Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp3448842rwb; Fri, 20 Jan 2023 16:40:43 -0800 (PST) X-Google-Smtp-Source: AMrXdXtb+li/C1dOSxzbV1LHA6jbHfHce7Ab+iaXaloTJ3LB3EtXuY0NvsQMlwa1peYNXr062blt X-Received: by 2002:a17:90b:48d0:b0:226:d7e8:e11f with SMTP id li16-20020a17090b48d000b00226d7e8e11fmr18415861pjb.12.1674261643760; Fri, 20 Jan 2023 16:40:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674261643; cv=none; d=google.com; s=arc-20160816; b=DC0qyeVcO8Tc+R8GkAbUOcCd9EZId3yz+aQubdpT/zO9oiff1GYfveIyx0zUQyyogs jOGzY9Qv042ceyGXlBmGC+qwFZQkzoSlMkEDiNz3pfphtOZnx3aQ5RhDRJxCQk5aSd7T 5JuVAM65cHu56RFYw51NnJzXLBexBUTCMCMLRpD9ODWHgdFSJPQQtpiO+PMmXjL4eyGC tPUszv9ouxMgsp8BQqFJ8s7AGDE0uUE3l4LTITljUcJOUMkaPQt0Z6wTdMoPZ1rTTMvk Jj3dJ1rVux06zDWF2C0HRKvxoMudrkGKf/eHso+MGaCakv+FFWa6AuIYzc/a2JnxsQBD +XnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=g5VuYA7TfsmgF2IHsazybR3ND1uceEDVTzczLitCcAI=; b=SG7saG+Y0o7CYxqFCnPnjBodWFM/HApna6LPjDbbm3tlWTiGXWxEvSS2j7L94ArVhW 6WXNxDDEkjEZB4MN/7sLsM4JWBPCUItYJMoXK+sMVCMehUX3Qz+LiDt5YmQU9RRkh45C E47Y0YjTcBua8NcgI1FIixiLsZrL2qXol0EO/cax4i4qVqUayss/Ws31IhbXPcr8qvyk xBMsC43wT+ERJOYuELPCvlYzGTtmEZXMXb6/039yb4mrTgquGqf8kiSo61bK7ilOTkqJ NTKGAlXh6wAVu3WiYq22D2JulF8Ih9EdWepdgC+FQ7OQNNkY2u+FbJ8AcFJ1z6Go9sec +3eA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AELPrk1z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o71-20020a17090a0a4d00b002270156c063si3678788pjo.37.2023.01.20.16.40.37; Fri, 20 Jan 2023 16:40:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=AELPrk1z; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229781AbjAUATr (ORCPT + 50 others); Fri, 20 Jan 2023 19:19:47 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56482 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229558AbjAUATp (ORCPT ); Fri, 20 Jan 2023 19:19:45 -0500 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9690173ADE for ; Fri, 20 Jan 2023 16:19:07 -0800 (PST) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-4faa8f4bfb9so62583937b3.17 for ; Fri, 20 Jan 2023 16:19:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=g5VuYA7TfsmgF2IHsazybR3ND1uceEDVTzczLitCcAI=; b=AELPrk1zBkNIV9cP+6+WXe2bVRfYoHvxNjoMs7iwc+ivh9gsI07Q+Bc/tiz/KjOul6 fDPoOU+FuoKeDVcWBv8OSHis/6i5iGmPc7YfJqjbM2IuEsKAVmO2YCXUslLxkpb5dDdg AOCiOLWNIb0NxWYVQZn4WUQwpXoAiLzKvjEGNXInDpjjzWkSasuDKjTa822uYkaHxbBG V0omf+WQMWPjk66vRiouDdId4GvlaMLGQw2CEqaurBUIl1DYGcpF9TOjjRG+uKF7mKIO LAqJ5Ie9Dz0YYsaqeX0PLyjoow/xxe4R0LzNB4BEa3C8eAaFZDOGS0Ak6U29A4+ubDOV 8JOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=g5VuYA7TfsmgF2IHsazybR3ND1uceEDVTzczLitCcAI=; b=1tXFcyyF/ETqe6jnoDCfy1pnQ/PtAO7XBl4/GsN0gn6nnYjGPBIVkKTfk5cB+Va0/z WCbBA2BFgIsftnGfoC9nZ4X5sN0aaY7poQX/ouOj57wowwfcXcfl0l+BvZMbKmV1c5mD /KRTrSkLsR+TP4fyV2tAVd1NOq3uShaxeGC0RkDwGCszzETxx/xXUHnAKJ+MjnUs5dNB jUMokkSMvcxpXam8P2Y2q5K/jMtOdSBSViLURuIsNEzTuTnK03/X3YWejydq5LlBk9Lc MftCDi7A0b6S/dmLN5odRU1CJZlcqsuf9hnxgIX3udsDbNF2trLexaNsure2OoP6BOuj 7UvQ== X-Gm-Message-State: AFqh2kqkk4xF0hK8cckN+YXoVbuVdGn2pdHtxmVA9YPUCZ11xaAOzfQQ KrkrAiN+vhg7vO6KEdcBd/IkIFVbeCpCZ65Esg== X-Received: from ackerleytng-cloudtop-sg.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:b30]) (user=ackerleytng job=sendgmr) by 2002:a81:1754:0:b0:4fd:ff18:de6c with SMTP id 81-20020a811754000000b004fdff18de6cmr436255ywx.227.1674260281776; Fri, 20 Jan 2023 16:18:01 -0800 (PST) Date: Sat, 21 Jan 2023 00:15:36 +0000 In-Reply-To: <20230121001542.2472357-1-ackerleytng@google.com> Mime-Version: 1.0 References: <20230121001542.2472357-1-ackerleytng@google.com> X-Mailer: git-send-email 2.39.0.246.g2a6d74b583-goog Message-ID: <20230121001542.2472357-26-ackerleytng@google.com> Subject: [RFC PATCH v3 25/31] KVM: selftests: Add support for restricted memory From: Ackerley Tng To: linux-kselftest@vger.kernel.org Cc: pbonzini@redhat.com, seanjc@google.com, isaku.yamahata@intel.com, sagis@google.com, erdemaktas@google.com, afranji@google.com, runanwang@google.com, shuah@kernel.org, drjones@redhat.com, maz@kernel.org, bgardon@google.com, jmattson@google.com, dmatlack@google.com, peterx@redhat.com, oupton@google.com, ricarkol@google.com, yang.zhong@intel.com, wei.w.wang@intel.com, xiaoyao.li@intel.com, pgonda@google.com, marcorr@google.com, eesposit@redhat.com, borntraeger@de.ibm.com, eric.auger@redhat.com, wangyanan55@huawei.com, aaronlewis@google.com, vkuznets@redhat.com, pshier@google.com, axelrasmussen@google.com, zhenzhong.duan@intel.com, maciej.szmigiero@oracle.com, like.xu@linux.intel.com, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, Ackerley Tng Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org With this, vm_userspace_mem_region_add() can use restricted memory to back guest memory. Signed-off-by: Ackerley Tng --- .../selftests/kvm/include/kvm_util_base.h | 7 ++- .../testing/selftests/kvm/include/test_util.h | 2 + tools/testing/selftests/kvm/lib/kvm_util.c | 48 ++++++++++++++++--- tools/testing/selftests/kvm/lib/test_util.c | 7 +++ 4 files changed, 55 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/kvm/include/kvm_util_base.h b/tools/testing/selftests/kvm/include/kvm_util_base.h index 30453e2de8396..950fd337898e1 100644 --- a/tools/testing/selftests/kvm/include/kvm_util_base.h +++ b/tools/testing/selftests/kvm/include/kvm_util_base.h @@ -33,7 +33,10 @@ typedef uint64_t vm_paddr_t; /* Virtual Machine (Guest) physical address */ typedef uint64_t vm_vaddr_t; /* Virtual Machine (Guest) virtual address */ struct userspace_mem_region { - struct kvm_userspace_memory_region region; + union { + struct kvm_userspace_memory_region region; + struct kvm_userspace_memory_region_ext region_ext; + }; struct sparsebit *unused_phy_pages; struct sparsebit *protected_phy_pages; int fd; @@ -214,7 +217,7 @@ static inline bool kvm_has_cap(long cap) #define kvm_do_ioctl(fd, cmd, arg) \ ({ \ - static_assert(!_IOC_SIZE(cmd) || sizeof(*arg) == _IOC_SIZE(cmd), ""); \ + static_assert(!_IOC_SIZE(cmd) || sizeof(*arg) >= _IOC_SIZE(cmd), ""); \ ioctl(fd, cmd, arg); \ }) diff --git a/tools/testing/selftests/kvm/include/test_util.h b/tools/testing/selftests/kvm/include/test_util.h index befc754ce9b3b..01456a78b3a2e 100644 --- a/tools/testing/selftests/kvm/include/test_util.h +++ b/tools/testing/selftests/kvm/include/test_util.h @@ -94,6 +94,7 @@ enum vm_mem_backing_src_type { VM_MEM_SRC_ANONYMOUS_HUGETLB_1GB, VM_MEM_SRC_ANONYMOUS_HUGETLB_2GB, VM_MEM_SRC_ANONYMOUS_HUGETLB_16GB, + VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD, VM_MEM_SRC_SHMEM, VM_MEM_SRC_SHARED_HUGETLB, NUM_SRC_TYPES, @@ -104,6 +105,7 @@ enum vm_mem_backing_src_type { struct vm_mem_backing_src_alias { const char *name; uint32_t flag; + bool need_restricted_memfd; }; #define MIN_RUN_DELAY_NS 200000UL diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 6673be2f49c31..4e5928fa71c44 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -15,7 +15,6 @@ #include #include #include -#include #define KVM_UTIL_MIN_PFN 2 @@ -799,6 +798,27 @@ void vm_set_user_memory_region(struct kvm_vm *vm, uint32_t slot, uint32_t flags, errno, strerror(errno)); } +/** + * Initialize memory in restricted_fd with size @memory_region_size and return + * the fd. + * + * Errors out if there's any error + */ +static int initialize_restricted_memfd(uint64_t memory_region_size) +{ + int ret; + int mfd = -1; + + mfd = syscall(__NR_memfd_restricted, 0); + TEST_ASSERT(mfd != -1, "Failed to create private memfd"); + ret = ftruncate(mfd, memory_region_size); + TEST_ASSERT(ret != -1, "Failed to resize memfd %d to %lx", mfd, memory_region_size); + ret = fallocate(mfd, 0, 0, memory_region_size); + TEST_ASSERT(ret != -1, "Failed to allocate %lx bytes in memfd %d", memory_region_size, mfd); + + return mfd; +} + /* * VM Userspace Memory Region Add * @@ -830,6 +850,7 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, struct userspace_mem_region *region; size_t backing_src_pagesz = get_backing_src_pagesz(src_type); size_t alignment; + int restricted_memfd = -1; TEST_ASSERT(vm_adjust_num_guest_pages(vm->mode, npages) == npages, "Number of guest pages is not compatible with the host. " @@ -927,14 +948,24 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, /* As needed perform madvise */ if ((src_type == VM_MEM_SRC_ANONYMOUS || - src_type == VM_MEM_SRC_ANONYMOUS_THP) && thp_configured()) { - ret = madvise(region->host_mem, npages * vm->page_size, - src_type == VM_MEM_SRC_ANONYMOUS ? MADV_NOHUGEPAGE : MADV_HUGEPAGE); + src_type == VM_MEM_SRC_ANONYMOUS_THP || + src_type == VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD) && thp_configured()) { + int advice = src_type == VM_MEM_SRC_ANONYMOUS_THP + ? MADV_HUGEPAGE + : MADV_NOHUGEPAGE; + ret = madvise(region->host_mem, npages * vm->page_size, advice); TEST_ASSERT(ret == 0, "madvise failed, addr: %p length: 0x%lx src_type: %s", region->host_mem, npages * vm->page_size, vm_mem_backing_src_alias(src_type)->name); } + if (vm_mem_backing_src_alias(src_type)->need_restricted_memfd) { + restricted_memfd = initialize_restricted_memfd(npages * vm->page_size); + TEST_ASSERT(restricted_memfd != -1, + "Failed to create restricted memfd"); + flags |= KVM_MEM_PRIVATE; + } + region->unused_phy_pages = sparsebit_alloc(); region->protected_phy_pages = sparsebit_alloc(); sparsebit_set_num(region->unused_phy_pages, @@ -944,13 +975,16 @@ void vm_userspace_mem_region_add(struct kvm_vm *vm, region->region.guest_phys_addr = guest_paddr; region->region.memory_size = npages * vm->page_size; region->region.userspace_addr = (uintptr_t) region->host_mem; - ret = __vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region); + region->region_ext.restricted_fd = restricted_memfd; + region->region_ext.restricted_offset = 0; + ret = __vm_ioctl(vm, KVM_SET_USER_MEMORY_REGION, ®ion->region_ext); TEST_ASSERT(ret == 0, "KVM_SET_USER_MEMORY_REGION IOCTL failed,\n" " rc: %i errno: %i\n" " slot: %u flags: 0x%x\n" - " guest_phys_addr: 0x%lx size: 0x%lx", + " guest_phys_addr: 0x%lx size: 0x%lx restricted_fd: %d", ret, errno, slot, flags, - guest_paddr, (uint64_t) region->region.memory_size); + guest_paddr, (uint64_t) region->region.memory_size, + restricted_memfd); /* Add to quick lookup data structures */ vm_userspace_mem_region_gpa_insert(&vm->regions.gpa_tree, region); diff --git a/tools/testing/selftests/kvm/lib/test_util.c b/tools/testing/selftests/kvm/lib/test_util.c index 6d23878bbfe1a..2d53e55d13565 100644 --- a/tools/testing/selftests/kvm/lib/test_util.c +++ b/tools/testing/selftests/kvm/lib/test_util.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -254,6 +255,11 @@ const struct vm_mem_backing_src_alias *vm_mem_backing_src_alias(uint32_t i) */ .flag = MAP_SHARED, }, + [VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD] = { + .name = "anonymous_and_restricted_memfd", + .flag = ANON_FLAGS, + .need_restricted_memfd = true, + }, }; _Static_assert(ARRAY_SIZE(aliases) == NUM_SRC_TYPES, "Missing new backing src types?"); @@ -272,6 +278,7 @@ size_t get_backing_src_pagesz(uint32_t i) switch (i) { case VM_MEM_SRC_ANONYMOUS: case VM_MEM_SRC_SHMEM: + case VM_MEM_SRC_ANONYMOUS_AND_RESTRICTED_MEMFD: return getpagesize(); case VM_MEM_SRC_ANONYMOUS_THP: return get_trans_hugepagesz(); -- 2.39.0.246.g2a6d74b583-goog