| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Mar 2024 12:33:40 -0800
From: Isaku Yamahata <isaku.yamahata@...ux.intel.com>
To: "Huang, Kai" <kai.huang@...el.com>
Cc: "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"Yamahata, Isaku" <isaku.yamahata@...el.com>,
"federico.parola@...ito.it" <federico.parola@...ito.it>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"dmatlack@...gle.com" <dmatlack@...gle.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"isaku.yamahata@...il.com" <isaku.yamahata@...il.com>,
"michael.roth@....com" <michael.roth@....com>,
"seanjc@...gle.com" <seanjc@...gle.com>,
isaku.yamahata@...ux.intel.com
Subject: Re: [RFC PATCH 1/8] KVM: Document KVM_MAP_MEMORY ioctl
On Thu, Mar 07, 2024 at 12:30:04PM +0000,
"Huang, Kai" <kai.huang@...el.com> wrote:
> On Fri, 2024-03-01 at 09:28 -0800, isaku.yamahata@...el.com wrote:
> > From: Isaku Yamahata <isaku.yamahata@...el.com>
> >
> > Adds documentation of KVM_MAP_MEMORY ioctl.
> >
> > It pre-populates guest memory. And potentially do initialized memory
> > contents with encryption and measurement depending on underlying
> > technology.
> >
> > Suggested-by: Sean Christopherson <seanjc@...gle.com>
> > Signed-off-by: Isaku Yamahata <isaku.yamahata@...el.com>
> > ---
> > Documentation/virt/kvm/api.rst | 36 ++++++++++++++++++++++++++++++++++
> > 1 file changed, 36 insertions(+)
> >
> > diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst
> > index 0b5a33ee71ee..33d2b63f7dbf 100644
> > --- a/Documentation/virt/kvm/api.rst
> > +++ b/Documentation/virt/kvm/api.rst
> > @@ -6352,6 +6352,42 @@ a single guest_memfd file, but the bound ranges must not overlap).
> >
> > See KVM_SET_USER_MEMORY_REGION2 for additional details.
> >
> > +4.143 KVM_MAP_MEMORY
> > +------------------------
> > +
> > +:Capability: KVM_CAP_MAP_MEMORY
> > +:Architectures: none
> > +:Type: vcpu ioctl
>
> I think "vcpu ioctl" means theoretically it can be called on multiple vcpus.
>
> What happens in that case?
Each vcpu can handle the ioctl simaltaneously. If we assume tdp_mmu, each vcpu
calls the kvm fault handler simultaneously with read spinlock.
If gfn ranges overlap, vcpu will get 0 (success) or EAGAIN.
> > +:Parameters: struct kvm_memory_mapping(in/out)
> > +:Returns: 0 on success, <0 on error
> > +
> > +KVM_MAP_MEMORY populates guest memory without running vcpu.
> > +
> > +::
> > +
> > + struct kvm_memory_mapping {
> > + __u64 base_gfn;
> > + __u64 nr_pages;
> > + __u64 flags;
> > + __u64 source;
> > + };
> > +
> > + /* For kvm_memory_mapping:: flags */
> > + #define KVM_MEMORY_MAPPING_FLAG_WRITE _BITULL(0)
> > + #define KVM_MEMORY_MAPPING_FLAG_EXEC _BITULL(1)
> > + #define KVM_MEMORY_MAPPING_FLAG_USER _BITULL(2)
>
> I am not sure what's the good of having "FLAG_USER"?
>
> This ioctl is called from userspace, thus I think we can just treat this always
> as user-fault?
The point is how to emulate kvm page fault as if vcpu caused the kvm page
fault. Not we call the ioctl as user context.
--
Isaku Yamahata <isaku.yamahata@...ux.intel.com>
Powered by blists - more mailing lists