| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250221160728.1584559-5-roypat@amazon.co.uk>
Date: Fri, 21 Feb 2025 16:07:17 +0000
From: Patrick Roy <roypat@...zon.co.uk>
To: <rppt@...nel.org>, <david@...hat.com>, <seanjc@...gle.com>
CC: Patrick Roy <roypat@...zon.co.uk>, <pbonzini@...hat.com>,
<corbet@....net>, <willy@...radead.org>, <akpm@...ux-foundation.org>,
<song@...nel.org>, <jolsa@...nel.org>, <ast@...nel.org>,
<daniel@...earbox.net>, <andrii@...nel.org>, <martin.lau@...ux.dev>,
<eddyz87@...il.com>, <yonghong.song@...ux.dev>, <john.fastabend@...il.com>,
<kpsingh@...nel.org>, <sdf@...ichev.me>, <haoluo@...gle.com>,
<Liam.Howlett@...cle.com>, <lorenzo.stoakes@...cle.com>, <vbabka@...e.cz>,
<jannh@...gle.com>, <shuah@...nel.org>, <kvm@...r.kernel.org>,
<linux-doc@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
<linux-fsdevel@...r.kernel.org>, <linux-mm@...ck.org>, <bpf@...r.kernel.org>,
<linux-kselftest@...r.kernel.org>, <tabba@...gle.com>, <jgowans@...zon.com>,
<graf@...zon.com>, <kalyazin@...zon.com>, <xmarcalx@...zon.com>,
<derekmn@...zon.com>, <jthoughton@...gle.com>
Subject: [PATCH v4 04/12] KVM: Add capability to discover KVM_GMEM_NO_DIRECT_MAP support
Add a capability to let userspace discover whether guest_memfd supports
removing its folios from the direct map. Support depends on guest_memfd
itself being supported, but also on whether KVM can manipulate the
direct map at page granularity at all (possible most of the time, just
arm64 is a notable outlier where its impossible if the direct map has
been setup using hugepages, as arm64 cannot break these apart due to
break-before-make semantics).
Signed-off-by: Patrick Roy <roypat@...zon.co.uk>
---
include/uapi/linux/kvm.h | 1 +
virt/kvm/kvm_main.c | 5 +++++
2 files changed, 6 insertions(+)
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index 4654c01a0a01..fb02a93546d8 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -930,6 +930,7 @@ struct kvm_enable_cap {
#define KVM_CAP_X86_APIC_BUS_CYCLES_NS 237
#define KVM_CAP_X86_GUEST_MODE 238
#define KVM_CAP_GMEM_SHARED_MEM 239
+#define KVM_CAP_GMEM_NO_DIRECT_MAP 240
struct kvm_irq_routing_irqchip {
__u32 irqchip;
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 3e40acb9f5c0..32ca1c921ab0 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -65,6 +65,7 @@
#include <trace/events/kvm.h>
#include <linux/kvm_dirty_ring.h>
+#include <linux/set_memory.h>
/* Worst case buffer size needed for holding an integer. */
@@ -4823,6 +4824,10 @@ static int kvm_vm_ioctl_check_extension_generic(struct kvm *kvm, long arg)
return kvm_supported_mem_attributes(kvm);
#endif
#ifdef CONFIG_KVM_PRIVATE_MEM
+ case KVM_CAP_GMEM_NO_DIRECT_MAP:
+ if (!can_set_direct_map())
+ return false;
+ fallthrough;
case KVM_CAP_GUEST_MEMFD:
return !kvm || kvm_arch_has_private_mem(kvm);
#endif
--
2.48.1
Powered by blists - more mailing lists