lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <cee2e489-d3c9-46d4-8d34-37c637c7bbd8@redhat.com>
Date: Mon, 11 Aug 2025 17:33:54 +0200
From: David Hildenbrand <david@...hat.com>
To: Shivank Garg <shivankg@....com>, seanjc@...gle.com, vbabka@...e.cz,
 willy@...radead.org, akpm@...ux-foundation.org, shuah@...nel.org,
 pbonzini@...hat.com, brauner@...nel.org, viro@...iv.linux.org.uk
Cc: ackerleytng@...gle.com, paul@...l-moore.com, jmorris@...ei.org,
 serge@...lyn.com, pvorel@...e.cz, bfoster@...hat.com, tabba@...gle.com,
 vannapurve@...gle.com, chao.gao@...el.com, bharata@....com, nikunj@....com,
 michael.day@....com, shdhiman@....com, yan.y.zhao@...el.com,
 Neeraj.Upadhyay@....com, thomas.lendacky@....com, michael.roth@....com,
 aik@....com, jgg@...dia.com, kalyazin@...zon.com, peterx@...hat.com,
 jack@...e.cz, rppt@...nel.org, hch@...radead.org, cgzones@...glemail.com,
 ira.weiny@...el.com, rientjes@...gle.com, roypat@...zon.co.uk,
 ziy@...dia.com, matthew.brost@...el.com, joshua.hahnjy@...il.com,
 rakie.kim@...com, byungchul@...com, gourry@...rry.net,
 kent.overstreet@...ux.dev, ying.huang@...ux.alibaba.com, apopple@...dia.com,
 chao.p.peng@...el.com, amit@...radead.org, ddutile@...hat.com,
 dan.j.williams@...el.com, ashish.kalra@....com, gshan@...hat.com,
 jgowans@...zon.com, pankaj.gupta@....com, papaluri@....com,
 yuzhao@...gle.com, suzuki.poulose@....com, quic_eberman@...cinc.com,
 aneeshkumar.kizhakeveetil@....com, linux-fsdevel@...r.kernel.org,
 linux-mm@...ck.org, linux-kernel@...r.kernel.org,
 linux-security-module@...r.kernel.org, kvm@...r.kernel.org,
 linux-kselftest@...r.kernel.org, linux-coco@...ts.linux.dev
Subject: Re: [PATCH RFC V10 4/7] KVM: guest_memfd: Use guest mem inodes
 instead of anonymous inodes

On 11.08.25 11:06, Shivank Garg wrote:
> From: Ackerley Tng <ackerleytng@...gle.com>
> 
> guest_memfd's inode represents memory the guest_memfd is
> providing. guest_memfd's file represents a struct kvm's view of that
> memory.
> 
> Using a custom inode allows customization of the inode teardown
> process via callbacks. For example, ->evict_inode() allows
> customization of the truncation process on file close, and
> ->destroy_inode() and ->free_inode() allow customization of the inode
> freeing process.
> 
> Customizing the truncation process allows flexibility in management of
> guest_memfd memory and customization of the inode freeing process
> allows proper cleanup of memory metadata stored on the inode.
> 
> Memory metadata is more appropriately stored on the inode (as opposed
> to the file), since the metadata is for the memory and is not unique
> to a specific binding and struct kvm.
> 
> Co-developed-by: Fuad Tabba <tabba@...gle.com>
> Signed-off-by: Fuad Tabba <tabba@...gle.com>
> Signed-off-by: Ackerley Tng <ackerleytng@...gle.com>
> Signed-off-by: Shivank Garg <shivankg@....com>
> ---

[...]

>   
>   static int kvm_gmem_migrate_folio(struct address_space *mapping,
> @@ -463,11 +503,71 @@ bool __weak kvm_arch_supports_gmem_mmap(struct kvm *kvm)
>   	return true;
>   }
>   
> +static struct inode *kvm_gmem_inode_make_secure_inode(const char *name,
> +						      loff_t size, u64 flags)
> +{
> +	struct inode *inode;
> +
> +	inode = anon_inode_make_secure_inode(kvm_gmem_mnt->mnt_sb, name, NULL);
> +	if (IS_ERR(inode))
> +		return inode;
> +
> +	inode->i_private = (void *)(unsigned long)flags;
> +	inode->i_op = &kvm_gmem_iops;
> +	inode->i_mapping->a_ops = &kvm_gmem_aops;
> +	inode->i_mode |= S_IFREG;
> +	inode->i_size = size;
> +	mapping_set_gfp_mask(inode->i_mapping, GFP_HIGHUSER);
> +	mapping_set_inaccessible(inode->i_mapping);
> +	/* Unmovable mappings are supposed to be marked unevictable as well. */
> +	WARN_ON_ONCE(!mapping_unevictable(inode->i_mapping));
> +
> +	return inode;
> +}
> +
> +static struct file *kvm_gmem_inode_create_getfile(void *priv, loff_t size,
> +						  u64 flags)
> +{
> +	static const char *name = "[kvm-gmem]";
> +	struct inode *inode;
> +	struct file *file;
> +	int err;
> +
> +	err = -ENOENT;

Maybe add a comment here when the module reference will get
dropped. And maybe we should just switch to fops_get() + fops_put?

/* __fput() will take care of fops_put(). */
if (!fops_get(&kvm_gmem_fops))
	goto err;

> +
> +	inode = kvm_gmem_inode_make_secure_inode(name, size, flags);
> +	if (IS_ERR(inode)) {
> +		err = PTR_ERR(inode);
> +		goto err_put_module;
> +	}
> +
> +	file = alloc_file_pseudo(inode, kvm_gmem_mnt, name, O_RDWR,
> +				 &kvm_gmem_fops);
> +	if (IS_ERR(file)) {
> +		err = PTR_ERR(file);
> +		goto err_put_inode;
> +	}
> +
> +	file->f_flags |= O_LARGEFILE;
> +	file->private_data = priv;
> +
> +out:
> +	return file;
> +
> +err_put_inode:
> +	iput(inode);
> +err_put_module:
> +	module_put(kvm_gmem_fops.owner);

fops_put(&kvm_gmem_fops);

?


Acked-by: David Hildenbrand <david@...hat.com>

-- 
Cheers,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ