_TDX=y From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Select KVM_GENERIC_PRIVATE_MEM and KVM_GENERIC_MEMORY_ATTRIBUTES directly from KVM_INTEL_TDX, i.e. if and only if TDX support is fully enabled in KVM. There is no need to enable KVM's private memory support just because the core kernel's INTEL_TDX_HOST is enabled. Reviewed-by: Xiaoyao Li Reviewed-by: David Hildenbrand Signed-off-by: Sean Christopherson Reviewed-by: Fuad Tabba --- arch/x86/kvm/Kconfig | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 402ba00fdf45..13ab7265b505 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -95,8 +95,6 @@ config KVM_SW_PROTECTED_VM config KVM_INTEL tristate "KVM for Intel (and compatible) processors support" depends on KVM && IA32_FEAT_CTL - select KVM_GENERIC_PRIVATE_MEM if INTEL_TDX_HOST - select KVM_GENERIC_MEMORY_ATTRIBUTES if INTEL_TDX_HOST help Provides support for KVM on processors equipped with Intel's VT extensions, a.k.a. Virtual Machine Extensions (VMX). @@ -135,6 +133,8 @@ config KVM_INTEL_TDX bool "Intel Trust Domain Extensions (TDX) support" default y depends on INTEL_TDX_HOST + select KVM_GENERIC_PRIVATE_MEM + select KVM_GENERIC_MEMORY_ATTRIBUTES help Provides support for launching Intel Trust Domain Extensions (TDX) confidential VMs on Intel processors. --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com [209.85.210.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4175E289358 for ; Tue, 29 Jul 2025 22:55:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829740; cv=none; b=UQ8n3+Pl05JU3xzDCOorcQ0hLxKTCoTmlU+jn4ZJkcuRKRy/1P8FqcQS+yYd/Bxnc8E1+UzyYsIYxsivM66ng/ZhpFCYglpdCqPM5Mhpo+3HkdlGo7tHPAujU43AmF8sQOmiJ7Wa8VeY11ri93IIXy7Fp6SWfKcY5b5jCA+U+P8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829740; c=relaxed/simple; bh=1G471Ztcvd9/EAbr4zfSr/Pr5YCZ5sKUbrndZzoQZd4=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=OicUnRX9rWR/WCaH5RZq9y1v/hCl9tTbyY+UGxXIKkmZUjJ2wsGqT1zMO2p4ircyTZEpbo1ngynMME9o0tUk7DWeRHBkUWf9j0LnC0CIgINy6GNyGKozD4ynTw+cUPdW/kSj2ggHcvZ8SIESZ9TkPhjYkSWK2l2KhIyhmRQNYQI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=KyUDf0s0; arc=none smtp.client-ip=209.85.210.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="KyUDf0s0" Received: by mail-pf1-f201.google.com with SMTP id d2e1a72fcca58-74928291bc3so273965b3a.0 for ; Tue, 29 Jul 2025 15:55:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829738; x=1754434538; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=c+/NMJmsylkoBC4gWvcEbFQsUKJfGfTOY8uMnbEW6yY=; b=KyUDf0s06ujqQk4L9p5Ti0L/wUVVDdTLz2Wh9UVhJ0p3zMAUlcAeFK8f7uBJeJqjTC 5+DfNJw2ULMH+WoiIfktqHb9jyknIKLrva+BOKwGc+8jhnCt2Cl/vH5jgLKYIxKEzi46 vHjMspaIn8w8KMjbtsSB2P08s1v2NF5jrrSqOumdlf3VbhczRNvlCl9KUml0WsBl8WNr zoRc4XogBSoef4vyPeKFh8FA26dxlWO7hq95106jpynuz4f4dRlKx8XuItDGl4bZR6Ju tLc8fMWzJnCXQ3u2IafS39pGhbFoDZl0i7mUjul4IuFkhiM2LVm1yP6SSeXC9gQnkStj ZB7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829738; x=1754434538; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=c+/NMJmsylkoBC4gWvcEbFQsUKJfGfTOY8uMnbEW6yY=; b=BhG21uepPrFsyl7TKdPiyyjLpI2ERi64dV29rHb6NUb6Zq0Mlgs2QtfkSrXNfTwC5B qkuuFLowYKlMqo1fnnFuVneOaURnI4adD7OWbayPvWl18wSigfYf7Sn4i1JfyE4ZKdCo V+ari9Zn+VIyeemx1auwH3MZe7N6jPw/aPrkn28XqjZXVLx5V6N+aTHF40fmbOdt/Jdt 4STZhuI8ODS8ospj9X9JC7UmW9hXBCp4xGSzdr1mzy3NLPgMAbh47nKzmCXPC4KjUWya Ne96U0yHYA8oHCGEPc37yxvCBwLTMTI+HVv1wF4PEI8IHD+m/yWOi+7Ca5BdScTC9Cpp T01g== X-Forwarded-Encrypted: i=1; AJvYcCWwfYsv7wDXIVwVK3d53kQYf1LFbweo2JCdJVLCRCTYJpYiX1t4Xgmh11pMgZvKGC3b3B6KUCeM6yAYKQg=@vger.kernel.org X-Gm-Message-State: AOJu0Yyy8izjrwp0QXAfUdtliZQOvBWcrRuNc/zjqPt8FCMITpl5CEAt LbZHWsT2od1vg4L7WilI3vipGweRhcCh6pAAL/0v16T6U2f/wZkx4QMAmUFyzr8QFk61/WZr+XP w3GTJdg== X-Google-Smtp-Source: AGHT+IH4iSr5KwLJmRVqnNug5aDy8pe70mqGviSCJM20Gbtyqe1yxZEdeYq4VIFoxas+vnB8AcFiz0D+NEw= X-Received: from pfbhm20.prod.google.com ([2002:a05:6a00:6714:b0:748:f270:c438]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:aa7:88d1:0:b0:74b:4d96:d159 with SMTP id d2e1a72fcca58-76aad77f4d6mr1711853b3a.0.1753829738459; Tue, 29 Jul 2025 15:55:38 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:36 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-6-seanjc@google.com> Subject: [PATCH v17 05/24] KVM: Rename CONFIG_KVM_GENERIC_PRIVATE_MEM to CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba The original name was vague regarding its functionality. This Kconfig option specifically enables and gates the kvm_gmem_populate() function, which is responsible for populating a GPA range with guest data. The new name, HAVE_KVM_ARCH_GMEM_POPULATE, describes the purpose of the option: to enable arch-specific guest_memfd population mechanisms. It also follows the same pattern as the other HAVE_KVM_ARCH_* configuration options. This improves clarity for developers and ensures the name accurately reflects the functionality it controls, especially as guest_memfd support expands beyond purely "private" memory scenarios. Temporarily keep KVM_GENERIC_PRIVATE_MEM as an x86-only config so as to minimize churn, and to hopefully make it easier to see what features require HAVE_KVM_ARCH_GMEM_POPULATE. On that note, omit GMEM_POPULATE for KVM_X86_SW_PROTECTED_VM, as regular ol' memset() suffices for software-protected VMs. As for KVM_GENERIC_PRIVATE_MEM, a future change will select KVM_GUEST_MEMFD for all 64-bit KVM builds, at which point the intermediate config will become obsolete and can/will be dropped. Reviewed-by: Ira Weiny Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Vlastimil Babka Co-developed-by: David Hildenbrand Signed-off-by: David Hildenbrand Signed-off-by: Fuad Tabba Reviewed-by: Xiaoyao Li Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson --- arch/x86/kvm/Kconfig | 14 ++++++++++---- include/linux/kvm_host.h | 2 +- virt/kvm/Kconfig | 9 ++++----- virt/kvm/guest_memfd.c | 2 +- 4 files changed, 16 insertions(+), 11 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 13ab7265b505..c763446d9b9f 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -79,11 +79,16 @@ config KVM_WERROR =20 If in doubt, say "N". =20 +config KVM_X86_PRIVATE_MEM + select KVM_GENERIC_MEMORY_ATTRIBUTES + select KVM_GUEST_MEMFD + bool + config KVM_SW_PROTECTED_VM bool "Enable support for KVM software-protected VMs" depends on EXPERT depends on KVM_X86 && X86_64 - select KVM_GENERIC_PRIVATE_MEM + select KVM_X86_PRIVATE_MEM help Enable support for KVM software-protected VMs. Currently, software- protected VMs are purely a development and testing vehicle for @@ -133,8 +138,8 @@ config KVM_INTEL_TDX bool "Intel Trust Domain Extensions (TDX) support" default y depends on INTEL_TDX_HOST - select KVM_GENERIC_PRIVATE_MEM - select KVM_GENERIC_MEMORY_ATTRIBUTES + select KVM_X86_PRIVATE_MEM + select HAVE_KVM_ARCH_GMEM_POPULATE help Provides support for launching Intel Trust Domain Extensions (TDX) confidential VMs on Intel processors. @@ -157,9 +162,10 @@ config KVM_AMD_SEV depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=3Dy && CRYPTO_DEV_CCP_DD=3Dm) select ARCH_HAS_CC_PLATFORM - select KVM_GENERIC_PRIVATE_MEM + select KVM_X86_PRIVATE_MEM select HAVE_KVM_ARCH_GMEM_PREPARE select HAVE_KVM_ARCH_GMEM_INVALIDATE + select HAVE_KVM_ARCH_GMEM_POPULATE help Provides support for launching encrypted VMs which use Secure Encrypted Virtualization (SEV), Secure Encrypted Virtualization with diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 8cdc0b3cc1b1..ddfb6cfe20a6 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2534,7 +2534,7 @@ static inline int kvm_gmem_get_pfn(struct kvm *kvm, int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int m= ax_order); #endif =20 -#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM +#ifdef CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE /** * kvm_gmem_populate() - Populate/prepare a GPA range with guest data * diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index e4b400feff94..1b7d5be0b6c4 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -116,11 +116,6 @@ config KVM_GUEST_MEMFD select XARRAY_MULTI bool =20 -config KVM_GENERIC_PRIVATE_MEM - select KVM_GENERIC_MEMORY_ATTRIBUTES - select KVM_GUEST_MEMFD - bool - config HAVE_KVM_ARCH_GMEM_PREPARE bool depends on KVM_GUEST_MEMFD @@ -128,3 +123,7 @@ config HAVE_KVM_ARCH_GMEM_PREPARE config HAVE_KVM_ARCH_GMEM_INVALIDATE bool depends on KVM_GUEST_MEMFD + +config HAVE_KVM_ARCH_GMEM_POPULATE + bool + depends on KVM_GUEST_MEMFD diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 7d85cc33c0bb..b2b50560e80e 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -627,7 +627,7 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory= _slot *slot, } EXPORT_SYMBOL_GPL(kvm_gmem_get_pfn); =20 -#ifdef CONFIG_KVM_GENERIC_PRIVATE_MEM +#ifdef CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE long kvm_gmem_populate(struct kvm *kvm, gfn_t start_gfn, void __user *src,= long npages, kvm_gmem_populate_cb post_populate, void *opaque) { --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CBC7528AB15 for ; Tue, 29 Jul 2025 22:55:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829742; cv=none; b=eFlyii5xbSoKn2nbig3h1478EDzGdETU/EwkmEvjfbkgRZt2OiFXUYNm2QRXic7R2WF9eF6YdHSxakY+eHIsbXXW0PoGak0wcx22EM9tG2qi6T8zrj3kkRplnQ23HHDgg08Aawpd8Fy5Q0yDbqbDMpEi/1Zz93jSFasAW1mpTfw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829742; c=relaxed/simple; bh=hi/18U82wGIIZl2EYW42KIDZYw4mjolrxOlqRIgipOw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=CQy+iJahSfdlkPDxygEVfwEZUuQaFWtERNjWLdYBfaqnAGngiSl2TesvWoqYGaFOCi9tUi3rMwOa/IwDALoiB+0CqefpRFuGFcHbKcO7XUuGtA0OwaWFdmmGmXnUccTMWsKEJldLwX26iXTOfqa39QxE8ROYMtlDYvAiXx15/c0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=EF0dzby6; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="EF0dzby6" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-31f2dd307d4so1474244a91.0 for ; Tue, 29 Jul 2025 15:55:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829740; x=1754434540; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=FhtpXawluoN1TztYZndQOy+flGIHfIQx6Vy9IgjwFIs=; b=EF0dzby6ItDT0pCzra+AWpfFdrV7B0MxhNGjaMyLo/NOmpuKwtCSn7TdTQuHyckR3g mNhwvmGnviHOe3XJTL96D4mbO+c9Y8AxCLQ5JKFMMzUky4aYaU3iIn1GgVnnCeVDmBM9 W6ycl82WK3BBJNzBZa6ITrBg0nKVYdNt1XYInio+mHyDsv1c7/wamDEajvqzI7oUZiW6 WD5eX+SCWsJev9gIg5l1tdYXjFUvS++47nMDKH1l9pIXQ/oXZ5zRhvo14t2EI0mwOEGa RbiBrGPp8qCFP28a7z0BiJh11zeR9khdxvEYAvuFSp8+y/KSDJjL4wCM/NC2NRU2INHn P9Uw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829740; x=1754434540; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=FhtpXawluoN1TztYZndQOy+flGIHfIQx6Vy9IgjwFIs=; b=TKk/RJoI6xIj1suaGsiMyFnsKmOKvxXqq4O3680RW7EY378SKf/w426+oIIYlmQqW0 acyhJGmjkbL/us7rbcGLkeVAFVBloyP/NmZDJKDU3Fz+wiqZdGBR+t4+TQghfbEPRMld +yQyIuaG7b6Y5Dsqwaea6b0ZsZwYaHq6Zvh+z/XD5SwWjD7WogjmAVz5s3xLeKYZ91rs fxgUfh4RAZ/zE4H04hTSsfeuM8JlUcj7ZYWiPhMMDmMOB6BCdoBLGLucJ2bNaOjnw6KM hAD+warf340/+z5e78bRTiKQ2eeHg/7Gf4cr2mN8kj1Ag2RaX29UDDQ2ITGtwoB0PEEA hjVA== X-Forwarded-Encrypted: i=1; AJvYcCUDalIwmMYq9z/WFrmW1jn4/cIIn5SyevxZ5D+l4VgiBbESYe7XIHGOLxIQhB8xSOKriudYn5RMapKUFF4=@vger.kernel.org X-Gm-Message-State: AOJu0YxC8+lL/eb7D7TLRUqeVmpSm6PrB8EbGSGOMPhLPoY8tv3CbCAT t2XsZiUmuMnS2T5Zn36YOiIlEFUC98hLzsLGr72Guy3TEiECAoMy/mqMlZzLxI5bFs9pK5HpFxg vdgZn6g== X-Google-Smtp-Source: AGHT+IHVaYv0c9Xo7sfmO9HlXWVUgQ/03BKk+znZ6UuFoh4T2PuODk3nkbH2GWjiFHs5USAjAtpb3fE9ROQ= X-Received: from pjbtc16.prod.google.com ([2002:a17:90b:5410:b0:31f:335d:342d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:e7ca:b0:31f:150:e045 with SMTP id 98e67ed59e1d1-31f5de942f7mr1332792a91.32.1753829740086; Tue, 29 Jul 2025 15:55:40 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:37 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-7-seanjc@google.com> Subject: [PATCH v17 06/24] KVM: Rename kvm_slot_can_be_private() to kvm_slot_has_gmem() From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Rename kvm_slot_can_be_private() to kvm_slot_has_gmem() to improve clarity and accurately reflect its purpose. The function kvm_slot_can_be_private() was previously used to check if a given kvm_memory_slot is backed by guest_memfd. However, its name implied that the memory in such a slot was exclusively "private". As guest_memfd support expands to include non-private memory (e.g., shared host mappings), it's important to remove this association. The new name, kvm_slot_has_gmem(), states that the slot is backed by guest_memfd without making assumptions about the memory's privacy attributes. Reviewed-by: Ira Weiny Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Vlastimil Babka Reviewed-by: Xiaoyao Li Co-developed-by: David Hildenbrand Signed-off-by: David Hildenbrand Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/x86/kvm/mmu/mmu.c | 4 ++-- arch/x86/kvm/svm/sev.c | 4 ++-- include/linux/kvm_host.h | 2 +- virt/kvm/guest_memfd.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 6e838cb6c9e1..fdc2824755ee 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3312,7 +3312,7 @@ static int __kvm_mmu_max_mapping_level(struct kvm *kv= m, int kvm_mmu_max_mapping_level(struct kvm *kvm, const struct kvm_memory_slot *slot, gfn_t gfn) { - bool is_private =3D kvm_slot_can_be_private(slot) && + bool is_private =3D kvm_slot_has_gmem(slot) && kvm_mem_is_private(kvm, gfn); =20 return __kvm_mmu_max_mapping_level(kvm, slot, gfn, PG_LEVEL_NUM, is_priva= te); @@ -4551,7 +4551,7 @@ static int kvm_mmu_faultin_pfn_private(struct kvm_vcp= u *vcpu, { int max_order, r; =20 - if (!kvm_slot_can_be_private(fault->slot)) { + if (!kvm_slot_has_gmem(fault->slot)) { kvm_mmu_prepare_memory_fault_exit(vcpu, fault); return -EFAULT; } diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2fbdebf79fbb..7744c210f947 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2365,7 +2365,7 @@ static int snp_launch_update(struct kvm *kvm, struct = kvm_sev_cmd *argp) mutex_lock(&kvm->slots_lock); =20 memslot =3D gfn_to_memslot(kvm, params.gfn_start); - if (!kvm_slot_can_be_private(memslot)) { + if (!kvm_slot_has_gmem(memslot)) { ret =3D -EINVAL; goto out; } @@ -4719,7 +4719,7 @@ void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_= t gpa, u64 error_code) } =20 slot =3D gfn_to_memslot(kvm, gfn); - if (!kvm_slot_can_be_private(slot)) { + if (!kvm_slot_has_gmem(slot)) { pr_warn_ratelimited("SEV: Unexpected RMP fault, non-private slot for GPA= 0x%llx\n", gpa); return; diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index ddfb6cfe20a6..4c5e0a898652 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -615,7 +615,7 @@ struct kvm_memory_slot { #endif }; =20 -static inline bool kvm_slot_can_be_private(const struct kvm_memory_slot *s= lot) +static inline bool kvm_slot_has_gmem(const struct kvm_memory_slot *slot) { return slot && (slot->flags & KVM_MEM_GUEST_MEMFD); } diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index b2b50560e80e..a99e11b8b77f 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -643,7 +643,7 @@ long kvm_gmem_populate(struct kvm *kvm, gfn_t start_gfn= , void __user *src, long return -EINVAL; =20 slot =3D gfn_to_memslot(kvm, start_gfn); - if (!kvm_slot_can_be_private(slot)) + if (!kvm_slot_has_gmem(slot)) return -EINVAL; =20 file =3D kvm_gmem_get_file(slot); --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 739C429B795 for ; Tue, 29 Jul 2025 22:55:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829743; cv=none; b=cVoNReszZgcbKCJLiJLnHNJ7Vfq2/TNevwNyu72vRaB3SQ4lWPoX7yIsFgBgf8ct9e13j6qfGzGHDXv0cSyR63LqQLtpmwUfQ/02EOYz4i3gkmDL/FrDabJ0OhfR14QZRtVRJNfBzN4D7Uqz9ca4YpMDyqUZZYqcBoiEMxRJBDM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829743; c=relaxed/simple; bh=5XaLz6TgyathNJqnhdFXTkNHqph5QPuoYA9YQ+u2AWk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=TOT50RDgHhiPZwR+INOA3fG4KYa20W46hmX07u7R0urW4HjcvbGqDQbAFEdp+D/HvkJ3KcAM4G4u/cyGw2eWCDoJwP21PgXFyRk0OztHdklL0k9QZ9eVhNr8+7TcgJ5jtqJkZERG+xN1oPjsaI6cj0jOoz/B9fMZzK3Q8OjvMHg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Tr+kgpcp; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Tr+kgpcp" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-3139c0001b5so5723717a91.2 for ; Tue, 29 Jul 2025 15:55:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829742; x=1754434542; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=jzYeQ19SvsGHPOnRphF4Uobk/zE+UGMKVRi+nf13iRw=; b=Tr+kgpcpBNFLBAcgmWavkod0FfN2JvTQIfSFbeHwO47iF5hixJxEkzJeEc5JFEl3hh r4jaXchvJKfqappSVFhqoThP997pOP0L0KS/90xYeH0rPtCsmC6D8hHHLrWlcVWQEQbh 88Z0mlaAuE6AN/n5hMDJYQ8xAz3tDzHBQmvyKOcBJc1KNHQRAmwIbzlZhYYVsHPDiJ5q CGoGMwA5nOYl5/IchONPu9iqJuGCrNHGZyRRmHj7vmaM0v/rjas83w7DEedlNccC/LqN h/yK9SW7oa052kNfJXygic5g/yRBvAHCWN3nQz6pgdpI2adyECGgorjab+JAq5S5BHHd 4hjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829742; x=1754434542; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jzYeQ19SvsGHPOnRphF4Uobk/zE+UGMKVRi+nf13iRw=; b=rd5LEL2zQZZzatalw7Pg0g/hu2vYBArMO/up2VJmq66JTar8kMrJEF9DxpUfE+XSf5 1fLHC0cnRPud4jrs4LkK4I+HPY2AvIFHONzRrusFoXWGpMJIaJcQZ7UOkKrsXHBnAXg+ DkrU0dfxW138PFMCCU8pm9IWw3AriJx7I3gLQOst61FA0Zm10K23bcP0ZpSxREI+bhDf snoBqH2gEJyco5+ndEKnbnIK/vxrMjqcSw79X9MCoFo/17972dwJXgtHpljUHVrw4C+/ U3hES7bxGEj54YhCKaYVhvLqd5+16Yse4LRrAOx0z/XYDASyjU+8JYPiZjNsClI2WW1O zVcA== X-Forwarded-Encrypted: i=1; AJvYcCWD/wANPRjbYEp5fToCFBnoVQaY3GTW/ZH83s0//8DI+xwmxOFLeL2bGAPu6rEgSP7myjnDNtaB4a5NzDE=@vger.kernel.org X-Gm-Message-State: AOJu0YyefyXkEyiwBemv3G4WbrD4SXi6eKfVvvlnaky19L5P+dd6lcW0 VRCxP2solM48qBUQOF+UwJ4Iinxq2/c4ZqTK2ELskvUBoc+FxeNWQLYbKU3iyzNQ8rKJHk/8vvE E3lfdeQ== X-Google-Smtp-Source: AGHT+IFn2WAK9ukizMY0dgeyzampJaEckC2xblRT2k3Bk2uKavbOCAt+9mg9yLDOobFQoDGRUwGnRmEVCVE= X-Received: from pjoa9.prod.google.com ([2002:a17:90a:8c09:b0:31e:fac4:4723]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:1dc1:b0:31c:36f5:d95 with SMTP id 98e67ed59e1d1-31f5de2f372mr1596778a91.2.1753829741953; Tue, 29 Jul 2025 15:55:41 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:38 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-8-seanjc@google.com> Subject: [PATCH v17 07/24] KVM: Fix comments that refer to slots_lock From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Fix comments so that they refer to slots_lock instead of slots_locks (remove trailing s). Reviewed-by: David Hildenbrand Reviewed-by: Ira Weiny Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Vlastimil Babka Reviewed-by: Xiaoyao Li Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- include/linux/kvm_host.h | 2 +- virt/kvm/kvm_main.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 4c5e0a898652..5c25b03d3d50 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -860,7 +860,7 @@ struct kvm { struct notifier_block pm_notifier; #endif #ifdef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES - /* Protected by slots_locks (for writes) and RCU (for reads) */ + /* Protected by slots_lock (for writes) and RCU (for reads) */ struct xarray mem_attr_array; #endif char stats_id[KVM_STATS_NAME_SIZE]; diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 25a94eed75fd..aa86dfd757db 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -331,7 +331,7 @@ void kvm_flush_remote_tlbs_memslot(struct kvm *kvm, * All current use cases for flushing the TLBs for a specific memslot * are related to dirty logging, and many do the TLB flush out of * mmu_lock. The interaction between the various operations on memslot - * must be serialized by slots_locks to ensure the TLB flush from one + * must be serialized by slots_lock to ensure the TLB flush from one * operation is observed by any other operation on the same memslot. */ lockdep_assert_held(&kvm->slots_lock); --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 400D3285053 for ; Tue, 29 Jul 2025 22:55:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829745; cv=none; b=BMlXwolQPmHejcIEXS5UibwTax79p1y1yffWFFgUe8GqN5TWfZ+u0Av0MGCrx1kQUGizkXAC/2mIetm8O1aZjqc9y2PYOyVR9HUV+f/dd6t4pnKH13UzycY2q8ylhBn/J2ldx3M8B8RvxFATURiIxvDJCMfIkN10giv+1QGc2YM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829745; c=relaxed/simple; bh=t6cvLBrPM9/1VtvPzsJKVP/et9Zij9EVmcFUvQb2kwQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=lQogoy8ZhEYB7p/rZXrrnbzTPzmLEKcIlmuZUkyHhorpEPim8OvbnFa8zR2pyr8RqNWLPz8xBy3de54CmDiJjqZ8Lnmq4wRZrBSe1eY4lDqpNvUwTaeeG3tT4D9mPE+Rf9MEYFDfq4q90tWUA9yAyuINVMz1CGYK4ydi7PxjvzU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=uzBEm4nk; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="uzBEm4nk" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-315af0857f2so5638690a91.0 for ; Tue, 29 Jul 2025 15:55:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829743; x=1754434543; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=M1YWU7ablLeHyEQZv+XErUzYidgNy71lF3ZCKk+Y1ss=; b=uzBEm4nk3bmHcJ0POTIEoEeKPrqyzESnWe+MQJ2Jr9SUMGwCZHtSgJCqDsflmppogF AjfegOqUBEF1V8owhf2S4hLERvpE4nDonFRTip+nU1InIRM0JjG2UIg0rapb7seExleV y5HVMVvaEnAmbKGH+cPNOmm4nYVntssbrPhBtWUwZvWvmf85TsXdJnZjPS5f9KV8Witj TTpVD82R4nierWVAOix3CPyK4yUZ6GC8q9wqVkECYuPcwPeMgJVbJEbBPPoWesxXzmKz 9cIzOk6zSUSIpxgNt2aJmEwA25IwVclkPbSS/4Z9FBqj9KOOrueg5PMUA7Hw7XgK4E1q gv+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829743; x=1754434543; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=M1YWU7ablLeHyEQZv+XErUzYidgNy71lF3ZCKk+Y1ss=; b=eYuPpSrnx7oPlNeTj0ujaxU9gVOU37KImlEK7BW/TQf4y240F2gLoNZ5h+u3t/rG3N +wu5U4xfyDYwxXhM9JnPD6EVdMGIP98LnUwlU3RrEarCrCmjNf3skSEhupkKMtuf2rrD mecAJekJ/yLONdR+SXBKerBh1/o3xycHm1rqn0qHXqbZw20lHIrXQTVtY2aZp0dAA4pA 4pVY3cvLo7w2HyB93BcpDxr+O915BxkKKfaK8P6cOiErdAg0JpoNwQEl9rGEMDzmj86o emt1Re9zjQXgocVmBKMEeroSOqDplXf4xV53WDEqjZuemV4rKFOnUBw1KWFHQ7DiP0Kq 1MYw== X-Forwarded-Encrypted: i=1; AJvYcCXJVfYJMeATRLlJETaW9UrjJ9M+gAt1lJoJZFIUTUWXZLzB/4dIrc20jiXQJhXn0ZuTnK/pCWpevz+aPQc=@vger.kernel.org X-Gm-Message-State: AOJu0Yw2+aqpelh6X7dKAezVVUAgqjEf1qn8vmwEkGuwyIWLU67L6BSX RlEfC5kDJ96QXgYyfi3VmCRXaqD3mXNAH0FsvQqzrJg3iMYy0J2eDJK/uWbj5FTRcVzaoj1ZeXh T+tY7oA== X-Google-Smtp-Source: AGHT+IGVcslDz7bQMIRMZU+0Y4qmg1DflFiXRNbdJAEQP1alfIjp0PIHNIVeHhCtlJmnFtEV0iZyubohx5w= X-Received: from pjbqo4.prod.google.com ([2002:a17:90b:3dc4:b0:31e:cbc7:c55d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:5111:b0:31f:1744:e7fd with SMTP id 98e67ed59e1d1-31f5de569fdmr1627875a91.31.1753829743638; Tue, 29 Jul 2025 15:55:43 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:39 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-9-seanjc@google.com> Subject: [PATCH v17 08/24] KVM: Fix comment that refers to kvm uapi header path From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba The comment that points to the path where the user-visible memslot flags are refers to an outdated path and has a typo. Update the comment to refer to the correct path. Reviewed-by: David Hildenbrand Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Vlastimil Babka Reviewed-by: Xiaoyao Li Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- include/linux/kvm_host.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 5c25b03d3d50..56ea8c862cfd 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -52,7 +52,7 @@ /* * The bit 16 ~ bit 31 of kvm_userspace_memory_region::flags are internally * used in kvm, other bits are visible for userspace which are defined in - * include/linux/kvm_h. + * include/uapi/linux/kvm.h. */ #define KVM_MEMSLOT_INVALID (1UL << 16) =20 --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED3E52BE05B for ; Tue, 29 Jul 2025 22:55:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829747; cv=none; b=io+qcB/5EyPNhauOdtm9KBlZS89aSEZjScMYn7XxToVg2XlLPouyijX8mJJsPRJipV8zB+EmOzNfEariR3BpleKlxXWmb3IpVy01uHF3dXB/wgBEzbY1nOu4HhRMSw2ZTSUO9OVQ4xO/AnYgsYxDEH0zs+ieDaRKGqRSFbwN9Ls= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829747; c=relaxed/simple; bh=Sh/IfRFoYWaPKcCYaCpo6wz2Cjf9m+WXMtg9Zp0+6jw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=pZbjYTYbPZgriRaHezmdKgdB3zfYA+bri8NJRzhiDxUHnWQAKXt6TxKkBQQpNA1HHUZBi6m+qyjbT5bzXoJgfUy0K5zuvDKLW51Tng5ya200PvqwNtmoMgJ0gKwP7RFvO8Xzvik+v7Iij7m5PkyBmGeBNBeJiuVkkzfGxlbnYOY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=cKRnjelS; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="cKRnjelS" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-31eac278794so3523797a91.3 for ; Tue, 29 Jul 2025 15:55:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829745; x=1754434545; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=oV6gYTik8qRY3StGmPp/EUp2dAdw3D3Ak3GOGxl25v8=; b=cKRnjelS6OV9vgJoIZLd+O5acA0gMGTkpcZtVyrN+D/d4GiiBajbgsdYJzSx8R5l2g N/MnUjUc3uhfYYtg/fwQEAewo98CB4AB+rUhbpGXPBUV3lX7bX88K2wCOKPbFHIyCxv6 k0FhRKkflKaYwR71mFRfKvuY98NBrqHzvShNX5jscybxsTVxEsQ6I1l7NNTNiBQfCgdG vwJp6qZbXB/09a6Lz1BPOy6lys2kNrGPfyyDfx3s8efumI3Cb8MLn+rQ9qks4Qaqan2C lywJTS7kG+UplQbTmzTmF+Fvj5vU52NQ19Yqx2dM7NhcCxXpe7CDQZExPgIMmsOH0p2N pyjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829745; x=1754434545; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=oV6gYTik8qRY3StGmPp/EUp2dAdw3D3Ak3GOGxl25v8=; b=C16Xwz//kjvVAMO0FrxBFcTv/iGOwopTEwNUadzw8Mj9N5RpeP5G7Ebj65VGgd57Zk q4ZhBqbaPcy7xtuQwUKyQuAHtsFcyv2Og0JGhUzqrDYb3m0Ue4WZFIdkh13WS7WXrJtm rmT1aAlfzA6KANU6aE/Pzyq8dwrg4WgeDpq0J2wqB/Svh+VzcCvd+6OI8CrtD0kGqNSK wVu4fIwFSEHelIGFUwoSaVZmKILRYaM8KXeIk0XlEMGKlTcgiUBNcbdLWlsghNb/7+sp dL+JrJHKvml1wWyRA1E6RCl6QOlNT9PWiSqq9q3+9sN7HP1Ez+FlGwXrjJTz/mzsCPVP IRIQ== X-Forwarded-Encrypted: i=1; AJvYcCWsU2dLIMoVoB3IbZR9Tg9mi+/dNwHtUxQfFHK90fBbtKtzhWJs/0lNNLdUjASH+Zi5X+rDGEmGd6Nsohk=@vger.kernel.org X-Gm-Message-State: AOJu0YwdJkJDOPeenQFqMKmwpYSwp1Vv4+AXEFpyIAK7uZTMoUPsgd48 FOApMkjuNr+luoEDoBr8QyOsht8ePftLQWETy3C2NqoBE+ADyZ4K/lSYRkxzCybTggwOu0jrLh1 Ghx0Sdw== X-Google-Smtp-Source: AGHT+IFUKuUgGE8Xp/j1VSO4HB6WlF8z7V2tvMpDcnp8m/G+j0eEa4knj1wWJuc7IsYN2X0Q+kKp6nFysik= X-Received: from pjbpv8.prod.google.com ([2002:a17:90b:3c88:b0:31e:998f:7b79]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:52c3:b0:31c:15d9:8ae with SMTP id 98e67ed59e1d1-31f5de68c89mr1509857a91.33.1753829745204; Tue, 29 Jul 2025 15:55:45 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:40 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-10-seanjc@google.com> Subject: [PATCH v17 09/24] KVM: x86: Enable KVM_GUEST_MEMFD for all 64-bit builds From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Enable KVM_GUEST_MEMFD for all KVM x86 64-bit builds, i.e. for "default" VM types when running on 64-bit KVM. This will allow using guest_memfd to back non-private memory for all VM shapes, by supporting mmap() on guest_memfd. Opportunistically clean up various conditionals that become tautologies once x86 selects KVM_GUEST_MEMFD more broadly. Specifically, because SW protected VMs, SEV, and TDX are all 64-bit only, private memory no longer needs to take explicit dependencies on KVM_GUEST_MEMFD, because it is effectively a prerequisite. Suggested-by: Sean Christopherson Signed-off-by: Fuad Tabba Reviewed-by: Xiaoyao Li Reviewed-by: David Hildenbrand Signed-off-by: Sean Christopherson --- arch/x86/include/asm/kvm_host.h | 4 +--- arch/x86/kvm/Kconfig | 12 ++++-------- include/linux/kvm_host.h | 9 ++------- virt/kvm/kvm_main.c | 4 ++-- 4 files changed, 9 insertions(+), 20 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 7b0f2b3e492d..50366a1ca192 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2276,10 +2276,8 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forc= ed_root_level, int tdp_max_root_level, int tdp_huge_page_level); =20 =20 -#ifdef CONFIG_KVM_GUEST_MEMFD +#ifdef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES #define kvm_arch_has_private_mem(kvm) ((kvm)->arch.has_private_mem) -#else -#define kvm_arch_has_private_mem(kvm) false #endif =20 #define kvm_arch_has_readonly_mem(kvm) (!(kvm)->arch.has_protected_state) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index c763446d9b9f..4e43923656d0 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -47,6 +47,7 @@ config KVM_X86 select KVM_GENERIC_HARDWARE_ENABLING select KVM_GENERIC_PRE_FAULT_MEMORY select KVM_WERROR if WERROR + select KVM_GUEST_MEMFD if X86_64 =20 config KVM tristate "Kernel-based Virtual Machine (KVM) support" @@ -79,16 +80,11 @@ config KVM_WERROR =20 If in doubt, say "N". =20 -config KVM_X86_PRIVATE_MEM - select KVM_GENERIC_MEMORY_ATTRIBUTES - select KVM_GUEST_MEMFD - bool - config KVM_SW_PROTECTED_VM bool "Enable support for KVM software-protected VMs" depends on EXPERT depends on KVM_X86 && X86_64 - select KVM_X86_PRIVATE_MEM + select KVM_GENERIC_MEMORY_ATTRIBUTES help Enable support for KVM software-protected VMs. Currently, software- protected VMs are purely a development and testing vehicle for @@ -138,7 +134,7 @@ config KVM_INTEL_TDX bool "Intel Trust Domain Extensions (TDX) support" default y depends on INTEL_TDX_HOST - select KVM_X86_PRIVATE_MEM + select KVM_GENERIC_MEMORY_ATTRIBUTES select HAVE_KVM_ARCH_GMEM_POPULATE help Provides support for launching Intel Trust Domain Extensions (TDX) @@ -162,7 +158,7 @@ config KVM_AMD_SEV depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=3Dy && CRYPTO_DEV_CCP_DD=3Dm) select ARCH_HAS_CC_PLATFORM - select KVM_X86_PRIVATE_MEM + select KVM_GENERIC_MEMORY_ATTRIBUTES select HAVE_KVM_ARCH_GMEM_PREPARE select HAVE_KVM_ARCH_GMEM_INVALIDATE select HAVE_KVM_ARCH_GMEM_POPULATE diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 56ea8c862cfd..4d1c44622056 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -719,11 +719,7 @@ static inline int kvm_arch_vcpu_memslots_id(struct kvm= _vcpu *vcpu) } #endif =20 -/* - * Arch code must define kvm_arch_has_private_mem if support for guest_mem= fd is - * enabled. - */ -#if !defined(kvm_arch_has_private_mem) && !IS_ENABLED(CONFIG_KVM_GUEST_MEM= FD) +#ifndef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES static inline bool kvm_arch_has_private_mem(struct kvm *kvm) { return false; @@ -2505,8 +2501,7 @@ bool kvm_arch_post_set_memory_attributes(struct kvm *= kvm, =20 static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) { - return IS_ENABLED(CONFIG_KVM_GUEST_MEMFD) && - kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_PRIVATE; + return kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_PRIVATE; } #else static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index aa86dfd757db..4f57cb92e109 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1588,7 +1588,7 @@ static int check_memory_region_flags(struct kvm *kvm, { u32 valid_flags =3D KVM_MEM_LOG_DIRTY_PAGES; =20 - if (kvm_arch_has_private_mem(kvm)) + if (IS_ENABLED(CONFIG_KVM_GUEST_MEMFD)) valid_flags |=3D KVM_MEM_GUEST_MEMFD; =20 /* Dirty logging private memory is not currently supported. */ @@ -4917,7 +4917,7 @@ static int kvm_vm_ioctl_check_extension_generic(struc= t kvm *kvm, long arg) #endif #ifdef CONFIG_KVM_GUEST_MEMFD case KVM_CAP_GUEST_MEMFD: - return !kvm || kvm_arch_has_private_mem(kvm); + return 1; #endif default: break; --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 93FBD2BE7AA for ; Tue, 29 Jul 2025 22:55:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829749; cv=none; b=lONtmjycxkRG6dSlchS/ibVOl14p9auKvxNjQFH0gjU+YAEy/qUmUbyhwknm54If9Qd7ZV9e8Pgiv4NTeFI0BEcGnb1xx7RJmkFPfKr+QMWbuqgb7dEjh3ZLL8xLQOK6u6TKQLNmN/Py4YL4nOTg/hCNb9UvEnEUmTd4UOoa9LM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829749; c=relaxed/simple; bh=Xbe974jAg04TIW9HfK3Y4I+nikYFzuKAbkXN+KFWFPw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=n78wbaglQbmX3LLCNnSGUXEWZmW0CzoHHRMrBFGhfZfba9Wy4jT6V00L/WoQxAXO1Mo7xcaTWJ8MZDa+LQAY7yB+BBldfAAkzM/sDwFbpbbExMAjonNH+VbX6LhXua4JuBBLRljHXWkUkVLVKGkLea8HhBPWSkLf2LgSGVzk7N0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=qw/IIqlV; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qw/IIqlV" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-237e6963f70so105911865ad.2 for ; Tue, 29 Jul 2025 15:55:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829747; x=1754434547; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=tn1mSBLO+YLVwstEyyon9JR/mQU0lWjJcGUdOXFvVvs=; b=qw/IIqlVlsHtwrrpV317Ga6/K1j02MpDgvhCP9CenNVJ1OH6SwpLhbJgPl+LbtafLE OKuQUOFqPc9wzLjIbBKEvcBX4bT8M3e+KMw+LYWyyAFJj3fwyh9LlVQgLq0NOBBMppIA lOCHUobchVa38CMjb/lKZQ7eUmbBEzU+JS29rlTeA+udEdvyZhqXDei8W0LtBH/Bv8KR B90ZqKtMhuapcKZ+eYwCiEhg7vzeFaPV3rNcS+7iuD+AT/8/ZWY6ZAMu+OqYQ1aFSEhU /Vwm3Cjuj4DgTpF5FvsjAmxLGRUMo5Xp8Uc6rQtzxGQoEZ5n02DrxVLaDslXJw1iEtGV qg9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829747; x=1754434547; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tn1mSBLO+YLVwstEyyon9JR/mQU0lWjJcGUdOXFvVvs=; b=hLNpVjkn4Q6/6MFXncwWFbdo3Y7zlxLQLAzJ9hgD5RuA9HHFSlCbUw5vIaxCOm4zIa R35SlmTHcnHmfJnpm3gtgy6VL2ZHnuDnu7FHgIsyfMjalOmWmssbS9g25WJpnlHHLQXs 16m9qliPFIQYHK+bJFIdvMYaJfArdxeAPl7X7hgHm98SaXRYcCpRd5JrhLuG6EyYiB4T 2c6RMJt9qXlLfznEC3pHvSrY9dYckvcxs9jVv9SL6/y9wDCc97E2WeWpBStLtAJTnD41 3eb1Wvhf/Zii7QinsCa8IQvGVT3Xo0XNftvkXC3JPaBGXdYlK0T0NyF0J+1aTh7pbY2r rhJA== X-Forwarded-Encrypted: i=1; AJvYcCXor4O4G1+68eH1UvhJFQCjHTpt9cChtEesyChD6xmA/b1YrIVVj/ChZcGRoXxQ64Rrhh1Cki9b9uxKm0o=@vger.kernel.org X-Gm-Message-State: AOJu0YwIbOqM1tTFQPlIpPdlgNrw9uSN1AkV31+ke6pngihPbV3pULSO YRS9T5Z9WkmimemXY78+kWCVeknTi9yTZ0bWGEeRTc+neY8VkbkbI6c+T9CJwkHlHkIIy5wHToI 60iO7jw== X-Google-Smtp-Source: AGHT+IHAFJZIedsHoBlxMRk1Os6nimsUyZRbs4o25k9lGhNMmtWWfdhx2zaS8kMkKKU+mHoV57Vx/+pszAo= X-Received: from pjk4.prod.google.com ([2002:a17:90b:5584:b0:312:187d:382d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:d505:b0:240:6740:6b11 with SMTP id d9443c01a7336-24096b0faa3mr13034795ad.40.1753829746789; Tue, 29 Jul 2025 15:55:46 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:41 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-11-seanjc@google.com> Subject: [PATCH v17 10/24] KVM: guest_memfd: Add plumbing to host to map guest_memfd pages From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Introduce the core infrastructure to enable host userspace to mmap() guest_memfd-backed memory. This is needed for several evolving KVM use cases: * Non-CoCo VM backing: Allows VMMs like Firecracker to run guests entirely backed by guest_memfd, even for non-CoCo VMs [1]. This provides a unified memory management model and simplifies guest memory handling. * Direct map removal for enhanced security: This is an important step for direct map removal of guest memory [2]. By allowing host userspace to fault in guest_memfd pages directly, we can avoid maintaining host kernel direct maps of guest memory. This provides additional hardening against Spectre-like transient execution attacks by removing a potential attack surface within the kernel. * Future guest_memfd features: This also lays the groundwork for future enhancements to guest_memfd, such as supporting huge pages and enabling in-place sharing of guest memory with the host for CoCo platforms that permit it [3]. Enable the basic mmap and fault handling logic within guest_memfd, but hold off on allow userspace to actually do mmap() until the architecture support is also in place. [1] https://github.com/firecracker-microvm/firecracker/tree/feature/secret-= hiding [2] https://lore.kernel.org/linux-mm/cc1bb8e9bc3e1ab637700a4d3defeec95b5506= 0a.camel@amazon.com [3] https://lore.kernel.org/all/c1c9591d-218a-495c-957b-ba356c8f8e09@redhat= .com/T/#u Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Acked-by: David Hildenbrand Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Signed-off-by: Fuad Tabba Reviewed-by: Xiaoyao Li Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 11 +++++++ include/linux/kvm_host.h | 4 +++ virt/kvm/guest_memfd.c | 70 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 85 insertions(+) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index a1c49bc681c4..e5cd54ba1eaa 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13518,6 +13518,16 @@ bool kvm_arch_no_poll(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_arch_no_poll); =20 +#ifdef CONFIG_KVM_GUEST_MEMFD +/* + * KVM doesn't yet support mmap() on guest_memfd for VMs with private memo= ry + * (the private vs. shared tracking needs to be moved into guest_memfd). + */ +bool kvm_arch_supports_gmem_mmap(struct kvm *kvm) +{ + return !kvm_arch_has_private_mem(kvm); +} + #ifdef CONFIG_HAVE_KVM_ARCH_GMEM_PREPARE int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int m= ax_order) { @@ -13531,6 +13541,7 @@ void kvm_arch_gmem_invalidate(kvm_pfn_t start, kvm_= pfn_t end) kvm_x86_call(gmem_invalidate)(start, end); } #endif +#endif =20 int kvm_spec_ctrl_test_value(u64 value) { diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 4d1c44622056..26bad600f9fa 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -726,6 +726,10 @@ static inline bool kvm_arch_has_private_mem(struct kvm= *kvm) } #endif =20 +#ifdef CONFIG_KVM_GUEST_MEMFD +bool kvm_arch_supports_gmem_mmap(struct kvm *kvm); +#endif + #ifndef kvm_arch_has_readonly_mem static inline bool kvm_arch_has_readonly_mem(struct kvm *kvm) { diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index a99e11b8b77f..67e7cd7210ef 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -312,7 +312,72 @@ static pgoff_t kvm_gmem_get_index(struct kvm_memory_sl= ot *slot, gfn_t gfn) return gfn - slot->base_gfn + slot->gmem.pgoff; } =20 +static bool kvm_gmem_supports_mmap(struct inode *inode) +{ + return false; +} + +static vm_fault_t kvm_gmem_fault_user_mapping(struct vm_fault *vmf) +{ + struct inode *inode =3D file_inode(vmf->vma->vm_file); + struct folio *folio; + vm_fault_t ret =3D VM_FAULT_LOCKED; + + if (((loff_t)vmf->pgoff << PAGE_SHIFT) >=3D i_size_read(inode)) + return VM_FAULT_SIGBUS; + + folio =3D kvm_gmem_get_folio(inode, vmf->pgoff); + if (IS_ERR(folio)) { + int err =3D PTR_ERR(folio); + + if (err =3D=3D -EAGAIN) + return VM_FAULT_RETRY; + + return vmf_error(err); + } + + if (WARN_ON_ONCE(folio_test_large(folio))) { + ret =3D VM_FAULT_SIGBUS; + goto out_folio; + } + + if (!folio_test_uptodate(folio)) { + clear_highpage(folio_page(folio, 0)); + kvm_gmem_mark_prepared(folio); + } + + vmf->page =3D folio_file_page(folio, vmf->pgoff); + +out_folio: + if (ret !=3D VM_FAULT_LOCKED) { + folio_unlock(folio); + folio_put(folio); + } + + return ret; +} + +static const struct vm_operations_struct kvm_gmem_vm_ops =3D { + .fault =3D kvm_gmem_fault_user_mapping, +}; + +static int kvm_gmem_mmap(struct file *file, struct vm_area_struct *vma) +{ + if (!kvm_gmem_supports_mmap(file_inode(file))) + return -ENODEV; + + if ((vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) !=3D + (VM_SHARED | VM_MAYSHARE)) { + return -EINVAL; + } + + vma->vm_ops =3D &kvm_gmem_vm_ops; + + return 0; +} + static struct file_operations kvm_gmem_fops =3D { + .mmap =3D kvm_gmem_mmap, .open =3D generic_file_open, .release =3D kvm_gmem_release, .fallocate =3D kvm_gmem_fallocate, @@ -391,6 +456,11 @@ static const struct inode_operations kvm_gmem_iops =3D= { .setattr =3D kvm_gmem_setattr, }; =20 +bool __weak kvm_arch_supports_gmem_mmap(struct kvm *kvm) +{ + return true; +} + static int __kvm_gmem_create(struct kvm *kvm, loff_t size, u64 flags) { const char *anon_name =3D "[kvm-gmem]"; --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5959A2BEC33 for ; Tue, 29 Jul 2025 22:55:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829750; cv=none; b=A6SFvnhNI6U1nivows7SQuy6ubEe2FjAZsjcQKYZ6zQcid9HOE5eAVG1JxDU6SS+IC/4tVJG1pI8LO4qqmJOmktHF+zaUMjtOFjPeW0S/C5tAtNauACtGaje4I/RlMsP+D0lzL5VqLfXoNbjppfW6AeTzhtasso0vqN/thKvy7I= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829750; c=relaxed/simple; bh=p3Az0/PEO9NNy7K/7GF+xs37R1p++sp7PEiKQeGgy/s=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VwVHXHBRv8gycwGLBIBep4c5ATZ4KGgSVxZxVZo9j7zJllURfD9hp0D3U97XPfaBNAUWJbwKBBtFojkeWbWFxeQN3cTVzizI5eqt9ae5uYOHZWqYcxu4nhZmW9a5Aki05qT8Wa9Gi3WcqWhzS7RqzeeR7zQuIoml+UmP/UEDMjA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=EyBx3AGF; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="EyBx3AGF" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-31eac278794so3523835a91.3 for ; Tue, 29 Jul 2025 15:55:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829749; x=1754434549; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=4HY+eQdd/nLDovMCXUcK3sJZavohA3et9/rmOJ7S8mw=; b=EyBx3AGFGUtXozsPzKgq9a/i6DfblJAQd4eImMYYaiLwkEKLAXCQM4aQHbq5TsKiOE W3qtcDLCIP4MWG3sIUPeOa/UgMGWFDgNv7nzdldl8UNEbg3fYXtvpa5GBLu0z59uwNNR GozKKpM0VDHrkI5d/OKSN4Tb5gB45il0fR0YZXaGercxBgci79tanLcqPCDH3BRLhtXG YpzXviHPGzMmPbC/R3ySCZYoQE3CHaqRa5IxVmpmxQbWFBll+1FFi4NBkmt58q5xWbO3 Iq/9G31lXcbCz19R5R4nAuu7RYdiJwhBNJgA9FcdN6NkdK7t/A1gM0huorGZ9RYXa+oV SKnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829749; x=1754434549; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4HY+eQdd/nLDovMCXUcK3sJZavohA3et9/rmOJ7S8mw=; b=KBBBVndKRHIk+3TMMA2A38kAq7q7+oTjPDWLt50XnyEFV6vBIjoRw5j4mBhihYqUhI wkB3aLesWRQlTwh95ETgTyVuNRvx2SHDWhX/ooSe7jCoDqvwFzZeavu6TEM2gUWJyNJl 3FuNfyDfdp1xcwOjKt2lu6jwggXshUksq5LSuVoMqfLgHfkez9XThfmB0WN49xG4V0kq vgAQ/oXS7if9xPdVWrnr9p65yQoWcuv80lIh13QyBoGzDca9ZZ6XIJ6oi9f7q+IUUlUe PTbMJa0wHzNl8Z+YtNgD5EqIK4kqeIUq3Vuu76celYHOiBD1z2CgQsJqyrlO0PYpaleD jK2g== X-Forwarded-Encrypted: i=1; AJvYcCVQdQrJxYBFeX/pNgcGTfAoM008wUcLjNOIJhEiZ7sDPkZyhVCpokMMv350gmFaLwa9lYOk0BcjzoWTKfw=@vger.kernel.org X-Gm-Message-State: AOJu0Ywt31Ma1aFO9/fRj5t0m/6/gK1OusIcX/kopbwAvQhoUiLjutou KFPQgqw2AIH1aRZkkTAgAIdUi24QewkBDzmbrpMuxLUrmyLEfGHTJbOaHOlq5pMik2tmX3kYy6f qJZs0iw== X-Google-Smtp-Source: AGHT+IFhotmaClkAB7rg0QKOA9E4cmIDk69xmBeYfpjr1LTJA+UVvMJehEkVmJzu9WDpMq0oubFS0TPkvpU= X-Received: from pjxx8.prod.google.com ([2002:a17:90b:58c8:b0:31c:4a51:8b75]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:47:b0:31f:42cd:690d with SMTP id 98e67ed59e1d1-31f5dd9e0d8mr1649821a91.13.1753829748835; Tue, 29 Jul 2025 15:55:48 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:42 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-12-seanjc@google.com> Subject: [PATCH v17 11/24] KVM: guest_memfd: Track guest_memfd mmap support in memslot From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Add a new internal flag, KVM_MEMSLOT_GMEM_ONLY, to the top half of memslot->flags (which makes it strictly for KVM's internal use). This flag tracks when a guest_memfd-backed memory slot supports host userspace mmap operations, which implies that all memory, not just private memory for CoCo VMs, is consumed through guest_memfd: "gmem only". This optimization avoids repeatedly checking the underlying guest_memfd file for mmap support, which would otherwise require taking and releasing a reference on the file for each check. By caching this information directly in the memslot, we reduce overhead and simplify the logic involved in handling guest_memfd-backed pages for host mappings. Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Xiaoyao Li Acked-by: David Hildenbrand Suggested-by: David Hildenbrand Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- include/linux/kvm_host.h | 11 ++++++++++- virt/kvm/guest_memfd.c | 2 ++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 26bad600f9fa..8b47891adca1 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -54,7 +54,8 @@ * used in kvm, other bits are visible for userspace which are defined in * include/uapi/linux/kvm.h. */ -#define KVM_MEMSLOT_INVALID (1UL << 16) +#define KVM_MEMSLOT_INVALID (1UL << 16) +#define KVM_MEMSLOT_GMEM_ONLY (1UL << 17) =20 /* * Bit 63 of the memslot generation number is an "update in-progress flag", @@ -2490,6 +2491,14 @@ static inline void kvm_prepare_memory_fault_exit(str= uct kvm_vcpu *vcpu, vcpu->run->memory_fault.flags |=3D KVM_MEMORY_EXIT_FLAG_PRIVATE; } =20 +static inline bool kvm_memslot_is_gmem_only(const struct kvm_memory_slot *= slot) +{ + if (!IS_ENABLED(CONFIG_KVM_GUEST_MEMFD)) + return false; + + return slot->flags & KVM_MEMSLOT_GMEM_ONLY; +} + #ifdef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES static inline unsigned long kvm_get_memory_attributes(struct kvm *kvm, gfn= _t gfn) { diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 67e7cd7210ef..d5b445548af4 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -578,6 +578,8 @@ int kvm_gmem_bind(struct kvm *kvm, struct kvm_memory_sl= ot *slot, */ WRITE_ONCE(slot->gmem.file, file); slot->gmem.pgoff =3D start; + if (kvm_gmem_supports_mmap(inode)) + slot->flags |=3D KVM_MEMSLOT_GMEM_ONLY; =20 xa_store_range(&gmem->bindings, start, end - 1, slot, GFP_KERNEL); filemap_invalidate_unlock(inode->i_mapping); --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F21F92C08B6 for ; Tue, 29 Jul 2025 22:55:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829754; cv=none; b=C0N851y/sMcLp+ewQAzh42WhdHKL99OvDK/u8bQivBcQIv4Fwo9tB946M+ZeroG+a0po1KJPyBROIusrz+89TuWrxsNOBPnstMB8irXyf9YM7d8weSbWBhhP6s23Xp1/ycnLU5RU2flUYYclynxGOXF2TmEE08uyvi6kRstuRb0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829754; c=relaxed/simple; bh=WeFKr3XwYMubF6PEa5sSz6hYZVpnww/5jO5Tu3utXR0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=tyQArk7OT+QhawszCU3wrLYhL8Hyh9ked1eR5xdfEO5gRGUvEfzT+PilEbBwjuhUV0+7om3lFYTyijPFh/j+barn1KHqIKIYxfxZ+QsrB284Cr9yvAnr+euKwx0Eth+9CbsD8NGkp7PgC1b0UESjUEMAiNM/C7FcgaCBknxp3FM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=eqXjOkMD; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="eqXjOkMD" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-2369dd58602so64575195ad.1 for ; Tue, 29 Jul 2025 15:55:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829752; x=1754434552; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=jTad4J8Qg1Nlv10PcvZ871whY+Aaj9TjlMyj9Irid8k=; b=eqXjOkMD6OcOb7fjk2bmw39/IdqpnQTPM0dzUFyowV+BDPUvKkqL5F5eAMAzOcaJIY LzTlWtL7zkoLujCvOt1zm+qY4hO9qkmg14JXpEzrOAFXuIVrGWEK9VHBUGJAVwY2/c2N iaHN1F8FelY7UAk5ku4mXUG6jV0JuDRN8uPXTbdMxXTZgvv9hF744pGjoJcQrBYCEC+W FxUNl6OJ0ocYjSPJ0skQQKKflTTeKnnNfyiAMH5e/TwCjNYeHPoCEM2OofaKRNGtQQwQ 5Gyc59sYgE+AGtjesEaX/oYUhqFhJRxvQSEyXtZp4SavVRZ2jVWpS+bF7X1QQD092Xd7 n15g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829752; x=1754434552; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=jTad4J8Qg1Nlv10PcvZ871whY+Aaj9TjlMyj9Irid8k=; b=NCR8wAmKjWzDe+kjswL9JOK8uj5i1T3OdrW2pCYYYYFLEwAuU5JQDLphprj6K0d5ZL l2ucVbtJNhRfeJ5XPhY32Hlo+1RM/sXVMmE7g0XtpjnSb9ljGTy3Q88Scprh2PdVBMu+ naqIOw80xffSMjWJY63NkuONzWi3vVVWs+Mte7hgM7x/gvv5RitR1qk7gjX1avhUNiXi 6dDPCF+SvwQcl8hJai3nNBqcxz4n7bCyrxgGSb2/qmkmzCUQP+GaUdyzXwFhh32VufsK GOfzH1Ru1xJNaM7AnLYI26f8hdrMeGaXeNqeuOyi4OJfIE7TQga+7K71oQ0SV05A3SIJ VDzg== X-Forwarded-Encrypted: i=1; AJvYcCW6+zQ6hfBgWHmFQaItEehi0s/tROJ572sSoh6gXCYs4+cUfB19N/agCbsFV1qM2t5zqPAYIZ3EtUxaJ4k=@vger.kernel.org X-Gm-Message-State: AOJu0Yyfc1vjrONam/Wnkj5KA4eUhHp8EJ8AI3mxCXpzPgEx8PWqXAPG 5/XgOWLUeaKFy3ly3FgvRPN3oXac9/pP31KKmE+y6pFKqxDZJyTW32y5zmulEQY4MkgQWM6cMoL 6Z5auEA== X-Google-Smtp-Source: AGHT+IE+WmeXckPv5tF/SBSQrHY4ZKYybHI52HgzkPQNumcR9r+UIJ3cQitNOL7pJonSsZZzG7kXKsvAgds= X-Received: from plblc3.prod.google.com ([2002:a17:902:fa83:b0:240:3906:c827]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:d547:b0:234:8e78:ce8a with SMTP id d9443c01a7336-24096bfd5e2mr13095805ad.48.1753829752170; Tue, 29 Jul 2025 15:55:52 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:43 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-13-seanjc@google.com> Subject: [PATCH v17 12/24] KVM: x86/mmu: Rename .private_max_mapping_level() to .gmem_max_mapping_level() From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ackerley Tng Rename kvm_x86_ops.private_max_mapping_level() to .gmem_max_mapping_level() in anticipation of extending guest_memfd support to non-private memory. No functional change intended. Reviewed-by: Xiaoyao Li Acked-by: David Hildenbrand Signed-off-by: Ackerley Tng Signed-off-by: Fuad Tabba Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Reviewed-by: Fuad Tabba --- arch/x86/include/asm/kvm-x86-ops.h | 2 +- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/kvm/svm/sev.c | 2 +- arch/x86/kvm/svm/svm.c | 2 +- arch/x86/kvm/svm/svm.h | 4 ++-- arch/x86/kvm/vmx/main.c | 6 +++--- arch/x86/kvm/vmx/tdx.c | 2 +- arch/x86/kvm/vmx/x86_ops.h | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-= x86-ops.h index 18a5c3119e1a..62c3e4de3303 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -145,7 +145,7 @@ KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons= ); KVM_X86_OP_OPTIONAL(get_untagged_addr) KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) -KVM_X86_OP_OPTIONAL_RET0(private_max_mapping_level) +KVM_X86_OP_OPTIONAL_RET0(gmem_max_mapping_level) KVM_X86_OP_OPTIONAL(gmem_invalidate) =20 #undef KVM_X86_OP diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index 50366a1ca192..c0a739bf3829 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1922,7 +1922,7 @@ struct kvm_x86_ops { void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_or= der); void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); - int (*private_max_mapping_level)(struct kvm *kvm, kvm_pfn_t pfn); + int (*gmem_max_mapping_level)(struct kvm *kvm, kvm_pfn_t pfn); }; =20 struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index fdc2824755ee..b735611e8fcd 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4532,7 +4532,7 @@ static u8 kvm_max_private_mapping_level(struct kvm *k= vm, kvm_pfn_t pfn, if (max_level =3D=3D PG_LEVEL_4K) return PG_LEVEL_4K; =20 - req_max_level =3D kvm_x86_call(private_max_mapping_level)(kvm, pfn); + req_max_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); if (req_max_level) max_level =3D min(max_level, req_max_level); =20 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 7744c210f947..be1c80d79331 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4947,7 +4947,7 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t e= nd) } } =20 -int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) +int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) { int level, rc; bool assigned; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index d9931c6c4bc6..8a66e2e985a4 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5180,7 +5180,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata =3D { =20 .gmem_prepare =3D sev_gmem_prepare, .gmem_invalidate =3D sev_gmem_invalidate, - .private_max_mapping_level =3D sev_private_max_mapping_level, + .gmem_max_mapping_level =3D sev_gmem_max_mapping_level, }; =20 /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 58b9d168e0c8..d84a83ae18a1 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -866,7 +866,7 @@ void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t = gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_or= der); void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); -int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); +int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu); void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area = *vmsa); #else @@ -895,7 +895,7 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm= _pfn_t pfn, gfn_t gfn, in return 0; } static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} -static inline int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t= pfn) +static inline int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pf= n) { return 0; } diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index dbab1c15b0cd..dd7687ef7e2d 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -831,10 +831,10 @@ static int vt_vcpu_mem_enc_ioctl(struct kvm_vcpu *vcp= u, void __user *argp) return tdx_vcpu_ioctl(vcpu, argp); } =20 -static int vt_gmem_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pf= n) +static int vt_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) { if (is_td(kvm)) - return tdx_gmem_private_max_mapping_level(kvm, pfn); + return tdx_gmem_max_mapping_level(kvm, pfn); =20 return 0; } @@ -1005,7 +1005,7 @@ struct kvm_x86_ops vt_x86_ops __initdata =3D { .mem_enc_ioctl =3D vt_op_tdx_only(mem_enc_ioctl), .vcpu_mem_enc_ioctl =3D vt_op_tdx_only(vcpu_mem_enc_ioctl), =20 - .private_max_mapping_level =3D vt_op_tdx_only(gmem_private_max_mapping_le= vel) + .gmem_max_mapping_level =3D vt_op_tdx_only(gmem_max_mapping_level) }; =20 struct kvm_x86_init_ops vt_init_ops __initdata =3D { diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 66744f5768c8..b444714e8e8a 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -3318,7 +3318,7 @@ int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user= *argp) return ret; } =20 -int tdx_gmem_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) +int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) { return PG_LEVEL_4K; } diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 2b3424f638db..6037d1708485 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -153,7 +153,7 @@ int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user *= argp); void tdx_flush_tlb_current(struct kvm_vcpu *vcpu); void tdx_flush_tlb_all(struct kvm_vcpu *vcpu); void tdx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_leve= l); -int tdx_gmem_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); +int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); #endif =20 #endif /* __KVM_X86_VMX_X86_OPS_H */ --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BF34D2C08DA for ; Tue, 29 Jul 2025 22:55:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829757; cv=none; b=hiVzHKW1EuLO4GnFyFka7dWWeqtf3/tniI656daDgiQJyKvttHQO+Ui5fhvsnhKlvcNP9aU/H282WV6/B5bumV+PeiJoTpVPWrEh4lLhJOJYAG1oM2KIMEJ+Y/kvjxTfbk22tRXccd99gbWdwHji4KaudOktT3VyBzObMT/XX2k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829757; c=relaxed/simple; bh=kT4TPh6b6a+599yVr48tLtWPsbJrSQilKhWv9nX31KU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=QvhZkS8c5HdDddnMs1UFgrDnKt5YO/7pnLXKz7ce60RESiV6d0ZWVMyXbzTWRLutZ+dnrENjmAukRZWbISLlSu0fIz2BJ4gyxOCrZjR4E2t9wwl7A14tHpTWmFGqHwSFlBozUnE7MflW3/R2bsJys6Zqmi5Vuk1YLyBYGg+1BTg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=gBjqTmid; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="gBjqTmid" Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-b0e0c573531so4462239a12.3 for ; Tue, 29 Jul 2025 15:55:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829754; x=1754434554; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=ktkS4XskSt/ldoD432h3UVfIavH2avWaXTLdCBUmGII=; b=gBjqTmidzRqH2Q1k26ImAVp2G1O4kIip+tGFhkj0DKMctmQYyjXvCvwWcJrVQVEOkb x3IZKToHtcZ7N3oqcyqXn3McQ5mj9qzrOxz8k63bqlm3HSwG05dvYOagk0TGfASj6WnY TIsPT3EIE3p2Ig0Iq22GpgBz///STDrtJk8Qi9TbJkPTBnmv5VG7URWQ91QdhDtA5ynB K9SoOGRRoPH/6RyASqC9h11V1Jjd27JBb1mCfh2ym5YcCBvcI+Ie9ZK+amqQ5bNBJ9Wo cICZk0Fb4U9pci2+dAvktupjtnKGUqGu1tEJVo2U2/skno/LM6CGjwdG1IANlwS62GmU +4uQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829754; x=1754434554; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ktkS4XskSt/ldoD432h3UVfIavH2avWaXTLdCBUmGII=; b=pN/GqlHzoI64AuTl741qAC2l3wp1UkmEDB/JnImLeELeyDlvs9IvWEbSylTr5qRu3a IdTGmChoiVXYwpnciUCovmsnWM8+a8ujgtXyny452ojsLg7Mwye+8UHgSNZ9+aknOb83 sQH3uFXt8m4D1vpXoRnRxHJ/A1DgQfZvtM7RFt5eNg0F5ZnaV55m0NFF3zZ8anuU7C96 rhruK2Wc+37/F+k0MSAKnwpSayifK8ySBOtzBknXYjgnAXblJhzLIvar6FUu5MhzHY9g GJzHB7eUls/WRCrYet/Yjm9Tlp19l7qCnvaxTDC6y/KMb3cJN9fEqxYwtec/i92JTigd +bXA== X-Forwarded-Encrypted: i=1; AJvYcCVRb/Pvt/sGjRwiCr2iV0QG0BgkkuKjwb8wJ1/Qog2MnXvufTVA8/9VLaVwWR2mcxYj/3fBh2/M3uqBg5E=@vger.kernel.org X-Gm-Message-State: AOJu0Yx2MBKlCBNWkZB1HLN+aiqVykoDkTd6lYi1xOxH0bmg0srxVSII Xo9t8ZJYThGkymqtx9NQvPP+3Sn+3XkUiqeUKcGkUrwTyXDRM2yKaIutIdQkbLEHn7I6DMnvXhJ C9YWXZA== X-Google-Smtp-Source: AGHT+IF1LeGDZhIWjFUGooq7VUSMoBrDEWnqlrxEZEjVnkOZOM3/aPj5utdyv/03YLi7nQKPITTKBEyZftA= X-Received: from pgbdp2.prod.google.com ([2002:a05:6a02:f02:b0:b3f:2e87:230b]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a20:3c90:b0:232:93c2:8851 with SMTP id adf61e73a8af0-23dc0d5e0b5mr1613137637.18.1753829753942; Tue, 29 Jul 2025 15:55:53 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:44 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-14-seanjc@google.com> Subject: [PATCH v17 13/24] KVM: x86/mmu: Hoist guest_memfd max level/order helpers "up" in mmu.c From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move kvm_max_level_for_order() and kvm_max_private_mapping_level() up in mmu.c so that they can be used by __kvm_mmu_max_mapping_level(). Opportunistically drop the "inline" from kvm_max_level_for_order(). No functional change intended. Reviewed-by: Xiaoyao Li Reviewed-by: Ackerley Tng Signed-off-by: Sean Christopherson Reviewed-by: David Hildenbrand Reviewed-by: Fuad Tabba --- arch/x86/kvm/mmu/mmu.c | 72 +++++++++++++++++++++--------------------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index b735611e8fcd..20dd9f64156e 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3285,6 +3285,42 @@ static int host_pfn_mapping_level(struct kvm *kvm, g= fn_t gfn, return level; } =20 +static u8 kvm_max_level_for_order(int order) +{ + BUILD_BUG_ON(KVM_MAX_HUGEPAGE_LEVEL > PG_LEVEL_1G); + + KVM_MMU_WARN_ON(order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G) && + order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M) && + order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_4K)); + + if (order >=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G)) + return PG_LEVEL_1G; + + if (order >=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) + return PG_LEVEL_2M; + + return PG_LEVEL_4K; +} + +static u8 kvm_max_private_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, + u8 max_level, int gmem_order) +{ + u8 req_max_level; + + if (max_level =3D=3D PG_LEVEL_4K) + return PG_LEVEL_4K; + + max_level =3D min(kvm_max_level_for_order(gmem_order), max_level); + if (max_level =3D=3D PG_LEVEL_4K) + return PG_LEVEL_4K; + + req_max_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); + if (req_max_level) + max_level =3D min(max_level, req_max_level); + + return max_level; +} + static int __kvm_mmu_max_mapping_level(struct kvm *kvm, const struct kvm_memory_slot *slot, gfn_t gfn, int max_level, bool is_private) @@ -4503,42 +4539,6 @@ void kvm_arch_async_page_ready(struct kvm_vcpu *vcpu= , struct kvm_async_pf *work) vcpu->stat.pf_fixed++; } =20 -static inline u8 kvm_max_level_for_order(int order) -{ - BUILD_BUG_ON(KVM_MAX_HUGEPAGE_LEVEL > PG_LEVEL_1G); - - KVM_MMU_WARN_ON(order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G) && - order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M) && - order !=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_4K)); - - if (order >=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_1G)) - return PG_LEVEL_1G; - - if (order >=3D KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) - return PG_LEVEL_2M; - - return PG_LEVEL_4K; -} - -static u8 kvm_max_private_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, - u8 max_level, int gmem_order) -{ - u8 req_max_level; - - if (max_level =3D=3D PG_LEVEL_4K) - return PG_LEVEL_4K; - - max_level =3D min(kvm_max_level_for_order(gmem_order), max_level); - if (max_level =3D=3D PG_LEVEL_4K) - return PG_LEVEL_4K; - - req_max_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); - if (req_max_level) - max_level =3D min(max_level, req_max_level); - - return max_level; -} - static void kvm_mmu_finish_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault, int r) { --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2904A2C1593 for ; Tue, 29 Jul 2025 22:55:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829758; cv=none; b=ukV6YNewQZrHWERLCc5kJqg+S90lAcx/8QEK0yPabcvelW/RXDAUgfDMLtXipMqFLnl4zUarYP6UybiOhi1I0sqPfRljAXjt/rnlNMXHKQ5LyL0cMGHQT6oU1wBs2BASRfmgYsMxYGQhsGcci2tma18AQw6zmaO43bGnleM/JLk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829758; c=relaxed/simple; bh=O7Igf/k3EvjgQJNCNWnKXWV/DcqSCE5tn8DU+4iX+q0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=CRnj/eR2a7RkC6EFzSAS9drdSZS7DBa59ZUoyaKBkQpbHkpHqvYVxT90RU8J+eKzxjeWeWh/CtJw5Ht2ggAZntmBgdOsKprPQ1gzRjSAa2bJ41L29n8aoV0uOoUb0yLf/iN7I/XiF+LoUNVuQ1Z7GHtFS696siB9I/bLhVdX2X8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=WOc58KV1; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="WOc58KV1" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-313fb0ec33bso7303003a91.2 for ; Tue, 29 Jul 2025 15:55:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829756; x=1754434556; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=kH3lIGBMPWx+0VjPwRSayAsLHYbwZQBu+Y2sAmKiiP4=; b=WOc58KV1jNDhAfSYRUpwMPj5u96WsrBGxDDFn6F+FTD9MRfA/KIRGPMy8UkYKpdew3 O6WybRnbuFxtIfzvQF2fu28TsT50B6bAILEWHoMbwyHIFHFMElo/QyRaCpFZfeHa9PXN rHxX50+t+/SxScPKKtT44IhXaJXXAltoLFIto8xkZ+AnJjZ7BVGqEgQxEwoX+SCxjqxK Pw5ANxMjF53cysJ5rHIZeymz36zQfehHW20vfH82CbWhO2k5PnD0ebTDNLwf8d71Lqj7 MM4gw52sx/qVEc3qMLwBYouicWAXsoR800IjpCMMztDH2f1uyBQjICsZH6pSBChcMh+J buzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829756; x=1754434556; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=kH3lIGBMPWx+0VjPwRSayAsLHYbwZQBu+Y2sAmKiiP4=; b=NzynEt9GK1QVFBh6Dtq3+/C8W8rxSU0/N1L2CkDINsoaWWgyMn5AUyeG2makuJQJGf vY+tj1ng2mcJzPp8k/EfiOv4q+ejddU4exhynU9jsxDxi/t0K5/rzkNr46r+48mJfvCa KqtlMqK0cX14+vKtJQ6rUWWLEukQqRr/uNAvi4r4q6guV62oBSSusdJ/l+iXdHpd4fo5 9iDnLuKmY5u+IUNmo4K8AL20qlrm02eQq6yhxdUyFeuTP8sEpYNTEDkGMa51cyK7HGM2 BtEFflibgGMaQK99vq+oNQTS4qb5R1DNNy+B9Camuv0wm6OC0EVvX1WKIR0pqlO/MdFv gXXA== X-Forwarded-Encrypted: i=1; AJvYcCWX9C6HL39paYGx6tw4xT1UWU3rdTo5T4MJXGelrDcI1VORxya5jnHKeK9Mtto6t8WeaMcngZvYXPeBEBE=@vger.kernel.org X-Gm-Message-State: AOJu0YzApprhGiXYn9ien7FWZWoLxJiRdGb8UyBZuQKUG8Uz1vRVd0Oo Jbq3Rrh2tBTQW5M7t8XdIEWljmYdU88BeYrHyCB58VEFA5jf2fQF5qZgKYi9oxH0Shi3l05ETYF BfMW7FQ== X-Google-Smtp-Source: AGHT+IGMilmlssFh4A4OjE5SWFJtANR4cHsVfEy8j5cTH/DcRDgidwnFJoQ2SdFwASXkQExBVaCY8392ed0= X-Received: from pjxx5.prod.google.com ([2002:a17:90b:58c5:b0:31c:38fb:2958]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2407:b0:31e:ec02:2297 with SMTP id 98e67ed59e1d1-31f5de2d582mr1162821a91.19.1753829755668; Tue, 29 Jul 2025 15:55:55 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:45 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-15-seanjc@google.com> Subject: [PATCH v17 14/24] KVM: x86/mmu: Enforce guest_memfd's max order when recovering hugepages From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rework kvm_mmu_max_mapping_level() to provide the plumbing to consult guest_memfd (and relevant vendor code) when recovering hugepages, e.g. after disabling live migration. The flaw has existed since guest_memfd was originally added, but has gone unnoticed due to lack of guest_memfd support for hugepages or dirty logging. Don't actually call into guest_memfd at this time, as it's unclear as to what the API should be. Ideally, KVM would simply use kvm_gmem_get_pfn(), but invoking kvm_gmem_get_pfn() would lead to sleeping in atomic context if guest_memfd needed to allocate memory (mmu_lock is held). Luckily, the path isn't actually reachable, so just add a TODO and WARN to ensure the functionality is added alongisde guest_memfd hugepage support, and punt the guest_memfd API design question to the future. Note, calling kvm_mem_is_private() in the non-fault path is safe, so long as mmu_lock is held, as hugepage recovery operates on shadow-present SPTEs, i.e. calling kvm_mmu_max_mapping_level() with @fault=3DNULL is mutually exclusive with kvm_vm_set_mem_attributes() changing the PRIVATE attribute of the gfn. Signed-off-by: Sean Christopherson Reviewed-by: David Hildenbrand Reviewed-by: Fuad Tabba --- arch/x86/kvm/mmu/mmu.c | 82 +++++++++++++++++++-------------- arch/x86/kvm/mmu/mmu_internal.h | 2 +- arch/x86/kvm/mmu/tdp_mmu.c | 2 +- 3 files changed, 49 insertions(+), 37 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 20dd9f64156e..61eb9f723675 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3302,31 +3302,54 @@ static u8 kvm_max_level_for_order(int order) return PG_LEVEL_4K; } =20 -static u8 kvm_max_private_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, - u8 max_level, int gmem_order) +static u8 kvm_max_private_mapping_level(struct kvm *kvm, struct kvm_page_f= ault *fault, + const struct kvm_memory_slot *slot, gfn_t gfn) { - u8 req_max_level; + u8 max_level, coco_level; + kvm_pfn_t pfn; =20 - if (max_level =3D=3D PG_LEVEL_4K) - return PG_LEVEL_4K; + /* For faults, use the gmem information that was resolved earlier. */ + if (fault) { + pfn =3D fault->pfn; + max_level =3D fault->max_level; + } else { + /* TODO: Call into guest_memfd once hugepages are supported. */ + WARN_ONCE(1, "Get pfn+order from guest_memfd"); + pfn =3D KVM_PFN_ERR_FAULT; + max_level =3D PG_LEVEL_4K; + } =20 - max_level =3D min(kvm_max_level_for_order(gmem_order), max_level); if (max_level =3D=3D PG_LEVEL_4K) - return PG_LEVEL_4K; + return max_level; =20 - req_max_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); - if (req_max_level) - max_level =3D min(max_level, req_max_level); + /* + * CoCo may influence the max mapping level, e.g. due to RMP or S-EPT + * restrictions. A return of '0' means "no additional restrictions", to + * allow for using an optional "ret0" static call. + */ + coco_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); + if (coco_level) + max_level =3D min(max_level, coco_level); =20 return max_level; } =20 -static int __kvm_mmu_max_mapping_level(struct kvm *kvm, - const struct kvm_memory_slot *slot, - gfn_t gfn, int max_level, bool is_private) +int kvm_mmu_max_mapping_level(struct kvm *kvm, struct kvm_page_fault *faul= t, + const struct kvm_memory_slot *slot, gfn_t gfn) { struct kvm_lpage_info *linfo; - int host_level; + int host_level, max_level; + bool is_private; + + lockdep_assert_held(&kvm->mmu_lock); + + if (fault) { + max_level =3D fault->max_level; + is_private =3D fault->is_private; + } else { + max_level =3D PG_LEVEL_NUM; + is_private =3D kvm_mem_is_private(kvm, gfn); + } =20 max_level =3D min(max_level, max_huge_page_level); for ( ; max_level > PG_LEVEL_4K; max_level--) { @@ -3335,25 +3358,16 @@ static int __kvm_mmu_max_mapping_level(struct kvm *= kvm, break; } =20 + if (max_level =3D=3D PG_LEVEL_4K) + return PG_LEVEL_4K; + if (is_private) - return max_level; - - if (max_level =3D=3D PG_LEVEL_4K) - return PG_LEVEL_4K; - - host_level =3D host_pfn_mapping_level(kvm, gfn, slot); + host_level =3D kvm_max_private_mapping_level(kvm, fault, slot, gfn); + else + host_level =3D host_pfn_mapping_level(kvm, gfn, slot); return min(host_level, max_level); } =20 -int kvm_mmu_max_mapping_level(struct kvm *kvm, - const struct kvm_memory_slot *slot, gfn_t gfn) -{ - bool is_private =3D kvm_slot_has_gmem(slot) && - kvm_mem_is_private(kvm, gfn); - - return __kvm_mmu_max_mapping_level(kvm, slot, gfn, PG_LEVEL_NUM, is_priva= te); -} - void kvm_mmu_hugepage_adjust(struct kvm_vcpu *vcpu, struct kvm_page_fault = *fault) { struct kvm_memory_slot *slot =3D fault->slot; @@ -3374,9 +3388,8 @@ void kvm_mmu_hugepage_adjust(struct kvm_vcpu *vcpu, s= truct kvm_page_fault *fault * Enforce the iTLB multihit workaround after capturing the requested * level, which will be used to do precise, accurate accounting. */ - fault->req_level =3D __kvm_mmu_max_mapping_level(vcpu->kvm, slot, - fault->gfn, fault->max_level, - fault->is_private); + fault->req_level =3D kvm_mmu_max_mapping_level(vcpu->kvm, fault, + fault->slot, fault->gfn); if (fault->req_level =3D=3D PG_LEVEL_4K || fault->huge_page_disallowed) return; =20 @@ -4564,8 +4577,7 @@ static int kvm_mmu_faultin_pfn_private(struct kvm_vcp= u *vcpu, } =20 fault->map_writable =3D !(fault->slot->flags & KVM_MEM_READONLY); - fault->max_level =3D kvm_max_private_mapping_level(vcpu->kvm, fault->pfn, - fault->max_level, max_order); + fault->max_level =3D kvm_max_level_for_order(max_order); =20 return RET_PF_CONTINUE; } @@ -7165,7 +7177,7 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *= kvm, * mapping if the indirect sp has level =3D 1. */ if (sp->role.direct && - sp->role.level < kvm_mmu_max_mapping_level(kvm, slot, sp->gfn)) { + sp->role.level < kvm_mmu_max_mapping_level(kvm, NULL, slot, sp->gfn)= ) { kvm_zap_one_rmap_spte(kvm, rmap_head, sptep); =20 if (kvm_available_flush_remote_tlbs_range()) diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_interna= l.h index 65f3c89d7c5d..b776be783a2f 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -411,7 +411,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu= *vcpu, gpa_t cr2_or_gpa, return r; } =20 -int kvm_mmu_max_mapping_level(struct kvm *kvm, +int kvm_mmu_max_mapping_level(struct kvm *kvm, struct kvm_page_fault *faul= t, const struct kvm_memory_slot *slot, gfn_t gfn); void kvm_mmu_hugepage_adjust(struct kvm_vcpu *vcpu, struct kvm_page_fault = *fault); void disallowed_hugepage_adjust(struct kvm_page_fault *fault, u64 spte, in= t cur_level); diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index 7f3d7229b2c1..740cb06accdb 100644 --- a/arch/x86/kvm/mmu/tdp_mmu.c +++ b/arch/x86/kvm/mmu/tdp_mmu.c @@ -1813,7 +1813,7 @@ static void recover_huge_pages_range(struct kvm *kvm, if (iter.gfn < start || iter.gfn >=3D end) continue; =20 - max_mapping_level =3D kvm_mmu_max_mapping_level(kvm, slot, iter.gfn); + max_mapping_level =3D kvm_mmu_max_mapping_level(kvm, NULL, slot, iter.gf= n); if (max_mapping_level < iter.level) continue; =20 --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0D3722C1591 for ; Tue, 29 Jul 2025 22:55:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829759; cv=none; b=Il9doXjg/fzILntpXBDg/QtRZLL7bTxKV/mAhCollQNOtUiRpbIkDie+JIdVSYgBrN8bG4EbKhXLxKb6C9v9NKIl4sIOQmOSpClM/nc508WsSMBmBNmyP0NNiUQCzpv2XHw6SGI1zLiduRGSBStx88MXbBe+AA7tj2gK7/eyNlc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829759; c=relaxed/simple; bh=b802s1Jv2sQP3/H6I7vKO97dWqQ79fQ8pk1OW59DwLI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VjgrueHOFRigkoqYWHnJKGqN3AfbM+apRUKgilclleSI/Dto+Ks+PeebHPVdxXT0V22fci9eF9NJmRbvDu61+/Ts0er/hxcNpok9Mch1Pz0dbStdyyq+jCYa2p/uR653sJBPI6nd6MH8tSf7b5KksR3llxK5RLVAzSGv2nxQLkc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=x+ZVYE7i; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="x+ZVYE7i" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-315af08594fso5957023a91.2 for ; Tue, 29 Jul 2025 15:55:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829757; x=1754434557; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=qZ7UUMMTQmKo+oqwpxvtUgE6azYjzXKI1K1HySZjpRM=; b=x+ZVYE7iUnxjpACb/fxI2ZhvAucN06rUCBgvEMw/+ZcUQuF3LQGJVGXDxpm04iDOge aKHFOKs301nIbQLjOeowHbr3HhDXzz2qOFcmn/CAgmx16qR6gOhsg/Dk1005Wv+VUPuN ss29ZH2htXqJY0tMkOSSHRBmHudYZYRxwqcwttNVtUN75j5ONshzQFyalqWZvkYiMsJQ VR1fm6SD83IyLDtlYO73PbkTYZQM6bA0QQEm+zlAJTN6Hqt7TvWntJAMM/kHxe/TXgn7 hk5rqQuNd34OA2juW00DzMgZ7EqrPzVi2Ql/DyMoyP6IJNW+euA3TTAxiv9VMnig5frE oHvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829757; x=1754434557; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qZ7UUMMTQmKo+oqwpxvtUgE6azYjzXKI1K1HySZjpRM=; b=HzBNEz5kud5zvQnQ8ka3YJ2WuV1MtUqZ/vm84e+mOiozSFH0faJNspeTdzred1hBCT i4UXiqBUPlsryYnE4K1+Wpaz/HxoPIci+HgjIr/WpbRQnoM+uVQ7ZD/ydcmsncqMTWas duuVoxchPdoFA794gBnIJ8E7vxbmV/gCgG9AbkXZww+7KUcGd/QOfTtCNYieBUjpvGLR dQN6lCsaCvcleI5/TVuvWYdtWWpWFJwMJMRF2j2Ie61CjYGM1XoeLSi9DXunforWA/io P32PcSibb8GBZ6/ai6O1pDWPILvFbdbLtNxbr/pFJhrf0O50iVkalGQcwvuk7MassUIV 3BoA== X-Forwarded-Encrypted: i=1; AJvYcCWi+TXGzCoXMH9D1P6bQmGtmT0by3Ihj5bdGcdXWdFtmJzvlOSzzpZU9HTX78yuuDi6SH8SDIy0o2+QatQ=@vger.kernel.org X-Gm-Message-State: AOJu0YwcLUgulmYmh3FgIMo8TGiD6/KRlSjy+6us4PKQGrLP7EOJXGiw Lxdha/3+XobEF/3YTiVdXfPUDO0J4SjLQpVLEmflTeTbCjZAX7cFPXuVVHj9F51bU9tP2ME1p20 VOljE1A== X-Google-Smtp-Source: AGHT+IEi0LT633cR43d7c7trYUUKKhZMYkJ3vVlxY+rv8i3UqXQjtgYGy8SCvBIGqavUrw75WQrf6XchBFs= X-Received: from pjsh5.prod.google.com ([2002:a17:90a:2ec5:b0:31f:b06:318d]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:17c4:b0:31f:4272:c30a with SMTP id 98e67ed59e1d1-31f5de93957mr1400693a91.30.1753829757434; Tue, 29 Jul 2025 15:55:57 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:46 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-16-seanjc@google.com> Subject: [PATCH v17 15/24] KVM: x86/mmu: Extend guest_memfd's max mapping level to shared mappings From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rework kvm_mmu_max_mapping_level() to consult guest_memfd for all mappings, not just private mappings, so that hugepage support plays nice with the upcoming support for backing non-private memory with guest_memfd. In addition to getting the max order from guest_memfd for gmem-only memslots, update TDX's hook to effectively ignore shared mappings, as TDX's restrictions on page size only apply to Secure EPT mappings. Do nothing for SNP, as RMP restrictions apply to both private and shared memory. Suggested-by: Ackerley Tng Signed-off-by: Sean Christopherson Reviewed-by: David Hildenbrand Reviewed-by: Fuad Tabba Reviewed-by: Xiaoyao Li --- arch/x86/include/asm/kvm_host.h | 2 +- arch/x86/kvm/mmu/mmu.c | 12 +++++++----- arch/x86/kvm/svm/sev.c | 2 +- arch/x86/kvm/svm/svm.h | 4 ++-- arch/x86/kvm/vmx/main.c | 5 +++-- arch/x86/kvm/vmx/tdx.c | 5 ++++- arch/x86/kvm/vmx/x86_ops.h | 2 +- 7 files changed, 19 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_hos= t.h index c0a739bf3829..c56cc54d682a 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1922,7 +1922,7 @@ struct kvm_x86_ops { void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_or= der); void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); - int (*gmem_max_mapping_level)(struct kvm *kvm, kvm_pfn_t pfn); + int (*gmem_max_mapping_level)(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri= vate); }; =20 struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 61eb9f723675..e83d666f32ad 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -3302,8 +3302,9 @@ static u8 kvm_max_level_for_order(int order) return PG_LEVEL_4K; } =20 -static u8 kvm_max_private_mapping_level(struct kvm *kvm, struct kvm_page_f= ault *fault, - const struct kvm_memory_slot *slot, gfn_t gfn) +static u8 kvm_gmem_max_mapping_level(struct kvm *kvm, struct kvm_page_faul= t *fault, + const struct kvm_memory_slot *slot, gfn_t gfn, + bool is_private) { u8 max_level, coco_level; kvm_pfn_t pfn; @@ -3327,7 +3328,7 @@ static u8 kvm_max_private_mapping_level(struct kvm *k= vm, struct kvm_page_fault * * restrictions. A return of '0' means "no additional restrictions", to * allow for using an optional "ret0" static call. */ - coco_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn); + coco_level =3D kvm_x86_call(gmem_max_mapping_level)(kvm, pfn, is_private); if (coco_level) max_level =3D min(max_level, coco_level); =20 @@ -3361,8 +3362,9 @@ int kvm_mmu_max_mapping_level(struct kvm *kvm, struct= kvm_page_fault *fault, if (max_level =3D=3D PG_LEVEL_4K) return PG_LEVEL_4K; =20 - if (is_private) - host_level =3D kvm_max_private_mapping_level(kvm, fault, slot, gfn); + if (is_private || kvm_memslot_is_gmem_only(slot)) + host_level =3D kvm_gmem_max_mapping_level(kvm, fault, slot, gfn, + is_private); else host_level =3D host_pfn_mapping_level(kvm, gfn, slot); return min(host_level, max_level); diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index be1c80d79331..807d4b70327a 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4947,7 +4947,7 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t e= nd) } } =20 -int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) +int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri= vate) { int level, rc; bool assigned; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index d84a83ae18a1..70df7c6413cf 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -866,7 +866,7 @@ void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t = gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_or= der); void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); -int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); +int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri= vate); struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu); void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area = *vmsa); #else @@ -895,7 +895,7 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm= _pfn_t pfn, gfn_t gfn, in return 0; } static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} -static inline int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pf= n) +static inline int sev_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pf= n, bool is_private) { return 0; } diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index dd7687ef7e2d..bb5f182f6788 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -831,10 +831,11 @@ static int vt_vcpu_mem_enc_ioctl(struct kvm_vcpu *vcp= u, void __user *argp) return tdx_vcpu_ioctl(vcpu, argp); } =20 -static int vt_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) +static int vt_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, + bool is_private) { if (is_td(kvm)) - return tdx_gmem_max_mapping_level(kvm, pfn); + return tdx_gmem_max_mapping_level(kvm, pfn, is_private); =20 return 0; } diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index b444714e8e8a..ca9c8ec7dd01 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -3318,8 +3318,11 @@ int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __use= r *argp) return ret; } =20 -int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn) +int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri= vate) { + if (!is_private) + return 0; + return PG_LEVEL_4K; } =20 diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 6037d1708485..4c70f56c57c8 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -153,7 +153,7 @@ int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user *= argp); void tdx_flush_tlb_current(struct kvm_vcpu *vcpu); void tdx_flush_tlb_all(struct kvm_vcpu *vcpu); void tdx_load_mmu_pgd(struct kvm_vcpu *vcpu, hpa_t root_hpa, int root_leve= l); -int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn); +int tdx_gmem_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn, bool is_pri= vate); #endif =20 #endif /* __KVM_X86_VMX_X86_OPS_H */ --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 892C82C3278 for ; Tue, 29 Jul 2025 22:55:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829761; cv=none; b=UgNR5WJJcCdeuqVS+e0SnmWhHFWZUpSitQrR1PHOXfx3poTYezude6Sgm+RlP0cAV0DjEBnmrET9ZX0Z77R4ObR6+AX44BImmFZNz+tENme+XqnQV3g1GBq56rjrXHo3uSQTCQLGZs0jpxXvVL3mTpuFifvStFxk3O5xrI4az0c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829761; c=relaxed/simple; bh=tSmg9vevb3jqaRkYY5Aaxyc4WM6Wx1gkdAMDVUweHc0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HpRX4xdkma0hpgN5paJ470I80IpPbTMtMX2PrC92d6RKTi80c9GGw7UH+aF9X7yaQ+N8QI0DyXvB/YqLGfPaSYZwJDxwJTERXjmraRuwYtRx1c1aAP26r8fy6FqE47WnzwpPz472D3rzKHE7wwhYvzJUs1LQ92zYTgAyyIaXgRQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=d9Ym5cDb; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="d9Ym5cDb" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-31f030b1cb9so3516676a91.2 for ; Tue, 29 Jul 2025 15:55:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829759; x=1754434559; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=zsUJ7ZFybSscOwB+F/7yDFweXn/Ii9vNr67NR9vaee0=; b=d9Ym5cDbs7fWqK8y0va9sMhiJz9HWxKDpkD3oHqYVKUdzWSxLx0F21Do4mfQgy4JjG 6WMV0w6p08tsxqf0BdwO8l4Nz4rfTxIDJAX3Kvra0PgPeAJEasRzNtzJZq87yMXHCcIc iBtQ9pwrHmMbE99/4YFneaH8GAIBKJbUbt+q9hA/Pc9e5FkJLXMzOSXyxwDMk/D4RVxc tkVlsNlPrd/GMomRvcdlU8yUtHPgCerqI9Tnou3AOoTq5C4x+9jd4SE2X/gXbQzAMrZp r7rGUApfxTPyH2hc9ZVvi7XF3wJSQf15dY3+1HgJwaf6/y3IRcbR9NbrKs3Tu9ZXWobL 7OMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829759; x=1754434559; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=zsUJ7ZFybSscOwB+F/7yDFweXn/Ii9vNr67NR9vaee0=; b=rH47yE8jAZWFoZ/PIWYt7b/mGLMi3sByYnWenYnVm4DMYoVV83IA9lUbyxBY+MM49+ 1VNy2MTBGTS1eZpNATL5IlwkZRA6Bop8xkXdvV3sUh9XsbruWB0QaZm6NH1JVJ/e4GoO 3r2l1Nw1Qg8qGq0AnDFVy9CgkNfnnaziXqypPq9S/qIscgpLcs0ckbN0kxXI7egvGCn7 mUMXQCIw+BFXI16fZWH5dMMSqgK8fiVWxD6Xu0yTXKMnccMEWcTLS5y/gUm1grJ5P12S 2oDGgaR1A4e3klPIP53V1W8FSGTxuZyGjdpP95X6qXLNlwjgl6xJi0JuwzydgUncD3rB y5/Q== X-Forwarded-Encrypted: i=1; AJvYcCX+8DYuQemaUOd1nZ05QTyehKsW21a5B2O9A3h437VCuES37LKws5Leo3SQ6aiRpL1cgrQbp7QVMo1uaUc=@vger.kernel.org X-Gm-Message-State: AOJu0YzfVcGxjHx9tYw8ZeT625EQTpApgBRjJWhw6lCOYPl7DQsLM59l 6xaQFcnj3bNVP9gdXqfpuwMPOj5kVbKK/uBLBd267PzXf04+X+4aPJqIX7kF42iIdG9fvLQZxjM hAMn+9A== X-Google-Smtp-Source: AGHT+IEUawy8XEGsXpdKDRLNNEWp47UfSJOlj3wwR4Kg29zUXO4HT9ko5KQTWasgzc65ODEqhN4o5kIR7eM= X-Received: from pjsk9.prod.google.com ([2002:a17:90a:62c9:b0:311:462d:cb60]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90a:d604:b0:31f:3029:8854 with SMTP id 98e67ed59e1d1-31f5de5561dmr1600493a91.27.1753829758931; Tue, 29 Jul 2025 15:55:58 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:47 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-17-seanjc@google.com> Subject: [PATCH v17 16/24] KVM: x86/mmu: Handle guest page faults for guest_memfd with shared memory From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ackerley Tng Update the KVM MMU fault handler to service guest page faults for memory slots backed by guest_memfd with mmap support. For such slots, the MMU must always fault in pages directly from guest_memfd, bypassing the host's userspace_addr. This ensures that guest_memfd-backed memory is always handled through the guest_memfd specific faulting path, regardless of whether it's for private or non-private (shared) use cases. Additionally, rename kvm_mmu_faultin_pfn_private() to kvm_mmu_faultin_pfn_gmem(), as this function is now used to fault in pages from guest_memfd for both private and non-private memory, accommodating the new use cases. Co-developed-by: David Hildenbrand Signed-off-by: David Hildenbrand Signed-off-by: Ackerley Tng Co-developed-by: Fuad Tabba Signed-off-by: Fuad Tabba [sean: drop the helper] Signed-off-by: Sean Christopherson Reviewed-by: Xiaoyao Li --- arch/x86/kvm/mmu/mmu.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index e83d666f32ad..56c80588efa0 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4561,8 +4561,8 @@ static void kvm_mmu_finish_page_fault(struct kvm_vcpu= *vcpu, r =3D=3D RET_PF_RETRY, fault->map_writable); } =20 -static int kvm_mmu_faultin_pfn_private(struct kvm_vcpu *vcpu, - struct kvm_page_fault *fault) +static int kvm_mmu_faultin_pfn_gmem(struct kvm_vcpu *vcpu, + struct kvm_page_fault *fault) { int max_order, r; =20 @@ -4589,8 +4589,8 @@ static int __kvm_mmu_faultin_pfn(struct kvm_vcpu *vcp= u, { unsigned int foll =3D fault->write ? FOLL_WRITE : 0; =20 - if (fault->is_private) - return kvm_mmu_faultin_pfn_private(vcpu, fault); + if (fault->is_private || kvm_memslot_is_gmem_only(fault->slot)) + return kvm_mmu_faultin_pfn_gmem(vcpu, fault); =20 foll |=3D FOLL_NOWAIT; fault->pfn =3D __kvm_faultin_pfn(fault->slot, fault->gfn, foll, --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7740F2D0C84 for ; Tue, 29 Jul 2025 22:56:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829763; cv=none; b=RjVI2xal/sc058nTubMaL1geFfMPSFTRlZ9INiqt+JHuFBITCwJXVSqkkmbN/3RcYqiuf4SM1UDoFwicHuoFzWys8Fqr/hHf5srxFo10S09WmInV4ewuCuyHduiIOedUcj7aPGH8pw+htVmZGG8VUhaplTNcNJTqOihZz/cD5S4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829763; c=relaxed/simple; bh=kMDmA+FG6ConD8UhQV5WOQHI9aTXrPVBhfPBTnguW5g=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=PIpr9f4U7QlN3bMe864nUTWgd2ehmc/v/JE4v3x7w1DKOxf5okydv3GUTjaj58dXMi03xWnJIPLZv2X1XDkQrNcFCFDEujKSjravwNwrbfvq8FvNw4BMHjmtxpdjoDycciz43zgM3yBMP0h5bpniZuW51YwBjIFX6C4MdIjwzKY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=dvT2kZAq; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="dvT2kZAq" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-31f2dd30823so2182417a91.0 for ; Tue, 29 Jul 2025 15:56:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829761; x=1754434561; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=9E18DKY/G18mWPE1Fxb2wsnRqrbifqrGkcC2nrnl8ek=; b=dvT2kZAqClmTk1ouQvLUBqri6/N5TYKRMmn1olNRE/LNwO8O8sMIQQw2nqUyll0g70 OMHBk5qqKuN52tkWma+njWLXDzUowqSTqrdQqFtkP7eMajfQPIThDgW23KaS3xzwIZSQ dTi2fV8mI38VxMgTA/+GIldifs/RUccjugUmFakx2IeQpyQcVkBuS8+ObMisq+364NPN idWFleOEnZCfz/Nie9AYPR5xtF4zBEeMotSEnwE0X/7gJf+K6b8rTtr2qzH7b+6lNUzE nOhW3kimpCd1c4E96d39D49jw4PE0CxUqpQfNgUO8AKU9cl5mTRM7H2pNZ6m4z5ext0/ Ry1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829761; x=1754434561; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=9E18DKY/G18mWPE1Fxb2wsnRqrbifqrGkcC2nrnl8ek=; b=siN1rAfPNjCSWdRW22+E9CqPnEWuSlc2M0CPJvqVTHndJLlqUhet92AjeiU6G2nXz0 TZzaHWyvDZTbXgEEgP4Dasr7romzwqDOqHHEGas4/2A8gidPVBR7bWhREcsGjwttIDQs DZY3VjXouOIXebsZ1d4w2nz3kLI+Y3D7VSnJ9nVn7N/mDBNvAtmNcAYsgAvo0s7mQrwW YSjTAMLqT6G22EW2N05DwqBcIu9nXZ2RAfGGA1cy+pb0iPc0ChDMUg+EINurFaPuuxlX uF3Ionr8dNlMtWtOACJOnGA8B1rckdO+eJrIwvKb1NYvKzVtgBcHBm0WjcOMs4i9H9S8 ojtQ== X-Forwarded-Encrypted: i=1; AJvYcCW5j4Fpv82tmXny/x0QHAMAoregXLejeO8Z5U1AGfh6Tql8Pkc2fOntZWQwJuSYHCEw1MrMc+ZbMxwpEjo=@vger.kernel.org X-Gm-Message-State: AOJu0YzZyZOgoZtsn6vdfmJDHIdmYRCQDqkoJbspIdAWbGP66rvbIlHL keUS96RftJ8haTfw7OcpqFP1BfaKdttGDtnpICCTo5G5ZXKSmvoaT4OraxBOcfzul6Wc9O/BfR0 KDrJy+Q== X-Google-Smtp-Source: AGHT+IE4O+5r1Bj4imyiC5NVlC5VwKdSM9hzQfIhpz6ILXXSPMHlU6GLNlEXApn3rj14vHhFjYMBynqj0Zo= X-Received: from pjnx20.prod.google.com ([2002:a17:90a:8a94:b0:31e:e0b7:befe]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:380a:b0:31e:f3b7:49d2 with SMTP id 98e67ed59e1d1-31f5dca3b8dmr1883753a91.0.1753829760838; Tue, 29 Jul 2025 15:56:00 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:48 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-18-seanjc@google.com> Subject: [PATCH v17 17/24] KVM: arm64: Refactor user_mem_abort() From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Refactor user_mem_abort() to improve code clarity and simplify assumptions within the function. Key changes include: * Immediately set force_pte to true at the beginning of the function if logging_active is true. This simplifies the flow and makes the condition for forcing a PTE more explicit. * Remove the misleading comment stating that logging_active is guaranteed to never be true for VM_PFNMAP memslots, as this assertion is not entirely correct. * Extract reusable code blocks into new helper functions: * prepare_mmu_memcache(): Encapsulates the logic for preparing and topping up the MMU page cache. * adjust_nested_fault_perms(): Isolates the adjustments to shadow S2 permissions and the encoding of nested translation levels. * Update min(a, (long)b) to min_t(long, a, b) for better type safety and consistency. * Perform other minor tidying up of the code. These changes primarily aim to simplify user_mem_abort() and make its logic easier to understand and maintain, setting the stage for future modifications. Reviewed-by: Gavin Shan Reviewed-by: Marc Zyngier Reviewed-by: Tao Chan Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/arm64/kvm/mmu.c | 110 +++++++++++++++++++++++-------------------- 1 file changed, 59 insertions(+), 51 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 2942ec92c5a4..b3eacb400fab 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1470,13 +1470,56 @@ static bool kvm_vma_mte_allowed(struct vm_area_stru= ct *vma) return vma->vm_flags & VM_MTE_ALLOWED; } =20 +static int prepare_mmu_memcache(struct kvm_vcpu *vcpu, bool topup_memcache, + void **memcache) +{ + int min_pages; + + if (!is_protected_kvm_enabled()) + *memcache =3D &vcpu->arch.mmu_page_cache; + else + *memcache =3D &vcpu->arch.pkvm_memcache; + + if (!topup_memcache) + return 0; + + min_pages =3D kvm_mmu_cache_min_pages(vcpu->arch.hw_mmu); + + if (!is_protected_kvm_enabled()) + return kvm_mmu_topup_memory_cache(*memcache, min_pages); + + return topup_hyp_memcache(*memcache, min_pages); +} + +/* + * Potentially reduce shadow S2 permissions to match the guest's own S2. F= or + * exec faults, we'd only reach this point if the guest actually allowed i= t (see + * kvm_s2_handle_perm_fault). + * + * Also encode the level of the original translation in the SW bits of the= leaf + * entry as a proxy for the span of that translation. This will be retriev= ed on + * TLB invalidation from the guest and used to limit the invalidation scop= e if a + * TTL hint or a range isn't provided. + */ +static void adjust_nested_fault_perms(struct kvm_s2_trans *nested, + enum kvm_pgtable_prot *prot, + bool *writable) +{ + *writable &=3D kvm_s2_trans_writable(nested); + if (!kvm_s2_trans_readable(nested)) + *prot &=3D ~KVM_PGTABLE_PROT_R; + + *prot |=3D kvm_encode_nested_level(nested); +} + static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_s2_trans *nested, struct kvm_memory_slot *memslot, unsigned long hva, bool fault_is_perm) { int ret =3D 0; - bool write_fault, writable, force_pte =3D false; + bool topup_memcache; + bool write_fault, writable; bool exec_fault, mte_allowed; bool device =3D false, vfio_allow_any_uc =3D false; unsigned long mmu_seq; @@ -1488,6 +1531,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, gfn_t gfn; kvm_pfn_t pfn; bool logging_active =3D memslot_is_logging(memslot); + bool force_pte =3D logging_active; long vma_pagesize, fault_granule; enum kvm_pgtable_prot prot =3D KVM_PGTABLE_PROT_R; struct kvm_pgtable *pgt; @@ -1498,17 +1542,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phy= s_addr_t fault_ipa, fault_granule =3D kvm_vcpu_trap_get_perm_fault_granule(vcpu); write_fault =3D kvm_is_write_fault(vcpu); exec_fault =3D kvm_vcpu_trap_is_exec_fault(vcpu); - VM_BUG_ON(write_fault && exec_fault); - - if (fault_is_perm && !write_fault && !exec_fault) { - kvm_err("Unexpected L2 read permission error\n"); - return -EFAULT; - } - - if (!is_protected_kvm_enabled()) - memcache =3D &vcpu->arch.mmu_page_cache; - else - memcache =3D &vcpu->arch.pkvm_memcache; + VM_WARN_ON_ONCE(write_fault && exec_fault); =20 /* * Permission faults just need to update the existing leaf entry, @@ -1516,17 +1550,10 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, ph= ys_addr_t fault_ipa, * only exception to this is when dirty logging is enabled at runtime * and a write fault needs to collapse a block entry into a table. */ - if (!fault_is_perm || (logging_active && write_fault)) { - int min_pages =3D kvm_mmu_cache_min_pages(vcpu->arch.hw_mmu); - - if (!is_protected_kvm_enabled()) - ret =3D kvm_mmu_topup_memory_cache(memcache, min_pages); - else - ret =3D topup_hyp_memcache(memcache, min_pages); - - if (ret) - return ret; - } + topup_memcache =3D !fault_is_perm || (logging_active && write_fault); + ret =3D prepare_mmu_memcache(vcpu, topup_memcache, &memcache); + if (ret) + return ret; =20 /* * Let's check if we will get back a huge page backed by hugetlbfs, or @@ -1540,16 +1567,10 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, ph= ys_addr_t fault_ipa, return -EFAULT; } =20 - /* - * logging_active is guaranteed to never be true for VM_PFNMAP - * memslots. - */ - if (logging_active) { - force_pte =3D true; + if (force_pte) vma_shift =3D PAGE_SHIFT; - } else { + else vma_shift =3D get_vma_page_shift(vma, hva); - } =20 switch (vma_shift) { #ifndef __PAGETABLE_PMD_FOLDED @@ -1601,7 +1622,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, max_map_size =3D PAGE_SIZE; =20 force_pte =3D (max_map_size =3D=3D PAGE_SIZE); - vma_pagesize =3D min(vma_pagesize, (long)max_map_size); + vma_pagesize =3D min_t(long, vma_pagesize, max_map_size); } =20 /* @@ -1630,7 +1651,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, * Rely on mmap_read_unlock() for an implicit smp_rmb(), which pairs * with the smp_wmb() in kvm_mmu_invalidate_end(). */ - mmu_seq =3D vcpu->kvm->mmu_invalidate_seq; + mmu_seq =3D kvm->mmu_invalidate_seq; mmap_read_unlock(current->mm); =20 pfn =3D __kvm_faultin_pfn(memslot, gfn, write_fault ? FOLL_WRITE : 0, @@ -1665,24 +1686,8 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phy= s_addr_t fault_ipa, if (exec_fault && device) return -ENOEXEC; =20 - /* - * Potentially reduce shadow S2 permissions to match the guest's own - * S2. For exec faults, we'd only reach this point if the guest - * actually allowed it (see kvm_s2_handle_perm_fault). - * - * Also encode the level of the original translation in the SW bits - * of the leaf entry as a proxy for the span of that translation. - * This will be retrieved on TLB invalidation from the guest and - * used to limit the invalidation scope if a TTL hint or a range - * isn't provided. - */ - if (nested) { - writable &=3D kvm_s2_trans_writable(nested); - if (!kvm_s2_trans_readable(nested)) - prot &=3D ~KVM_PGTABLE_PROT_R; - - prot |=3D kvm_encode_nested_level(nested); - } + if (nested) + adjust_nested_fault_perms(nested, &prot, &writable); =20 kvm_fault_lock(kvm); pgt =3D vcpu->arch.hw_mmu->pgt; @@ -1953,6 +1958,9 @@ int kvm_handle_guest_abort(struct kvm_vcpu *vcpu) goto out_unlock; } =20 + VM_WARN_ON_ONCE(kvm_vcpu_trap_is_permission_fault(vcpu) && + !write_fault && !kvm_vcpu_trap_is_exec_fault(vcpu)); + ret =3D user_mem_abort(vcpu, fault_ipa, nested, memslot, hva, esr_fsc_is_permission_fault(esr)); if (ret =3D=3D 0) --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com [209.85.214.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 56DCF2D238C for ; Tue, 29 Jul 2025 22:56:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829765; cv=none; b=qsUsA0/6n+xuH0ZoLF3QXr+n+JD81Pz1QozYjcNjXLSgIaKd3QUY11BUbP47hR9rWRbJaB9grQKX/fqA72biSINAvnmPBwuZYkZSjgueLufZ/OrZXRXjf8khrVtUlvRXjYTFNzpYooGDh39oKffTTPFY6rtkKYLshXIBi9ZRdpg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829765; c=relaxed/simple; bh=cJ74EwWgT8ssw15s8hHa0q/3vNUXZsCmxE/4AKvCbiA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=T1mKiCcrrXFRHbxL8/2sc+JXbmvyTrzwiiuViUePNP9wrOcLy4l7SyMvek/CIUClmC0YajvO+5eJ/C+vKs1HAXPkRERAbFg11Qk49WSVigfVl8PsmZ8Z+mXa+OuDRBONbwe29XwgreMOWcp0m37K7fzIwq+EXNdJU/1Ms2Kc6Fc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=LAV7+ONL; arc=none smtp.client-ip=209.85.214.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="LAV7+ONL" Received: by mail-pl1-f201.google.com with SMTP id d9443c01a7336-2400117dd80so24904555ad.2 for ; Tue, 29 Jul 2025 15:56:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829763; x=1754434563; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=YGSKpa2fHnKmvhwupUv+p380hnAGu6oGZqnkqfDR1aw=; b=LAV7+ONL9oDItiV51YYBdBeZr3GUP3CA4bMPx/oWYXmLRa5sjeapVDSJNlE7Dp8nlI EU2iBzmKAJYvzXbaMWcOdsbQ4byj5GKac9kQGGnUsYqx4qtqNwp9Cq+u9DKXfhD7hsrA adkOOdgSKrUU4Ibpwhpgaer90aDNnKqhGBc8BVyCDLdbnnb67H2teBTDHZYKvlJalh0k Kbm7+OOC6OYB/5no6BUJa0w959fgEYjxD3YfCu58IUmlJv8G8w3WYRHWdFsO0uoDC4Lo SGEJaw4Um8nWYX1mzsBZOwL8I+6W9dVXRXA2cnL8laaWFr3Xw+WpiPMbrYUmToZHxexb /eqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829763; x=1754434563; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YGSKpa2fHnKmvhwupUv+p380hnAGu6oGZqnkqfDR1aw=; b=Uamyupcg9wBoj5JGZUku9LaBlU72fE/z4PEdDQww6FyqjKEH0xsJs0X2OokQFgcDuB PCOKdgIEdsdWicEBZmG/ujw8p0cQsw9f3EGjH2DFTxajHi66XrGis2eq/5MQoORXJxNN M0elf5KPl+1n2GcwvsoerpdtzSmtyZR48O4ALGimRR/9m4iZY4sfa9gqV9cO1uH+8P3a L4KTdzdfIlrXQ17MaeZ27wIJ9V4etRPZfXHLxETIp+B4mBPSads3a76jXnoF9pxRAObH jI7RXe2VdwOEuDZVJtn9U8MyQb9hqcoMK4lmKzXQJ75XiQxeXn5RBi7+VVQLYzeul8cn OWQQ== X-Forwarded-Encrypted: i=1; AJvYcCWY5sOY0Dvoj3myoB2Pru9zZ1KkH7UHPMEHUsI6dm7AqbITWyTsVZ8suppJ1ko8wDxGwtxikOHm8vNEcNw=@vger.kernel.org X-Gm-Message-State: AOJu0YzJdnfOovYxw5w8ZjAGwuI8s87HBGie/pcqbdb6jx6fKA772QFI 3Upw8hlm9uhQz84PonvVkA3fOqGEsS5+yquwBk+gNSzqvv7KYSjPmxPjGfDhKZLc8O45XmcDu2T ai9/o3w== X-Google-Smtp-Source: AGHT+IFvhUHa66DXw0WO0M1QOBisEEAf0dqbz4+FB+6ytlMqLm65KTleMot3mI0oJ4nV+lB86TE50xbpvCQ= X-Received: from pjk7.prod.google.com ([2002:a17:90b:5587:b0:31f:2a78:943]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:903:2301:b0:240:2ee6:fd45 with SMTP id d9443c01a7336-24096b410d1mr12990695ad.36.1753829762482; Tue, 29 Jul 2025 15:56:02 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:49 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-19-seanjc@google.com> Subject: [PATCH v17 18/24] KVM: arm64: Handle guest_memfd-backed guest page faults From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Add arm64 architecture support for handling guest page faults on memory slots backed by guest_memfd. This change introduces a new function, gmem_abort(), which encapsulates the fault handling logic specific to guest_memfd-backed memory. The kvm_handle_guest_abort() entry point is updated to dispatch to gmem_abort() when a fault occurs on a guest_memfd-backed memory slot (as determined by kvm_slot_has_gmem()). Until guest_memfd gains support for huge pages, the fault granule for these memory regions is restricted to PAGE_SIZE. Reviewed-by: Gavin Shan Reviewed-by: James Houghton Reviewed-by: Marc Zyngier Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/arm64/kvm/mmu.c | 86 ++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 83 insertions(+), 3 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index b3eacb400fab..8c82df80a835 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1512,6 +1512,82 @@ static void adjust_nested_fault_perms(struct kvm_s2_= trans *nested, *prot |=3D kvm_encode_nested_level(nested); } =20 +#define KVM_PGTABLE_WALK_MEMABORT_FLAGS (KVM_PGTABLE_WALK_HANDLE_FAULT | K= VM_PGTABLE_WALK_SHARED) + +static int gmem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, + struct kvm_s2_trans *nested, + struct kvm_memory_slot *memslot, bool is_perm) +{ + bool write_fault, exec_fault, writable; + enum kvm_pgtable_walk_flags flags =3D KVM_PGTABLE_WALK_MEMABORT_FLAGS; + enum kvm_pgtable_prot prot =3D KVM_PGTABLE_PROT_R; + struct kvm_pgtable *pgt =3D vcpu->arch.hw_mmu->pgt; + unsigned long mmu_seq; + struct page *page; + struct kvm *kvm =3D vcpu->kvm; + void *memcache; + kvm_pfn_t pfn; + gfn_t gfn; + int ret; + + ret =3D prepare_mmu_memcache(vcpu, true, &memcache); + if (ret) + return ret; + + if (nested) + gfn =3D kvm_s2_trans_output(nested) >> PAGE_SHIFT; + else + gfn =3D fault_ipa >> PAGE_SHIFT; + + write_fault =3D kvm_is_write_fault(vcpu); + exec_fault =3D kvm_vcpu_trap_is_exec_fault(vcpu); + + VM_WARN_ON_ONCE(write_fault && exec_fault); + + mmu_seq =3D kvm->mmu_invalidate_seq; + /* Pairs with the smp_wmb() in kvm_mmu_invalidate_end(). */ + smp_rmb(); + + ret =3D kvm_gmem_get_pfn(kvm, memslot, gfn, &pfn, &page, NULL); + if (ret) { + kvm_prepare_memory_fault_exit(vcpu, fault_ipa, PAGE_SIZE, + write_fault, exec_fault, false); + return ret; + } + + writable =3D !(memslot->flags & KVM_MEM_READONLY); + + if (nested) + adjust_nested_fault_perms(nested, &prot, &writable); + + if (writable) + prot |=3D KVM_PGTABLE_PROT_W; + + if (exec_fault || + (cpus_have_final_cap(ARM64_HAS_CACHE_DIC) && + (!nested || kvm_s2_trans_executable(nested)))) + prot |=3D KVM_PGTABLE_PROT_X; + + kvm_fault_lock(kvm); + if (mmu_invalidate_retry(kvm, mmu_seq)) { + ret =3D -EAGAIN; + goto out_unlock; + } + + ret =3D KVM_PGT_FN(kvm_pgtable_stage2_map)(pgt, fault_ipa, PAGE_SIZE, + __pfn_to_phys(pfn), prot, + memcache, flags); + +out_unlock: + kvm_release_faultin_page(kvm, page, !!ret, writable); + kvm_fault_unlock(kvm); + + if (writable && !ret) + mark_page_dirty_in_slot(kvm, memslot, gfn); + + return ret !=3D -EAGAIN ? ret : 0; +} + static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, struct kvm_s2_trans *nested, struct kvm_memory_slot *memslot, unsigned long hva, @@ -1536,7 +1612,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys= _addr_t fault_ipa, enum kvm_pgtable_prot prot =3D KVM_PGTABLE_PROT_R; struct kvm_pgtable *pgt; struct page *page; - enum kvm_pgtable_walk_flags flags =3D KVM_PGTABLE_WALK_HANDLE_FAULT | KVM= _PGTABLE_WALK_SHARED; + enum kvm_pgtable_walk_flags flags =3D KVM_PGTABLE_WALK_MEMABORT_FLAGS; =20 if (fault_is_perm) fault_granule =3D kvm_vcpu_trap_get_perm_fault_granule(vcpu); @@ -1961,8 +2037,12 @@ int kvm_handle_guest_abort(struct kvm_vcpu *vcpu) VM_WARN_ON_ONCE(kvm_vcpu_trap_is_permission_fault(vcpu) && !write_fault && !kvm_vcpu_trap_is_exec_fault(vcpu)); =20 - ret =3D user_mem_abort(vcpu, fault_ipa, nested, memslot, hva, - esr_fsc_is_permission_fault(esr)); + if (kvm_slot_has_gmem(memslot)) + ret =3D gmem_abort(vcpu, fault_ipa, nested, memslot, + esr_fsc_is_permission_fault(esr)); + else + ret =3D user_mem_abort(vcpu, fault_ipa, nested, memslot, hva, + esr_fsc_is_permission_fault(esr)); if (ret =3D=3D 0) ret =3D 1; out: --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CC23D2D0C7D for ; Tue, 29 Jul 2025 22:56:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829766; cv=none; b=DWtT0EDann8GR9Sn0c/8xch8QXiWowLqg9e1sYZdRvFdq9k/5ksxr/ZXIij3D4bgJle2QEHiTCaOfP/pBvLJmjYQ3b/VkGZeGV9cJ7ok9gkKzO16aMmDgaTFf3GuLMfchpyVKcxQj+xveHOP8fq69G8YjtkgLbAyQiElmKYfJeo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829766; c=relaxed/simple; bh=maUowEREwbh42ONfrRcy3bj/yfM0pHhiYCFRpCgm01Y=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Y18kKyU5Hk3Gfz6EQd7xLPdxXzJK0PZBkbh5Qtx8Ft7BVyxxO6F6vlapOgXC4uBLBpb3DCiRXGEGxWQDTc0qjCsQ+mgzGctzmrdgZLPczb1HHGsx+yaQbysLj/2gpH9iJkQ77zBzcEbmbO0x6wYWoGBvE8aNV+6UpVkUj6nLn1o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=hWCpEuZ1; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="hWCpEuZ1" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-23fd8c99dbfso29376865ad.2 for ; Tue, 29 Jul 2025 15:56:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829764; x=1754434564; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=2SSy7htSrqmTnWDs8KQ8CPqcAnDaIUsFMxYImLgL19Q=; b=hWCpEuZ1An3pr3TdXxEdpjXy0XQicW06AO8yagv0zQUvssyuhEacwHOK87QTmVpW/W 1I08qTM8yZk4O27m8VsqnWJi3MY6Hein+aPEtK5aECCU4vJfvzTrFFINMh/RX+hhr1/i ZcPJJfQuaLLVObSRXfor116QUIcgGaFdgitutdnt8gO1kaTMZmh8eL3eS/Ry6I8Hp8hA Bj1tl4b7SG+N6+vf7EHTqY5Q3ttdg8oJIN9ZKHP5h7IgFmxUE6FykkBvEut3/vxl17iy eeDYS9PzUW62f3vFdQLdqWi82j2z48hZ8HkougJ/h5WK2jIO/eu/pXgd1jju/0jygtmc UozQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829764; x=1754434564; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2SSy7htSrqmTnWDs8KQ8CPqcAnDaIUsFMxYImLgL19Q=; b=cR/yTadFz5b1CnK8hDU0HX5ommI9cOyPRq1olxfUzdPvwYwumralUl1AxUwyhr8xYu yoOl8SOYYTDuD+9nLmLfNmLmmrMqrbQt/TjiNIaNKBDj9Xv+XF3lZHdhWOd0KkLiRmR9 AYHRYVm9PxRy2sg9lBtWLwsTCaK682JZWaKV6ihnbWCXo+Oq7xNMXYyLWzE0Aecdb8wz YyJ2XvCuN2na4E8l0GGJYXUMQd3TAd1KzpknY4cOkT2NQMFrxDzrgGqjLFYgEhgiQfD0 y02rY6OLYXI4I+nd4vtDdeNeynagtyRD60NgRUqjOXg+BVT/hCw/uMF5kPG/HljSlmaL klPQ== X-Forwarded-Encrypted: i=1; AJvYcCW3mDihH9+Av5Th+lxj9yUtFI1x5usPUl3YCyRNAqYHdTSKF9HHNcrSIXngYYEJRYl1QtMVkdulm1yS8Zo=@vger.kernel.org X-Gm-Message-State: AOJu0YwmxZY5CQzofiMtM1iU0RynYGyIDu9DbecIHjwWvVnO8DDOcexX 3ZyFR/CRZ2dPMP54imlCnKCWubmmPd9k49+rFFRVFMdmzEt65DrK+ZTWJUmsv0caH/XoTW6bz88 VXpp5Sw== X-Google-Smtp-Source: AGHT+IHj/510Mv9kPU5X6CNDct4tYO3yblGBJUqMpY3W6X6yaMqYIgXW779LIryKFKVtTEcES1VIMsFWj3M= X-Received: from pjbsh18.prod.google.com ([2002:a17:90b:5252:b0:31e:cee1:4d04]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:e541:b0:240:7c39:9e4e with SMTP id d9443c01a7336-24096b56cd4mr15158665ad.44.1753829764046; Tue, 29 Jul 2025 15:56:04 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:50 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-20-seanjc@google.com> Subject: [PATCH v17 19/24] KVM: arm64: nv: Handle VNCR_EL2-triggered faults backed by guest_memfd From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Handle faults for memslots backed by guest_memfd in arm64 nested virtualization triggered by VNCR_EL2. * Introduce is_gmem output parameter to kvm_translate_vncr(), indicating whether the faulted memory slot is backed by guest_memfd. * Dispatch faults backed by guest_memfd to kvm_gmem_get_pfn(). * Update kvm_handle_vncr_abort() to handle potential guest_memfd errors. Some of the guest_memfd errors need to be handled by userspace instead of attempting to (implicitly) retry by returning to the guest. Suggested-by: Marc Zyngier Reviewed-by: Marc Zyngier Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/arm64/kvm/nested.c | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/nested.c b/arch/arm64/kvm/nested.c index dc1d26559bfa..b3edd7f7c8cd 100644 --- a/arch/arm64/kvm/nested.c +++ b/arch/arm64/kvm/nested.c @@ -1172,8 +1172,9 @@ static u64 read_vncr_el2(struct kvm_vcpu *vcpu) return (u64)sign_extend64(__vcpu_sys_reg(vcpu, VNCR_EL2), 48); } =20 -static int kvm_translate_vncr(struct kvm_vcpu *vcpu) +static int kvm_translate_vncr(struct kvm_vcpu *vcpu, bool *is_gmem) { + struct kvm_memory_slot *memslot; bool write_fault, writable; unsigned long mmu_seq; struct vncr_tlb *vt; @@ -1216,10 +1217,25 @@ static int kvm_translate_vncr(struct kvm_vcpu *vcpu) smp_rmb(); =20 gfn =3D vt->wr.pa >> PAGE_SHIFT; - pfn =3D kvm_faultin_pfn(vcpu, gfn, write_fault, &writable, &page); - if (is_error_noslot_pfn(pfn) || (write_fault && !writable)) + memslot =3D gfn_to_memslot(vcpu->kvm, gfn); + if (!memslot) return -EFAULT; =20 + *is_gmem =3D kvm_slot_has_gmem(memslot); + if (!*is_gmem) { + pfn =3D __kvm_faultin_pfn(memslot, gfn, write_fault ? FOLL_WRITE : 0, + &writable, &page); + if (is_error_noslot_pfn(pfn) || (write_fault && !writable)) + return -EFAULT; + } else { + ret =3D kvm_gmem_get_pfn(vcpu->kvm, memslot, gfn, &pfn, &page, NULL); + if (ret) { + kvm_prepare_memory_fault_exit(vcpu, vt->wr.pa, PAGE_SIZE, + write_fault, false, false); + return ret; + } + } + scoped_guard(write_lock, &vcpu->kvm->mmu_lock) { if (mmu_invalidate_retry(vcpu->kvm, mmu_seq)) return -EAGAIN; @@ -1292,23 +1308,36 @@ int kvm_handle_vncr_abort(struct kvm_vcpu *vcpu) if (esr_fsc_is_permission_fault(esr)) { inject_vncr_perm(vcpu); } else if (esr_fsc_is_translation_fault(esr)) { - bool valid; + bool valid, is_gmem =3D false; int ret; =20 scoped_guard(read_lock, &vcpu->kvm->mmu_lock) valid =3D kvm_vncr_tlb_lookup(vcpu); =20 if (!valid) - ret =3D kvm_translate_vncr(vcpu); + ret =3D kvm_translate_vncr(vcpu, &is_gmem); else ret =3D -EPERM; =20 switch (ret) { case -EAGAIN: - case -ENOMEM: /* Let's try again... */ break; + case -ENOMEM: + /* + * For guest_memfd, this indicates that it failed to + * create a folio to back the memory. Inform userspace. + */ + if (is_gmem) + return 0; + /* Otherwise, let's try again... */ + break; case -EFAULT: + case -EIO: + case -EHWPOISON: + if (is_gmem) + return 0; + fallthrough; case -EINVAL: case -ENOENT: case -EACCES: --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 136A02D29C6 for ; Tue, 29 Jul 2025 22:56:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829767; cv=none; b=hEjZ6ka5E6FcJTUAejMGa38jZgRs8uIO+4IdQ+Xc5ERALVmNixeLbazPPPkBgFpJ88r2W8s/tVevXyB5f8A80gCpC9Kb8ReQJSKO/DqFQ2OddmLFoM7vgKdeO0vPj464sj50EeY8cbDds2dFu4v79IP44UdgxXAftXDn6OeVOQI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829767; c=relaxed/simple; bh=FDS7h/17Bf9zVz5r9O8pE9JWmV8y8PXqVP5l+lc/jCE=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=XTtih+i9HYROeWpuVF+YjsWc6xkJT3T5YJc3Qqle20QEMbUIyshxbJtLMxvBqvh8vmaDEYPIChl5n3DdOZJEtxRyiB5KYivdtcWKi5TduCeInCGMLBsiM1c15YRU5uBBNl5pAzYppbn7v/9GNBQMT0HpJMl6oYHtGCZBQNIo0Aw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=DuxDQcIK; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="DuxDQcIK" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-31ecb3a3d0aso3031967a91.3 for ; Tue, 29 Jul 2025 15:56:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829765; x=1754434565; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=wF2h8ScGoC7OanPGG/hP6EWf/t8cFJTqDkywcYBe2kU=; b=DuxDQcIKCJ/UYfMLJfn9vIAmZXsarC6MIRYE7jxGf/egl63tClupExawf1K8vb5hcw nRS1K4hIkGi7tmsaNLW7WlP4IPhClAFtqzuCjq3oWa/qRfm1+avmgtYW18SxMnkEQi0j YwKEC3jjAb7FeIXdx1/QD8ifXbARtGeOXqxgMHRrt60QqQfsJ3ao8SM+cMa1QqWxgxny RK1dh3uzTDpYCgxR524yFHQZRJKEDl6Tby9fzMt1ZqT3saQ6/4MsaoqJBMsJEf5Ucwyz bWOexWCe6QhnP7+Ja6fYWylGpHwJcTpuPsBUcusLfYclagxp5Udhss88mGKt+FyM2Mgu 9dFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829765; x=1754434565; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=wF2h8ScGoC7OanPGG/hP6EWf/t8cFJTqDkywcYBe2kU=; b=Tp+vF5ytrTvuS0XKOmMm7aj3rwRsn8HQVuHUjV+5jgMZDaMOyihikzTSV25FLnylLT fDLWPxB4VECcvI9GiBesipJDTLRLj4q/NuaRnA7lzKInGgLLya7lJzTqcOQ5Rkabs3ca BVpMQrmc/Qwrs1fosWH4cfhZqekCHuJ9FlAxbuX1kv53RILFQJk4wilmnG3SjZyRtkpV ju7cqHOPKPK5axOpD/hXhOGqmZTzsKQKrOxdYMO4DbztjkmFglTc+iX9GiMczivCMm1j PWR5+s09hvnIhc2x3q9M0OYhi72IxQpI9VCxyC57+t+Nx8bkpCC0Juju2tmmbDFfOdP2 qStA== X-Forwarded-Encrypted: i=1; AJvYcCWHMT5Z/CZwEEjACZBPfO3rIZD6UiOQlUHqzz2+3O2U4yvAe9dMFs9Iz/j3tEhfGZNt2fR7XPj3qEeCYFA=@vger.kernel.org X-Gm-Message-State: AOJu0Yw8LVEiWdM6xY0VSp+Ck/ItZpCN+Z2mAYkJ3zNWf+8kEOn/qRAW 4TMhzhtNEZjZpnINNSjev5zPF717y+OJB5T+IxJXkwBZU89PARuNx7Oeem0xHrNW/+rd3YKGV9B zH39axw== X-Google-Smtp-Source: AGHT+IEXfNMzWFuUnpYP1cCz6K5G+b+u3Xc0/pqStPWs0koB9KyFWEn1m6GJPyVim24B5D399fJqjTxhm1s= X-Received: from pjyr14.prod.google.com ([2002:a17:90a:e18e:b0:31c:2fe4:33b7]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:562b:b0:311:c939:c851 with SMTP id 98e67ed59e1d1-31f5de2e6dcmr1392130a91.4.1753829765637; Tue, 29 Jul 2025 15:56:05 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:51 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-21-seanjc@google.com> Subject: [PATCH v17 20/24] KVM: arm64: Enable support for guest_memfd backed memory From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Now that the infrastructure is in place, enable guest_memfd for arm64. * Select CONFIG_KVM_GUEST_MEMFD in KVM/arm64 Kconfig. * Enforce KVM_MEMSLOT_GMEM_ONLY for guest_memfd on arm64: Ensure that guest_memfd-backed memory slots on arm64 are only supported if they are intended for shared memory use cases (i.e., kvm_memslot_is_gmem_only() is true). This design reflects the current arm64 KVM ecosystem where guest_memfd is primarily being introduced for VMs that support shared memory. Reviewed-by: James Houghton Reviewed-by: Gavin Shan Reviewed-by: Marc Zyngier Acked-by: David Hildenbrand Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- arch/arm64/kvm/Kconfig | 1 + arch/arm64/kvm/mmu.c | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig index 713248f240e0..bff62e75d681 100644 --- a/arch/arm64/kvm/Kconfig +++ b/arch/arm64/kvm/Kconfig @@ -37,6 +37,7 @@ menuconfig KVM select HAVE_KVM_VCPU_RUN_PID_CHANGE select SCHED_INFO select GUEST_PERF_EVENTS if PERF_EVENTS + select KVM_GUEST_MEMFD help Support hosting virtualized guest machines. =20 diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 8c82df80a835..85559b8a0845 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -2276,6 +2276,13 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, if ((new->base_gfn + new->npages) > (kvm_phys_size(&kvm->arch.mmu) >> PAG= E_SHIFT)) return -EFAULT; =20 + /* + * Only support guest_memfd backed memslots with mappable memory, since + * there aren't any CoCo VMs that support only private memory on arm64. + */ + if (kvm_slot_has_gmem(new) && !kvm_memslot_is_gmem_only(new)) + return -EINVAL; + hva =3D new->userspace_addr; reg_end =3D hva + (new->npages << PAGE_SHIFT); =20 --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com [209.85.216.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 44B742874F1 for ; Tue, 29 Jul 2025 22:56:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829769; cv=none; b=ecb6Sqtd5jbhX+K6nbKG1aqZcnO6OwIfgfeWczIZiPbOATw9Hqb7jMU979ZFfFUtIoNv6UD1ZP+k3eN3KkZExsr2+6XeWV9APxGAbVCZWOAmI2wZEG/I+OmKta/4ETin6+Aw2j/3xCyCR77UNjdRDwicqpa47oLc4UpoyEnhOdA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829769; c=relaxed/simple; bh=vnri19yf9LfJXIcNv1qDJmMwl1WKLHs9dVfwzDC2NUk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=QIWAAcN7Mqk4UWIuO9NEjYh9vSxrRq4XbgNNKMUpW0EZsQzHaFfdhJFdOvIjRz2AE0zgbUo7F25rk3FZ/+Cqdl/K7+dSdxLgG3d9YemDMsGyYJpXxxSqjzpjlXvO2jwhyCmFGA2cDSgvAspJDDUl2rb+f7FxEtbSWR2/nN3Ve/Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=DCEyV34G; arc=none smtp.client-ip=209.85.216.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="DCEyV34G" Received: by mail-pj1-f74.google.com with SMTP id 98e67ed59e1d1-313c3915345so9489245a91.3 for ; Tue, 29 Jul 2025 15:56:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829767; x=1754434567; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=CDh3a2mKi2563DqkffKvhXA2J/RouDXBIlWaKp9FKZM=; b=DCEyV34G5ju/CZ3lV4ft0R3RNuL0H4CgkfF4wiwsmBd2iN6rDFB7GeA91z7ddXn2ms FBTim/hnsHyzqcHQownhv6+WYrmcFhldxMgdPP6N65o5YLhBM/PgFZmuXG76LcPxYgEK EU/C1vk+llANqW1H0Ijub5QNV1lCicS/ohTuJrdw7HEkDfP5M52OO6PVSt9ENGQix0Lx +tQkFopdI/sT5kQRTKiTHXBGO/nT3YxUeoheK+xsgg2QaDnHgh8u/khoUiRndQjJ1kA5 sWGfJP9V++OPKQLLik9578GdLfM/R8Wfro2XAczoNEr6ezk+bytkKpsxdBOOjkeuRMWL PPsw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829767; x=1754434567; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=CDh3a2mKi2563DqkffKvhXA2J/RouDXBIlWaKp9FKZM=; b=SDrRuybJMZOzZpLu15AtBLROtBSdt/ncyCDsaMU2MXJTGdCTPaS88THmWiKXCDhEXO gyWp6lnkc3gVRNryLhmzap7AXrW5Ry9YnnpPil1bkqgYnsQ/N4DNi1x4aCow8jFCpmA3 0nvwuYl3TgSJAt2Egqw3+pu9YVBveMBp7JGYhT80yCv6V/h1vFNrv2IWRQtzzdINIF9L +g08Frg8Ps0/0+6bBjdNPPq6WqElH4OD4A/36lWyDp9CQj3udrON6EOJf8A9poCMd14x 33QvlLbJ2IuQhdLaMsXgJuyetx2pxZa9xLCjh3O1ACXpud3wq2MK6KwUma6ildfKkLd1 YD7Q== X-Forwarded-Encrypted: i=1; AJvYcCXN1m6s8S2oZZQv9BMThm5Zy5vXi27ZDGxrS6aztWi6rLa6OexnX70MHM7XYav0OQ3R22dMrREESNbbQdA=@vger.kernel.org X-Gm-Message-State: AOJu0Ywb7P6GqPAwzc49d4eUMW+r5Z9dVT/fTD3zlberQIJ2wZcx2dcL lxEQETQHYGPeMoqDXbmtDCiam+k3/j6hb5nqJcXlz/9zqjW3EyFGpeTuOuj/MFPlRfX6Ji3RYDD 8VUFIWA== X-Google-Smtp-Source: AGHT+IHC3uJKuTdSzXOEtHPqlvC+coV4BnnQv6uc7mWxcOspxNE/dt4wFfxxPGUhBzxbDLgfuxcg7hNN5F0= X-Received: from pjg6.prod.google.com ([2002:a17:90b:3f46:b0:31c:bd1d:516]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:4a81:b0:31f:210d:2e56 with SMTP id 98e67ed59e1d1-31f5de557femr1551448a91.28.1753829767333; Tue, 29 Jul 2025 15:56:07 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:52 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-22-seanjc@google.com> Subject: [PATCH v17 21/24] KVM: Allow and advertise support for host mmap() on guest_memfd files From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Now that all the x86 and arm64 plumbing for mmap() on guest_memfd is in place, allow userspace to set GUEST_MEMFD_FLAG_MMAP and advertise support via a new capability, KVM_CAP_GUEST_MEMFD_MMAP. The availability of this capability is determined per architecture, and its enablement for a specific guest_memfd instance is controlled by the GUEST_MEMFD_FLAG_MMAP flag at creation time. Update the KVM API documentation to detail the KVM_CAP_GUEST_MEMFD_MMAP capability, the associated GUEST_MEMFD_FLAG_MMAP, and provide essential information regarding support for mmap in guest_memfd. Reviewed-by: David Hildenbrand Reviewed-by: Gavin Shan Reviewed-by: Shivank Garg Reviewed-by: Xiaoyao Li Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/api.rst | 9 +++++++++ include/uapi/linux/kvm.h | 2 ++ virt/kvm/guest_memfd.c | 7 ++++++- virt/kvm/kvm_main.c | 2 ++ 4 files changed, 19 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index fcb783735dd1..1e0c4a68876d 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6414,6 +6414,15 @@ most one mapping per page, i.e. binding multiple mem= ory regions to a single guest_memfd range is not allowed (any number of memory regions can be boun= d to a single guest_memfd file, but the bound ranges must not overlap). =20 +When the capability KVM_CAP_GUEST_MEMFD_MMAP is supported, the 'flags' fie= ld +supports GUEST_MEMFD_FLAG_MMAP. Setting this flag on guest_memfd creation +enables mmap() and faulting of guest_memfd memory to host userspace. + +When the KVM MMU performs a PFN lookup to service a guest fault and the ba= cking +guest_memfd has the GUEST_MEMFD_FLAG_MMAP set, then the fault will always = be +consumed from guest_memfd, regardless of whether it is a shared or a priva= te +fault. + See KVM_SET_USER_MEMORY_REGION2 for additional details. =20 4.143 KVM_PRE_FAULT_MEMORY diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index aeb2ca10b190..0d96d2ae6e5d 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -961,6 +961,7 @@ struct kvm_enable_cap { #define KVM_CAP_ARM_EL2 240 #define KVM_CAP_ARM_EL2_E2H0 241 #define KVM_CAP_RISCV_MP_STATE_RESET 242 +#define KVM_CAP_GUEST_MEMFD_MMAP 243 =20 struct kvm_irq_routing_irqchip { __u32 irqchip; @@ -1597,6 +1598,7 @@ struct kvm_memory_attributes { #define KVM_MEMORY_ATTRIBUTE_PRIVATE (1ULL << 3) =20 #define KVM_CREATE_GUEST_MEMFD _IOWR(KVMIO, 0xd4, struct kvm_create_guest= _memfd) +#define GUEST_MEMFD_FLAG_MMAP (1ULL << 0) =20 struct kvm_create_guest_memfd { __u64 size; diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index d5b445548af4..08a6bc7d25b6 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -314,7 +314,9 @@ static pgoff_t kvm_gmem_get_index(struct kvm_memory_slo= t *slot, gfn_t gfn) =20 static bool kvm_gmem_supports_mmap(struct inode *inode) { - return false; + const u64 flags =3D (u64)inode->i_private; + + return flags & GUEST_MEMFD_FLAG_MMAP; } =20 static vm_fault_t kvm_gmem_fault_user_mapping(struct vm_fault *vmf) @@ -522,6 +524,9 @@ int kvm_gmem_create(struct kvm *kvm, struct kvm_create_= guest_memfd *args) u64 flags =3D args->flags; u64 valid_flags =3D 0; =20 + if (kvm_arch_supports_gmem_mmap(kvm)) + valid_flags |=3D GUEST_MEMFD_FLAG_MMAP; + if (flags & ~valid_flags) return -EINVAL; =20 diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 4f57cb92e109..18f29ef93543 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -4918,6 +4918,8 @@ static int kvm_vm_ioctl_check_extension_generic(struc= t kvm *kvm, long arg) #ifdef CONFIG_KVM_GUEST_MEMFD case KVM_CAP_GUEST_MEMFD: return 1; + case KVM_CAP_GUEST_MEMFD_MMAP: + return !kvm || kvm_arch_supports_gmem_mmap(kvm); #endif default: break; --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AAD502D4B47 for ; Tue, 29 Jul 2025 22:56:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829771; cv=none; b=D+UKdBIINWCHSwJ+3A/he3141VRBiRvwtNGqw+SsmXV3Qv7li3zw8VLxPGKi+FdgWVca2cgXqzF0MX4CIap++H5gIbLurMt7pZFUbmtQ+JMmmIt4Jgw7AHYZI79pziksgW7tBsGDecRYRowk8Klt9qxf+E/81nULDLEjjVosw5Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829771; c=relaxed/simple; bh=OHF0d3xJE+lvk3i6OCBD5mRif8KdjhliFuoV3VGobDk=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=P1/0obkZdNJFuQh0Z49T5ll4ru5J1WkPKHrY37oydCBMl61/fb7Xrn0OfRjBSx+WNZTEA8mktAsqkQ5orEY2M5acl7kKCH/wofmzqoEF8kGGKKiQhlepOaLOgNsGl0Ok/5ncvIFXAVqSYn5Na16/QGIKmRmwVhz/nlJoev1Dqd8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=yK+99fF4; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="yK+99fF4" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-31ea14cc097so3157271a91.3 for ; Tue, 29 Jul 2025 15:56:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829769; x=1754434569; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=+ESC0itWrrYha2Tf9gSEwP/cvcMjKDVsb022arfffBY=; b=yK+99fF405r5uq1Ws9LPVXuOG52sd26T5Jvmpm9j92Cxn7Gof8MySx333f8FJX+OEz d0mU5ucN84y63LoLsPdVzju04tuPN8i9L63jylIuSQIVG/6TXH0MTsiTjm7/SX40Fyar XxY5d3vVuU3MCkAgiD2U9pqfrdbK6dubpgWrCk6ERI/FcDANSIXqUIHa8U5i0hL2FHaR 37ovO/UKY8fhYiWOzLBb/kSJ7D0i8ob7SyisWmiTwEol04gvGIWjGpH3e974WdAOFSVW p6DxETP8UH3xLXwBLH8grAntRjR/dClAu3jrIEF5cIxSi62Jl/5FqMUxBZtZ3YtchQ3S UUKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829769; x=1754434569; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+ESC0itWrrYha2Tf9gSEwP/cvcMjKDVsb022arfffBY=; b=b8JVLPZ7A7dIzknKvpxZrpoKF/GEr/WBdh5CWPBs4kRChqKHfFvg6jHnT3y2GYW1RN VOhoyL3WD2cjnyRZ/9GPt5DyV1U+BXDXTDnDFEHK9QJZ4/hAOg+rQSoVHkXqRbX6zTh7 GrAYvUlJeJzN52jOjaFfE58+uzs6R6UV+QzQEHcS4x9qySgXskkVYMRnOs/dCvQ/iHvM AYpp3Y14jWRB9xnFtP5CY30Uk9FzLkUTg7QIg1oo4W86lKDz/wJ1Pr6ia0qt4GLJfZbf 7kdEl2jYul7nqYA6adrzKBCDbi/f4efCYG/k3kWU/ta1m4Ph6vGYWkXnYuc1pHM1BXCA 2+HQ== X-Forwarded-Encrypted: i=1; AJvYcCUbanzdyE2krfgqHmmArMNH/8vPRJo+FF9DCXsdcuMEKkQVXgP6GQmYFN0DJJX/XjwEhS5fl6ALjXSnUdA=@vger.kernel.org X-Gm-Message-State: AOJu0YzfWXTNB1p+UUVySzwGHn8AOQ8qN3td8CpzQgLPk1ssOUloB9FH FguzIoeafXQ5PE4LUX38ve13G+JdP7spPnJ8bozx8/j2L67RQHlAy8wZRcDYpvhbPdCJnwC66H5 ryFubwg== X-Google-Smtp-Source: AGHT+IEP72ZXZaJ48/ldlCnpX6zM87VMY86dQ66SFrkWz5+rNp24L8qvClHiEDb9z5cTOvOVU6+mQmJCcYQ= X-Received: from pjbst4.prod.google.com ([2002:a17:90b:1fc4:b0:311:f309:e314]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:2683:b0:312:1dc9:9f67 with SMTP id 98e67ed59e1d1-31f5dd6b52fmr1710635a91.2.1753829769155; Tue, 29 Jul 2025 15:56:09 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:53 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-23-seanjc@google.com> Subject: [PATCH v17 22/24] KVM: selftests: Do not use hardcoded page sizes in guest_memfd test From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Update the guest_memfd_test selftest to use getpagesize() instead of hardcoded 4KB page size values. Using hardcoded page sizes can cause test failures on architectures or systems configured with larger page sizes, such as arm64 with 64KB pages. By dynamically querying the system's page size, the test becomes more portable and robust across different environments. Additionally, build the guest_memfd_test selftest for arm64. Reviewed-by: David Hildenbrand Reviewed-by: Shivank Garg Reviewed-by: Gavin Shan Suggested-by: Gavin Shan Signed-off-by: Fuad Tabba Signed-off-by: Sean Christopherson Reviewed-by: Xiaoyao Li --- tools/testing/selftests/kvm/Makefile.kvm | 1 + tools/testing/selftests/kvm/guest_memfd_test.c | 11 ++++++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft= ests/kvm/Makefile.kvm index 40920445bfbe..963687892bcb 100644 --- a/tools/testing/selftests/kvm/Makefile.kvm +++ b/tools/testing/selftests/kvm/Makefile.kvm @@ -174,6 +174,7 @@ TEST_GEN_PROGS_arm64 +=3D arch_timer TEST_GEN_PROGS_arm64 +=3D coalesced_io_test TEST_GEN_PROGS_arm64 +=3D dirty_log_perf_test TEST_GEN_PROGS_arm64 +=3D get-reg-list +TEST_GEN_PROGS_arm64 +=3D guest_memfd_test TEST_GEN_PROGS_arm64 +=3D memslot_modification_stress_test TEST_GEN_PROGS_arm64 +=3D memslot_perf_test TEST_GEN_PROGS_arm64 +=3D mmu_stress_test diff --git a/tools/testing/selftests/kvm/guest_memfd_test.c b/tools/testing= /selftests/kvm/guest_memfd_test.c index ce687f8d248f..341ba616cf55 100644 --- a/tools/testing/selftests/kvm/guest_memfd_test.c +++ b/tools/testing/selftests/kvm/guest_memfd_test.c @@ -146,24 +146,25 @@ static void test_create_guest_memfd_multiple(struct k= vm_vm *vm) { int fd1, fd2, ret; struct stat st1, st2; + size_t page_size =3D getpagesize(); =20 - fd1 =3D __vm_create_guest_memfd(vm, 4096, 0); + fd1 =3D __vm_create_guest_memfd(vm, page_size, 0); TEST_ASSERT(fd1 !=3D -1, "memfd creation should succeed"); =20 ret =3D fstat(fd1, &st1); TEST_ASSERT(ret !=3D -1, "memfd fstat should succeed"); - TEST_ASSERT(st1.st_size =3D=3D 4096, "memfd st_size should match requeste= d size"); + TEST_ASSERT(st1.st_size =3D=3D page_size, "memfd st_size should match req= uested size"); =20 - fd2 =3D __vm_create_guest_memfd(vm, 8192, 0); + fd2 =3D __vm_create_guest_memfd(vm, page_size * 2, 0); TEST_ASSERT(fd2 !=3D -1, "memfd creation should succeed"); =20 ret =3D fstat(fd2, &st2); TEST_ASSERT(ret !=3D -1, "memfd fstat should succeed"); - TEST_ASSERT(st2.st_size =3D=3D 8192, "second memfd st_size should match r= equested size"); + TEST_ASSERT(st2.st_size =3D=3D page_size * 2, "second memfd st_size shoul= d match requested size"); =20 ret =3D fstat(fd1, &st1); TEST_ASSERT(ret !=3D -1, "memfd fstat should succeed"); - TEST_ASSERT(st1.st_size =3D=3D 4096, "first memfd st_size should still ma= tch requested size"); + TEST_ASSERT(st1.st_size =3D=3D page_size, "first memfd st_size should sti= ll match requested size"); TEST_ASSERT(st1.st_ino !=3D st2.st_ino, "different memfd should have diff= erent inode numbers"); =20 close(fd2); --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 112A8287500 for ; Tue, 29 Jul 2025 22:56:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829773; cv=none; b=EXcx6BCD9UpNY07Vo1M1dc9seCSoD5pcT1ovlZaEyyApD/DmQqVEEgz7S1epgCHearO3kYzE3Tyazg6gHmjsGxq1KUDwM8wM2DbVKTIipdB6UCEoMbYii876gRgZgcZYrAehEUiHyBrbafX87e8mdErDCcN1cLfNRtzPFs0aCtk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829773; c=relaxed/simple; bh=qqogocRbIPYi2SUEz/6ntDBaPGUsbNkvJFBtuswKct0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=eVx3HP5hO72BW9sxslbBAKIWrAkvMJWTiGSina/iMfnGt3zazNSPNYeorLNwUuuxdB0qPifx6EkXQsYc15ScEqWv9O8sUt2bTSkhLWThXZQW/XH3Uvy730c0i2OKFYa00ptr98Q42T7LTsHfy5Xe9GITevfm0MpN6DRDDyiw2zw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=s9xSX7MV; arc=none smtp.client-ip=209.85.214.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="s9xSX7MV" Received: by mail-pl1-f202.google.com with SMTP id d9443c01a7336-24011ceafc8so2491145ad.3 for ; Tue, 29 Jul 2025 15:56:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829771; x=1754434571; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=iJsEx4FG6bZLukMaYebCB5jI3mya4Bwx9n+hJfoOxy0=; b=s9xSX7MVuGvgRulGqAbBN0BHU5muZ070wf3EqmIYw0YVhHyi00aBoUHrnjZrFM2//k nhRy2ubaSHuEIrE9XeMeVDgBAbtyPf1H/ugYPW5MVglJcOk2KOSpxcccFBlAmhJxdYiZ kmwKhB2yIRVj14+PY3qOQO7w4iXotBkInuM2HcRFavUMuJPyTJoD/0hPVr04wAsNnuhl 9Xr/yq6Hv4vrdgl+jZGgLcZ9127jmKbRMu8eSIfK2WFZMff5GzJPvtcqhFGDrFyfCXyV n91aU/Q4lays16Op2E2NHR+Zkb1bKXQtZLeWUVmQlH2keq2OGCGsJcAXh+QXoe1omqqJ JjCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829771; x=1754434571; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=iJsEx4FG6bZLukMaYebCB5jI3mya4Bwx9n+hJfoOxy0=; b=qXLrxLVGEJ1qQbHbpSbrqRv/FLxLPPpTqWz0FvG6bigxst9IRZBT9dF6/bm1QSO/uw QsOAKBHuouIWE0yNvislhmqtbrZL4oEi9A3qYWskCT7iR+lqVU3QowGGGkc9ZK72Wxmr AbkjPLASIIth4jwq68BgViwVb2xM822yaVHK7I3Nq8KFZBpzgnPwmbV8eMdPVjxutRfC z5rrKTwczPt9d2ROu9PtbVPG7YucmPYUOAfLhoSGD3md5MOb4pccShzJ9m61OxNwdHSS N2sRJxHoMxWO6CgW2P2vms3EkH1svbxah/f0zn23G1ETJoQ/ax9PoHGTCtAl4dHuL//o nM8g== X-Forwarded-Encrypted: i=1; AJvYcCWbYx0SN1ENh8X31GKTOQG+lO/YIBFdSkK4YgXlaqm2SoweB6yotg6ZYJp+pmh28pheRiywTBgMLCIKPhc=@vger.kernel.org X-Gm-Message-State: AOJu0YzAKdQtIqbrROpG+o/kae2rXjh2D5fHaL7mtiR01/8dArVQv1CX M/EDfP6M+r9M5vUzwP0MQPFtgWuYiFZZgTiS/n6msKYhTCkHETL6uYGYZW4NIONLRrAD4EpP6fH +OZBRlA== X-Google-Smtp-Source: AGHT+IFuvJKbK3bsSX0xIb/YEbZhFW6DEC02S7h04mcxkIxVOmzeLRPCwAt9nWckZ/hRC4rRu0zMmk/gJ8c= X-Received: from pjyr14.prod.google.com ([2002:a17:90a:e18e:b0:31c:2fe4:33b7]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:902:f652:b0:240:79d5:8df4 with SMTP id d9443c01a7336-24096b499fcmr13337365ad.53.1753829771053; Tue, 29 Jul 2025 15:56:11 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:54 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-24-seanjc@google.com> Subject: [PATCH v17 23/24] KVM: selftests: guest_memfd mmap() test when mmap is supported From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Fuad Tabba Expand the guest_memfd selftests to comprehensively test host userspace mmap functionality for guest_memfd-backed memory when supported by the VM type. Introduce new test cases to verify the following: * Successful mmap operations: Ensure that MAP_SHARED mappings succeed when guest_memfd mmap is enabled. * Data integrity: Validate that data written to the mmap'd region is correctly persistent and readable. * fallocate interaction: Test that fallocate(FALLOC_FL_PUNCH_HOLE) correctly zeros out mapped pages. * Out-of-bounds access: Verify that accessing memory beyond the guest_memfd's size correctly triggers a SIGBUS signal. * Unsupported mmap: Confirm that mmap attempts fail as expected when guest_memfd mmap support is not enabled for the specific guest_memfd instance or VM type. * Flag validity: Introduce test_vm_type_gmem_flag_validity() to systematically test that only allowed guest_memfd creation flags are accepted for different VM types (e.g., GUEST_MEMFD_FLAG_MMAP for default VMs, no flags for CoCo VMs). The existing tests for guest_memfd creation (multiple instances, invalid sizes), file read/write, file size, and invalid punch hole operations are integrated into the new test_with_type() framework to allow testing across different VM types. Cc: James Houghton Cc: Gavin Shan Cc: Shivank Garg Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Signed-off-by: Fuad Tabba Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Reviewed-by: Shivank Garg Reviewed-by: Xiaoyao Li --- .../testing/selftests/kvm/guest_memfd_test.c | 161 +++++++++++++++--- 1 file changed, 139 insertions(+), 22 deletions(-) diff --git a/tools/testing/selftests/kvm/guest_memfd_test.c b/tools/testing= /selftests/kvm/guest_memfd_test.c index 341ba616cf55..088053d5f0f5 100644 --- a/tools/testing/selftests/kvm/guest_memfd_test.c +++ b/tools/testing/selftests/kvm/guest_memfd_test.c @@ -13,6 +13,8 @@ =20 #include #include +#include +#include #include #include #include @@ -34,12 +36,83 @@ static void test_file_read_write(int fd) "pwrite on a guest_mem fd should fail"); } =20 -static void test_mmap(int fd, size_t page_size) +static void test_mmap_supported(int fd, size_t page_size, size_t total_siz= e) +{ + const char val =3D 0xaa; + char *mem; + size_t i; + int ret; + + mem =3D mmap(NULL, total_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0= ); + TEST_ASSERT(mem =3D=3D MAP_FAILED, "Copy-on-write not allowed by guest_me= mfd."); + + mem =3D mmap(NULL, total_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + TEST_ASSERT(mem !=3D MAP_FAILED, "mmap() for guest_memfd should succeed."= ); + + memset(mem, val, total_size); + for (i =3D 0; i < total_size; i++) + TEST_ASSERT_EQ(READ_ONCE(mem[i]), val); + + ret =3D fallocate(fd, FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE, 0, + page_size); + TEST_ASSERT(!ret, "fallocate the first page should succeed."); + + for (i =3D 0; i < page_size; i++) + TEST_ASSERT_EQ(READ_ONCE(mem[i]), 0x00); + for (; i < total_size; i++) + TEST_ASSERT_EQ(READ_ONCE(mem[i]), val); + + memset(mem, val, page_size); + for (i =3D 0; i < total_size; i++) + TEST_ASSERT_EQ(READ_ONCE(mem[i]), val); + + ret =3D munmap(mem, total_size); + TEST_ASSERT(!ret, "munmap() should succeed."); +} + +static sigjmp_buf jmpbuf; +void fault_sigbus_handler(int signum) +{ + siglongjmp(jmpbuf, 1); +} + +static void test_fault_overflow(int fd, size_t page_size, size_t total_siz= e) +{ + struct sigaction sa_old, sa_new =3D { + .sa_handler =3D fault_sigbus_handler, + }; + size_t map_size =3D total_size * 4; + const char val =3D 0xaa; + char *mem; + size_t i; + int ret; + + mem =3D mmap(NULL, map_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + TEST_ASSERT(mem !=3D MAP_FAILED, "mmap() for guest_memfd should succeed."= ); + + sigaction(SIGBUS, &sa_new, &sa_old); + if (sigsetjmp(jmpbuf, 1) =3D=3D 0) { + memset(mem, 0xaa, map_size); + TEST_ASSERT(false, "memset() should have triggered SIGBUS."); + } + sigaction(SIGBUS, &sa_old, NULL); + + for (i =3D 0; i < total_size; i++) + TEST_ASSERT_EQ(READ_ONCE(mem[i]), val); + + ret =3D munmap(mem, map_size); + TEST_ASSERT(!ret, "munmap() should succeed."); +} + +static void test_mmap_not_supported(int fd, size_t page_size, size_t total= _size) { char *mem; =20 mem =3D mmap(NULL, page_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); TEST_ASSERT_EQ(mem, MAP_FAILED); + + mem =3D mmap(NULL, total_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + TEST_ASSERT_EQ(mem, MAP_FAILED); } =20 static void test_file_size(int fd, size_t page_size, size_t total_size) @@ -120,26 +193,19 @@ static void test_invalid_punch_hole(int fd, size_t pa= ge_size, size_t total_size) } } =20 -static void test_create_guest_memfd_invalid(struct kvm_vm *vm) +static void test_create_guest_memfd_invalid_sizes(struct kvm_vm *vm, + uint64_t guest_memfd_flags, + size_t page_size) { - size_t page_size =3D getpagesize(); - uint64_t flag; size_t size; int fd; =20 for (size =3D 1; size < page_size; size++) { - fd =3D __vm_create_guest_memfd(vm, size, 0); - TEST_ASSERT(fd =3D=3D -1 && errno =3D=3D EINVAL, + fd =3D __vm_create_guest_memfd(vm, size, guest_memfd_flags); + TEST_ASSERT(fd < 0 && errno =3D=3D EINVAL, "guest_memfd() with non-page-aligned page size '0x%lx' should fail = with EINVAL", size); } - - for (flag =3D BIT(0); flag; flag <<=3D 1) { - fd =3D __vm_create_guest_memfd(vm, page_size, flag); - TEST_ASSERT(fd =3D=3D -1 && errno =3D=3D EINVAL, - "guest_memfd() with flag '0x%lx' should fail with EINVAL", - flag); - } } =20 static void test_create_guest_memfd_multiple(struct kvm_vm *vm) @@ -171,30 +237,81 @@ static void test_create_guest_memfd_multiple(struct k= vm_vm *vm) close(fd1); } =20 -int main(int argc, char *argv[]) +static void test_guest_memfd_flags(struct kvm_vm *vm, uint64_t valid_flags) { - size_t page_size; - size_t total_size; + size_t page_size =3D getpagesize(); + uint64_t flag; int fd; + + for (flag =3D BIT(0); flag; flag <<=3D 1) { + fd =3D __vm_create_guest_memfd(vm, page_size, flag); + if (flag & valid_flags) { + TEST_ASSERT(fd >=3D 0, + "guest_memfd() with flag '0x%lx' should succeed", + flag); + close(fd); + } else { + TEST_ASSERT(fd < 0 && errno =3D=3D EINVAL, + "guest_memfd() with flag '0x%lx' should fail with EINVAL", + flag); + } + } +} + +static void test_guest_memfd(unsigned long vm_type) +{ + uint64_t flags =3D 0; struct kvm_vm *vm; - - TEST_REQUIRE(kvm_has_cap(KVM_CAP_GUEST_MEMFD)); + size_t total_size; + size_t page_size; + int fd; =20 page_size =3D getpagesize(); total_size =3D page_size * 4; =20 - vm =3D vm_create_barebones(); + vm =3D vm_create_barebones_type(vm_type); + + if (vm_check_cap(vm, KVM_CAP_GUEST_MEMFD_MMAP)) + flags |=3D GUEST_MEMFD_FLAG_MMAP; =20 - test_create_guest_memfd_invalid(vm); test_create_guest_memfd_multiple(vm); + test_create_guest_memfd_invalid_sizes(vm, flags, page_size); =20 - fd =3D vm_create_guest_memfd(vm, total_size, 0); + fd =3D vm_create_guest_memfd(vm, total_size, flags); =20 test_file_read_write(fd); - test_mmap(fd, page_size); + + if (flags & GUEST_MEMFD_FLAG_MMAP) { + test_mmap_supported(fd, page_size, total_size); + test_fault_overflow(fd, page_size, total_size); + } else { + test_mmap_not_supported(fd, page_size, total_size); + } + test_file_size(fd, page_size, total_size); test_fallocate(fd, page_size, total_size); test_invalid_punch_hole(fd, page_size, total_size); =20 + test_guest_memfd_flags(vm, flags); + close(fd); + kvm_vm_free(vm); +} + +int main(int argc, char *argv[]) +{ + unsigned long vm_types, vm_type; + + TEST_REQUIRE(kvm_has_cap(KVM_CAP_GUEST_MEMFD)); + + /* + * Not all architectures support KVM_CAP_VM_TYPES. However, those that + * support guest_memfd have that support for the default VM type. + */ + vm_types =3D kvm_check_cap(KVM_CAP_VM_TYPES); + if (!vm_types) + vm_types =3D VM_TYPE_DEFAULT; + + for_each_set_bit(vm_type, &vm_types, BITS_PER_TYPE(vm_types)) + test_guest_memfd(vm_type); } --=20 2.50.1.552.g942d659e1b-goog From nobody Sun Oct 5 20:10:33 2025 Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8009A2D8773 for ; Tue, 29 Jul 2025 22:56:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829775; cv=none; b=Q1CqK5DsAMaKpTvdEr2ZKRBs+N4yQgcepI55JPsF5YTwOnDV8Mo2jZL2uGDU3lqN3FQM74Spw0CIbYD8o9WCdvsNClJ9FJXTOJnP/LyzsHIJLDOPFgWjC+JI7Pg4o9H74KlvHIo6kgIR3cETxSYcDtPwiCLB9W7Zj4b+azK19vY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1753829775; c=relaxed/simple; bh=iqeIz6zYpzKsdgmtTVnjWowKoLeDnq0bjWKhZ9mqs7E=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=KFwzpvbzQARFUNUwjJSqIAWowXq+49Wqoui0uy5bhG1bCkziJAKx86bK+J1LRRzvBPUU9CsZsFCowqc6zka8BeFnlXpujeFGAEWM/pwd38LPeLB+gkAPm1CLPs+i00uueRLfzZR7PPzyW71KZ+J345mWj/FVGCG00cvGMMgC/hs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=KBeHc1KV; arc=none smtp.client-ip=209.85.216.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="KBeHc1KV" Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-31218e2d5b0so10280273a91.2 for ; Tue, 29 Jul 2025 15:56:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1753829773; x=1754434573; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=EorjiQ424BTohGrqf8DNWx/AmqFoym4CNGeVIARROHM=; b=KBeHc1KVJwXSKbp9O+czZQIFCBP4hHC9Sl3G6K5juUs8b+3jEYqaJvhwjUq7gL3vjp JwwJz0j9Wo2qFPkGSf+wq5vEVhiIs92xjffMoe1ar9NcCY3BItYEdKrviEU/rLST5Yeq h9v4UYhaaxQ1Nkh/kTuKtfu5LZD9ZbPRe+Nc+fpEvMxaPxH/70lO9dRGm5gDruzOFWc8 /tGDGwd4DTFvt0Pg9NNvNiIrSAf43jp5AgnwQerklyYdHi4GLfo3mJB0B2YKzmEaiLc5 rS51waiMHl/llJ8pt+5gAjwJo1NC8hrU5GfLdcffomE4GtDdldFY37m9vuTalSNs9JrE 62Gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753829773; x=1754434573; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EorjiQ424BTohGrqf8DNWx/AmqFoym4CNGeVIARROHM=; b=YGmbZWvbq2aR/eMI+i7C+A7NE8vufbhN/9CPzcfzgpqEsqbR2/bXMVEhdpWUIBIYb/ vdOxWn04+ZxfcswdBEUAS7elvieHibFfp+OL1xB7yI7HPhC9da61Q5LO15xFjPWB/pD9 bohbca5kV4usQiD0/dkxJ42Bv6RAeoStYbeJK3cvQiwaZQsCQNcmKCH86qBrgI1+3J4F zDK3S/uwvWBzQpdEua8r14e8TYVOZUSVJF2jB4zBN8TvSPkpjJusbS2Rsx+LZvpFdQae 3ugNdYzQuRlCBuCb1GJuCi8RK3sYDqnpPRcep3pI5mV3M72ZWrIF1A1Z6yzAVpfLTL6S dIpA== X-Forwarded-Encrypted: i=1; AJvYcCUSO7vb5svr0quYuMZlIwH7wf24dB2M5k1+S7eVSyKP5sRxfC0V0Yyc5m/DH9NGT6G7vLCOfj9U+eig4fU=@vger.kernel.org X-Gm-Message-State: AOJu0Yyp55dnBv9DCFGmIl2BJ8UMqoS+QZXIc2cF9+WlOnMJVKrgqUlE a/FH3Qbj0o+mZtNtaFvdWgsEwsc7ot3pQGTJSd2scSbMt7F+Bgx3WJscsjedKMEswaCeLz9cNpa ZUa5ewQ== X-Google-Smtp-Source: AGHT+IHB9c2363ufbpvtr+JBuwDrzcLhfsH2Xd3qM0cBsmlln2L/OVyYyxyGr5yAT46jm6mjT2DN+GL7x3k= X-Received: from pjee15.prod.google.com ([2002:a17:90b:578f:b0:31e:fe0d:f464]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a17:90b:288b:b0:311:df4b:4b94 with SMTP id 98e67ed59e1d1-31f5ddb7ea8mr1459342a91.4.1753829772835; Tue, 29 Jul 2025 15:56:12 -0700 (PDT) Reply-To: Sean Christopherson Date: Tue, 29 Jul 2025 15:54:55 -0700 In-Reply-To: <20250729225455.670324-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250729225455.670324-1-seanjc@google.com> X-Mailer: git-send-email 2.50.1.552.g942d659e1b-goog Message-ID: <20250729225455.670324-25-seanjc@google.com> Subject: [PATCH v17 24/24] KVM: selftests: Add guest_memfd testcase to fault-in on !mmap()'d memory From: Sean Christopherson To: Paolo Bonzini , Marc Zyngier , Oliver Upton , Sean Christopherson Cc: kvm@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, Ira Weiny , Gavin Shan , Shivank Garg , Vlastimil Babka , Xiaoyao Li , David Hildenbrand , Fuad Tabba , Ackerley Tng , Tao Chan , James Houghton Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a guest_memfd testcase to verify that a vCPU can fault-in guest_memfd memory that supports mmap(), but that is not currently mapped into host userspace and/or has a userspace address (in the memslot) that points at something other than the target guest_memfd range. Mapping guest_memfd memory into the guest is supposed to operate completely independently from any userspace mappings. Signed-off-by: Sean Christopherson --- .../testing/selftests/kvm/guest_memfd_test.c | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/tools/testing/selftests/kvm/guest_memfd_test.c b/tools/testing= /selftests/kvm/guest_memfd_test.c index 088053d5f0f5..b86bf89a71e0 100644 --- a/tools/testing/selftests/kvm/guest_memfd_test.c +++ b/tools/testing/selftests/kvm/guest_memfd_test.c @@ -13,6 +13,7 @@ =20 #include #include +#include #include #include #include @@ -21,6 +22,7 @@ =20 #include "kvm_util.h" #include "test_util.h" +#include "ucall_common.h" =20 static void test_file_read_write(int fd) { @@ -298,6 +300,66 @@ static void test_guest_memfd(unsigned long vm_type) kvm_vm_free(vm); } =20 +static void guest_code(uint8_t *mem, uint64_t size) +{ + size_t i; + + for (i =3D 0; i < size; i++) + __GUEST_ASSERT(mem[i] =3D=3D 0xaa, + "Guest expected 0xaa at offset %lu, got 0x%x", i, mem[i]); + + memset(mem, 0xff, size); + GUEST_DONE(); +} + +static void test_guest_memfd_guest(void) +{ + /* + * Skip the first 4gb and slot0. slot0 maps <1gb and is used to back + * the guest's code, stack, and page tables, and low memory contains + * the PCI hole and other MMIO regions that need to be avoided. + */ + const uint64_t gpa =3D SZ_4G; + const int slot =3D 1; + + struct kvm_vcpu *vcpu; + struct kvm_vm *vm; + uint8_t *mem; + size_t size; + int fd, i; + + if (!kvm_has_cap(KVM_CAP_GUEST_MEMFD_MMAP)) + return; + + vm =3D __vm_create_shape_with_one_vcpu(VM_SHAPE_DEFAULT, &vcpu, 1, guest_= code); + + TEST_ASSERT(vm_check_cap(vm, KVM_CAP_GUEST_MEMFD_MMAP), + "Default VM type should always support guest_memfd mmap()"); + + size =3D vm->page_size; + fd =3D vm_create_guest_memfd(vm, size, GUEST_MEMFD_FLAG_MMAP); + vm_set_user_memory_region2(vm, slot, KVM_MEM_GUEST_MEMFD, gpa, size, NULL= , fd, 0); + + mem =3D mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + TEST_ASSERT(mem !=3D MAP_FAILED, "mmap() on guest_memfd failed"); + memset(mem, 0xaa, size); + munmap(mem, size); + + virt_pg_map(vm, gpa, gpa); + vcpu_args_set(vcpu, 2, gpa, size); + vcpu_run(vcpu); + + TEST_ASSERT_EQ(get_ucall(vcpu, NULL), UCALL_DONE); + + mem =3D mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); + TEST_ASSERT(mem !=3D MAP_FAILED, "mmap() on guest_memfd failed"); + for (i =3D 0; i < size; i++) + TEST_ASSERT_EQ(mem[i], 0xff); + + close(fd); + kvm_vm_free(vm); +} + int main(int argc, char *argv[]) { unsigned long vm_types, vm_type; @@ -314,4 +376,6 @@ int main(int argc, char *argv[]) =20 for_each_set_bit(vm_type, &vm_types, BITS_PER_TYPE(vm_types)) test_guest_memfd(vm_type); + + test_guest_memfd_guest(); } --=20 2.50.1.552.g942d659e1b-goog