From patchwork Fri Jan 27 11:39:12 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Suzuki K Poulose <suzuki.poulose@arm.com>
X-Patchwork-Id: 49289
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp787698wrn;
        Fri, 27 Jan 2023 03:45:10 -0800 (PST)
X-Google-Smtp-Source: 
 AK7set+jEIcoFWNPyeaUKbcOkZegchZZzAQI0J5jhF1VVco5OV4TRsWepgTzLJeCO+XTE0mpm2LF
X-Received: by 2002:a17:906:7155:b0:87b:d3b1:e116 with SMTP id
 z21-20020a170906715500b0087bd3b1e116mr1615563ejj.20.1674819910263;
        Fri, 27 Jan 2023 03:45:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1674819910; cv=none;
        d=google.com; s=arc-20160816;
        b=GsDZ5jsv7GXgfQypCaJhp/n9XwdCyv74By1CxQrP16aZunzOzAtn3+mJL83IwDrTFp
         D9kq3gn/8hzBifDRhyCep4il8+GBSBhzg0F8ODetVaGImrF0HviakNCTOr8KyAwXi6Tf
         Otjp0ZABbMz1B0s31v7is13jzkrjFIGzmP2vx7c0XOF8f/gRy1GjgfNW/R7g7KgL4qbE
         BdJARPO73cJzCHxGVCed+I9yA5mq3S+LfDvyRVCSIj3pkHAz4NhJeghwpucFM9pW1A2O
         n8MVsS0ndFhba/TX570FRSvlX/togrdEib1fugltp40AMQIoPmmNUVfK/dIClsN3nuEK
         7Lzw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=8RX/2h5XNX3qlMiQxN95nX+2mc4G3KkCcmKz7L34SUg=;
        b=xDDrHj5X595rNfi1EazlyfFzqGMfYNJ0LiryfEWgykvAKGAC2NXdh7Bc4ly892D0Mk
         Crv07lZ8Q6dU9TQhjFannBO9cdCoLwvNpd5Kip2V8MNGrOanQlkpUvtFHLBU9hrgfYnP
         xO6UYeKJWh4vmh3tbr5TZBm6hMAbZuJarzt32epXMvQeDYue5Ne7rv1SYGrjv7uTZibZ
         VTXabykYdHKAbotoTIucgWx6jbZTRS+UktMhgKESYx8IiEQvPCb0UDm8XTBhwfJZwUAJ
         xeCr82+8KA+TRVuS3hDBCHF0qWFin4/EkOWjkyYCA+QbTzxyGLHIBK7F3ojLSwrnTF5v
         8r2g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 ge10-20020a170907908a00b0087858b74a0bsi3865699ejb.983.2023.01.27.03.44.46;
        Fri, 27 Jan 2023 03:45:10 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233713AbjA0Llh (ORCPT <rfc822;lekhanya01809@gmail.com>
        + 99 others); Fri, 27 Jan 2023 06:41:37 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60322 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233690AbjA0LlL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 27 Jan 2023 06:41:11 -0500
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 18908126CA;
        Fri, 27 Jan 2023 03:40:44 -0800 (PST)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
        by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3C11D16A3;
        Fri, 27 Jan 2023 03:41:02 -0800 (PST)
Received: from ewhatever.cambridge.arm.com (ewhatever.cambridge.arm.com
 [10.1.197.1])
        by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id
 B29523F64C;
        Fri, 27 Jan 2023 03:40:17 -0800 (PST)
From: Suzuki K Poulose <suzuki.poulose@arm.com>
To: kvm@vger.kernel.org, kvmarm@lists.linux.dev
Cc: suzuki.poulose@arm.com,
        Alexandru Elisei <alexandru.elisei@arm.com>,
        Andrew Jones <andrew.jones@linux.dev>,
        Christoffer Dall <christoffer.dall@arm.com>,
        Fuad Tabba <tabba@google.com>,
        Jean-Philippe Brucker <jean-philippe@linaro.org>,
        Joey Gouly <Joey.Gouly@arm.com>, Marc Zyngier <maz@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>,
        Oliver Upton <oliver.upton@linux.dev>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Quentin Perret <qperret@google.com>,
        Steven Price <steven.price@arm.com>,
        Thomas Huth <thuth@redhat.com>, Will Deacon <will@kernel.org>,
        Zenghui Yu <yuzenghui@huawei.com>, linux-coco@lists.linux.dev,
        kvmarm@lists.cs.columbia.edu, linux-arm-kernel@lists.infradead.org,
        linux-kernel@vger.kernel.org
Subject: [RFC kvmtool 11/31] arm64: Lock realm RAM in memory
Date: Fri, 27 Jan 2023 11:39:12 +0000
Message-Id: <20230127113932.166089-12-suzuki.poulose@arm.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230127113932.166089-1-suzuki.poulose@arm.com>
References: <20230127112248.136810-1-suzuki.poulose@arm.com>
 <20230127113932.166089-1-suzuki.poulose@arm.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1756175962553210510?=
X-GMAIL-MSGID: =?utf-8?q?1756175962553210510?=

From: Alexandru Elisei <alexandru.elisei@arm.com>

RMM doesn't yet support paging protected memory pages. Thus the VMM
must pin the entire VM memory.

Use mlock2 to keep the realm pages pinned in memory once they are faulted
in. Use the MLOCK_ONFAULT flag to prevent pre-mapping the pages and
maintain some semblance of on demand-paging for a realm VM.

Signed-off-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
---
 arm/kvm.c | 44 ++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 42 insertions(+), 2 deletions(-)

diff --git a/arm/kvm.c b/arm/kvm.c
index d51cc15d..0e40b753 100644
--- a/arm/kvm.c
+++ b/arm/kvm.c
@@ -7,6 +7,8 @@
 
 #include "arm-common/gic.h"
 
+#include <sys/resource.h>
+
 #include <linux/kernel.h>
 #include <linux/kvm.h>
 #include <linux/sizes.h>
@@ -24,6 +26,25 @@ bool kvm__arch_cpu_supports_vm(void)
 	return true;
 }
 
+static void try_increase_mlock_limit(struct kvm *kvm)
+{
+	u64 size = kvm->arch.ram_alloc_size;
+	struct rlimit mlock_limit, new_limit;
+
+	if (getrlimit(RLIMIT_MEMLOCK, &mlock_limit)) {
+		perror("getrlimit(RLIMIT_MEMLOCK)");
+		return;
+	}
+
+	if (mlock_limit.rlim_cur > size)
+		return;
+
+	new_limit.rlim_cur = size;
+	new_limit.rlim_max = max((rlim_t)size, mlock_limit.rlim_max);
+	/* Requires CAP_SYS_RESOURCE capability. */
+	setrlimit(RLIMIT_MEMLOCK, &new_limit);
+}
+
 void kvm__init_ram(struct kvm *kvm)
 {
 	u64 phys_start, phys_size;
@@ -49,8 +70,27 @@ void kvm__init_ram(struct kvm *kvm)
 	kvm->ram_start = (void *)ALIGN((unsigned long)kvm->arch.ram_alloc_start,
 					SZ_2M);
 
-	madvise(kvm->arch.ram_alloc_start, kvm->arch.ram_alloc_size,
-		MADV_MERGEABLE);
+	/*
+	 * Do not merge pages if this is a Realm.
+	 *  a) We cannot replace a page in realm stage2 without export/import
+	 *
+	 * Pin the realm memory until we have export/import, due to the same
+	 * reason as above.
+	 *
+	 * Use mlock2(,,MLOCK_ONFAULT) to allow faulting in pages and thus
+	 * allowing to lazily populate the PAR.
+	 */
+	if (kvm->cfg.arch.is_realm) {
+		int ret;
+
+		try_increase_mlock_limit(kvm);
+		ret = mlock2(kvm->arch.ram_alloc_start, kvm->arch.ram_alloc_size,
+			     MLOCK_ONFAULT);
+		if (ret)
+			die_perror("mlock2");
+	} else {
+		madvise(kvm->arch.ram_alloc_start, kvm->arch.ram_alloc_size, MADV_MERGEABLE);
+	}
 
 	madvise(kvm->arch.ram_alloc_start, kvm->arch.ram_alloc_size,
 		MADV_HUGEPAGE);