[2/3] kvm/mm: introduce MMF_USERFAULTFD_ALLOW flag

Commit Message

Peter Xu March 11, 2019, 9:37 a.m. UTC

Introduce a new MMF_USERFAULTFD_ALLOW flag and tag it upon the process
memory address space as long as the process opened the /dev/kvm once.
It'll be dropped automatically when fork() by MMF_INIT_TASK to reset
the userfaultfd permission.

Detecting the flag gives us a chance to open the green light for kvm
upon using userfaultfd when we want to make sure all the existing kvm
users will still be able to run their userspace programs without being
affected by the new unprivileged userfaultfd switch.

Suggested-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
 include/linux/sched/coredump.h | 1 +
 virt/kvm/kvm_main.c            | 7 +++++++
 2 files changed, 8 insertions(+)

Patch

diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h
index ecdc6542070f..9f6e71182892 100644
--- a/include/linux/sched/coredump.h
+++ b/include/linux/sched/coredump.h
@@ -72,6 +72,7 @@  static inline int get_dumpable(struct mm_struct *mm)
 #define MMF_DISABLE_THP		24	/* disable THP for all VMAs */
 #define MMF_OOM_VICTIM		25	/* mm is the oom victim */
 #define MMF_OOM_REAP_QUEUED	26	/* mm was queued for oom_reaper */
+#define MMF_USERFAULTFD_ALLOW	27	/* allow userfaultfd syscall */
 #define MMF_DISABLE_THP_MASK	(1 << MMF_DISABLE_THP)
 
 #define MMF_INIT_MASK		(MMF_DUMPABLE_MASK | MMF_DUMP_FILTER_MASK |\
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index d237d3350a99..079f6ac00c36 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -3403,7 +3403,14 @@  static long kvm_dev_ioctl(struct file *filp,
 	return r;
 }
 
+static int kvm_dev_open(struct inode *inode, struct file *file)
+{
+	set_bit(MMF_USERFAULTFD_ALLOW, &current->mm->flags);
+	return 0;
+}
+
 static struct file_operations kvm_chardev_ops = {
+	.open		= kvm_dev_open,
 	.unlocked_ioctl = kvm_dev_ioctl,
 	.llseek		= noop_llseek,
 	KVM_COMPAT(kvm_dev_ioctl),