Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp630311ybl; Fri, 6 Dec 2019 03:45:46 -0800 (PST) X-Google-Smtp-Source: APXvYqxNPYzd8aGE64CfCIuBgoM9gjhqRUnU14fbaQth0+tu2vAy2QdH/5l467iU9N3L3T5dIoDJ X-Received: by 2002:aca:4106:: with SMTP id o6mr11966763oia.173.1575632746854; Fri, 06 Dec 2019 03:45:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575632746; cv=none; d=google.com; s=arc-20160816; b=z6FTptctZJHMqvx9AeLlFve/iBheFgP04h84yKeClI+oJwtGPhICPH1WE15Z3TVXEh CdB0tz+z7fUR/QmfXj6DiHxboUYwRbr7SWwQ9Q2TnJjnq+rb1Al2qHdVD0m4gXo33P/+ W1Dlnau9kZ4PKW3IwGB9E0ixInYxG7zpflkvuVALXQV+jypi3gL2sNZEmlqo+T08Il4j vUFF+rS4ZTWs+VPf05F8B3Q9KU3QQt5sBnunRowYettBl3z0BWl6OkdQqw9Hh12tFKcO /VrbWVRbNV9zBcKyj1wQJJWs1c3+Z1mlcB43M1QX+BnoIPIckdNBlt6h97y95LLv/NMe +WSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:cc:from:date:content-transfer-encoding:mime-version :subject:to; bh=2m8QI6Fr6LLR9svzEosJjqRkz3otMIF5084mB2aKekI=; b=kpSw9UmmhIhPRBf2bilXa0ibptyKIk8glBP5+IuIevvHEIAUh3XbSp9EGwMRewNBwR 5lTQ/+fashuOhAD9N+51oucv1YeErdvP3sW17NsyrQ8csAMa2f+JZgSYRn6lSqy3IlNm X2/YkawdDX4sAKcFMOyr79bA4PqX4vdltBa5FJkO2AnI8KqHBGaBXbtmL/T4dOp1qSdG 556JRoce2qpuT2z1zGAVqA/BybLI5ZARzh9bNwPn/2JnRldjApcpDSOJ8MmXpizHi2P4 JlzPSmHLDMyKqmLP44eoQwGrwsVg6AsN1Rww4WnepJ4lPv/JqJ1HztfJng7R1nZZ9uIq Mpog== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s128si6589654oib.249.2019.12.06.03.45.34; Fri, 06 Dec 2019 03:45:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726237AbfLFLnw (ORCPT + 99 others); Fri, 6 Dec 2019 06:43:52 -0500 Received: from inca-roads.misterjones.org ([213.251.177.50]:35708 "EHLO inca-roads.misterjones.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726128AbfLFLnv (ORCPT ); Fri, 6 Dec 2019 06:43:51 -0500 Received: from www-data by cheepnis.misterjones.org with local (Exim 4.80) (envelope-from ) id 1idC1U-0001s8-GU; Fri, 06 Dec 2019 12:43:48 +0100 To: Jia He Subject: Re: [PATCH] KVM: arm: remove excessive permission check in =?UTF-8?Q?kvm=5Farch=5Fprepare=5Fmemory=5Fregion?= X-PHP-Originating-Script: 0:main.inc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Fri, 06 Dec 2019 11:43:48 +0000 From: Marc Zyngier Cc: James Morse , , , Julien Thierry , Suzuki K Poulose , , Ard Biesheuvel In-Reply-To: <20191206020802.196108-1-justin.he@arm.com> References: <20191206020802.196108-1-justin.he@arm.com> Message-ID: <128917a0fe502137f7575932bbf48fd0@www.loen.fr> X-Sender: maz@kernel.org User-Agent: Roundcube Webmail/0.7.2 X-SA-Exim-Connect-IP: X-SA-Exim-Rcpt-To: justin.he@arm.com, james.morse@arm.com, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, julien.thierry.kdev@gmail.com, suzuki.poulose@arm.com, linux-kernel@vger.kernel.org, ard.biesheuvel@linaro.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on cheepnis.misterjones.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2019-12-06 02:08, Jia He wrote: > In kvm_arch_prepare_memory_region, arm kvm regards the memory region > as > writable if the flag has no KVM_MEM_READONLY, and the vm is readonly > if > !VM_WRITE. > > But there is common usage for setting kvm memory region as follows: > e.g. qemu side (see the PROT_NONE flag) > 1. mmap(NULL, size, PROT_NONE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); > memory_region_init_ram_ptr() > 2. re mmap the above area with read/write authority. > > Such example is used in virtio-fs qemu codes which hasn't been > upstreamed > [1]. But seems we can't forbid this example. > > Without this patch, it will cause an EPERM during > kvm_set_memory_region() > and cause qemu boot crash. > > As told by Ard, "the underlying assumption is incorrect, i.e., that > the > value of vm_flags at this point in time defines how the VMA is used > during its lifetime. There may be other cases where a VMA is created > with VM_READ vm_flags that are changed to VM_READ|VM_WRITE later, and > we are currently rejecting this use case as well." > > [1] > > https://gitlab.com/virtio-fs/qemu/blob/5a356e/hw/virtio/vhost-user-fs.c#L488 > > Cc: Ard Biesheuvel > Suggested-by: Ard Biesheuvel > Signed-off-by: Jia He > --- > virt/kvm/arm/mmu.c | 9 --------- > 1 file changed, 9 deletions(-) > > diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c > index 38b4c910b6c3..a48994af70b8 100644 > --- a/virt/kvm/arm/mmu.c > +++ b/virt/kvm/arm/mmu.c > @@ -2301,15 +2301,6 @@ int kvm_arch_prepare_memory_region(struct kvm > *kvm, > if (!vma || vma->vm_start >= reg_end) > break; > > - /* > - * Mapping a read-only VMA is only allowed if the > - * memory region is configured as read-only. > - */ > - if (writable && !(vma->vm_flags & VM_WRITE)) { > - ret = -EPERM; > - break; > - } > - > /* > * Take the intersection of this VMA with the memory region > */ Applied, thanks. M. -- Jazz is not dead. It just smells funny...