Received: by 2002:ab2:7a55:0:b0:1f4:4a7d:290d with SMTP id u21csp244890lqp; Thu, 4 Apr 2024 11:51:39 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXle03p2be56k9XSwDxHcGRSuuO8TRJRn1jpnjaZHxlGzKjjqNKsOzL+2CMemM8ZFHQOT2IocgY8m1SeDaO59FMVrwKJftt4i8zu6op0A== X-Google-Smtp-Source: AGHT+IFxuHyYPMQGuwNUHB7Gu7Yg37mlkB7PrhsXJriY6I5+NwL5zYlffqwHKhyKJR36b14x6ON4 X-Received: by 2002:a50:9b5a:0:b0:56e:603:9fc9 with SMTP id a26-20020a509b5a000000b0056e06039fc9mr2494977edj.3.1712256699001; Thu, 04 Apr 2024 11:51:39 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712256698; cv=pass; d=google.com; s=arc-20160816; b=QikQtW6pHxo6kDd2blVcj045hiE6i2DGoRXpR3Tg9dhHNnsc3/UYtfvExkrcAPNCB6 M99q5hRnaVupO0aKH3lxHMZoHIGVpwPuvfDU2WfG9jxPUEnkcgt5a6Fa2NL2NXkbHkSs MRMQr5+0dmCUwiwnancm21HjYHN8bQjfrJt5gOPFjUTDEzyEbYTRpyk1WqZZm+sSHYYz K95/gxkWfrV8sRXwolKMhgBQY0qSQPBCyhuTblfjaSYpWdYULrad1igVpLFISOeUZzWv +BylMBVT29Kf2HBoY/oY8/qRBtN7k1av+rkfGUV8qMqHGErtm7bRImg65L5J418ufzW0 YVzQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=ZJEIZUQrzsd0Y9E8i/CEuCH1bzGOQtQsL0wQj5bpcwo=; fh=YodCu8Vte8qk6mmfvotnw4P3XuROgs3fniKbwtpv3JY=; b=bdJkKIkPXFWJrfIDZB+6F4P7pJ/dtY+DMynHSCo5BqHXvRZiGiJ7hD6URZ4bcI9kdP tUkcQcd+lJ3xJ6CQoUj15tk95Db0bALlKP99JSR6LTilwzmKIWk36S0zM1cmQv9A3N2s wxKQLdFCJZfNZK0N0cUGC1LFfFiTu6KegkqgVv2Ww4ay3oU2piTIut9zB3ac+1NE7E8D VcpWOh528FG2lOuyLIN+7ae+EKRKEk80lv0P1YHXfGtTMZWl6d/I4TNqwqs74Np29MKm HiwaNiA/l62ZCsrQkgAsbWRCWIQ6TpEs9aLEYsGtjIoPIam49QzEDl2zqnawTFPsoXYm l5hQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=HobvqCh4; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-131989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-131989-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id m6-20020a50d7c6000000b0056be437d0c4si7831761edj.172.2024.04.04.11.51.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 04 Apr 2024 11:51:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-131989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=HobvqCh4; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-131989-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-131989-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id B0F341F25603 for ; Thu, 4 Apr 2024 18:51:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7A005135A70; Thu, 4 Apr 2024 18:50:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="HobvqCh4" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F66C131E25 for ; Thu, 4 Apr 2024 18:50:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712256642; cv=none; b=l3z2+sjoTzYA9e9m0VtXcVRra+IccQVB87WGmTxJby/dFw4luf+nGDp69Lux1rqCKMiDOGyNwJ2essjBSONluUc+jqLT3x1t+JYa7fbSqbZU4PgpG+ENrauUUjLl2SP7+T1nX/1/HiY9sgmsjXnKrDAoeF4mLQW/zXuNz3gJPAE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712256642; c=relaxed/simple; bh=rPyzJzYSSz48gXujx1qLV6V98R9AloP/Cjjmrkp6pHc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Ofis64c7wDNgDUIz+Xwxh2lRVsXHnOPMD73am0DHSQHcjq1hPhup/8eNCtCmG4EK2NgTxeeGwm/84POzO3AGmMokTLxR05+wWNMw2rZgxFlm+0HncEsGPAUTSvdSjDR7xIfz1PVNxAFrAM0pwfVtanBhuQxZaQmfDs8gLJs6EFQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=HobvqCh4; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1712256639; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZJEIZUQrzsd0Y9E8i/CEuCH1bzGOQtQsL0wQj5bpcwo=; b=HobvqCh4pxQkZl5ZLzgyrjRPq1f8+RAd63ai+NPFApJBBqLhnJ2f8+4Ty4RYAc09jIg3+i BZ8SfB9yRztLoVJvfyMLuGe1m909+ZR5cQacZBEgNfkGJJOwSnEMGMVQJ42O24XRlHEEab B9ogN9JishNoWaOiu7tjF1DNyLtkeXE= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-625-opckuniFNKe245UFzdHtFA-1; Thu, 04 Apr 2024 14:50:35 -0400 X-MC-Unique: opckuniFNKe245UFzdHtFA-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 31A9785CE42; Thu, 4 Apr 2024 18:50:35 +0000 (UTC) Received: from virtlab701.virt.lab.eng.bos.redhat.com (virtlab701.virt.lab.eng.bos.redhat.com [10.19.152.228]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0BACF1C060A4; Thu, 4 Apr 2024 18:50:35 +0000 (UTC) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, michael.roth@amd.com, isaku.yamahata@intel.com Subject: [PATCH 02/11] KVM: guest_memfd: Use AS_INACCESSIBLE when creating guest_memfd inode Date: Thu, 4 Apr 2024 14:50:24 -0400 Message-ID: <20240404185034.3184582-3-pbonzini@redhat.com> In-Reply-To: <20240404185034.3184582-1-pbonzini@redhat.com> References: <20240404185034.3184582-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7 From: Michael Roth truncate_inode_pages_range() may attempt to zero pages before truncating them, and this will occur before arch-specific invalidations can be triggered via .invalidate_folio/.free_folio hooks via kvm_gmem_aops. For AMD SEV-SNP this would result in an RMP #PF being generated by the hardware, which is currently treated as fatal (and even if specifically allowed for, would not result in anything other than garbage being written to guest pages due to encryption). On Intel TDX this would also result in undesirable behavior. Set the AS_INACCESSIBLE flag to prevent the MM from attempting unexpected accesses of this sort during operations like truncation. This may also in some cases yield a decent performance improvement for guest_memfd userspace implementations that hole-punch ranges immediately after private->shared conversions via KVM_SET_MEMORY_ATTRIBUTES, since the current implementation of truncate_inode_pages_range() always ends up zero'ing an entire 4K range if it is backing by a 2M folio. Link: https://lore.kernel.org/lkml/ZR9LYhpxTaTk6PJX@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Michael Roth Message-ID: <20240329212444.395559-6-michael.roth@amd.com> Signed-off-by: Paolo Bonzini --- virt/kvm/guest_memfd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 0f4e0cf4f158..5a929536ecf2 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -357,6 +357,7 @@ static int __kvm_gmem_create(struct kvm *kvm, loff_t size, u64 flags) inode->i_private = (void *)(unsigned long)flags; inode->i_op = &kvm_gmem_iops; inode->i_mapping->a_ops = &kvm_gmem_aops; + inode->i_mapping->flags |= AS_INACCESSIBLE; inode->i_mode |= S_IFREG; inode->i_size = size; mapping_set_gfp_mask(inode->i_mapping, GFP_HIGHUSER); -- 2.43.0