From patchwork Tue Sep 10 16:30:29 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Patrick Roy <roypat@amazon.co.uk>
X-Patchwork-Id: 13798883
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AAEAEECE58A
	for <linux-mm@archiver.kernel.org>; Tue, 10 Sep 2024 16:31:21 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 3A5858D008D; Tue, 10 Sep 2024 12:31:21 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 32ECE8D0002; Tue, 10 Sep 2024 12:31:21 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1F64E8D008D; Tue, 10 Sep 2024 12:31:21 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com
 [216.40.44.10])
	by kanga.kvack.org (Postfix) with ESMTP id EBA9A8D0002
	for <linux-mm@kvack.org>; Tue, 10 Sep 2024 12:31:20 -0400 (EDT)
Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id A1C89A85DF
	for <linux-mm@kvack.org>; Tue, 10 Sep 2024 16:31:20 +0000 (UTC)
X-FDA: 82549368720.23.218C8EE
Received: from smtp-fw-80008.amazon.com (smtp-fw-80008.amazon.com
 [99.78.197.219])
	by imf25.hostedemail.com (Postfix) with ESMTP id 89D71A0023
	for <linux-mm@kvack.org>; Tue, 10 Sep 2024 16:31:18 +0000 (UTC)
Authentication-Results: imf25.hostedemail.com;
	dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=sKkVGEzd;
	spf=pass (imf25.hostedemail.com: domain of
 "prvs=976277991=roypat@amazon.co.uk" designates 99.78.197.219 as permitted
 sender) smtp.mailfrom="prvs=976277991=roypat@amazon.co.uk";
	dmarc=pass (policy=quarantine) header.from=amazon.co.uk
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1725985776;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=v5e1Lttypa2CCeJrmZUnbjUqOb8jI+6pZUoDp94zyOM=;
	b=HipFsrPN3xDKIoy1PiyHZ7Zs/Sn2xaVE3t+5zj3g+ECL3R0mZXsY9wJy85MJODPgs/pi/H
	P6o+MvN7L3n603ntzcdr4cPvarUQksePjECcFBoaT0XcUYJZWTFYyFBXaRIdbLeBIMOMsF
	KbM4QCsq7Xj1v13yQrZrXO94d8TP+lU=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1725985776; a=rsa-sha256;
	cv=none;
	b=a1rxr3SY3eImY20XMANDDDm6Qo7kRwjo31IcrjpsSoVoixRkBGVWR9HsrMvdvXcWpaWQuJ
	gZR+TpzR/9fKADMf70vsOn/fXCR02M/Hlfnp+VSUt+Yd4oP1IWr1kQKQphp1ew6NTWbLrw
	0WEc8ptoiHtoCOMfL7P6KmfnPFuikY8=
ARC-Authentication-Results: i=1;
	imf25.hostedemail.com;
	dkim=pass header.d=amazon.co.uk header.s=amazon201209 header.b=sKkVGEzd;
	spf=pass (imf25.hostedemail.com: domain of
 "prvs=976277991=roypat@amazon.co.uk" designates 99.78.197.219 as permitted
 sender) smtp.mailfrom="prvs=976277991=roypat@amazon.co.uk";
	dmarc=pass (policy=quarantine) header.from=amazon.co.uk
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.co.uk; i=@amazon.co.uk; q=dns/txt;
  s=amazon201209; t=1725985878; x=1757521878;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=v5e1Lttypa2CCeJrmZUnbjUqOb8jI+6pZUoDp94zyOM=;
  b=sKkVGEzdmGMZtkk7f3poB5tKBvnviLjnApFxzDtYyOH4zSX6Mia7s90I
   nRLI35R3yV+FW5tIPUXNta1KkDq+4i2qzWYzwUynRctovS+Tu/BoU160y
   qwXP3Mv6AHl8luHrfGN12e84PUTe8SGEioQenUhrbh4M+8VNrN+KcnPnx
   E=;
X-IronPort-AV: E=Sophos;i="6.10,217,1719878400";
   d="scan'208";a="124612846"
Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO
 smtpout.prod.us-east-1.prod.farcaster.email.amazon.dev) ([10.25.36.214])
  by smtp-border-fw-80008.pdx80.corp.amazon.com with
 ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Sep 2024 16:31:09 +0000
Received: from EX19MTAUEA002.ant.amazon.com [10.0.29.78:9542]
 by smtpin.naws.us-east-1.prod.farcaster.email.amazon.dev [10.0.42.209:2525]
 with esmtp (Farcaster)
 id 7c6ae1ed-f922-4596-94d5-b5debded213c;
 Tue, 10 Sep 2024 16:31:08 +0000 (UTC)
X-Farcaster-Flow-ID: 7c6ae1ed-f922-4596-94d5-b5debded213c
Received: from EX19D008UEC004.ant.amazon.com (10.252.135.170) by
 EX19MTAUEA002.ant.amazon.com (10.252.134.9) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34;
 Tue, 10 Sep 2024 16:31:03 +0000
Received: from EX19MTAUWB001.ant.amazon.com (10.250.64.248) by
 EX19D008UEC004.ant.amazon.com (10.252.135.170) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34;
 Tue, 10 Sep 2024 16:31:02 +0000
Received: from ua2d7e1a6107c5b.home (172.19.88.180) by mail-relay.amazon.com
 (10.250.64.254) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.34 via Frontend
 Transport; Tue, 10 Sep 2024 16:30:58 +0000
From: Patrick Roy <roypat@amazon.co.uk>
To: <seanjc@google.com>, <pbonzini@redhat.com>, <tglx@linutronix.de>,
	<mingo@redhat.com>, <bp@alien8.de>, <dave.hansen@linux.intel.com>,
	<x86@kernel.org>, <hpa@zytor.com>, <rostedt@goodmis.org>,
	<mhiramat@kernel.org>, <mathieu.desnoyers@efficios.com>,
	<kvm@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
	<linux-trace-kernel@vger.kernel.org>, <quic_eberman@quicinc.com>,
	<dwmw@amazon.com>, <david@redhat.com>, <tabba@google.com>, <rppt@kernel.org>,
	<linux-mm@kvack.org>, <dmatlack@google.com>
CC: Patrick Roy <roypat@amazon.co.uk>, <graf@amazon.com>,
	<jgowans@amazon.com>, <derekmn@amazon.com>, <kalyazin@amazon.com>,
	<xmarcalx@amazon.com>
Subject: [RFC PATCH v2 03/10] kvm: gmem: Add KVM_GMEM_GET_PFN_LOCKED
Date: Tue, 10 Sep 2024 17:30:29 +0100
Message-ID: <20240910163038.1298452-4-roypat@amazon.co.uk>
X-Mailer: git-send-email 2.46.0
In-Reply-To: <20240910163038.1298452-1-roypat@amazon.co.uk>
References: <20240910163038.1298452-1-roypat@amazon.co.uk>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 89D71A0023
X-Stat-Signature: wxgsgfsr9t31f16whidof8hq13ypkaet
X-Rspamd-Server: rspam09
X-Rspam-User: 
X-HE-Tag: 1725985878-434700
X-HE-Meta: 
 U2FsdGVkX1+dIIQLcATcaRe51ONYGGHTKgcfRUd0ydwoKxCzUTynLQkGE9Zz8Aq4mpnHVWLSNjY+relePl6UrvChcgzu2/+ld6sCLjKzOw9eVOGj2MBIo9m+R1j5DjeC2gZsO6TX2OLfZ1d/CEPbg68N252iJQYQzWVJunoe1NJeX5ZOwEeJYxy1IJ4JnKaEqJcVqXJJHiiGMGTuuM+dFhP7zLanuBQyazZUg6EnRJQeOXV1ekPwHW5l13fYVvlkeAueJAJ/kd6NP/bNQih2OhIdl21hCgBmy9oGhQ6B9D8e4fxRosRE9ohK2kVsJXelM7hkQ8pc5ces4VcLrDXibnfQ4LfXcE00Gxk80ga7qEyFyUO9yrwqkQcPJKVsSBgH7mxHIBSY3FcTpjyULkRO4AYKAj9MFzm+w6CYyb5X3zgI19mpAaFYdM2fkDc5m1OpT8vo38hlhuNG7mGY4rIoIYkzD7hS7imRFhiVvcNWU1+XaiFwZee7awl67Ms7DuFqNMGd0B696KCtqHumzO1klSkZc2eVlvmWGNiGzwGHy6JBOJv04YmI9hmVPiyUmdbRh8tjbww1P89bWhbbJcSvr8LJAOhXvY8/MgYO21qVkoB4gJ7Jd98g6qQRYfV0mXEReVODtU1v1Gj38WRiRRtz9yAnyQ8P+WUmEY13+C7ZAbHghHvx27uDTVJs1Ymov22n2K13fromwQZ7NbZY5k/dmyKBnGsGu/b7j2THLZf7QorKEHyLsf41Nn/JQPU9ZImhPjOuwukeO0xNymMiF/s7VPcwc+Fh8umxvWnfj9UHpld6qt7pdNlwZc2D4SknDLd6RQ9jD3vl06AfNbp2uKvd6JHwlsqPVF7nquvYS2oLfcehoVosgkHg94C7XKYB0M8yseX2FRr2N9GLZ1GvTka4oHA26V3JPZ2Bp1HU9nTnce2Cf8I/OpzbKcPuC2MbgKVDDBelSk1b+NTKTkEqG0d
 t52kfhLO
 JchDMCRbb5j/v8Sp+pj3xlBoZRxpwf8Of/nLijkM1/IAZ1QO2N0UaLO4tPSfqBCcnnc22rLTURYzHWelfal/RU9JOLlg2xoUztY0wNpsyuK3cX5NWSVf0OVj/H/BmxvQ0C/2yAqjvqfAT6D7gPfOSmRIBgiU62/6mOSR4aydLRynzOU/YasubJ7jmSCZGu4j3p2FOzWidrljpkPUcnn5oQUFkgvVw4pFHa6foYWg5iUraWIdAOpRXyB3yqGwLftc2dG8gdR6dP2vXdsJZ1OzhmQDLlIwIzLUiylayb31G6pDCS8PJ0N3bJ4esOHt2kwEyd07XbFRi66uPIde9maNy8GNZDJwtC1N9Du5TDpp/DcZwN5DWZR3BssiCbK6bRkd9G+W5smiS1F4hS3ByyfLr6TY6YQ==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

Allow kvm_gmem_get_pfn to return with the folio lock held by adding a
KVM_GMEM_GET_PFN_LOCKED option to `flags`.

When accessing the content of gmem folios, the lock must be held until
kvm_gmem_put_pfn, to avoid concurrent direct map modifications of the
same folio causing use-after-free-like problems. However,
kvm_gmem_get_pfn so far unconditionally drops the folio lock, making it
currently impossible to use the KVM_GMEM_GET_PFN_SHARED flag safely.

Signed-off-by: Patrick Roy <roypat@amazon.co.uk>
---
 include/linux/kvm_host.h | 1 +
 virt/kvm/guest_memfd.c   | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 8a2975674de4b..cd28eb34aaeb1 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -2433,6 +2433,7 @@ static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn)
 #endif /* CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES */
 
 #define KVM_GMEM_GET_PFN_SHARED         BIT(0)
+#define KVM_GMEM_GET_PFN_LOCKED         BIT(1)
 #define KVM_GMEM_GET_PFN_PREPARE        BIT(31)  /* internal */
 
 #ifdef CONFIG_KVM_PRIVATE_MEM
diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c
index 492b04f4e5c18..f637abc6045ba 100644
--- a/virt/kvm/guest_memfd.c
+++ b/virt/kvm/guest_memfd.c
@@ -670,7 +670,8 @@ static int __kvm_gmem_get_pfn(struct file *file, struct kvm_memory_slot *slot,
 
 	r = 0;
 
-	folio_unlock(folio);
+	if (!(flags & KVM_GMEM_GET_PFN_LOCKED))
+		folio_unlock(folio);
 
 	return r;
 }
@@ -680,7 +681,7 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot,
 {
 	struct file *file = kvm_gmem_get_file(slot);
 	int r;
-	int valid_flags = KVM_GMEM_GET_PFN_SHARED;
+	int valid_flags = KVM_GMEM_GET_PFN_SHARED | KVM_GMEM_GET_PFN_LOCKED;
 
 	if ((flags & valid_flags) != flags)
 		return -EINVAL;