From: "Michael S. Tsirkin" <mst@redhat.com>
To: Jason Gunthorpe <jgg@nvidia.com>
Cc: Anthony Krowiak <akrowiak@linux.ibm.com>,
Alex Williamson <alex.williamson@redhat.com>,
Bagas Sanjaya <bagasdotme@gmail.com>,
Lu Baolu <baolu.lu@linux.intel.com>,
Chaitanya Kulkarni <chaitanyak@nvidia.com>,
Cornelia Huck <cohuck@redhat.com>,
Jonathan Corbet <corbet@lwn.net>,
Daniel Jordan <daniel.m.jordan@oracle.com>,
David Gibson <david@gibson.dropbear.id.au>,
Eric Auger <eric.auger@redhat.com>,
Eric Farman <farman@linux.ibm.com>,
iommu@lists.linux.dev, Jason Wang <jasowang@redhat.com>,
Jean-Philippe Brucker <jean-philippe@linaro.org>,
Jason Herne <jjherne@linux.ibm.com>,
Joao Martins <joao.m.martins@oracle.com>,
Kevin Tian <kevin.tian@intel.com>,
kvm@vger.kernel.org, Lixiao Yang <lixiao.yang@intel.com>,
Matthew Rosato <mjrosato@linux.ibm.com>,
Nicolin Chen <nicolinc@nvidia.com>,
Halil Pasic <pasic@linux.ibm.com>,
Niklas Schnelle <schnelle@linux.ibm.com>,
Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com>,
Yi Liu <yi.l.liu@intel.com>, Yu He <yu.he@intel.com>,
Keqian Zhu <zhukeqian1@huawei.com>
Subject: Re: [PATCH v6 07/19] kernel/user: Allow user::locked_vm to be usable for iommufd
Date: Tue, 29 Nov 2022 15:42:23 -0500 [thread overview]
Message-ID: <20221129154048-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <7-v6-a196d26f289e+11787-iommufd_jgg@nvidia.com>
On Tue, Nov 29, 2022 at 04:29:30PM -0400, Jason Gunthorpe wrote:
> Following the pattern of io_uring, perf, skb, and bpf, iommfd will use
> user->locked_vm for accounting pinned pages. Ensure the value is included
> in the struct and export free_uid() as iommufd is modular.
>
> user->locked_vm is the good accounting to use for ulimit because it is
> per-user, and the security sandboxing of locked pages is not supposed to
> be per-process. Other places (vfio, vdpa and infiniband) have used
> mm->pinned_vm and/or mm->locked_vm for accounting pinned pages, but this
> is only per-process and inconsistent with the new FOLL_LONGTERM users in
> the kernel.
>
> Concurrent work is underway to try to put this in a cgroup, so everything
> can be consistent and the kernel can provide a FOLL_LONGTERM limit that
> actually provides security.
>
> Tested-by: Nicolin Chen <nicolinc@nvidia.com>
> Tested-by: Yi Liu <yi.l.liu@intel.com>
> Tested-by: Lixiao Yang <lixiao.yang@intel.com>
> Tested-by: Matthew Rosato <mjrosato@linux.ibm.com>
> Reviewed-by: Kevin Tian <kevin.tian@intel.com>
> Reviewed-by: Eric Auger <eric.auger@redhat.com>
> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Just curious: why does the subject say "user::locked_vm"? As opposed to
user->locked_vm? Made me think it's somehow related to rust in kernel or
whatever.
> ---
> include/linux/sched/user.h | 2 +-
> kernel/user.c | 1 +
> 2 files changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/sched/user.h b/include/linux/sched/user.h
> index f054d0360a7533..4cc52698e214e2 100644
> --- a/include/linux/sched/user.h
> +++ b/include/linux/sched/user.h
> @@ -25,7 +25,7 @@ struct user_struct {
>
> #if defined(CONFIG_PERF_EVENTS) || defined(CONFIG_BPF_SYSCALL) || \
> defined(CONFIG_NET) || defined(CONFIG_IO_URING) || \
> - defined(CONFIG_VFIO_PCI_ZDEV_KVM)
> + defined(CONFIG_VFIO_PCI_ZDEV_KVM) || IS_ENABLED(CONFIG_IOMMUFD)
> atomic_long_t locked_vm;
> #endif
> #ifdef CONFIG_WATCH_QUEUE
> diff --git a/kernel/user.c b/kernel/user.c
> index e2cf8c22b539a7..d667debeafd609 100644
> --- a/kernel/user.c
> +++ b/kernel/user.c
> @@ -185,6 +185,7 @@ void free_uid(struct user_struct *up)
> if (refcount_dec_and_lock_irqsave(&up->__count, &uidhash_lock, &flags))
> free_user(up, flags);
> }
> +EXPORT_SYMBOL_GPL(free_uid);
>
> struct user_struct *alloc_uid(kuid_t uid)
> {
> --
> 2.38.1
next prev parent reply other threads:[~2022-11-29 20:43 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-29 20:29 [PATCH v6 00/19] IOMMUFD Generic interface Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 01/19] iommu: Add IOMMU_CAP_ENFORCE_CACHE_COHERENCY Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 02/19] iommu: Add device-centric DMA ownership interfaces Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 03/19] interval-tree: Add a utility to iterate over spans in an interval tree Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 04/19] scripts/kernel-doc: support EXPORT_SYMBOL_NS_GPL() with -export Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 05/19] iommufd: Document overview of iommufd Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 06/19] iommufd: File descriptor, context, kconfig and makefiles Jason Gunthorpe
2022-11-30 14:02 ` Eric Auger
2022-12-04 10:58 ` Binbin Wu
2022-11-29 20:29 ` [PATCH v6 07/19] kernel/user: Allow user::locked_vm to be usable for iommufd Jason Gunthorpe
2022-11-29 20:42 ` Michael S. Tsirkin [this message]
2022-11-29 20:48 ` Jason Gunthorpe
2022-11-29 21:10 ` Michael S. Tsirkin
2022-11-29 20:29 ` [PATCH v6 08/19] iommufd: PFN handling for iopt_pages Jason Gunthorpe
2022-12-05 15:58 ` Binbin Wu
2022-12-06 20:53 ` Jason Gunthorpe
2022-12-06 12:36 ` Binbin Wu
2022-12-06 20:57 ` Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 09/19] iommufd: Algorithms for PFN storage Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 10/19] iommufd: Data structure to provide IOVA to PFN mapping Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 11/19] iommufd: IOCTLs for the io_pagetable Jason Gunthorpe
2022-11-30 14:04 ` Eric Auger
2022-11-29 20:29 ` [PATCH v6 12/19] iommufd: Add a HW pagetable object Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 13/19] iommufd: Add kAPI toward external drivers for physical devices Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 14/19] iommufd: Add kAPI toward external drivers for kernel access Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 15/19] iommufd: vfio container FD ioctl compatibility Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 16/19] iommufd: Add kernel support for testing iommufd Jason Gunthorpe
2024-04-22 7:27 ` Geert Uytterhoeven
2024-04-22 11:54 ` Jason Gunthorpe
2024-04-22 12:48 ` Geert Uytterhoeven
2024-04-22 12:50 ` Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 17/19] iommufd: Add some fault injection points Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 18/19] iommufd: Add additional invariant assertions Jason Gunthorpe
2022-11-29 20:29 ` [PATCH v6 19/19] iommufd: Add a selftest Jason Gunthorpe
2022-11-30 7:14 ` Yi Liu
2022-11-30 13:51 ` Jason Gunthorpe
2022-11-30 17:18 ` Eric Auger
2022-12-01 0:13 ` Jason Gunthorpe
2022-12-01 4:59 ` Yi Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221129154048-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=akrowiak@linux.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=bagasdotme@gmail.com \
--cc=baolu.lu@linux.intel.com \
--cc=chaitanyak@nvidia.com \
--cc=cohuck@redhat.com \
--cc=corbet@lwn.net \
--cc=daniel.m.jordan@oracle.com \
--cc=david@gibson.dropbear.id.au \
--cc=eric.auger@redhat.com \
--cc=farman@linux.ibm.com \
--cc=iommu@lists.linux.dev \
--cc=jasowang@redhat.com \
--cc=jean-philippe@linaro.org \
--cc=jgg@nvidia.com \
--cc=jjherne@linux.ibm.com \
--cc=joao.m.martins@oracle.com \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=lixiao.yang@intel.com \
--cc=mjrosato@linux.ibm.com \
--cc=nicolinc@nvidia.com \
--cc=pasic@linux.ibm.com \
--cc=schnelle@linux.ibm.com \
--cc=shameerali.kolothum.thodi@huawei.com \
--cc=yi.l.liu@intel.com \
--cc=yu.he@intel.com \
--cc=zhukeqian1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox