From patchwork Wed Jan 22 15:27:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 859177 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3DD372144B7 for ; Wed, 22 Jan 2025 15:27:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559665; cv=none; b=RX77Im6E0zOmUtuRZqBxum+fUZcRfd1AEaXV3+9oHOD1cdMzlX1s3SIayzJRdc7ghLKeVyZxBm+bOr7fej7gLjiyUkbbodwoD/8+chYg50RuzuN61oV92bn+zRjELLKko2dWlb4u3G3pDZPrfeDjoXtQLNTR9OHTwQZnbO8FZYA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559665; c=relaxed/simple; bh=YoLt3jg672qLkVcu7VIEZbT4qXMy3Xl6u3hot8yMq0w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Ny47p5X1yPLV0FPejbx1PQTlczcRz9+F298p2X6gaQGZ8GnDWjPEy47dN/Szhq22kCfJavVOHIJB10wGSMfzyy5s7GrNUXkVUDXtXmgotO0r7jKsnuCWoyJcGgTGakdtSd1F8FZRlpETvdAzz0OzI2y0FJ8JsvEhUYYgIvpeOjA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=Mv2zG68L; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Mv2zG68L" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-4361c040ba8so38965775e9.1 for ; Wed, 22 Jan 2025 07:27:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737559662; x=1738164462; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=ZDcetJFcXF4ZQue9UQkLlQm0kzILtlW6lFAnbaIvucU=; b=Mv2zG68Lw+N7vH2SpI9JFEsSNWgzbH01vusgC6Yc57RaziGQ2vgalOBgWpnS8z/+yY JLJdyrfPE5PwLBLkZWc4qbNtPCgean02lrIZP/+xBEI4sLxnyrGYdb3ZqatvIlWTQ6S4 lGakXwR4hLlr3QoZYMNXox4BlZnaExc7msSSMGCeCiaocMdc4oU7597TZNhNPB7/Ygx9 kJgKt51YUqD2aETH9oQXWbUeA0VmqOjQyCNubYSkaWzfEkrLrpRRpE5ZPFlu+rkz/bN0 +1JQPOr+BTGXYc4eCBjtBafVM6IXCuWUtkJkP34Fv6lH0Cq05J+v+UwwamEU6krYV0s7 ArDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737559662; x=1738164462; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZDcetJFcXF4ZQue9UQkLlQm0kzILtlW6lFAnbaIvucU=; b=cGSlYuhp12mPRCrwEfgHFEOUpaM2aOJYLMqgm3RbBs2yjwzL97qNja1QR5jDKPqimR PIBZH7vNE9+Q+qfThIX97Va5B/L8jyVHE8XZSvaMT4yDbQ4TaA7NDL1iKYq170pkZqTy 2qJva0FaDQDGRQe3l7HxP4x3GRJNG592Ww51nKssoTUIC0Ajwh06Qrly2CJ8R0P3bU3W R3pm+SElVK0rAC3pZ4au+J/sKEgbZ6rTDK17uo90bJKtRONrrOCZzDWJ+M+EoQ90Kqqm KQJhqjw8B1ECwfYIyPWkbGqJCiVITplOHVqUMHj9KBVpekUJJH220qdhWVcWKRJW6BKf xDpA== X-Forwarded-Encrypted: i=1; AJvYcCU9XZSlGeTei+RtSP2TOmlHzEPJHuDHQBzM0S9HZMHV995UsXcSjCxZly1+V2UIOwY8RfFvY3KL8Ed8BWcE@vger.kernel.org X-Gm-Message-State: AOJu0YzLpB4MStL2gQ27Gv2vaLxKdDVlu7gDfn3p1pkMSAZc+ZTfoiE0 P3PfPsqHwiSFzEgQs/g5qXKN5hjnORz7MOpHMEuaxBxgNxgYuK5lVTNfgC/Zphmw1pdmvymq3w= = X-Google-Smtp-Source: AGHT+IF8KsDXB6MILYgdI4bjHbLtTHjfa5HGKAzChHRDB4DnJXkZq0oaXJyTUpB5YHGdtSJAjVRTemZsTA== X-Received: from wmow21.prod.google.com ([2002:a05:600c:4755:b0:436:e755:a053]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:5101:b0:434:f925:f5c9 with SMTP id 5b1f17b1804b1-438913c85e0mr201044935e9.6.1737559662645; Wed, 22 Jan 2025 07:27:42 -0800 (PST) Date: Wed, 22 Jan 2025 15:27:30 +0000 In-Reply-To: <20250122152738.1173160-1-tabba@google.com> Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250122152738.1173160-1-tabba@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250122152738.1173160-2-tabba@google.com> Subject: [RFC PATCH v1 1/9] KVM: guest_memfd: Allow host to mmap guest_memfd() pages From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, tabba@google.com Add support for mmap() and fault() for guest_memfd in the host for VMs that support in place conversion between shared and private. To that end, this patch adds the ability to check whether the architecture has that support, and only allows mmap() if that's the case. Additionally, this is gated with a new configuration option, CONFIG_KVM_GMEM_MAPPABLE. Signed-off-by: Fuad Tabba --- arch/x86/include/asm/kvm_host.h | 2 + include/linux/kvm_host.h | 11 +++++ virt/kvm/Kconfig | 4 ++ virt/kvm/guest_memfd.c | 71 +++++++++++++++++++++++++++++++++ 4 files changed, 88 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index e159e44a6a1b..c0e149bc1d79 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2206,6 +2206,8 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forced_root_level, #define kvm_arch_has_private_mem(kvm) false #endif +#define kvm_arch_private_mem_inplace(kvm) false + #define kvm_arch_has_readonly_mem(kvm) (!(kvm)->arch.has_protected_state) static inline u16 kvm_read_ldt(void) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 401439bb21e3..ebca0ab4c5e2 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -717,6 +717,17 @@ static inline bool kvm_arch_has_private_mem(struct kvm *kvm) } #endif +/* + * Arch code must define kvm_arch_private_mem_inplace if support for private + * memory is enabled it supports in-place conversion between shared and private. + */ +#if !defined(kvm_arch_private_mem_inplace) && !IS_ENABLED(CONFIG_KVM_PRIVATE_MEM) +static inline bool kvm_arch_private_mem_inplace(struct kvm *kvm) +{ + return false; +} +#endif + #ifndef kvm_arch_has_readonly_mem static inline bool kvm_arch_has_readonly_mem(struct kvm *kvm) { diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index 54e959e7d68f..59400fd8f539 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -124,3 +124,7 @@ config HAVE_KVM_ARCH_GMEM_PREPARE config HAVE_KVM_ARCH_GMEM_INVALIDATE bool depends on KVM_PRIVATE_MEM + +config KVM_GMEM_MAPPABLE + select KVM_PRIVATE_MEM + bool diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 47a9f68f7b24..9ee162bf6bde 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -307,7 +307,78 @@ static pgoff_t kvm_gmem_get_index(struct kvm_memory_slot *slot, gfn_t gfn) return gfn - slot->base_gfn + slot->gmem.pgoff; } +#ifdef CONFIG_KVM_GMEM_MAPPABLE +static vm_fault_t kvm_gmem_fault(struct vm_fault *vmf) +{ + struct inode *inode = file_inode(vmf->vma->vm_file); + struct folio *folio; + vm_fault_t ret = VM_FAULT_LOCKED; + + filemap_invalidate_lock_shared(inode->i_mapping); + + folio = kvm_gmem_get_folio(inode, vmf->pgoff); + if (IS_ERR(folio)) { + ret = VM_FAULT_SIGBUS; + goto out_filemap; + } + + if (folio_test_hwpoison(folio)) { + ret = VM_FAULT_HWPOISON; + goto out_folio; + } + + if (!folio_test_uptodate(folio)) { + unsigned long nr_pages = folio_nr_pages(folio); + unsigned long i; + + for (i = 0; i < nr_pages; i++) + clear_highpage(folio_page(folio, i)); + + folio_mark_uptodate(folio); + } + + vmf->page = folio_file_page(folio, vmf->pgoff); + +out_folio: + if (ret != VM_FAULT_LOCKED) { + folio_unlock(folio); + folio_put(folio); + } + +out_filemap: + filemap_invalidate_unlock_shared(inode->i_mapping); + + return ret; +} + +static const struct vm_operations_struct kvm_gmem_vm_ops = { + .fault = kvm_gmem_fault, +}; + +static int kvm_gmem_mmap(struct file *file, struct vm_area_struct *vma) +{ + struct kvm_gmem *gmem = file->private_data; + + if (!kvm_arch_private_mem_inplace(gmem->kvm)) + return -ENODEV; + + if ((vma->vm_flags & (VM_SHARED | VM_MAYSHARE)) != + (VM_SHARED | VM_MAYSHARE)) { + return -EINVAL; + } + + file_accessed(file); + vm_flags_set(vma, VM_DONTDUMP); + vma->vm_ops = &kvm_gmem_vm_ops; + + return 0; +} +#else +#define kvm_gmem_mmap NULL +#endif /* CONFIG_KVM_GMEM_MAPPABLE */ + static struct file_operations kvm_gmem_fops = { + .mmap = kvm_gmem_mmap, .open = generic_file_open, .release = kvm_gmem_release, .fallocate = kvm_gmem_fallocate, From patchwork Wed Jan 22 15:27:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 859176 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C57132147EE for ; Wed, 22 Jan 2025 15:27:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559670; cv=none; b=L+qvvsQYAhIQqoUiQvHgvHnGE+vq0vjxpoqFge3x4q58JGX9MDht/IqaVZWK31khjZh5RY+Uu7l3On5YM/642hpgZi1/+eSP5SqAMWmQaq9iulRRYB2fXAYcn0Y+aWshmcCxaD1F5FlRLuW0wnu+LsyOwnjUosTQoWFzWSAbsmY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559670; c=relaxed/simple; bh=D84Qgq7kdw2clG1hEN75SuoD1X4BbCJGyi5cAztxsnw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=AO/Ru3ml5qAAHC2wqObsvkOG7AMLha2/+qdAPvmp+hdu+RxEJemgGOAdKgJ5ZVjJeNwW4YBMCT1AVTEVVqRWZUzeuPnNYgNS7yaulRzuMXet5FgzrOhwIVcgoQTHF8jZp9gv6J2BOED7F3c8pWoQ7t0od1MDMf2fbcnQuJ7d/Yo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=kQ+dmfcs; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="kQ+dmfcs" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4361d4e8359so53591675e9.3 for ; Wed, 22 Jan 2025 07:27:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737559667; x=1738164467; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=FPlZyanj/PcXychEccc3pvyCzWy399cCYc+EAQwmx4Q=; b=kQ+dmfcswLXTWMsXhrYyZGAM3gLj9jtJd1tyvomkAT990ixCcIvjzSpUcupMifVIH7 14ipwuaP5fahd5IR4HRvOjqBGdfi6SUVavx+QBnGVixEugaZ2R36mXzTpJWjs0w/9Q1H tGLIVfNwBAMfdVkk7LAnAUk62WNU0SsnyGpXntjv7gyLHejj9OtJnUkz6fIDyYaOYJbr yAeWAKhYo4Dr4TrwxqYTqtfw+hbigiPWuMM1+yXySzUrqwDf0AweZCnxlPOF9tDGWg2s 9AJxeeuXSNB4TJ2H2WeYcewdMczBbBm/wgMwDcLJmi8joptnx6W2DQjKjwo9D1usd2w0 0dVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737559667; x=1738164467; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FPlZyanj/PcXychEccc3pvyCzWy399cCYc+EAQwmx4Q=; b=ww61IgNWAaKDrw+Q8f8LhcNGez91c0Wah5CKGbRrEaBaGXld29lX5q8cGZ5nIR25Vj sR+gPo8fkdMVZY1iEtK72SUQqefim1k3622PhdmQfidTnrXf7k9tVcB8lDTq56arWRBU QWICoe+XlAhVFY55zpmlZnucddYdQRVOZ22Us/odq6sMSLuMWWLQ0ANPzYCg8I1S7bZ0 6ely9FLtUCYHKaetbDTsoHgMCSyk0fI1iLmK7fPp/57wA9P0jL0fuFuhSr8s8FM3fjdg 3IAAAp8qFykLVx5mqaAeWhALNRp04AVM+D0AV2mUY0EmTHVAHkTjno3YHlTdQLN4379B 5eqA== X-Forwarded-Encrypted: i=1; AJvYcCV2uOEgGauHlnfXQKWLR59lc3W1QNCEaN89BAFIkDnbhCjPyVkEtYIFauETEtf0pfDwuorkFumUqArFn2iv@vger.kernel.org X-Gm-Message-State: AOJu0Yxz6v1TTlMDa0unIt3GRxgyrrb/+DTAUhUuGvumCH6uWJFRutiu Bahj72OZBkBK+D8EwVIUdgw9RXnRYo7h0/q18vDqjY2HOuU3GKEgOPqo5gomIORhpQTJnuTTLg= = X-Google-Smtp-Source: AGHT+IErLAZbRWKwqQFdhagPuo0iBKk0JPSfX6aLNC1OqdIBiMLMztGVedsgoVH8z63knrYGAMOhcPpfwA== X-Received: from wmbbi26.prod.google.com ([2002:a05:600c:3d9a:b0:438:ad3b:591a]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:3b0a:b0:434:9c60:95a3 with SMTP id 5b1f17b1804b1-438913ca93cmr223239065e9.11.1737559667157; Wed, 22 Jan 2025 07:27:47 -0800 (PST) Date: Wed, 22 Jan 2025 15:27:32 +0000 In-Reply-To: <20250122152738.1173160-1-tabba@google.com> Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250122152738.1173160-1-tabba@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250122152738.1173160-4-tabba@google.com> Subject: [RFC PATCH v1 3/9] KVM: guest_memfd: Add KVM capability to check if guest_memfd is host mappable From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, tabba@google.com Add the KVM capability KVM_CAP_GUEST_MEMFD_MAPPABLE, which is true if mapping guest memory is supported by the host. Signed-off-by: Fuad Tabba --- include/uapi/linux/kvm.h | 1 + virt/kvm/kvm_main.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 502ea63b5d2e..021f8ef9979b 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -933,6 +933,7 @@ struct kvm_enable_cap { #define KVM_CAP_PRE_FAULT_MEMORY 236 #define KVM_CAP_X86_APIC_BUS_CYCLES_NS 237 #define KVM_CAP_X86_GUEST_MODE 238 +#define KVM_CAP_GUEST_MEMFD_MAPPABLE 239 struct kvm_irq_routing_irqchip { __u32 irqchip; diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index ad9802012a3f..9cd6690b7955 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -4872,6 +4872,10 @@ static int kvm_vm_ioctl_check_extension_generic(struct kvm *kvm, long arg) #ifdef CONFIG_KVM_PRIVATE_MEM case KVM_CAP_GUEST_MEMFD: return !kvm || kvm_arch_has_private_mem(kvm); +#endif +#ifdef CONFIG_KVM_GMEM_MAPPABLE + case KVM_CAP_GUEST_MEMFD_MAPPABLE: + return !kvm || kvm_arch_private_mem_inplace(kvm); #endif default: break; From patchwork Wed Jan 22 15:27:34 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 859175 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3B7DB214A71 for ; Wed, 22 Jan 2025 15:27:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559674; cv=none; b=f4Nhqlx+weBTfpvJZytkXupd4RsLNeTrdTReSI+Jq14eB8Iya/HdRGZFUEhjOPVIj4HiMW4ETAnUf3M1BqA+lVyliOSWDkkwX2JWbN6Kq5xM2CYBCB4XjfnSrxeouWEWSBVu4UU1iuI3TZpPuF24T+lb1+gC9BsAloHNcngM4W4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559674; c=relaxed/simple; bh=Ob6kypo+rDvvEe1SpVMk9She7l8fCRqMuFfEC3q0tDc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=f3sVKrIhTOMaEsMop3aul+/qSQEvXY2wzCdJzEPNUpQwYEE6ST/e7jH8jKAmpsHU+nJoPCS9fLDtdLuVqEyqxyu5MQe3Ee5tzt+7U2Njt0NUAVZwCQO9Aye2KZpNjux21ZS2xWpwfEvfw5infGWZxpaDRX2MeFk1PP+itmDRFOM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=1IjkoAP2; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="1IjkoAP2" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-4362f893bfaso38287615e9.1 for ; Wed, 22 Jan 2025 07:27:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737559671; x=1738164471; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=3HB24ys9olZtoFbzLvLFGPKqOLdaE1YgibZ0bUHAkc0=; b=1IjkoAP24puaPpwiSGRHgpwZCnfQofIhC4NEu/3Fdv1v6hHs9Qc0VTDyn5RvA2Uvef 0JivjRBZGJ/akd3w7xfAP01IGdoBoV3A50Rsc64LS1HVHGAyfn+QczyzGJhooG0YQBZM dzpfD8wnGHTGI7TYp8/MRl7ZuNQhvsVd4qjiTOJHWxkoKERHwIfb5bNE+WyURYiC17pP kZMzkCT3Q+tQIQ1U8k262U6eT/F81WZqhZWBMutgV1OW/q1fyGMoqxIUhJzU3WqRnnuk 4+rlwOvIpHGk/h/sYQNT7uWlFqYv7mNWt34hvQZTro/0DCYIVz16r9380t+Y1imZbaQ2 /L/A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737559671; x=1738164471; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3HB24ys9olZtoFbzLvLFGPKqOLdaE1YgibZ0bUHAkc0=; b=QQEvIwv+/xdT3tacjZ2C3izQi+WDEgXry1xtUzTdiaVmPi1lWEJdcc4qDE4LnA4kyc zRHNYf5G48KpkICY3M+kgjOAefTIxxZ/K3cDhVn1EcltPTAAJJCbJWM4SucQ0BurutRD p9hDEfjk/QXJgfyZTutFnRTMqRKOwPclfwjW8N6l0VhFbg8RlMkQ/tfv3KFBXnfu+jdD XIIS5y42W+HuCYfNeDPasTo8c/nzrhH4BEvrhB54jFUq1ja4j/tZe/XxQ+lM8p2EFWr6 NUMNaQOl9XcNIiKBcR/lPfbtcrAW6fwvJD3qeep7ow4A6/p3cp/NDpGKc/+Dl3F2FAvq 1q0w== X-Forwarded-Encrypted: i=1; AJvYcCVPQfrvJOfRTqdoGjcnmombDRDbSWE4C4NoMt6aGBQr/vCF8paGBk2jGc5Nrgxp6geeyecm+MbsrgMKKRJx@vger.kernel.org X-Gm-Message-State: AOJu0YzzWi8ynkgST4phb3uarLsBHLBG3NX0Pj9T7oMPPJJMSoQ5o0kx kckjD2qmsZLF1CQHYN8n+mMRE15RUzbUxJ3bMQcYYipzTr0pNzE1YL68snh3gAYRpe9KhvDMYA= = X-Google-Smtp-Source: AGHT+IGcoJWLBW4MQy/zV2gFico8bxDEFCQzZhOhvpQ0d8FBU2ybuc79Jv0oLXdNK7/4bqI1+6VtomwTiA== X-Received: from wmbjv16.prod.google.com ([2002:a05:600c:5710:b0:436:e723:5be6]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:5112:b0:434:a5bc:70fc with SMTP id 5b1f17b1804b1-438913cfa0emr202083105e9.8.1737559671492; Wed, 22 Jan 2025 07:27:51 -0800 (PST) Date: Wed, 22 Jan 2025 15:27:34 +0000 In-Reply-To: <20250122152738.1173160-1-tabba@google.com> Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250122152738.1173160-1-tabba@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250122152738.1173160-6-tabba@google.com> Subject: [RFC PATCH v1 5/9] KVM: arm64: Refactor user_mem_abort() calculation of force_pte From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, tabba@google.com To simplify the code and to make the assumptions clearer, refactor user_mem_abort() by immediately setting force_pte to true if logging_active is true. Also, add a check to ensure that the assumption that logging_active is guaranteed to never be true for VM_PFNMAP memslot is true. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/mmu.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 342a9bd3848f..9b1921c1a1a0 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1440,7 +1440,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, bool fault_is_perm) { int ret = 0; - bool write_fault, writable, force_pte = false; + bool write_fault, writable; bool exec_fault, mte_allowed; bool device = false, vfio_allow_any_uc = false; unsigned long mmu_seq; @@ -1452,6 +1452,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, gfn_t gfn; kvm_pfn_t pfn; bool logging_active = memslot_is_logging(memslot); + bool force_pte = logging_active; long vma_pagesize, fault_granule; enum kvm_pgtable_prot prot = KVM_PGTABLE_PROT_R; struct kvm_pgtable *pgt; @@ -1497,12 +1498,13 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, * logging_active is guaranteed to never be true for VM_PFNMAP * memslots. */ - if (logging_active) { - force_pte = true; + if (WARN_ON_ONCE(logging_active && (vma->vm_flags & VM_PFNMAP))) + return -EFAULT; + + if (force_pte) vma_shift = PAGE_SHIFT; - } else { + else vma_shift = get_vma_page_shift(vma, hva); - } switch (vma_shift) { #ifndef __PAGETABLE_PMD_FOLDED From patchwork Wed Jan 22 15:27:36 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 859174 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 896E22144D3 for ; Wed, 22 Jan 2025 15:27:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559679; cv=none; b=ayo07b9vQfTzovI0oRFA32q70gVmC35l2I/U5xbjl6HjZbTybuKIRb6P9BwTnmXjJUXRuFnslvCwsOZJoK+15Rh+BDsf6zh5WiUTsniYQ2aXKgtKlUB7g6rQcsoo6LY5FXj6RuDrAbjjnITA8cv0KA3ycDlFKNQMrQazdGV0Vec= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559679; c=relaxed/simple; bh=8w1WTqUiK31jfnTfzyxBwRvu7b+mgoYkGXHFHXBaL1g=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cixttKfTJHTZ0/xZGXqPJtKNnzwTDfyM0h2bOZRLXxCGFPEczVR9Dh2vLh7ouip6LI3mrUnVRhKogY1R5PcBxhbzvU7NgTBfpoS3+EGB2jtzRHNWyeg1eutfYSt1yZfMJI8vrmGSQOV3XS+BJELxf43GnE3ysCRp+qZzsgYEoYs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=GTvRmw+C; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="GTvRmw+C" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4361b090d23so36979955e9.0 for ; Wed, 22 Jan 2025 07:27:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737559676; x=1738164476; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=5uY+HDVZ7Dp1D+/uAf3D/YK52BSVzxXpdvAU1b299wE=; b=GTvRmw+CLXwi8VUf7MZYCwMfeg7efMiqq6BZXTwFJ8YooPfwWLgDZaLKY82EiXcKad jEseKbLdHEThE9gktHp0naTHduTzzBSS30MB0uF/+Q6g++6GTGP56ZDbOhJit75BKMQI GIStQ2XAAJGC6akFl82WVDhFeP1d2+3FHS/B12Vnv9WtEsLf443wRalX2hBsIDkYdz3m pgWpElBLWdzJwpCTHZtl63Y+bEkLV+qpusQoa99rEQYvBsHCKfxOfJLXdon7tRs5t0H+ mvWrtt/Bik9wCoCjJXQZ01HYKjDwcgn0VPy7XrECz28iMJQi/SYY/8xgLyL8WnqK3Z7f IPzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737559676; x=1738164476; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=5uY+HDVZ7Dp1D+/uAf3D/YK52BSVzxXpdvAU1b299wE=; b=iQvZ3msMEF6z16BkYzFh4IFnaCGTcn6gzkNrZsoS9hYd3fztdcQxzcpO0AUVui0yP+ ikooqXeL25auRRyslsk+4uSmzEVnhbRF7cnCBZgH5pZv1mpQj3JClFNAtSzRJoQEVUjM gzlx3/hMuBy61HA+xQOIv8sLsQc7KwZ88ChIIHyqsT7/+5QoW6LB8l+eYMu18Q+iBpny IrTeyoGaastsOS5f54no6459x4sDB9I+TFLCmaS2JrBWdF7pcTijx2f8Xjw6Wtl4keQY aUGakS3DQ4S5dl67uX3Zaod7nhP+PD+g9E6SDha4dmiyGY3yiRVupgIfPztJqHbqjtw5 rXsw== X-Forwarded-Encrypted: i=1; AJvYcCU5mdSJ9vsSGckL+MCSVrdKqgAXBzCr4rZ+y8yl3LokDD2h98VrGp6FhKzxgac6sDJtsWgEj8LqxjpaeQPW@vger.kernel.org X-Gm-Message-State: AOJu0YzgaoObE4P8Hst5ZT3ZzrW7Q/ck5hk3yO9XhEDwDeg50LDZBmz2 y6PZqjXiW8FwHUVsNkQAMKPHTGfOes4i9rKbKFwn/745Mab+Jjc/D8Q2yajRit0my86W5LclAQ= = X-Google-Smtp-Source: AGHT+IF2hKFLXA7PBCoJ+LiMdi1Un48iNomJH581YLTvT7wM4Qq5KK+uhWlMUrwC1rIHE2BbM0N2m173nA== X-Received: from wmom15.prod.google.com ([2002:a05:600c:460f:b0:436:1a60:654e]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4894:b0:434:a7e7:a1ca with SMTP id 5b1f17b1804b1-43891427762mr182016925e9.20.1737559675909; Wed, 22 Jan 2025 07:27:55 -0800 (PST) Date: Wed, 22 Jan 2025 15:27:36 +0000 In-Reply-To: <20250122152738.1173160-1-tabba@google.com> Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250122152738.1173160-1-tabba@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250122152738.1173160-8-tabba@google.com> Subject: [RFC PATCH v1 7/9] KVM: arm64: Introduce KVM_VM_TYPE_ARM_SW_PROTECTED machine type From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, tabba@google.com Introduce a new virtual machine type, KVM_VM_TYPE_ARM_SW_PROTECTED, to serve as a development and testing vehicle for Confidential (CoCo) VMs, similar to the x86 KVM_X86_SW_PROTECTED_VM type. Initially, this is used to test guest_memfd without needing any underlying protection. Similar to the x86 type, this is currently only for development and testing. Do not use KVM_VM_TYPE_ARM_SW_PROTECTED for "real" VMs, and especially not in production. The behavior and effective ABI for software-protected VMs is unstable. Signed-off-by: Fuad Tabba --- Documentation/virt/kvm/api.rst | 5 +++++ arch/arm64/include/asm/kvm_host.h | 10 ++++++++++ arch/arm64/kvm/arm.c | 5 +++++ arch/arm64/kvm/mmu.c | 3 --- include/uapi/linux/kvm.h | 6 ++++++ 5 files changed, 26 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index f15b61317aad..7953b07c8c2b 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -214,6 +214,11 @@ exposed by the guest CPUs in ID_AA64MMFR0_EL1[PARange]. It only affects size of the address translated by the stage2 level (guest physical to host physical address translations). +KVM_VM_TYPE_ARM_SW_PROTECTED is currently only for development and testing of +confidential VMs without having underlying support. Do not use +KVM_VM_TYPE_ARM_SW_PROTECTED for "real" VMs, and especially not in production. +The behavior and effective ABI for software-protected VMs is unstable. + 4.3 KVM_GET_MSR_INDEX_LIST, KVM_GET_MSR_FEATURE_INDEX_LIST ---------------------------------------------------------- diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index e18e9244d17a..2fdc7e24ae8e 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -380,6 +380,8 @@ struct kvm_arch { * the associated pKVM instance in the hypervisor. */ struct kvm_protected_vm pkvm; + + unsigned long vm_type; }; struct kvm_vcpu_fault_info { @@ -1529,4 +1531,12 @@ void kvm_set_vm_id_reg(struct kvm *kvm, u32 reg, u64 val); #define kvm_has_s1poe(k) \ (kvm_has_feat((k), ID_AA64MMFR3_EL1, S1POE, IMP)) +#define kvm_arch_has_private_mem(kvm) \ + (IS_ENABLED(CONFIG_KVM_PRIVATE_MEM) && \ + ((kvm)->arch.vm_type & KVM_VM_TYPE_ARM_SW_PROTECTED)) + +#define kvm_arch_private_mem_inplace(kvm) \ + (IS_ENABLED(CONFIG_KVM_GMEM_MAPPABLE) && \ + ((kvm)->arch.vm_type & KVM_VM_TYPE_ARM_SW_PROTECTED)) + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index a102c3aebdbc..ecdb8db619d8 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -171,6 +171,9 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) { int ret; + if (type & ~KVM_VM_TYPE_MASK) + return -EINVAL; + mutex_init(&kvm->arch.config_lock); #ifdef CONFIG_LOCKDEP @@ -212,6 +215,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) bitmap_zero(kvm->arch.vcpu_features, KVM_VCPU_MAX_FEATURES); + kvm->arch.vm_type = type; + return 0; err_free_cpumask: diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index adf23618e2a0..b6cbe11dea48 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -869,9 +869,6 @@ static int kvm_init_ipa_range(struct kvm_s2_mmu *mmu, unsigned long type) u64 mmfr0, mmfr1; u32 phys_shift; - if (type & ~KVM_VM_TYPE_ARM_IPA_SIZE_MASK) - return -EINVAL; - phys_shift = KVM_VM_TYPE_ARM_IPA_SIZE(type); if (is_protected_kvm_enabled()) { phys_shift = kvm_ipa_limit; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 021f8ef9979b..5e10a5903a58 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -656,6 +656,12 @@ struct kvm_enable_cap { #define KVM_VM_TYPE_ARM_IPA_SIZE_MASK 0xffULL #define KVM_VM_TYPE_ARM_IPA_SIZE(x) \ ((x) & KVM_VM_TYPE_ARM_IPA_SIZE_MASK) + +#define KVM_VM_TYPE_ARM_SW_PROTECTED (1UL << 9) + +#define KVM_VM_TYPE_MASK (KVM_VM_TYPE_ARM_IPA_SIZE_MASK | \ + KVM_VM_TYPE_ARM_SW_PROTECTED) + /* * ioctls for /dev/kvm fds: */ From patchwork Wed Jan 22 15:27:38 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fuad Tabba X-Patchwork-Id: 859173 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA724215043 for ; Wed, 22 Jan 2025 15:28:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559683; cv=none; b=PP+hCPfGiMys+DR+bknTc5xUEnM2RCr1W6Y3p0rcDaKVNUhoLFC2/hed3pgkvR7hYVqgmnrufWdOMTBVu3fiVSqZ5bsZe6YWC8nRXJ560+lsaM29RKT9TXwmpRVXeaYE8wxuT/5cK/nNtVOwEU7L0oWa+9HB7KxcD+4T2vepJ5w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737559683; c=relaxed/simple; bh=05N3notxAKWirJyACGf6LREsAOUQTVq3cu2+BY4Gews=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=AKsbJQJtMPK9R7AI/JmH1HDCy/8mV9nMlBqfQCujhfbwGTWhaGbrx0MzyP3Eo2uSQTVWw35Nf+PpvE3ETNko7/NPLnCXhTKwR8nZCug43fTTFafkCIMd2rnDCzKDFY7KXhWnVy2CRHFOkOKsd8TOsSljNCJvzxHliXMCORWel24= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ZooG2xU1; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--tabba.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ZooG2xU1" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4361efc9dc6so38252695e9.3 for ; Wed, 22 Jan 2025 07:28:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1737559680; x=1738164480; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=6IPKS54xTLh0G0JL9zAQyWtImcHIleOjiond1cpHBfM=; b=ZooG2xU17v3irOvlLX6O64dMbEkVotYCLHS7LTfRpmZMOghCVCldWNAitSunVJ97aZ ORW3jOtpTURwOdQ7ORCll+Umv85fbo9vO7hOxpkHftMgoTEU3DR/b6ynn1S2/yaW6m59 8R7SQLMpEsRPuEDxpKObLi8jaxEEi73qEj/mKMzo7oo8L9LxL49v3OoZwUbS+tCz6T6x ByQBmeKjoqX6wxvw0080EskmGLikHcFyreFsKKRQJ/R/s8IqAyK/gdlTKSEkgLE5Zav2 VMKzqwKnb59/kVXwM9nWFenCHowgk0UOH16hHGG69q1YmiWfMQlZEYkGB3eqTwqcB0zZ /rCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737559680; x=1738164480; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=6IPKS54xTLh0G0JL9zAQyWtImcHIleOjiond1cpHBfM=; b=Jkx6oZKKRvqjaChQao4LBr+KLgD3rhKxHse9kUVCOdwQ9UGmE2P1Y5+xXSrsAkQvzj SdOTMcvEH0kL0zp3FnM5Rhh2R6r9FJkTIVgALpLP2+sH1vffTcqldpqblGgi0FieF/KJ WdAnx7P6fCwm6B9aaEe8TYNIqh6jXtbbt0g2scVvAS4matNoOI7/2Wk5WsBZy0nHy6T9 6gzYBpBDDt19FyeNawUS7NUU2/RiGb/wYRvt7oXoKql4SGXmmTU0iMbKKVnQN61bSZGF F3089HL+rb+5h0J29jM1zslrWAlxKLO3qV8bFrxbyjNkElnusjvLc2wKWMWa2KJEg+7z OfzQ== X-Forwarded-Encrypted: i=1; AJvYcCVjbj4qStISTA7uL1ZMgP1AAwu4QLFP4u0+NthkOWG5qLHWvfhEwK17I+Q5j+pPmel123E0x9eFfRIoe1Wv@vger.kernel.org X-Gm-Message-State: AOJu0YyUR6fZjbPlEZzULD2sZd2UKWK4X3jS3ed0XZgQWocsQGa4SE12 MpZblrD4CJLrdlfGfDeFytWQsYt+GgXUjbrhkSUG6oek8U9JBJP6AYYjK6C2Ol3BLGB9gpFjgg= = X-Google-Smtp-Source: AGHT+IHKqC3XO4cCp4hQMJG/KxA/l5U2Z4NRyzkp8RVnNUMgP+pHap4S48R+U41XmL0XQuq/sUwK5vqtFQ== X-Received: from wmjt19.prod.google.com ([2002:a7b:c3d3:0:b0:42c:bfc2:aa72]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:4508:b0:431:547e:81d0 with SMTP id 5b1f17b1804b1-438913e1c00mr237078585e9.11.1737559680156; Wed, 22 Jan 2025 07:28:00 -0800 (PST) Date: Wed, 22 Jan 2025 15:27:38 +0000 In-Reply-To: <20250122152738.1173160-1-tabba@google.com> Precedence: bulk X-Mailing-List: linux-arm-msm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20250122152738.1173160-1-tabba@google.com> X-Mailer: git-send-email 2.48.0.rc2.279.g1de40edade-goog Message-ID: <20250122152738.1173160-10-tabba@google.com> Subject: [RFC PATCH v1 9/9] KVM: arm64: Enable mapping guest_memfd in arm64 From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, yu.c.zhang@linux.intel.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, tabba@google.com Enabled mapping guest_memfd in arm64, which would only apply to VMs with the type KVM_VM_TYPE_ARM_SW_PROTECTED. Signed-off-by: Fuad Tabba --- arch/arm64/kvm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig index ead632ad01b4..fe3451f244b5 100644 --- a/arch/arm64/kvm/Kconfig +++ b/arch/arm64/kvm/Kconfig @@ -38,6 +38,7 @@ menuconfig KVM select HAVE_KVM_VCPU_RUN_PID_CHANGE select SCHED_INFO select GUEST_PERF_EVENTS if PERF_EVENTS + select KVM_GMEM_MAPPABLE help Support hosting virtualized guest machines.