| Message ID | 20250605153800.557144-16-tabba@google.com |
|---|---|
| State | New |
| Headers | show |
| Series | KVM: Mapping guest_memfd backed memory at the host for software protected VMs | expand |
On Thu, Jun 5, 2025 at 8:38 AM Fuad Tabba <tabba@google.com> wrote: > > Enable the host mapping of guest_memfd-backed memory on arm64. > > This applies to all current arm64 VM types that support guest_memfd. > Future VM types can restrict this behavior via the > kvm_arch_gmem_supports_shared_mem() hook if needed. > > Acked-by: David Hildenbrand <david@redhat.com> > Signed-off-by: Fuad Tabba <tabba@google.com> Feel free to add: Reviewed-by: James Houghton <jthoughton@google.com> > --- > arch/arm64/include/asm/kvm_host.h | 5 +++++ > arch/arm64/kvm/Kconfig | 1 + > arch/arm64/kvm/mmu.c | 7 +++++++ > 3 files changed, 13 insertions(+) > > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h > index 08ba91e6fb03..8add94929711 100644 > --- a/arch/arm64/include/asm/kvm_host.h > +++ b/arch/arm64/include/asm/kvm_host.h > @@ -1593,4 +1593,9 @@ static inline bool kvm_arch_has_irq_bypass(void) > return true; > } > > +#ifdef CONFIG_KVM_GMEM > +#define kvm_arch_supports_gmem(kvm) true > +#define kvm_arch_supports_gmem_shared_mem(kvm) IS_ENABLED(CONFIG_KVM_GMEM_SHARED_MEM) > +#endif Thanks! > + > #endif /* __ARM64_KVM_HOST_H__ */ > diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig > index 096e45acadb2..8c1e1964b46a 100644 > --- a/arch/arm64/kvm/Kconfig > +++ b/arch/arm64/kvm/Kconfig > @@ -38,6 +38,7 @@ menuconfig KVM > select HAVE_KVM_VCPU_RUN_PID_CHANGE > select SCHED_INFO > select GUEST_PERF_EVENTS if PERF_EVENTS > + select KVM_GMEM_SHARED_MEM > help > Support hosting virtualized guest machines. > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > index f14925fe6144..19aca1442bbf 100644 > --- a/arch/arm64/kvm/mmu.c > +++ b/arch/arm64/kvm/mmu.c > @@ -2281,6 +2281,13 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, > if ((new->base_gfn + new->npages) > (kvm_phys_size(&kvm->arch.mmu) >> PAGE_SHIFT)) > return -EFAULT; > > + /* > + * Only support guest_memfd backed memslots with shared memory, since > + * there aren't any CoCo VMs that support only private memory on arm64. > + */ > + if (kvm_slot_has_gmem(new) && !kvm_gmem_memslot_supports_shared(new)) > + return -EINVAL; > + > hva = new->userspace_addr; > reg_end = hva + (new->npages << PAGE_SHIFT); > > -- > 2.49.0.1266.g31b7d2e469-goog >
diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 08ba91e6fb03..8add94929711 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -1593,4 +1593,9 @@ static inline bool kvm_arch_has_irq_bypass(void) return true; } +#ifdef CONFIG_KVM_GMEM +#define kvm_arch_supports_gmem(kvm) true +#define kvm_arch_supports_gmem_shared_mem(kvm) IS_ENABLED(CONFIG_KVM_GMEM_SHARED_MEM) +#endif + #endif /* __ARM64_KVM_HOST_H__ */ diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig index 096e45acadb2..8c1e1964b46a 100644 --- a/arch/arm64/kvm/Kconfig +++ b/arch/arm64/kvm/Kconfig @@ -38,6 +38,7 @@ menuconfig KVM select HAVE_KVM_VCPU_RUN_PID_CHANGE select SCHED_INFO select GUEST_PERF_EVENTS if PERF_EVENTS + select KVM_GMEM_SHARED_MEM help Support hosting virtualized guest machines. diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index f14925fe6144..19aca1442bbf 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -2281,6 +2281,13 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, if ((new->base_gfn + new->npages) > (kvm_phys_size(&kvm->arch.mmu) >> PAGE_SHIFT)) return -EFAULT; + /* + * Only support guest_memfd backed memslots with shared memory, since + * there aren't any CoCo VMs that support only private memory on arm64. + */ + if (kvm_slot_has_gmem(new) && !kvm_gmem_memslot_supports_shared(new)) + return -EINVAL; + hva = new->userspace_addr; reg_end = hva + (new->npages << PAGE_SHIFT);