lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <diqzplazet79.fsf@google.com>
Date: Mon, 06 Oct 2025 12:16:58 -0700
From: Ackerley Tng <ackerleytng@...gle.com>
To: Sean Christopherson <seanjc@...gle.com>, Paolo Bonzini <pbonzini@...hat.com>, 
	Christian Borntraeger <borntraeger@...ux.ibm.com>, Janosch Frank <frankja@...ux.ibm.com>, 
	Claudio Imbrenda <imbrenda@...ux.ibm.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
	David Hildenbrand <david@...hat.com>, Fuad Tabba <tabba@...gle.com>
Subject: Re: [PATCH v2 01/13] KVM: Rework KVM_CAP_GUEST_MEMFD_MMAP into KVM_CAP_GUEST_MEMFD_FLAGS

Sean Christopherson <seanjc@...gle.com> writes:

> Rework the not-yet-released KVM_CAP_GUEST_MEMFD_MMAP into a more generic
> KVM_CAP_GUEST_MEMFD_FLAGS capability so that adding new flags doesn't
> require a new capability, and so that developers aren't tempted to bundle
> multiple flags into a single capability.
>
> Note, kvm_vm_ioctl_check_extension_generic() can only return a 32-bit
> value, but that limitation can be easily circumvented by adding e.g.
> KVM_CAP_GUEST_MEMFD_FLAGS2 in the unlikely event guest_memfd supports more
> than 32 flags.
>

I know you suggested that guest_memfd's HugeTLB sizes shouldn't be
squashed into the flags. Just using that as an example, would those
kinds of flags (since they're using the upper bits, above the lower 32
bits) be awkward to represent in this new model?

In this model, conditionally valid flags are always set, but userspace
won't be able to do a flags check against the returned 32-bit value. Or
do you think when this issue comes up, we'd put the flags in the upper
bits in KVM_CAP_GUEST_MEMFD_FLAGS2 and userspace would then check
against the OR-ed set of flags instead?

Reviewed-by: Ackerley Tng <ackerleytng@...gle.com>
Tested-by: Ackerley Tng <ackerleytng@...gle.com>

> Signed-off-by: Sean Christopherson <seanjc@...gle.com>
> ---
>  Documentation/virt/kvm/api.rst                 | 10 +++++++---
>  include/uapi/linux/kvm.h                       |  2 +-
>  tools/testing/selftests/kvm/guest_memfd_test.c | 13 ++++++-------
>  virt/kvm/kvm_main.c                            |  7 +++++--
>  4 files changed, 19 insertions(+), 13 deletions(-)
>
> 
> [...snip...]
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ