From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 19CA623ABA8 for ; Tue, 23 Jun 2026 12:58:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782219482; cv=none; b=q0Oe2DwUKzV8pSNUqhRI2WEmCjKeuXHYlpVWlHSlWBbegecjEALJLOrH5qSYck7+0/ciF+hSIFXwcAR2nsvalVtyDxj/9vhX9XbcqAlIvPL2yWgM/jtfJeIWJyW/oOcJ1fVkdCnh+Cig557D55Z6Wz5FCwoudbOw1JlOgUd/6hY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782219482; c=relaxed/simple; bh=MUfdRUEiHnVw1WgnwmaZ1IXlokSHEukC0IVBDks3u6w=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=eGuzOdoEjoReAdrf6RQtjC9lhUloRgvPotHKlXh0XTzsu3+3bxiKpv+10M4Emyrm/J4kDVyM9Rj8/WLOADdfDjqxGGz7nVsW4I5cE7PpGNCEDy6fE3S61g0UpFz0737T2YoZrT6BqP5R7G3sSzCjhjQ+8mDjbMc93C/jlAh5gcc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=d/C01c7W; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="d/C01c7W" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-842688fa7b8so864188b3a.0 for ; Tue, 23 Jun 2026 05:58:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1782219480; x=1782824280; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id :reply-to; bh=MUfdRUEiHnVw1WgnwmaZ1IXlokSHEukC0IVBDks3u6w=; b=d/C01c7WKBu+YtH97K2uq/uZDmWTHqLKKcwHghTh8WGsYo0vZj+7ZwRjENKq8IkMMh 5i1zUaVUlXCJf2ItCndt18BMkTVsDcKuCtqgzozUZxAOVow5YtVfZV7u1P+DzkpsZkZ6 75Lcj/tvMVH1AAj2828XCVr8Ss1Dr+AlAjIO7J4B085p3F6kXCOshnmzew+T2GpEEWMr 7wUZ2QEUlRKamXBb5C1KV+cKkLaCKeGjGO4IyRwoN5zweHY6s7OWvWT6Cylqf8cEkfwB zn603yr8+AyYgN9eRlcC6XkCd5ngUUSi3NkI98fkdAsEI63Dla4Rm8l76Yp4KRkyXUJI 3ZpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782219480; x=1782824280; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject :date:message-id:reply-to; bh=MUfdRUEiHnVw1WgnwmaZ1IXlokSHEukC0IVBDks3u6w=; b=UFZh67nc/oZDWeeYZn72jrETOqxzRDuy4a6q6hZBpjBOQvQtGVazYnuOjqtdjLl4Ee 46ExWm8mm0VLpepeVhhp+5rV0Y5KU7uj/mmB1nSpKr/Kh1SS937QGj56Xs+410WPf6Jn sFstJrmbqb1yOFldEN7wJ2x3CcATuhyvxiLCydzkvY89PNpy8ovsEXt94yfPu5Mo0nB8 CyZFElj6bOHZeFJ7gtqXK51rf7V4OUblVDbKv8HxxeOBju0Id0ONrFB/uFp55P+FE+kU EFi+wGsodxgiL+9Pzi22Ix2mx43nR2WX8PGlF/hTjCXaywkiYVpEwTk1aIxmGoUicil4 71Tw== X-Forwarded-Encrypted: i=1; AHgh+RqCt0VljwTfmV9Ct+D5XWSgdA/TzWoQBUe2qvVli+8pYH+FGtr5ZWi94Sw6W+VNagTWWHQjjm05t/ON2DE=@vger.kernel.org X-Gm-Message-State: AOJu0YzA+rbK4fpzkjpBQ8Z0ctImS0z0CKGf895TBgNBGlMZlFpLPL/f tQ3AIIXvBH1Xr+2t1kE3EodiKxxuRU8//QkpOrSp7J4OPrUsu0HsnMPsUyeng+Dv/PrB/tpGuJd wjkrqWA== X-Received: from pfbmb7.prod.google.com ([2002:a05:6a00:7607:b0:845:9e1a:1d94]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:1394:b0:841:d7f6:7286 with SMTP id d2e1a72fcca58-84591c68753mr3097217b3a.18.1782219479903; Tue, 23 Jun 2026 05:57:59 -0700 (PDT) Date: Tue, 23 Jun 2026 05:57:58 -0700 In-Reply-To: <20260623091556.1500930-4-joro@8bytes.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260623091556.1500930-1-joro@8bytes.org> <20260623091556.1500930-4-joro@8bytes.org> Message-ID: Subject: Re: [PATCH 3/4] KVM: guest_memfd: Add `write` parameter to kvm_gmem_populate() From: Sean Christopherson To: "=?utf-8?B?SsO2cmcgUsO2ZGVs?=" Cc: Paolo Bonzini , x86@kernel.org, Kiryl Shutsemau , Rick Edgecombe , Tom Lendacky , Ashish Kalra , Michael Roth , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev, Joerg Roedel Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Tue, Jun 23, 2026, J=C3=B6rg R=C3=B6del wrote: > From: Joerg Roedel >=20 > The call-path of kvm_gmem_populate() might subsequently write to the > page provided by user-space. This is used to provide detailed error > information in case the page population failed. >=20 > But since kvm_gmem_populate() only acquires a read-only reference to > the user-space page via get_user_pages_fast(), the error information > might be written to a read-only page later on. >=20 > Add a parameter to kvm_gmem_populate() to optionally acquire a > writeable reference to the source page to make sure page permissions > can be enforced. Already fixed, commit f13e90059908 ("KVM: SEV: Pin source page for write wh= en adding CPUID data for SNP guest").