From patchwork Thu Feb 22 19:06:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 205000 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp152216dyb; Thu, 22 Feb 2024 11:09:37 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWIxo48JBG1eoNN61oQcJYcdzUW3ZEFPrsKqtPjn0fPVf2hUM4UTPvQACZeMhUW6kOtaawCeK6HUqHGcrvPGhAUmexmLg== X-Google-Smtp-Source: AGHT+IEl3nfCCG9EMj9IugPf6NsSJn2j+AvNhLuYYeYUQYeOOoMzqlafC2rzzp2nOTxq2pHQVc87 X-Received: by 2002:aa7:d686:0:b0:564:ee23:35c8 with SMTP id d6-20020aa7d686000000b00564ee2335c8mr4257067edr.11.1708628977340; Thu, 22 Feb 2024 11:09:37 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708628977; cv=pass; d=google.com; s=arc-20160816; b=hPyusN8jAtYa1816qEGBO2rx9ucEIUaoryVI+aKLIh59Ul6IpSnk07yfqFg2mg3ryD M2T9PrdGSgayFpeY+r13qxsXYfrlQ2UexR/ZsXMMV6Cb5DzikwGmYrDqQQNKQAPNK2Ti +2SDwx2Yq5swLq0J+p6+rUueLIHtGs+H2j+04afWWqXdGsZzzRSIByd5k0rPpcRDWkl/ usZJ5WrNPTlB5d+4bv15Uh2uqeKjJNrMpxTvsogODNwl9GUgUsacT0bkJNcn1zXbKHZJ VZOMZiw131/SsSSBqiHwwOKzbTDrUmy9GhI2oK9JspU0gxyRfGqSWd3TeRTgauib+Jye kJRQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=3ntMGhr684dTjFjW5K9N11e4M8SUGzq3A8ac/2w/QBo=; fh=1cil4cncf3kTG1d2MPlGXbkpPmFm+VKQCKyawxKqkbM=; b=HhC60u0Pq8m3USwjzGKiZy14WOOCRtOfgYkGWS8Mavtn0mRiW0+haf1FW7czMIsZES rK3eZQs8lQdfF73yjC/ex7APlYdljH/13NAPtF5RAJYyqUOOgvXWHMaE6iSZ43kePUpp OV6oxNjgg/hLEbU5Bt2ob1dcDECHlJIcxxDg7aSUTr55DmZNccRXEVmFMq8KFnGEukJS R+ORQD1boN+MkkKGuuXiddPZWky6+5B/htFLf5UWWv5Fpam0iwZ/kK3X0gGUIguJ86m6 RtMSCZNWURFLwndn10xzMqiuZgl8du9qtxZxqG8Igwnsm1lC/D2zYPqhdq4m2BTDEFP5 bjpQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=K+Kfykx9; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77214-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77214-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id n11-20020a50934b000000b00565592498a2si188467eda.568.2024.02.22.11.09.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 11:09:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-77214-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=K+Kfykx9; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77214-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77214-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 317D81F2B002 for ; Thu, 22 Feb 2024 19:08:14 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5D3B36E5F0; Thu, 22 Feb 2024 19:06:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="K+Kfykx9" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 85AC72575B for ; Thu, 22 Feb 2024 19:06:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628793; cv=none; b=IQ7vuKymfPVrkZIpObS7yINzrjjdDnaEAByuNo/26nF0wnqTTvfC1+zE8qY/MwRrVSxoCaX9oeZipI6O5Mwz4fw0dLCfwt1Wd+yNxKAKAqzhfH8C74GyQlEBipDp/6JAiFRfEq5NK9n/EcfB1tYQBqKATX7em3kNnDhNN2gWXZU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628793; c=relaxed/simple; bh=nieUYnH4dj1j92uddbXN4kJMJyMCVisTdazPsZdBPn8=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=VpzpsMllXL3mXuabaFSP6z5X26tZNcIbwBcf2Z/VdiOuSlqY8YCFhLdKl1g5wYiFmF3e99LonCBH1ZDsb4FvJnG+HOK5BDK1Xeyh+braEKsYdbRFUh6+cr4E+pXuuEeeXPsfyhP5E2T/MgezL7gyflr4IHsZp/Iv9JrRmB0pS6A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=K+Kfykx9; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6085e433063so1143317b3.1 for ; Thu, 22 Feb 2024 11:06:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708628777; x=1709233577; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=3ntMGhr684dTjFjW5K9N11e4M8SUGzq3A8ac/2w/QBo=; b=K+Kfykx9Hq+ykAkYNd4G4I85Sjt9YcnQ4siJNsHr2te3tcKrZdZllffe8rBFSIkLGd BDQ/C1Ay+W8/Tz91cWU6OofJ1tfDPEY5XDXXst0d/jsBYrT65Pnp5H+z4bYxI2aoaFD5 w7d8Dcz7zTbdxZMQs5bzoVTeLyRO0dqIlL1ZsKo86ueEB9bDD2E3QFR9mlte87HADtBt aKzT1cX3xQN80xT53oxMNGPaDp2KDzNKfovzwIxbz9JKm1iNQfgK5GroprazRUXK2S8j VqBeCRPvPa2jRrfFbvA7+bW1R8O8qSUF77rm24zvjQRIwodF8TFWc0vaBXMzLoARdZ5U RNnA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708628777; x=1709233577; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3ntMGhr684dTjFjW5K9N11e4M8SUGzq3A8ac/2w/QBo=; b=Erp4FM6I2j25mWuWkQzsp5k/6K2JK7O6eYak+QXaiKI3fHTYI61LBp/7qwxL4DkG7U W79sLXLSn5S/cBYJSwuzk5U22WubeurA1u4TvXMiKt2fRJMLconLeqv87agNZCfjxcH9 hZ3z13IaqLU9Y18G9bxkIwM36vfigTDxYplik5o61/snJ4iVT0LA2RZBa5yhROqlbtIT m86qE2v+gsiXhuZwRHVhjH5u5VGUDUtuqbz35+/Uc788nL4j22I9keoAM+1tBQPH9QcO y9SV0rm3P6USH/Yd3L07I27QfQrZQ4YF+znlRJ4sXKmTxmV/8bPYzIo9LjT3iS9wImGE OAbQ== X-Forwarded-Encrypted: i=1; AJvYcCWa+CsObYUvdhQ//WeBsWBOz5EbDx/2UiMTw2v/kvaEUrLryWpllGa4bNpJ3SX93z8Fov1ynyzujZ4pw0vFYK6wsrHFVFW9F61vi5e6 X-Gm-Message-State: AOJu0Yy9r5KOego5Thopr5kt6qeJ6rmvTDINgdHqanwORF0W+OjjU/bE p+Zg9qz1MjIRvE9r7vh2aqWPp13kYAzDP9YZkIfauARwTFpqFsDIC72RH17AgMKefHhmZtqLM2+ Ofw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:160b:0:b0:dc7:7ce9:fb4d with SMTP id 11-20020a25160b000000b00dc77ce9fb4dmr5036ybw.12.1708628776828; Thu, 22 Feb 2024 11:06:16 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 22 Feb 2024 11:06:08 -0800 In-Reply-To: <20240222190612.2942589-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222190612.2942589-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240222190612.2942589-2-seanjc@google.com> Subject: [PATCH 1/5] KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Fuad Tabba , Michael Roth , Isaku Yamahata , Yu Zhang , Chao Peng X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791627338405751104 X-GMAIL-MSGID: 1791627338405751104 Disallow creating read-only memslots that support GUEST_MEMFD, as GUEST_MEMFD is fundamentally incompatible with KVM's semantics for read-only memslots. Read-only memslots allow the userspace VMM to emulate option ROMs by filling the backing memory with readable, executable code and data, while triggering emulated MMIO on writes. GUEST_MEMFD doesn't currently support writes from userspace and KVM doesn't support emulated MMIO on private accesses, i.e. the guest can only ever read zeros, and writes will always be treated as errors. Cc: Fuad Tabba Cc: Michael Roth Cc: Isaku Yamahata Cc: Yu Zhang Cc: Chao Peng Fixes: a7800aa80ea4 ("KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for guest-specific backing memory") Signed-off-by: Sean Christopherson --- virt/kvm/kvm_main.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index eb0dfcd157f4..0f9f78f4f7cf 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -1617,7 +1617,13 @@ static int check_memory_region_flags(struct kvm *kvm, valid_flags &= ~KVM_MEM_LOG_DIRTY_PAGES; #ifdef CONFIG_HAVE_KVM_READONLY_MEM - valid_flags |= KVM_MEM_READONLY; + /* + * GUEST_MEMFD is incompatible with read-only memslots, as writes to + * read-only memslots have emulated MMIO, not page fault, semantics, + * and KVM doesn't allow emulated MMIO for private memory. + */ + if (!(mem->flags & KVM_MEM_GUEST_MEMFD)) + valid_flags |= KVM_MEM_READONLY; #endif if (mem->flags & ~valid_flags) From patchwork Thu Feb 22 19:06:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 205002 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp152313dyb; Thu, 22 Feb 2024 11:09:48 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWVxbJKYkuzOCtBqj/3XycoCGcRQa0K2lNIFQuCuXt7HYLL7LU7hsSIGPhwPtYBB5155Vnp2kL/fwk24c7Yx/7vbuATuA== X-Google-Smtp-Source: AGHT+IGfPUFloP+OX/JzoixH+ppWVzwU72OvgOl5eSgMSO0ufoKuWrO0F+VX9H8Y9lATcjI1jG1P X-Received: by 2002:a17:906:1d14:b0:a3d:ce2c:b06a with SMTP id n20-20020a1709061d1400b00a3dce2cb06amr13571747ejh.22.1708628988346; Thu, 22 Feb 2024 11:09:48 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708628988; cv=pass; d=google.com; s=arc-20160816; b=qR5i8GCtcP4vB99bqdObCh3rsmMVPOcYDOiolAJnLyYJtLqb+SOzXHibuOOucY3osm +LQvfnLdBNslEZvlEknvbswT+lYO4IrexJurSkouT176acbaQCIT6XFERaRndlUX677E wwsqHGMWdBjLTOPT/hxA5OFcf/3fMxNMnHoXIr0aozTXYVfAYMpZFt8lDwIC++QfKEi2 AEn7AUuWCiTl2ORvyZ7OtCNQavSRmfLETJFE+DwoM478DuZk+mXXOJpdVXRkdKKGLzLU kD28bp2eHy0YuVEVAJncRJ1P3HW59YBTn8dsSQxc8tEEcZLza55VQ7+ylM6LrCjZ6ThF KgcQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=MASCieoOmvRc5i6iG9M3g3ZXhEgirZz44Dugjtnu36A=; fh=fnvV7R1l3SnYS/KmKew2xePwNq7lOTDOXq2JgjODBU4=; b=RsH/VCR1bgyDt/cSRL7cCkYCQFWd5k3Q4ruGABduONVtyxQA3o8pkL+pS8LG04U/bY TwT3CKiG4zJU83lrpffG5Cj2r33cx5tlPkkZhm+rnDT0wU7tV8ex15yVumDD818TaZ2w GQMN8OOVyEjHjE2zOo3rOXIJmdRrEAbLj0plV5gJ/YMAk+VXanJeg8YeHtHCzRigV2Gr WiP8uu7G87z+xiUQMS1x6IViBouYVats+rA+hJR7uj8VQLFgDjSg4gNIEbqbuV/wXUES dsN1BT17///hPvRyxgb4QzQUsRHVaTWBLvUIT6qyPVPs7JNNJTXRYIyzYaT0B038muuK TAtQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b="3cA+0l/V"; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77217-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77217-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id w8-20020a170906130800b00a3e6e8dc00asi4098210ejb.65.2024.02.22.11.09.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 11:09:48 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-77217-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b="3cA+0l/V"; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77217-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77217-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 62C5A1F21EDF for ; Thu, 22 Feb 2024 19:08:32 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9CF8A14B839; Thu, 22 Feb 2024 19:06:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="3cA+0l/V" Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4DEAE14B825 for ; Thu, 22 Feb 2024 19:06:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628796; cv=none; b=IegpyP/4sNfqxPuCtiMYJTbKT5J879dxyo/AQm1pZMGtpbqrjb/RL/KFQTmsRZar1YXkDjnasQjl3DuuGs7tkgjw3vl2BOxCqHHxaZgQsmKkbImjhfBZLUD3+kyX7modM0qtQnlSbaKRV0RoDTty5B5qtNNF4wgwupMpB48b73M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628796; c=relaxed/simple; bh=DBKd2morSwroTrZIRb0qYYPphxV4+AKVqaeMPMvzsQU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=LyLnr+FlG1HExKlp+JroAXDyBiOohIY58o0mCgxTJ8yU/E+ckZuqeiSk1rejx9MBIO8yfnFdy/JsD3kaq323KeloyzFiQaOBigT8Y4YVtSadQSkTYRU3YpXuE5HeHs00k28yv3xrqAodRNFhtaIzj7KwdS1Vm+jDGxrmBsAx5zw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=3cA+0l/V; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc743cc50a6so28927276.2 for ; Thu, 22 Feb 2024 11:06:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708628779; x=1709233579; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=MASCieoOmvRc5i6iG9M3g3ZXhEgirZz44Dugjtnu36A=; b=3cA+0l/VurD3QzleDHD1ODW5FfwpfP4zF+Jwp4hgjHGHZTqzG8CsGwTmac33GHMQw9 eiqG7W/0d5Mm15lXHl7cB10RuLxvZWSdCpxbav8PUtdDIjC5jeIw71JDOFv0N4moUeup 114k6ZB+2Qpl5mG7h3Up7Q5Boyy5aAkXi/36DfXvDxIvdi+WdbLTrtH/Jd03RZlWSQ/J dPGlHCf0hIfb4sd8frlQuEJYJ95daBv66aGdkomoSCOagUZ1Kh0yQZo/kIWkHeMWmZQC kDSF+6eT6ccSnGjZJ7FzsXKR/2TX7Q1pkpmvfbjfAD6Sih63eXKEvbCwSJu30CQi5l6A hxQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708628779; x=1709233579; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=MASCieoOmvRc5i6iG9M3g3ZXhEgirZz44Dugjtnu36A=; b=dWPqr5Y6Mtk/54u+AKB5loKzvrB7t+vp9pTf8Zy8I+6JuJsYrjAtXMPMYzQkDjTyFF sJRLQ8S/WZd6mOyk+hP1TVE7MAouKWghW7H/V1hU8SWNudlxjwYltAtoWXbDcNBMWlPc dZrybNWWANkj2EsWPRewOV4N6M0CMYu3B8b+YgK1CjN+uDsDCAnD5D7nyOloqG7vjnfR PeYzC6w33cT9Uo8QGCFryWjAsJ0TFwvSTardVicfBd0WwOmW5KJTaKy5nVSz5yq9uZuA OIFRuPPcF7ylZcUDupKfNQv8HjcVBBN+oBVB6tCq35eNCvahYhmtHXoVqk/HOWUvZGHb jsRg== X-Forwarded-Encrypted: i=1; AJvYcCXAKTOLcTX1kA3gxnxpyad5AJABjKqtfYc8R4hOqiB7lhmf4bL3b9hLyn0Pv12kArHpYkHsJSriH5i2l//CbcCcw4q33XWKLiGfLhDn X-Gm-Message-State: AOJu0Yzs6O/GopnW8KzOzwd4+dMuNofPfJkQtRy8scw1YtljzU7Ih0CP ccJWQd1ll8ZhtkWjTGBf3SdHWd/TAmZoOpgd7yPHummQKaeH0lAkLKCtAzKq9whnGHJCYwBzlgc AzQ== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:2484:b0:dcd:2f2d:7a0f with SMTP id ds4-20020a056902248400b00dcd2f2d7a0fmr166ybb.9.1708628778771; Thu, 22 Feb 2024 11:06:18 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 22 Feb 2024 11:06:09 -0800 In-Reply-To: <20240222190612.2942589-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222190612.2942589-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240222190612.2942589-3-seanjc@google.com> Subject: [PATCH 2/5] KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Fuad Tabba , Michael Roth , Isaku Yamahata , Yu Zhang , Chao Peng X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791627349817328589 X-GMAIL-MSGID: 1791627349817328589 Rewrite the help message for KVM_SW_PROTECTED_VM to make it clear that software-protected VMs are a development and testing vehicle for guest_memfd(), and that attempting to use KVM_SW_PROTECTED_VM for anything remotely resembling a "real" VM will fail. E.g. any memory accesses from KVM will incorrectly access shared memory, nested TDP is wildly broken, and so on and so forth. Update KVM's API documentation with similar warnings to discourage anyone from attempting to run anything but selftests with KVM_X86_SW_PROTECTED_VM. Fixes: 89ea60c2c7b5 ("KVM: x86: Add support for "protected VMs" that can utilize private memory") Signed-off-by: Sean Christopherson --- Documentation/virt/kvm/api.rst | 5 +++++ arch/x86/kvm/Kconfig | 7 ++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index bd93cafd3e4e..0b5a33ee71ee 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -8820,6 +8820,11 @@ means the VM type with value @n is supported. Possible values of @n are:: #define KVM_X86_DEFAULT_VM 0 #define KVM_X86_SW_PROTECTED_VM 1 +Note, KVM_X86_SW_PROTECTED_VM is currently only for development and testing. +Do not use KVM_X86_SW_PROTECTED_VM for "real" VMs, and especially not in +production. The behavior and effective ABI for software-protected VMs is +unstable. + 9. Known KVM API problems ========================= diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 5895aee5dfef..4336b3fff0cf 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -81,9 +81,10 @@ config KVM_SW_PROTECTED_VM depends on KVM && X86_64 select KVM_GENERIC_PRIVATE_MEM help - Enable support for KVM software-protected VMs. Currently "protected" - means the VM can be backed with memory provided by - KVM_CREATE_GUEST_MEMFD. + Enable support for KVM software-protected VMs. Currently, software- + protected VMs are purely a development and testing vehicle for + KVM_CREATE_GUEST_MEMFD. Attempting to run a "real" VM workload as a + software-protected VM will fail miserably. If unsure, say "N". From patchwork Thu Feb 22 19:06:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 205006 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp155953dyb; Thu, 22 Feb 2024 11:16:31 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVPTZQPvdJ6EM7OgRNEo1MoqXmXayMd4V4qzH4MvR81wo3RevFMMUfX/BkdNeEhh1X8N5QEmh8fIoigGDI1jMf9tqetHQ== X-Google-Smtp-Source: AGHT+IHKDaPhUnIcl/L90dkvvXc8jYF9mYvzOMA330AhbrDwbAk96r44XGKxjKLC+5qP5M/11ARc X-Received: by 2002:aa7:8a06:0:b0:6e4:59d0:febe with SMTP id m6-20020aa78a06000000b006e459d0febemr13509201pfa.7.1708629390994; Thu, 22 Feb 2024 11:16:30 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708629390; cv=pass; d=google.com; s=arc-20160816; b=jHQBGqOwbgEI8nI7zU8dWiRZBrCTelu1r97mK1MUGalBeX/dxc0ByMlysJzd9BjJzB MwNsnC9D5PfY5Z+61Cvqf3zuFqnXn8hwj5e9FbSPcPnRN8RogDGBTw00lG3wRLMa+67p sPf4FbOuajco68MdT2DX7T6iAIX/S54h+GyUcRsZPS98lUQ2MoG/M/tQG5DCav+XJ6LD CYMM3eoNq+Aa3auDwzh49mVObLMP0PdrPNoEThpWfr5CN/Cl0evJTKgNI8vqIDkA5bh8 02YVMUaf2Vlmfy2w5pNzasIaNlUk3HuHhOCuZ6/E+77sh4KlZdEWn6FUwb8gbmZl6Trh i2kQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=TYSivnN6sKEY4CZofc9WbYnjIg5hjEEjj41nwAaSQHo=; fh=6z20+Ty6JFzrxks7FibXZeq78dGYseODPIift93+rLI=; b=mjhPqEVX+Smk3oXFZ07e6A4/Bk0ZVaXuwOJSPsWa/yPW7k82PRQ/Yh4SvTOj6GYV24 ycQ/LdzVXd78s12n97rhdjvgFuqo1odMjDUjXQjT8LqlFGUpaM6uRE7VRZo6hWrC5iIW /Urzf0UgCH+8W1okqTOGETXmG1UlPwfkMnkBa9RIvn3WnGPPw1mtKYfARb8F7Kzj7Rmy VfOVHQHBMPiyxMnWnKeZyQVS9WmxkC7yozVkEcLoiM/+3LQ/twzIyFx0uWvxTGVlPlZe f6yWEocb40+wrzppVXetBR+Zc9TcpSL42V+hKBAf40GczaR/RGBnwnMF+CPizM24VOez CNBA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=XSBf7+zj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77215-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77215-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id v18-20020aa78512000000b006e13ce606c6si10469278pfn.110.2024.02.22.11.16.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 11:16:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-77215-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=XSBf7+zj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77215-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77215-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id AB6192845FE for ; Thu, 22 Feb 2024 19:08:14 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 576C16E5E4; Thu, 22 Feb 2024 19:06:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="XSBf7+zj" Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 55F5D14B836 for ; Thu, 22 Feb 2024 19:06:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628794; cv=none; b=LSTDC1y1l9c3aILccoZVPjzkIofHN5WV8LjtPIqMVEj/sAPKkPPB4sWUeUFx8afdJpNwhy7ybd5436L3U0DuNaUzvJRXyry+4R7pex1QVhWZuGpkdwvQUNAY+i9zrvVHyO5nzNk5cmI/PVlBAPXHhFWGcDwaIfA9dMBrhBSj808= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628794; c=relaxed/simple; bh=Lpr6OXMdJrHRiK6NwVBpGyZp/lhKwMDMfWMCx4WLc3E=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=bebgajRtq6IX+Xm7VtQXrDZaMPsaPxsFVAJ8++PFw0iJDKF+gjM6IPlzSOK1QnHiPDZ9Rfkxa98U6GI4j9+RXaSaEYWIxPGnDwy2/KwCjEPdWGJFyADOUHeJZUp0liEcXRfyt8YYUeNfzE6J+ShkvmFcsOJGwY4DbMSXgezFJMM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=XSBf7+zj; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-dc6b267bf11so15829276.2 for ; Thu, 22 Feb 2024 11:06:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708628780; x=1709233580; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=TYSivnN6sKEY4CZofc9WbYnjIg5hjEEjj41nwAaSQHo=; b=XSBf7+zjqQSIdpqoyLdYZLXRBC8iVe9qqogTHUaBn57Ovayhzn94jJFmygn3Zcr4Ac V81jFQbw9uesISW4op0RXFqQ5VdLV/HFSoQMgT2F9cyXbcgC41UpHUEuMTsrIOESuQ8y tXXqOls0CCgznvtf0okfVtRp4miaFDLaNVNepblvY6Scs59lYYEy29yNVrwJF5fxGDpy wU+9Wev99fJvjYZ1taG7kkLvXLU9vnb7mGQyFIJ/qr3VUX+KCGweZjS/Wz1vrtiYi95r v0A5hzhGtLDUgKFWTwP6/5NKLqZrhp4TMNIpGvo+nihezpIBbEPgpDCLO+OELV9SDIlb qPqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708628780; x=1709233580; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=TYSivnN6sKEY4CZofc9WbYnjIg5hjEEjj41nwAaSQHo=; b=MofZg7Kj2DugWVZZCHN362zZfsD7WDdB75EJKvvR/TfMv5TsazdGjJrI6ibCuSW/Zk Ncy33HM84xL116eeeG0ZAI5jIk8wM5CYBgAgX5vwkkcBgQuhQcOGN30GiBTeYzrpg3P8 NlZBB/jQSGsey1bsA9Sw+01gbRPdganBoVc4En9pnqKKVXhJMUj7Z1YD6648zTTS3l/H VOhauR7+BigH6wmK47ycPSsXxP6+s8wI6t8qQaxO8SIseKkgGJd1XhDPiGONTnD6RJZQ pl4mMYbBpvdEMM5SO2xy2/1TKscwHAWFbgu4SP8qjTRo9VWuEbwd1c2XaS3xWCmgdlO+ q19w== X-Forwarded-Encrypted: i=1; AJvYcCW7TzNVRPx8BT6ZoR8v+unbwMkc6i/eyH7MEO2qq7GlwVspycfg00PmpCsjtF7V4a+ut1pzSW1gFXZiDN4jlyfIzUK5794JYtPvDoir X-Gm-Message-State: AOJu0YyOw7UJjVn9S2eY3a24DOQ1uacHxiZBtkd5+/qoiNDgG4fop94y ihlSPoLeL+vB4IV1iFatP1IYATqZHm9LxI3YY+Qgiohw2nY1Yjco43hvJ2lC9hp5NM0R7IVLo/K NWw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:18cc:b0:dc7:6f13:61d9 with SMTP id ck12-20020a05690218cc00b00dc76f1361d9mr1123ybb.4.1708628780537; Thu, 22 Feb 2024 11:06:20 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 22 Feb 2024 11:06:10 -0800 In-Reply-To: <20240222190612.2942589-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222190612.2942589-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240222190612.2942589-4-seanjc@google.com> Subject: [PATCH 3/5] KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Fuad Tabba , Michael Roth , Isaku Yamahata , Yu Zhang , Chao Peng X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791627772323847458 X-GMAIL-MSGID: 1791627772323847458 Advertise and support software-protected VMs if and only if the TDP MMU is enabled, i.e. disallow KVM_SW_PROTECTED_VM if TDP is enabled for KVM's legacy/shadow MMU. TDP support for the shadow MMU is maintenance-only, e.g. support for TDX and SNP will also be restricted to the TDP MMU. Fixes: 89ea60c2c7b5 ("KVM: x86: Add support for "protected VMs" that can utilize private memory") Signed-off-by: Sean Christopherson --- arch/x86/kvm/x86.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 86d88bc7a6d0..1e0cc1906232 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4580,7 +4580,7 @@ static bool kvm_is_vm_type_supported(unsigned long type) { return type == KVM_X86_DEFAULT_VM || (type == KVM_X86_SW_PROTECTED_VM && - IS_ENABLED(CONFIG_KVM_SW_PROTECTED_VM) && tdp_enabled); + IS_ENABLED(CONFIG_KVM_SW_PROTECTED_VM) && tdp_mmu_enabled); } int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) From patchwork Thu Feb 22 19:06:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 205001 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp152272dyb; Thu, 22 Feb 2024 11:09:45 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVbOQjV3fCvACfmmv3k2fQCgtFAIIszmh4b6F84NEdhVJIOfkYJTzs1onH5TW+Lct5F0EPJ2ymrS+xHCUAwnF9CtqsBOg== X-Google-Smtp-Source: AGHT+IGeScz7zSHmt7qJhjxxh6klZShX5G7QcKhMVHkSp/Xto8aulYoPBzQ+8eGOTfWeKG4n74Q5 X-Received: by 2002:a05:6402:505:b0:565:2468:7394 with SMTP id m5-20020a056402050500b0056524687394mr2548327edv.1.1708628985034; Thu, 22 Feb 2024 11:09:45 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708628985; cv=pass; d=google.com; s=arc-20160816; b=X0dc7LiYh6U5OfwLoHS6F4EVqdIdMoBYzaMgY+i26x7VhckYLxdOdksbkJ8w3hcb3k nBxBG5hiuwam1T9PcEWv7qSPtZIuFEpoEdz8o+I7aSDzGRhre8ElYkFTXNHqnLyfFuHx BhYWwjpMcQR/LerEnwGGKmxV0zooskHEgXwuHNL5ruZB9dC+CroZxbSZ2hWa7xXkMSvj glxxglar8jfffn1HQQqozO3pdGEdkk+0u1bTxa/Op1NM8ip0l2zxHBJgIJqfioNYbZsu NDO0x7+Ys17i49YYp2oRxP/cWp2dM7NPsR7WfuRusDEsvcWHdyvJg5QiovFoAPSV6utn sSzg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=7HiIqZU0XyHT/uY+W4Av8xeySFLdYEVlTDQAMpZzHAk=; fh=hW9kCqxtvZGJ0n+15pBdnd2rpFiSjW0GhD2WGsGREwM=; b=sfxt/4n9WzIiTPP5+rNrjei+e9TdM73mo2Bh/Yq3bqci8eRPl2iTG6xF7fMuw5kBeU /X3JYG8MLWm1TFLB8mERh/VmryNlIb70FPYSrWXKt494xt8tytcZU/a0PD5v9a5ghfqX bEOx+CK4bqNZ/aVmIHeTvLBgdI3xSlulfhkH9kzvTVfj99wUCc9yO7OfMO9E026Ui2Pb D/QMGvzFsaY/u36qXbbgPMXmNKCJtLV8PIsQnfAeTsLdnXer08rpO66Tvku+pm6vO46i TT7QBZ9S2lhj+E2F9bsSwFM1mYt0Z2uClYsPUhY3GuOOdP0r9qf0edUWSPBU4g6cVFFt 8KLg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=qOFvn+gC; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77216-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77216-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id d14-20020a056402400e00b00564247e9150si5173300eda.92.2024.02.22.11.09.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 11:09:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-77216-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=qOFvn+gC; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77216-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77216-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 322871F2B1C4 for ; Thu, 22 Feb 2024 19:08:27 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F2FAB6AF89; Thu, 22 Feb 2024 19:06:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="qOFvn+gC" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8853914B80F for ; Thu, 22 Feb 2024 19:06:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628796; cv=none; b=E/5f6mVPnKJiJXsQxXIpM8Ik0kzfv+tkypmCNIfmG+t9X/HEf6+p6BpdIjg6wxB4FY616CA0O+FJSXWPhd/xDYQkOkgklLz5ayqEud0tA1jH8TK+yujQzeDgcNkl9yRcGUMKnq4e4m/UvymNWh18itB49L+sx1FuCiNz8OE0NTY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628796; c=relaxed/simple; bh=tb6swG7G3wi3Bnp9LY5vlQD3q2JN5LX1r2DEbuv3v04=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=OF5DltgMDyENnqdIxgqP6q8wfgswKnIZZIGswR27sTdkgZkU/10vBZzZfk/5iEYH0M12XpLB4ZU3eaXfzC3B2aYeNMQ/Jhtfy2bSsbdHDdS2Vobild4KwB+LkW98oIsYrmdJ4Osirn0KR6J6DtKlmbvANPR2U6whohakgGc7kI0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=qOFvn+gC; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-608b3251948so1121947b3.3 for ; Thu, 22 Feb 2024 11:06:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708628782; x=1709233582; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=7HiIqZU0XyHT/uY+W4Av8xeySFLdYEVlTDQAMpZzHAk=; b=qOFvn+gCgVs5c7zcvBO86Q/trRj74+2+BepDqXj2zgB4OvFOSk5EMDS0OlFNOynVLY cP9BSYBsueqjh8X+q7hUf+AT5WLlU9KtKRCB+wd/4m3L6XYsTs8n8vCjLesZnuyef2BW VivgP4UtOk/Pz0BoEiFn8xecbpI7sydOb1FqsULlgEI36kuln9wD7dGqqmS09QVXteEh X/QXo8iGK3rzO3tqGEfQsYWRyYAb7IeMYn5TDagw+R6YgjgmQeMgY3iT6RrnY3CUospJ TCnGngq44ALF8XzTewAFhRJey8F6g4ABqeYkqb3sQAUuOFBS/1mZwBlZ/zGCEeXR/tox rOYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708628782; x=1709233582; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7HiIqZU0XyHT/uY+W4Av8xeySFLdYEVlTDQAMpZzHAk=; b=W8GWIXe60IVEC1CaNezImkbdNWPHyPW5KVTWQxseooFXGvOsfsNohgEpeCaWtJ9Vpj kq8O4ORAcZZVVCTfq5pb831XxQ14kvHcVBqnG3WCbgch0L4IWXfi5tnvN5hsFBNR/ZtD ffpkdYN7AuXt47ghD+p7qFYUlODhUWvfO7kGQjzIDwuG6QrYB5QAkJAQZ6aYHvN40G2j vJrsKJc7tAt3CRjAmQYKtbEe97DcZbUuIVO+y2YNe7sXUYrXluw2mjHKNJ166FFKy33U tNNL5CiEXXPpX0FA7llwnt6bqkg0RHjP4l950oq8GVNs/jm11eFX/MXNl4h0hvYAaTcN xXbQ== X-Forwarded-Encrypted: i=1; AJvYcCXdY3h5//rgqjFWEEy0U5CSJ70whHj+q7/+r/4Us13nqznzphcE7+THIbdHNZvQvlWF/JQM/8CiNxJX8tbwIl92nkDPc5ZMITAd3WrO X-Gm-Message-State: AOJu0YzKUzu11u8mtZpb/CsTvqRQ4cGi7Aln4tTBlrHqfs2q5PioMLXg HE0xCcAR4FfGrqdrCzdVVezBIPI3jQf+IZavcaoTe5IGS+8mqrKgUS/4U91TJAnp0c1nRg/5rEf Y7Q== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:114a:b0:dc8:5e26:f4d7 with SMTP id p10-20020a056902114a00b00dc85e26f4d7mr5931ybu.13.1708628782543; Thu, 22 Feb 2024 11:06:22 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 22 Feb 2024 11:06:11 -0800 In-Reply-To: <20240222190612.2942589-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222190612.2942589-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240222190612.2942589-5-seanjc@google.com> Subject: [PATCH 4/5] KVM: selftests: Create GUEST_MEMFD for relevant invalid flags testcases From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Fuad Tabba , Michael Roth , Isaku Yamahata , Yu Zhang , Chao Peng X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791627346509644459 X-GMAIL-MSGID: 1791627346509644459 Actually create a GUEST_MEMFD instance and pass it to KVM when doing negative tests for KVM_SET_USER_MEMORY_REGION2 + KVM_MEM_GUEST_MEMFD. Without a valid GUEST_MEMFD file descriptor, KVM_SET_USER_MEMORY_REGION2 will always fail with -EINVAL, resulting in false passes for any and all tests of illegal combinations of KVM_MEM_GUEST_MEMFD and other flags. Fixes: 5d74316466f4 ("KVM: selftests: Add a memory region subtest to validate invalid flags") Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/set_memory_region_test.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/set_memory_region_test.c b/tools/testing/selftests/kvm/set_memory_region_test.c index 40337f566eeb..9df4b61116bc 100644 --- a/tools/testing/selftests/kvm/set_memory_region_test.c +++ b/tools/testing/selftests/kvm/set_memory_region_test.c @@ -367,11 +367,15 @@ static void test_invalid_memory_region_flags(void) } if (supported_flags & KVM_MEM_GUEST_MEMFD) { + int guest_memfd = vm_create_guest_memfd(vm, MEM_REGION_SIZE, 0); + r = __vm_set_user_memory_region2(vm, 0, KVM_MEM_LOG_DIRTY_PAGES | KVM_MEM_GUEST_MEMFD, - 0, MEM_REGION_SIZE, NULL, 0, 0); + 0, MEM_REGION_SIZE, NULL, guest_memfd, 0); TEST_ASSERT(r && errno == EINVAL, "KVM_SET_USER_MEMORY_REGION2 should have failed, dirty logging private memory is unsupported"); + + close(guest_memfd); } } From patchwork Thu Feb 22 19:06:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 205005 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp155234dyb; Thu, 22 Feb 2024 11:15:11 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUmwAO5IzxZWjmhouqp1pa3UUVt6tQDA+0OP9O3g0eGLmADMbOU2+j+gQqW+cjhCKjxCPavRpa/l8FZCdZFk2nId0mnmA== X-Google-Smtp-Source: AGHT+IE0wn2nH6TQKYCDC3AmSZza98alHJd8+iOLqDuf1IL8VwakwqVnc9lPcjWnMk0278AerXFB X-Received: by 2002:a17:90a:bc0a:b0:299:7a97:e77f with SMTP id w10-20020a17090abc0a00b002997a97e77fmr12493354pjr.6.1708629310979; Thu, 22 Feb 2024 11:15:10 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708629310; cv=pass; d=google.com; s=arc-20160816; b=I1iCpXzC76bVfjQ7V+KEUKMLUHGWWeq1bZEInlcs0kJ7cIGVy4REQCoLgV5XdVqU+x HwLXtcunmpof/snOKPUeWO+dxJmrECZgko3TapZDbgCD1GJjjpNTTCVtofx0NbdCJDrT vVlE/hyXzsSeFfBdv8cUUkHC5ihkSgh2shYwrFj4n7bvijRXdqk1KiyxD55icT/zShQp SUahEruQol6f2meNOKJgshgsyzRiDtYN7TZsCbdkd2JRIrnwy3Bfdvp4C1N1AF9/s1Th 3OlQlP1DbFej1fSYJLdYnkdzRzguQf8dP5i5zuTfecRBEYX18T5kiVpfrtlfGOGCwnva joWw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=riJ7HRTQ7IsaxxoiPw34+GvPTL1t25LYSZ+Y64H+IpU=; fh=joI+g4S/DHqUNTy/FTE/8fEBmgVx7kXgdKf6ll7Y+4A=; b=P5AA7Qq32PDR/GqarN4W2IFvAzRm9BT8cWjYNFm/TpduewYbeSVa+R5Y9ThIituw0Q K/rB2Hgb9QeCj3Vjuj4KTnXGDApirONZ+BG+VB1tHVASCLsnZus1/d6soRZGRClDcBdU jvJCi5vIJbVWejflTAD7YyL1oIjsvR/Z0rbeeZiHf9YVoMyJqZ/46QxukbBuS+6Q9rEh nlV3n0Qh9ImFTWhFrwwnt0jPHfgG5Cs+WrcdK8DED6ChKwPQxAsttCVBYnEFZcdhd1FQ wDJI31ZF/nAxwqq1VLwUq+mRGSetBehEsv/FkczV+Y5+kM4fb1E8GEl8f8h31ezsGJ+M dkmA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=ZLljWQbj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77218-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77218-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id i13-20020a170902cf0d00b001dc6793039csi107699plg.312.2024.02.22.11.15.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 22 Feb 2024 11:15:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-77218-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=ZLljWQbj; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-77218-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-77218-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 3D950286334 for ; Thu, 22 Feb 2024 19:08:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 741D9548EB; Thu, 22 Feb 2024 19:06:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ZLljWQbj" Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C4506AFB6 for ; Thu, 22 Feb 2024 19:06:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628800; cv=none; b=DrgzQMU2F0kaUwGiSZh/i7s1U2/H0Vuzdvg4swu7CWTUJMkl882FcJHWg9JMTfbvZe/K+u9WDmHpUb7f+WmsFmYJoCBr9BRqLnTVF86dJ6bWRRZIkE5ZI1vDyhevKyvQ+LXV6pKk+oacQXIKfDYz6cJDLMC6ujUBA2PxQXsx7+0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708628800; c=relaxed/simple; bh=cIWRw/ciFRHors/2oYNTTCOVc0HlamGjl6dwJRVdN1E=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=l7IjpGcFUKKYogeSUi/Ha3Vce1bdLuL5IgYA1YUh9QrQKBCdd+HvQ0aZw8nKvl/UddV1uyN3AfFNaWi7zP6PQ4t+e9qpS6m0WAXi24G2uUFVVxwvt5qCGxbbuhInkpCoY8Y3va+skr2C5W9bi7ZaShIvYb+8S2A6+uCxbQFxPtM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=ZLljWQbj; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-5f38d676cecso15390997b3.0 for ; Thu, 22 Feb 2024 11:06:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1708628784; x=1709233584; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=riJ7HRTQ7IsaxxoiPw34+GvPTL1t25LYSZ+Y64H+IpU=; b=ZLljWQbjVNJupQi4T7YcKqIFlPrh0x02R8ZFdng1L4U7qgPX5tTi/GPKxJ9C0LoR2f 83g0utNm9hSd1Wup7EYKEOEpGJaF3BeVw2h7Hy5988W6GPYsEBG6UVvBhNMQaUsZO/BP luOqsxWQh3v0SAmJRuGPOK2SWqb7Z2LKXu/6/W+ncXDQpZUg7TofywmfOym86q4Yghox HT3lvegL5RwwidfHxf0vDstfrVg5WQosaDsG3k+wiuRip5bHaDEL9qLl+dLpvr2mPWHT 7LwN1s24y+0eezpMWFFzjmNiJF+UtIHR68fDYFPHvZ0axoWkBScqnMbToTeSAwW8FqOv pCCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708628784; x=1709233584; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=riJ7HRTQ7IsaxxoiPw34+GvPTL1t25LYSZ+Y64H+IpU=; b=XovANwIeOfZXf6mCmDiqludy6ALQ8oaZAN0tu56HO99cRHk79mjhnQT6ZQKuqhP3my JIT3AldQfXqoyszXXEKnzriBKSzeiHutKXQJRlvCDbxEI2x+37fGtWTefMIsWVEX9qjn 2JQECqo4x+iyp0+ozV7D2sJPKRZAqMpB+Je5+hzDo9CxlGEP80WrnDX1NiW/+/QzqIu2 qwxiaskxfeVxiFbP0QfPqfM09x7IUEwQePZ2vlFnuKKAG2jukEZ1SZY6rhzqJG8dwMe2 NfCkYGFfuD22zFbo5Iys0Ip8eeGpC/w/0lwY7A8iSVmjICZF/iYV4flYQV6gHUDgX3h/ VQpw== X-Forwarded-Encrypted: i=1; AJvYcCVMpyVqVQcq27+Sg+6QLcAXWLA8i1vddcDUalS/v53ZenGGi76O9UGgYEqaD5mFDBnkY9lgjuK4m1lhoL3fXRZAIWjUOD1AEH0GH0CU X-Gm-Message-State: AOJu0Yw4NaqsVtWE2+mQ7W0PjKAKUviegkn3gvdC+9mjkZuckwYE5+yy ObR1Wl7MGrf61ptfSI3a8IYWsITySaMA92m5FBTN/A4zAIvXAqAyZnRBI57epgkvFKMlTAqYQOX M5A== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:2846:b0:607:f42f:70e1 with SMTP id ed6-20020a05690c284600b00607f42f70e1mr737848ywb.4.1708628784418; Thu, 22 Feb 2024 11:06:24 -0800 (PST) Reply-To: Sean Christopherson Date: Thu, 22 Feb 2024 11:06:12 -0800 In-Reply-To: <20240222190612.2942589-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240222190612.2942589-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.rc0.258.g7320e95886-goog Message-ID: <20240222190612.2942589-6-seanjc@google.com> Subject: [PATCH 5/5] KVM: selftests: Add a testcase to verify GUEST_MEMFD and READONLY are exclusive From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Fuad Tabba , Michael Roth , Isaku Yamahata , Yu Zhang , Chao Peng X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1791627688285153725 X-GMAIL-MSGID: 1791627688285153725 Extend set_memory_region_test's invalid flags subtest to verify that GUEST_MEMFD is incompatible with READONLY. GUEST_MEMFD doesn't currently support writes from userspace and KVM doesn't support emulated MMIO on private accesses, and so KVM is supposed to reject the GUEST_MEMFD+READONLY in order to avoid configuration that KVM can't support. Signed-off-by: Sean Christopherson --- tools/testing/selftests/kvm/set_memory_region_test.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/testing/selftests/kvm/set_memory_region_test.c b/tools/testing/selftests/kvm/set_memory_region_test.c index 9df4b61116bc..06b43ed23580 100644 --- a/tools/testing/selftests/kvm/set_memory_region_test.c +++ b/tools/testing/selftests/kvm/set_memory_region_test.c @@ -375,6 +375,12 @@ static void test_invalid_memory_region_flags(void) TEST_ASSERT(r && errno == EINVAL, "KVM_SET_USER_MEMORY_REGION2 should have failed, dirty logging private memory is unsupported"); + r = __vm_set_user_memory_region2(vm, 0, + KVM_MEM_READONLY | KVM_MEM_GUEST_MEMFD, + 0, MEM_REGION_SIZE, NULL, guest_memfd, 0); + TEST_ASSERT(r && errno == EINVAL, + "KVM_SET_USER_MEMORY_REGION2 should have failed, read-only GUEST_MEMFD memslots are unsupported"); + close(guest_memfd); } }