On Wed, 2025-09-24 at 16:22 +0100, "Roy, Patrick" wrote:
[...]
> diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c
> index 55b8d739779f..b7129c4868c5 100644
> --- a/virt/kvm/guest_memfd.c
> +++ b/virt/kvm/guest_memfd.c
> @@ -4,6 +4,9 @@
> #include <linux/kvm_host.h>
> #include <linux/pagemap.h>
> #include <linux/anon_inodes.h>
> +#include <linux/set_memory.h>
> +
> +#include <asm/tlbflush.h>
>
> #include "kvm_mm.h"
>
> @@ -42,6 +45,44 @@ static int __kvm_gmem_prepare_folio(struct kvm *kvm,
> struct kvm_memory_slot *slo
> return 0;
> }
>
> +#define KVM_GMEM_FOLIO_NO_DIRECT_MAP BIT(0)
> +
> +static bool kvm_gmem_folio_no_direct_map(struct folio *folio)
> +{
> + return ((u64) folio->private) & KVM_GMEM_FOLIO_NO_DIRECT_MAP;
> +}
> +
> +static int kvm_gmem_folio_zap_direct_map(struct folio *folio)
> +{
> + if (kvm_gmem_folio_no_direct_map(folio))
> + return 0;
> +
> + int r = set_direct_map_valid_noflush(folio_page(folio, 0),
> folio_nr_pages(folio),
> + false);
> +
> + if (!r) {
> + unsigned long addr = (unsigned long) folio_address(folio);
> + folio->private = (void *) ((u64) folio->private &
> KVM_GMEM_FOLIO_NO_DIRECT_MAP);
> + flush_tlb_kernel_range(addr, addr + folio_size(folio));
> + }
> +
> + return r;
> +}
No idea how I managed to mess this function up so completely, but it
should be more like
static int kvm_gmem_folio_zap_direct_map(struct folio *folio)
{
int r = 0;
unsigned long addr = (unsigned long) folio_address(folio);
u64 gmem_flags = (u64) folio_inode(folio)->i_private;
if (kvm_gmem_folio_no_direct_map(folio) || !(gmem_flags &
GUEST_MEMFD_FLAG_NO_DIRECT_MAP))
goto out;
r = set_direct_map_valid_noflush(folio_page(folio, 0),
folio_nr_pages(folio), false);
if (r)
goto out;
folio->private = (void *) KVM_GMEM_FOLIO_NO_DIRECT_MAP;
flush_tlb_kernel_range(addr, addr + folio_size(folio));
out:
return r;
}
the version I sent (a) does not respect the flags passed to guest_memfd
on creation, and (b) does not correctly set the bit in folio->private.
> +static void kvm_gmem_folio_restore_direct_map(struct folio *folio)
> +{
> + /*
> + * Direct map restoration cannot fail, as the only error condition
> + * for direct map manipulation is failure to allocate page tables
> + * when splitting huge pages, but this split would have already
> + * happened in set_direct_map_invalid_noflush() in
> kvm_gmem_folio_zap_direct_map().
> + * Thus set_direct_map_valid_noflush() here only updates prot bits.
> + */
> + if (kvm_gmem_folio_no_direct_map(folio))
> + set_direct_map_valid_noflush(folio_page(folio, 0),
> folio_nr_pages(folio),
> + true);
> +}
> +
> static inline void kvm_gmem_mark_prepared(struct folio *folio)
> {
> folio_mark_uptodate(folio);
> @@ -324,13 +365,14 @@ static vm_fault_t kvm_gmem_fault_user_mapping(struct
> vm_fault *vmf)
> struct inode *inode = file_inode(vmf->vma->vm_file);
> struct folio *folio;
> vm_fault_t ret = VM_FAULT_LOCKED;
> + int err;
>
> if (((loff_t)vmf->pgoff << PAGE_SHIFT) >= i_size_read(inode))
> return VM_FAULT_SIGBUS;
>
> folio = kvm_gmem_get_folio(inode, vmf->pgoff);
> if (IS_ERR(folio)) {
> - int err = PTR_ERR(folio);
> + err = PTR_ERR(folio);
>
> if (err == -EAGAIN)
> return VM_FAULT_RETRY;
> @@ -348,6 +390,13 @@ static vm_fault_t kvm_gmem_fault_user_mapping(struct
> vm_fault *vmf)
> kvm_gmem_mark_prepared(folio);
> }
>
> + err = kvm_gmem_folio_zap_direct_map(folio);
> +
> + if (err) {
> + ret = vmf_error(err);
> + goto out_folio;
> + }
> +
> vmf->page = folio_file_page(folio, vmf->pgoff);
>
> out_folio:
> @@ -435,6 +484,8 @@ static void kvm_gmem_free_folio(struct folio *folio)
> kvm_pfn_t pfn = page_to_pfn(page);
> int order = folio_order(folio);
>
> + kvm_gmem_folio_restore_direct_map(folio);
> +
> kvm_arch_gmem_invalidate(pfn, pfn + (1ul << order));
> }
>
> @@ -499,6 +550,9 @@ static int __kvm_gmem_create(struct kvm *kvm, loff_t
> size, u64 flags)
> /* Unmovable mappings are supposed to be marked unevictable as well. */
> WARN_ON_ONCE(!mapping_unevictable(inode->i_mapping));
>
> + if (flags & GUEST_MEMFD_FLAG_NO_DIRECT_MAP)
> + mapping_set_no_direct_map(inode->i_mapping);
> +
> kvm_get_kvm(kvm);
> gmem->kvm = kvm;
> xa_init(&gmem->bindings);
> @@ -523,6 +577,9 @@ int kvm_gmem_create(struct kvm *kvm, struct
> kvm_create_guest_memfd *args)
> if (kvm_arch_supports_gmem_mmap(kvm))
> valid_flags |= GUEST_MEMFD_FLAG_MMAP;
>
> + if (kvm_arch_gmem_supports_no_direct_map())
> + valid_flags |= GUEST_MEMFD_FLAG_NO_DIRECT_MAP;
> +
> if (flags & ~valid_flags)
> return -EINVAL;
>
> @@ -687,6 +744,8 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct
> kvm_memory_slot *slot,
> if (!is_prepared)
> r = kvm_gmem_prepare_folio(kvm, slot, gfn, folio);
>
> + kvm_gmem_folio_zap_direct_map(folio);
> +
> folio_unlock(folio);
>
> if (!r)
[...]
