Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1838865pxb; Fri, 5 Feb 2021 02:47:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJzLXzy02fprCB2PkwFaQHPeoI9DvdycbQ/AhFQa6yxFnpZL1LveMhTi3P7jkFvhU7M9Kwhn X-Received: by 2002:a17:906:c00c:: with SMTP id e12mr3379557ejz.103.1612522070195; Fri, 05 Feb 2021 02:47:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612522070; cv=none; d=google.com; s=arc-20160816; b=hIzRjPBqsRlhkBh53fBETG8BCpNM1CHNSnjtFEJpa/8+rYCj+wd+NQQMyWnz+j/vNv Qb6DJh3MAb0COfY4+NxS8FpBLhMx7eNJXQ86YstWQBiXY0XKnpJ3RG9PLjRrt80Blct3 YsOIRF9ki8mnc45PYjk1RJVamh7IdLkAVh6kaSGGWAAp4FqQlheu+nDOCSE4eKbMYalY YZRdsJWQiFxDbhqPTLSLJAsUQxi17qYFlf/Sp6iGY40+woDlWUe0U9FkW5KQ339v9OPm U30qs/gls4jJ6aSZJDPbfQtJMi7+ng8oQsQhxbbc2Ex0lmgwhVEG7DlHZvw7POIVt3q3 fOQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=3tCYr3yMCBn+1cr68bRRYsOLCo+XUlob/DqSt8WXr5I=; b=b9UNAO2fnTDxYm4l4o894leIfNB4i80ZLZqWXKyyqI2LeyZBb8sMkUro56oFKFJJsO 8bJUByamYpgiRQkH7OziAptOfbejt+Q7l6DKS8BMXJ4DRrX8DinehM8xq6vB1/BKDDpL oQVzIo7glgVTWb4sxemvMst52nbiFXLrx9AAk4Bzm2yACEePS593Cpvu83UYcoXSfovA 51VLMvv594TTDxrmfCAF2Ctics5iJ0jAEHrW1jkqcqbcDnqZkWaqnL2cZJpCJ0c70Dhe mdsRmOuvzH61Wz948BOk9wwNYBnwh04pDXZX6EcbDyKlnq4oTWNChiP565r4mFSltTC4 zFSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=BkPsdvV8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i13si1897736eje.417.2021.02.05.02.47.23; Fri, 05 Feb 2021 02:47:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=BkPsdvV8; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231504AbhBEKpa (ORCPT + 99 others); Fri, 5 Feb 2021 05:45:30 -0500 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:44288 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231475AbhBEKea (ORCPT ); Fri, 5 Feb 2021 05:34:30 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612521184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=3tCYr3yMCBn+1cr68bRRYsOLCo+XUlob/DqSt8WXr5I=; b=BkPsdvV8yzFiyKRg+p7sehLdIAwS6O/13dNpKElwSIaK5cPt4kdCUI3DoSW/e7ULneDnX7 VOEEcbNkmw54InjsJutDlipla5SjallOVz/Ahp09qrSoynVL4XG96jJZNeuhPrAEGLGJB5 ZfWFWcOIL+MqFo/5eT6oMgCE0KTBjaI= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-99-O305z5ggNiaNLlETfouo-Q-1; Fri, 05 Feb 2021 05:33:02 -0500 X-MC-Unique: O305z5ggNiaNLlETfouo-Q-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BE16C107ACF8; Fri, 5 Feb 2021 10:33:00 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1C20919D9F; Fri, 5 Feb 2021 10:33:00 +0000 (UTC) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: jgg@ziepe.ca, linux-mm@kvack.org, Andrew Morton , dan.j.williams@intel.com Subject: [PATCH 0/2] KVM: do not assume PTE is writable after follow_pfn Date: Fri, 5 Feb 2021 05:32:57 -0500 Message-Id: <20210205103259.42866-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This series is the first step towards fixing KVM's usage of follow_pfn. The immediate fix here is that KVM is not checking the writability of the PFN, which actually dates back to way before the introduction of follow_pfn in commit add6a0cd1c5b ("KVM: MMU: try to fix up page faults before giving up", 2016-07-05). There are more changes needed to invalidate gfn-to-pfn caches from MMU notifiers, but this issue will be tackled later. A more fundamental issue however is that the follow_pfn function is basically impossible to use correctly. Almost all users for example are assuming that the page is writable; KVM was not alone in this mistake. follow_pte, despite not being exported for modules, is a far saner API. Therefore, patch 1 simplifies follow_pte a bit and makes it available to modules. Please review and possibly ack for inclusion in the KVM tree, thanks! Paolo Paolo Bonzini (2): mm: provide a sane PTE walking API for modules KVM: do not assume PTE is writable after follow_pfn arch/s390/pci/pci_mmio.c | 2 +- fs/dax.c | 5 +++-- include/linux/mm.h | 6 ++++-- mm/memory.c | 35 ++++++++++++++++++++++++++++++----- virt/kvm/kvm_main.c | 15 ++++++++++++--- 5 files changed, 50 insertions(+), 13 deletions(-) -- 2.26.2