From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8AFF4C77B6C for ; Thu, 13 Apr 2023 01:07:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E77D5900002; Wed, 12 Apr 2023 21:07:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E277C6B0078; Wed, 12 Apr 2023 21:07:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CC82D900002; Wed, 12 Apr 2023 21:07:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id BE5516B0075 for ; Wed, 12 Apr 2023 21:07:33 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 850A5AAFB5 for ; Thu, 13 Apr 2023 01:07:33 +0000 (UTC) X-FDA: 80674579986.08.5EF137B Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) by imf09.hostedemail.com (Postfix) with ESMTP id C4B6014000D for ; Thu, 13 Apr 2023 01:07:31 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b="l81F5p/z"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 30lU3ZAYKCIMzlhuqjnvvnsl.jvtspu14-ttr2hjr.vyn@flex--seanjc.bounces.google.com designates 209.85.215.202 as permitted sender) smtp.mailfrom=30lU3ZAYKCIMzlhuqjnvvnsl.jvtspu14-ttr2hjr.vyn@flex--seanjc.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1681348051; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=EBLbhNm3fsRbkajEjRmINqzacPrnC3sWkejBQFnfCeY=; b=HQ0z5oVSC2uvPLaKbTwGoN4PkfU8SbnZ4n8dmtc6AFY7Dgnc7Y5bdersryz5ekFf5bdU9C 2aJIEdfSkzi5WnY0grbd7OqMusAoP8uRB7ixAl/ZUBYQQSnDpd4l4q323CRwe2bUVybnFt mYbO/b0PDVJd54sGuOWRxhe0+s9mzxo= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b="l81F5p/z"; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf09.hostedemail.com: domain of 30lU3ZAYKCIMzlhuqjnvvnsl.jvtspu14-ttr2hjr.vyn@flex--seanjc.bounces.google.com designates 209.85.215.202 as permitted sender) smtp.mailfrom=30lU3ZAYKCIMzlhuqjnvvnsl.jvtspu14-ttr2hjr.vyn@flex--seanjc.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1681348051; a=rsa-sha256; cv=none; b=Jws8YO1N1HRl+uTKh/gyY/29zTJGq1aa+o5SEHoaWRUmKgCNG8CIKiMVdZbvmblkG6ZgJc +5mRBWxPrGJvVH4hNZQJ7EBZs8Hzrf2WAKhdA7PDP5ICWOgtbF4+IbWE+d6MB16N4EcnGK zb2QwW+4GeNMZ2xEuaIn6yS+1j0A/es= Received: by mail-pg1-f202.google.com with SMTP id w184-20020a6382c1000000b0050bed8b0b61so5622956pgd.11 for ; Wed, 12 Apr 2023 18:07:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1681348050; x=1683940050; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=EBLbhNm3fsRbkajEjRmINqzacPrnC3sWkejBQFnfCeY=; b=l81F5p/zxISuNsOTdPBgLBjqThC2vDQDK5Uw+271tLolnlAHCMjlZe8AeG/jf3nOrx ExWxIQK7CKtblDvJ8H3VSzPnmPuqB/YeLXauyGbc5MYvJjSXVvNUPEsSQLuxsR77moKZ UlTepofDb02LxLShDY5FjB4dpGfEQe3unZKqgtyJNvz/0ht5ta0+OYjQykpOh/ft4xiY iCpoKLuH+PMrGysZjyKXtcxmXgl9ury1l15XbUM9kGssTvMz69Uh47nolIPDiQg/ZLYy kWyCbb4PMZcJ8WgWH7QKSQOInzUxQhQDlNJXdkLhsMb661/+oYSUbCYk/vgAZ5pUqK7f uA9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681348050; x=1683940050; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=EBLbhNm3fsRbkajEjRmINqzacPrnC3sWkejBQFnfCeY=; b=Bz4+tIojw6cEIgPFsVd4qdlF3TucuWcOyb9Xk5ypXMjMyexXew9utszxZc4C+zBCQG wzo4G8gK1DQnx4wlEGa42ieTeqsRWOl8eGFMHqN7Qy9Tr38z8EKZtMoXqhi1KCS3366V ZEIiJdXW2nTvBbzmBteU632AOoDwvKmzklZlqJIApbs7aL7VS8gf6V0T513QbiArs8JZ Qxv8ZyQLub6dcezBYnMG+EKaPeK9F67he5FY9ELy7rdDpvp9a757O5D/Msz3AcEY1vEe irItsW8XPGWwahMaKz2yNkSCnW0AsOa1OyLwp9D4fRZg+Wt9hJNtUXLrhje+5ajT20cd FgsQ== X-Gm-Message-State: AAQBX9cgu2V2QsmJganuYIqBknMCmjXlbd5+I1aXT9SDkAeLLYT30dNn djzpOmhIubTTnHJRwE9rcLzQK5BE4R8= X-Google-Smtp-Source: AKy350Yi++EiqbAHiD3SnOi84M+UlU1LyPdYHPeuc+OePAq+A1CU6oZwmUR77MLD4jcxJ/2tHyPNMvmLNLU= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a17:902:d413:b0:19a:7f9c:66e3 with SMTP id b19-20020a170902d41300b0019a7f9c66e3mr13167ple.5.1681348050454; Wed, 12 Apr 2023 18:07:30 -0700 (PDT) Date: Wed, 12 Apr 2023 18:07:28 -0700 In-Reply-To: <20230125125321.yvsivupbbaqkb7a5@box.shutemov.name> Mime-Version: 1.0 References: <20221202061347.1070246-1-chao.p.peng@linux.intel.com> <48953bf2-cee9-f818-dc50-5fb5b9b410bf@oracle.com> <20230125125321.yvsivupbbaqkb7a5@box.shutemov.name> Message-ID: Subject: Re: [PATCH v10 0/9] KVM: mm: fd-based approach for supporting KVM From: Sean Christopherson To: "Kirill A. Shutemov" Cc: Liam Merwick , Chao Peng , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, linux-doc@vger.kernel.org, qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Arnd Bergmann , Naoya Horiguchi , Miaohe Lin , x86@kernel.org, "H . Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Shuah Khan , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A . Shutemov" , luto@kernel.org, jun.nakajima@intel.com, dave.hansen@intel.com, ak@linux.intel.com, david@redhat.com, aarcange@redhat.com, ddutile@redhat.com, dhildenb@redhat.com, Quentin Perret , tabba@google.com, Michael Roth , mhocko@suse.com, wei.w.wang@intel.com Content-Type: text/plain; charset="us-ascii" X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: C4B6014000D X-Stat-Signature: mkas4och8bft5n7wmd3ascmchnxi54w4 X-HE-Tag: 1681348051-817810 X-HE-Meta: U2FsdGVkX18mTgXPyLh+fa6UFuAvW2axOaL2P5/5G9ICxE4H8RuAJ3AWYBYclRILD4gBTqNO80fRKBoK9N9TvmEGQvGEY05+QbBTfT3rOH4aNBWjI6GOVi0FDFItlGZMjVAYxiN3TOOdkfiGQEc3xBR5NoeZhjTDsDkmWTJZyYrcuXFmnESDvBo8/ebIk2mAxVeMC3Os/xLEMIaeq4B9eU+1JQXt7FoKWvTqVxoO0SKlXUgPuYIqgRgHwQZIXCIsEFT6j1koXqQC4U3RRd2nWge9JhA7Nfm4O5rok2cBXs1pabtoE0dgH8IrTmtD8AxgweqyaaeO6ka7EuFO870w3DJP4S8GLAxuKlujlCs0b1kItURn8/ne69EjOF9q4gEIraLE4S+Hpn01xhqRDhSWIsDuzWoI9eWM0HnnhwQIqWfL08ZYwNOqxkYYZQm5VQmXGdkjRVvVE3vPqmIX+oA+Ya+mNNpsWTJ3qVhcTbVRe/yrBdBi8c7BFtfpLwAJSIX35nxT4u3c5DBtnrnKGF5wJWa7D2Ext0/M+wBfScu58AdmCv2fEA9PfPFtHkfs73yn36NCRmbQOd7gWxOk23ffrqbwbsXShdYb8FUGqtOBWRh/jycFEGdBTzYAuHcsd96KStVULmAVn3TAYdPpGTsDUeW3+ZlvxRlvY08S8lJOCIA1rK9HN7/o7ZqzjYLhNQloIiTj7phvaQCd4HnVmYI3ksvOnXjLox5Pr1RmjojAi1sNhzYqaRspO2epumyH7N2N59hQu34uCH7VX0j0W8ZOr/pWlZYybKx11aT6Mgs0dGm+x4dxRBCz7+vEzpumkrs1V6CzrKvteKHe++DVqBzvLnLV/+wSTtGX9FmW8bImHWg0spr1j9rSKft+lKHLikslKvxpHz3Z0kNK9ckn0k0ho+oa01rjfrxeuCAdv+ihQSbVkCRduNIVI8TvTUesPs6/ygD25FlHvlZvbTikyVx tJ5O9rdG qWfqhgu74taiSIK/nZMZdonNqX69jiE9if4iaUOUcJw31Hxf/aLjTl/Sx43GtcyxcrE0030WziV/W6QMTHCS12eUW6oISJaPIT3tOZlyrM9ayzY7pNunCYEAOo7LgrjtYpoeaACmOdvfrAK9xilghB3eJLL2iK0z3KVQwD3tAuocQOuLY1Ec0xc40MuHpIJ6VdtElM+t19hjMPHiRlWbKqz/YSSweUW8XyPG6DppmZGLlLjL0J6plVzzmmCO9qiLxcVTsyQp44DhVu3LbPcKTYQ10Xspb5H+06MykoLPJUJIxn3Ye86/+k7dfck6OD/qLpO4vmo1ZsZtF0XG7CZ0r+2kX2BLCDT3Ee0131Wayg7P/csE4Dzj1iSRWPnblFypYFSJgTZwXYYBVzHKOSQhCqZbuBXM025wJ1h19aqFKgT6WuQEbawkppVdRxyDZ/elhiQ/j33gxZU/VE3pwb9fcKVPKp799o0TXTvd5urKDyJmgg5iuLV4gfLVvG4qoI4MjTJUdJ05de9fjUulcphjVyp5G+aIYtN1dDwQKrxs//EfnphLevaiFQiKJfEKX6wdUXP5i/gQNIaF+O8hCmAwKKeKRE/vK2F/OEFUuZxap/X7BF2SSa9ugt9qu+Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Jan 25, 2023, Kirill A. Shutemov wrote: > On Wed, Jan 25, 2023 at 12:20:26AM +0000, Sean Christopherson wrote: > > On Tue, Jan 24, 2023, Liam Merwick wrote: > > > On 14/01/2023 00:37, Sean Christopherson wrote: > > > > On Fri, Dec 02, 2022, Chao Peng wrote: > > > > > This patch series implements KVM guest private memory for confidential > > > > > computing scenarios like Intel TDX[1]. If a TDX host accesses > > > > > TDX-protected guest memory, machine check can happen which can further > > > > > crash the running host system, this is terrible for multi-tenant > > > > > configurations. The host accesses include those from KVM userspace like > > > > > QEMU. This series addresses KVM userspace induced crash by introducing > > > > > new mm and KVM interfaces so KVM userspace can still manage guest memory > > > > > via a fd-based approach, but it can never access the guest memory > > > > > content. > > > > > > > > > > The patch series touches both core mm and KVM code. I appreciate > > > > > Andrew/Hugh and Paolo/Sean can review and pick these patches. Any other > > > > > reviews are always welcome. > > > > > - 01: mm change, target for mm tree > > > > > - 02-09: KVM change, target for KVM tree > > > > > > > > A version with all of my feedback, plus reworked versions of Vishal's selftest, > > > > is available here: > > > > > > > > git@github.com:sean-jc/linux.git x86/upm_base_support > > > > > > > > It compiles and passes the selftest, but it's otherwise barely tested. There are > > > > a few todos (2 I think?) and many of the commits need changelogs, i.e. it's still > > > > a WIP. > > > > > > > > > > When running LTP (https://github.com/linux-test-project/ltp) on the v10 > > > bits (and also with Sean's branch above) I encounter the following NULL > > > pointer dereference with testcases/kernel/syscalls/madvise/madvise01 > > > (100% reproducible). > > > > > > It appears that in restrictedmem_error_page() > > > inode->i_mapping->private_data is NULL in the > > > list_for_each_entry_safe(inode, next, &sb->s_inodes, i_sb_list) but I > > > don't know why. > > > > Kirill, can you take a look? Or pass the buck to someone who can? :-) > > The patch below should help. > > diff --git a/mm/restrictedmem.c b/mm/restrictedmem.c > index 15c52301eeb9..39ada985c7c0 100644 > --- a/mm/restrictedmem.c > +++ b/mm/restrictedmem.c > @@ -307,14 +307,29 @@ void restrictedmem_error_page(struct page *page, struct address_space *mapping) > > spin_lock(&sb->s_inode_list_lock); > list_for_each_entry_safe(inode, next, &sb->s_inodes, i_sb_list) { > - struct restrictedmem *rm = inode->i_mapping->private_data; > struct restrictedmem_notifier *notifier; > - struct file *memfd = rm->memfd; > + struct restrictedmem *rm; > unsigned long index; > + struct file *memfd; > > - if (memfd->f_mapping != mapping) > + if (atomic_read(&inode->i_count)) Kirill, should this be if (!atomic_read(&inode->i_count)) continue; i.e. skip unreferenced inodes, not skip referenced inodes?