From patchwork Tue Sep 10 23:44:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ackerley Tng X-Patchwork-Id: 13799508 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71BC7EE01F2 for ; Tue, 10 Sep 2024 23:46:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DE7A48D00EE; Tue, 10 Sep 2024 19:45:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D462D8D00E2; Tue, 10 Sep 2024 19:45:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BBE778D00EE; Tue, 10 Sep 2024 19:45:37 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 965D88D00E2 for ; Tue, 10 Sep 2024 19:45:37 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 4983A1404DA for ; Tue, 10 Sep 2024 23:45:37 +0000 (UTC) X-FDA: 82550463114.18.136EB8F Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com [209.85.216.73]) by imf15.hostedemail.com (Postfix) with ESMTP id 67C13A000E for ; Tue, 10 Sep 2024 23:45:35 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=mLzbLvkV; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf15.hostedemail.com: domain of 3HdrgZgsKCJIwy60D70KF922AA270.yA8749GJ-886Hwy6.AD2@flex--ackerleytng.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3HdrgZgsKCJIwy60D70KF922AA270.yA8749GJ-886Hwy6.AD2@flex--ackerleytng.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1726011859; a=rsa-sha256; cv=none; b=dm8ByyEAXPBdsgRN69q/0+Zq225nUIjWkZZijlCWx9GcjhLgSmZF1dQRJRoCLxJpg8eNVg l1uod84bCIUcc9eQiSrJGcv4Pmsv1nNZGLak4toyUvmjXVZX7t/UeO9YmnrLgZTPLcMGB6 o0ypEMRcVhVMUUFojdJ9u1GGGDmWzZY= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=mLzbLvkV; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf15.hostedemail.com: domain of 3HdrgZgsKCJIwy60D70KF922AA270.yA8749GJ-886Hwy6.AD2@flex--ackerleytng.bounces.google.com designates 209.85.216.73 as permitted sender) smtp.mailfrom=3HdrgZgsKCJIwy60D70KF922AA270.yA8749GJ-886Hwy6.AD2@flex--ackerleytng.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1726011859; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=PU0eLeT/Khb6QlOSfPgwKdSujIEPbf2Mi98Qjlq+ljA=; b=jUi018+ZgWBUZ9VW1RmD3YvuTH/6veXdUTIfeypBwPfWTbQViVw/JLKFsrs9ZgoJeRlOLV 9bRp6zzkLZypXuPUdi/539yboEaZxh1hnEKzjb6r0SbRs6R514qT4s7t/eDFBE/czH+ASy fGCkIfL6wr/P7z8Em95cIXbNwz1m/zk= Received: by mail-pj1-f73.google.com with SMTP id 98e67ed59e1d1-2d86e9da90cso1157868a91.2 for ; Tue, 10 Sep 2024 16:45:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1726011934; x=1726616734; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=PU0eLeT/Khb6QlOSfPgwKdSujIEPbf2Mi98Qjlq+ljA=; b=mLzbLvkVk5WHzBEiGn/TbRw+ITFwWwdwkA/CfupF1nmFIlvBFHTS/ikVQ0O09dD5+9 41vJYoyC0SrSKRjT40UJArDcBqy/uCPaBdM+xPq/1OuRXnCbqQu9/FvjyPdnRKBKt4Bw S7eaWrm7zQ80/96pUawG1CVOj1OdiuFy98gMh2hJnDmS59EMC6DqiskJbmT9fb/BF8aw qZI8AVW3KNFUZmCCR8Y5EncLWzUtEfobJjzNxmMJa/VZ6NUB7sEkmzLanSpHHrNU5Xei mg6cVMs5/PMj7hKfkWqELlAIT6NYcjA/5+Rc7eIvdC/EkKORHbYaismCF/BvTVt2aWst Tj1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1726011934; x=1726616734; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=PU0eLeT/Khb6QlOSfPgwKdSujIEPbf2Mi98Qjlq+ljA=; b=PB1iUYnXxrAFvwm4zIcTFYxTRr3VOS19pGwXhdwwScwP2YyY887pKt3NTkvPN/jF8b Ht0+wPXbZIp9ha9rYcAcar4bD08MFtA2q92Eq2cBNZKmBi+uOTUq4LYFIULJAcCV9YUU 9VvUt/+OTruyph8OiwDbjs7Aqn9OsqO02v/Si+qXgSmlpfVPzoAC9XaYYnNuPbZd6uuf ZDVT3fks0D4X3Q0Clfa5THZNXxj6N4qAgabG/TzZJNQ8OIA5s5lAQJLwWMHUuK7/q1D+ NlHxW9ngAZoNpWVMx41VyBlqyf8UNpOiF+i0ViPx7ld9nqhSXw+LO35ogP7XW1tqnl63 Qfww== X-Forwarded-Encrypted: i=1; AJvYcCUDYU9dnuVSNwhav7qe4TfuuDvjXciCdn8rhLZcu6cdu/60pH5hXkn3sv9J7W/rNdevbSlS7oALmw==@kvack.org X-Gm-Message-State: AOJu0YwppTn7kaAoxcVK8DhmG/J2NH47MszetQ5OARClLm4PHRsz8da4 m2B/X1RUHEGL+ma5Dr/WFHT4U3RoBmoIIMvF8U8MfYZFN/U2pXhUQCI1HzLbLb/H64TCj4269ck 6fme1ZpWM47ZRPPzteciRjw== X-Google-Smtp-Source: AGHT+IFVTG93FUeTatq9dmJkXI56Xlmri3CwyYIl4IemmSnQkPMQ4ndLEBPGw8YCyak9fs0iNwaTmELdbdpO3NZKxw== X-Received: from ackerleytng-ctop.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:13f8]) (user=ackerleytng job=sendgmr) by 2002:a17:902:f687:b0:206:c776:4f11 with SMTP id d9443c01a7336-207522167damr522595ad.8.1726011933308; Tue, 10 Sep 2024 16:45:33 -0700 (PDT) Date: Tue, 10 Sep 2024 23:44:06 +0000 In-Reply-To: Mime-Version: 1.0 References: X-Mailer: git-send-email 2.46.0.598.g6f2099f65c-goog Message-ID: <09892ae14d06596aee8b766b5908c8a7fdda85b4.1726009989.git.ackerleytng@google.com> Subject: [RFC PATCH 35/39] KVM: selftests: Test that pinned pages block KVM from setting memory attributes to PRIVATE From: Ackerley Tng To: tabba@google.com, quic_eberman@quicinc.com, roypat@amazon.co.uk, jgg@nvidia.com, peterx@redhat.com, david@redhat.com, rientjes@google.com, fvdl@google.com, jthoughton@google.com, seanjc@google.com, pbonzini@redhat.com, zhiquan1.li@intel.com, fan.du@intel.com, jun.miao@intel.com, isaku.yamahata@intel.com, muchun.song@linux.dev, mike.kravetz@oracle.com Cc: erdemaktas@google.com, vannapurve@google.com, ackerleytng@google.com, qperret@google.com, jhubbard@nvidia.com, willy@infradead.org, shuah@kernel.org, brauner@kernel.org, bfoster@redhat.com, kent.overstreet@linux.dev, pvorel@suse.cz, rppt@kernel.org, richard.weiyang@gmail.com, anup@brainfault.org, haibo1.xu@intel.com, ajones@ventanamicro.com, vkuznets@redhat.com, maciej.wieczor-retman@intel.com, pgonda@google.com, oliver.upton@linux.dev, linux-kernel@vger.kernel.org, linux-mm@kvack.org, kvm@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-fsdevel@kvack.org X-Rspamd-Queue-Id: 67C13A000E X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: ror4pbm3oswcuqioic1cskd98a7i5zy6 X-HE-Tag: 1726011935-753232 X-HE-Meta: U2FsdGVkX19rxlJU5TF99/abMrCa8OcyFIceCQ62xPlaDYvsAy6XPQMqdKyBq3+u4UbaUcNedlmALT0qY+J3gDyH/wnpY3DIlMym8Km61lo6pjAr966Cj9OYquA3iFEMpDBDJrJbbZa0nNl0Aia0+WoF9lmk2kOGlyHUt7gPcXmqWesWuMDeSSQeCI8ZJRj5LH01RiP3Qlv5nYQ541WOuBwgXsT9j7xfH4O8+0CpcM8gEL4bzSju6dqrMJ3B7ji/v6Q6ookrPTlr5s73nVoZQah0bGtXgXmxhNW5xyZYGR0nCeiEAXDRI9PNRt2C9Jvp/04avT2DnCcAXuOT4NTLJHNKsfWJziGVCkJoL6fUBWk7j4us8M/qQ/zkckCQvEZsaDqPnRT37j1p5tkvyBgZ1yamInHpF8jVy71+iUo7D1eDBVuCYa1Vnyg5V/lk969+iLvoMicsAa32HQuxoRZr7OCH7HecTSBbqaoSIEaEsWTCA9nrOgKkfWFWUwYflvCgY3D3UbAoY2p0UIYsdk/xADXpoh2ifHHN59ojDfA+e6XCM58hedBr+Z+2KaYIT6JH84Qjc4pCVYHUGeWEUNQJWlCgPoyEW9tPuMljpw3rzSF8KJCoUhQXOin67afLHLohMI3BFILuJpMae91/aIKGfIfybvcicMUzUXsxb7FYe/OnIVZFJ8cUE2UHVsl8wjwdLP8+31jeAbss2r9ym3AcGeHUuhVZedUZDkvxmmGA2mjboU6N5EF+qwq52cc9KJNY1J7Rn0T1/SDKnQZaiV57cXwsPaafeCb0Bl9z7jNXXqXty03f6StHocTwHJcZX364su2pMWzF4MCxYvN+ifvop9NzjYQ5e92O2pC9FOo3pQNsqZhkK5IBeSlrR3Ci5XF0DbWSmqHw9gVFt/5dItfehWLkrLll3z7cN8+oxOtH4euZLwMgLNJfFNm4fAmWNVlcX76+Qa8q7mH+TnNAfsT 2xbC9vaU 5ShrjJ3l2jbdw3RGIp1KrkAu3IdAYUFLc254RImKjKm11uIYpplN0wZkBtmw4qDcn/3IaS8SnGMjfysLH/2QmCWcSOrHHgJcPW2+G+FJLPWinME4CkN0i1m/mqdCaaFeIvhFk6vRC1n1yR5YTxOp9ZNnVWrYa6Eb6heV6A9TmcRRB41j+1Zj26eCiKzAVqriDBDI4yhnv4Az0ENEznEsMSeNinXdSL4/LLDri3B49LGrllux2VJ4eUOMjHQade/POwVT8P7+/dZHiCUR37EtEZwBJPggjtvrcgBiP8bJ/JUztizvETtkDqsqr+SUixnEP16GCp3dGRhm3lnxuW/B1XIM1ZxuYMz/IIOklNTpOQiaXNf6+pyasIvc7vBH1JhIn52DBkle0tYFz+8HnThc8Ojy+qA5VvQ+pTrOr7nHsGpAiroliLfieDrgUExuIdPH1KO1RTcKqPjy8a8e3ZSip4G/CZhOqBlSmBPStB9jl78R3cburDwV2RxKTlQsK7JY/A/QcHzAh55R1G3PqbjM4SQtgfdk95DZ2aVGTSvv/knQn4ibBLzaBw3z3HlwQG+s/DI5SMoI4WI4rtQ7CSFZzAf9TnUye4vjHbIvSeM+FZOawEN8FtY1m9qIGNCBE3gT41VUjhleYqI+HpFaFfvSftc16UA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000048, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: CONFIG_GUP_TEST provides userspace with an ioctl to invoke pin_user_pages(), and this test uses the ioctl to pin pages, to check that memory attributes cannot be set to private if shared pages are pinned. Signed-off-by: Ackerley Tng --- tools/testing/selftests/kvm/Makefile | 1 + .../selftests/kvm/guest_memfd_pin_test.c | 104 ++++++++++++++++++ 2 files changed, 105 insertions(+) create mode 100644 tools/testing/selftests/kvm/guest_memfd_pin_test.c diff --git a/tools/testing/selftests/kvm/Makefile b/tools/testing/selftests/kvm/Makefile index 3c1f35456bfc..c5a1c8c7125a 100644 --- a/tools/testing/selftests/kvm/Makefile +++ b/tools/testing/selftests/kvm/Makefile @@ -136,6 +136,7 @@ TEST_GEN_PROGS_x86_64 += dirty_log_perf_test TEST_GEN_PROGS_x86_64 += guest_memfd_test TEST_GEN_PROGS_x86_64 += guest_memfd_hugetlb_reporting_test TEST_GEN_PROGS_x86_64 += guest_memfd_sharing_test +TEST_GEN_PROGS_x86_64 += guest_memfd_pin_test TEST_GEN_PROGS_x86_64 += guest_print_test TEST_GEN_PROGS_x86_64 += hardware_disable_test TEST_GEN_PROGS_x86_64 += kvm_create_max_vcpus diff --git a/tools/testing/selftests/kvm/guest_memfd_pin_test.c b/tools/testing/selftests/kvm/guest_memfd_pin_test.c new file mode 100644 index 000000000000..b45fb8024970 --- /dev/null +++ b/tools/testing/selftests/kvm/guest_memfd_pin_test.c @@ -0,0 +1,104 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Test that pinned pages block KVM from setting memory attributes to PRIVATE. + * + * Copyright (c) 2024, Google LLC. + */ +#include +#include +#include + +#include "test_util.h" +#include "kvm_util.h" +#include "../../../../mm/gup_test.h" + +#define GUEST_MEMFD_PIN_TEST_SLOT 10 +#define GUEST_MEMFD_PIN_TEST_GPA 0x50000000ULL +#define GUEST_MEMFD_PIN_TEST_OFFSET 0 + +static int gup_test_fd; + +void pin_pages(void *vaddr, uint64_t size) +{ + const struct pin_longterm_test args = { + .addr = (uint64_t)vaddr, + .size = size, + .flags = PIN_LONGTERM_TEST_FLAG_USE_WRITE, + }; + + TEST_ASSERT_EQ(ioctl(gup_test_fd, PIN_LONGTERM_TEST_START, &args), 0); +} + +void unpin_pages(void) +{ + TEST_ASSERT_EQ(ioctl(gup_test_fd, PIN_LONGTERM_TEST_STOP), 0); +} + +void run_test(void) +{ + struct kvm_vm *vm; + size_t page_size; + void *mem; + int fd; + + vm = vm_create_barebones_type(KVM_X86_SW_PROTECTED_VM); + + page_size = getpagesize(); + fd = vm_create_guest_memfd(vm, page_size, 0); + + mem = mmap(NULL, page_size, PROT_READ | PROT_WRITE, MAP_SHARED, fd, + GUEST_MEMFD_PIN_TEST_OFFSET); + TEST_ASSERT(mem != MAP_FAILED, "mmap should return valid address"); + + /* + * Setting up this memslot with a KVM_X86_SW_PROTECTED_VM marks all + * offsets in the file as shared. + */ + vm_set_user_memory_region2(vm, GUEST_MEMFD_PIN_TEST_SLOT, + KVM_MEM_GUEST_MEMFD, + GUEST_MEMFD_PIN_TEST_GPA, page_size, mem, fd, + GUEST_MEMFD_PIN_TEST_OFFSET); + + /* Before pinning pages, toggling memory attributes should be fine. */ + vm_mem_set_private(vm, GUEST_MEMFD_PIN_TEST_GPA, page_size); + vm_mem_set_shared(vm, GUEST_MEMFD_PIN_TEST_GPA, page_size); + + pin_pages(mem, page_size); + + /* + * Pinning also faults pages in, so remove these pages from userspace + * page tables to properly test that pinning blocks setting memory + * attributes to private. + */ + TEST_ASSERT_EQ(madvise(mem, page_size, MADV_DONTNEED), 0); + + /* Should fail since the page is still faulted in. */ + TEST_ASSERT_EQ(__vm_set_memory_attributes(vm, GUEST_MEMFD_PIN_TEST_GPA, + page_size, + KVM_MEMORY_ATTRIBUTE_PRIVATE), + -1); + TEST_ASSERT_EQ(errno, EINVAL); + + unpin_pages(); + + /* With the pages unpinned, kvm can set this page to private. */ + vm_mem_set_private(vm, GUEST_MEMFD_PIN_TEST_GPA, page_size); + + kvm_vm_free(vm); + close(fd); +} + +int main(int argc, char *argv[]) +{ + gup_test_fd = open("/sys/kernel/debug/gup_test", O_RDWR); + /* + * This test depends on CONFIG_GUP_TEST to provide a kernel module that + * exposes pin_user_pages() to userspace. + */ + TEST_REQUIRE(gup_test_fd != -1); + TEST_REQUIRE(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM)); + + run_test(); + + return 0; +}