Re: [PATCH v11 12/18] KVM: x86: Enable guest_memfd shared memory for SW-protected VMs

[David Hildenbrand <david@xxxxxxxxxx>]

On 05.06.25 18:11, Fuad Tabba wrote:
> On Thu, 5 Jun 2025 at 16:49, David Hildenbrand <david@xxxxxxxxxx> wrote:
> > On 05.06.25 17:37, Fuad Tabba wrote:
> > > Define the architecture-specific macro to enable shared memory support
> > > in guest_memfd for relevant software-only VM types, specifically
> > > KVM_X86_DEFAULT_VM and KVM_X86_SW_PROTECTED_VM.
> > >
> > > Enable the KVM_GMEM_SHARED_MEM Kconfig option if KVM_SW_PROTECTED_VM is
> > > enabled.
> > >
> > > Co-developed-by: Ackerley Tng <ackerleytng@xxxxxxxxxx>
> > > Signed-off-by: Ackerley Tng <ackerleytng@xxxxxxxxxx>
> > > Signed-off-by: Fuad Tabba <tabba@xxxxxxxxxx>
> > > ---
> > >    arch/x86/include/asm/kvm_host.h | 10 ++++++++++
> > >    arch/x86/kvm/Kconfig            |  1 +
> > >    arch/x86/kvm/x86.c              |  3 ++-
> > >    3 files changed, 13 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
> > > index 709cc2a7ba66..ce9ad4cd93c5 100644
> > > --- a/arch/x86/include/asm/kvm_host.h
> > > +++ b/arch/x86/include/asm/kvm_host.h
> > > @@ -2255,8 +2255,18 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forced_root_level,
> > >
> > >    #ifdef CONFIG_KVM_GMEM
> > >    #define kvm_arch_supports_gmem(kvm) ((kvm)->arch.supports_gmem)
> > > +
> > > +/*
> > > + * CoCo VMs with hardware support that use guest_memfd only for backing private
> > > + * memory, e.g., TDX, cannot use guest_memfd with userspace mapping enabled.
> > > + */
> > > +#define kvm_arch_supports_gmem_shared_mem(kvm)                       \
> > > +     (IS_ENABLED(CONFIG_KVM_GMEM_SHARED_MEM) &&                      \
> > > +      ((kvm)->arch.vm_type == KVM_X86_SW_PROTECTED_VM ||             \
> > > +       (kvm)->arch.vm_type == KVM_X86_DEFAULT_VM))
> > >    #else
> > >    #define kvm_arch_supports_gmem(kvm) false
> > > +#define kvm_arch_supports_gmem_shared_mem(kvm) false
> > >    #endif
> > >
> > >    #define kvm_arch_has_readonly_mem(kvm) (!(kvm)->arch.has_protected_state)
> > > diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig
> > > index b37258253543..fdf24b50af9d 100644
> > > --- a/arch/x86/kvm/Kconfig
> > > +++ b/arch/x86/kvm/Kconfig
> > > @@ -47,6 +47,7 @@ config KVM_X86
> > >        select KVM_GENERIC_HARDWARE_ENABLING
> > >        select KVM_GENERIC_PRE_FAULT_MEMORY
> > >        select KVM_GENERIC_GMEM_POPULATE if KVM_SW_PROTECTED_VM
> > > +     select KVM_GMEM_SHARED_MEM if KVM_SW_PROTECTED_VM
> > >        select KVM_WERROR if WERROR
> >
> > Is $subject and this still true, given that it's now also supported for
> > KVM_X86_DEFAULT_VM?
>
> True, just not the whole truth :)
>
> I guess a better one would be, for Software VMs (remove protected)?

Now I am curious, what is a Hardware VM? :)

--
Cheers,

David / dhildenb