Hi Marc, On Fri, 11 Jul 2025 at 15:25, Marc Zyngier <maz@xxxxxxxxxx> wrote: > > On Wed, 09 Jul 2025 11:59:43 +0100, > Fuad Tabba <tabba@xxxxxxxxxx> wrote: > > > > Enable host userspace mmap support for guest_memfd-backed memory on > > arm64. This change provides arm64 with the capability to map guest > > memory at the host directly from guest_memfd: > > > > * Define kvm_arch_supports_gmem_mmap() for arm64: The > > kvm_arch_supports_gmem_mmap() macro is defined for arm64 to be true if > > CONFIG_KVM_GMEM_SUPPORTS_MMAP is enabled. For existing arm64 KVM VM > > types that support guest_memfd, this enables them to use guest_memfd > > with host userspace mappings. This provides a consistent behavior as > > there are currently no arm64 CoCo VMs that rely on guest_memfd solely > > for private, non-mappable memory. Future arm64 VM types can override > > or restrict this behavior via the kvm_arch_supports_gmem_mmap() hook > > if needed. > > > > * Select CONFIG_KVM_GMEM_SUPPORTS_MMAP in arm64 Kconfig. > > > > * Enforce KVM_MEMSLOT_GMEM_ONLY for guest_memfd on arm64: Compile and > > runtime checks are added to ensure that if guest_memfd is enabled on > > arm64, KVM_GMEM_SUPPORTS_MMAP must also be enabled. This means > > guest_memfd-backed memory slots on arm64 are currently only supported > > if they are intended for shared memory use cases (i.e., > > kvm_memslot_is_gmem_only() is true). This design reflects the current > > arm64 KVM ecosystem where guest_memfd is primarily being introduced > > for VMs that support shared memory. > > > > Reviewed-by: James Houghton <jthoughton@xxxxxxxxxx> > > Reviewed-by: Gavin Shan <gshan@xxxxxxxxxx> > > Acked-by: David Hildenbrand <david@xxxxxxxxxx> > > Signed-off-by: Fuad Tabba <tabba@xxxxxxxxxx> > > --- > > arch/arm64/include/asm/kvm_host.h | 4 ++++ > > arch/arm64/kvm/Kconfig | 1 + > > arch/arm64/kvm/mmu.c | 8 ++++++++ > > 3 files changed, 13 insertions(+) > > > > diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h > > index d27079968341..bd2af5470c66 100644 > > --- a/arch/arm64/include/asm/kvm_host.h > > +++ b/arch/arm64/include/asm/kvm_host.h > > @@ -1675,5 +1675,9 @@ void compute_fgu(struct kvm *kvm, enum fgt_group_id fgt); > > void get_reg_fixed_bits(struct kvm *kvm, enum vcpu_sysreg reg, u64 *res0, u64 *res1); > > void check_feature_map(void); > > > > +#ifdef CONFIG_KVM_GMEM > > +#define kvm_arch_supports_gmem(kvm) true > > +#define kvm_arch_supports_gmem_mmap(kvm) IS_ENABLED(CONFIG_KVM_GMEM_SUPPORTS_MMAP) > > +#endif > > > > #endif /* __ARM64_KVM_HOST_H__ */ > > diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig > > index 713248f240e0..28539479f083 100644 > > --- a/arch/arm64/kvm/Kconfig > > +++ b/arch/arm64/kvm/Kconfig > > @@ -37,6 +37,7 @@ menuconfig KVM > > select HAVE_KVM_VCPU_RUN_PID_CHANGE > > select SCHED_INFO > > select GUEST_PERF_EVENTS if PERF_EVENTS > > + select KVM_GMEM_SUPPORTS_MMAP > > help > > Support hosting virtualized guest machines. > > > > diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c > > index 71f8b53683e7..b92ce4d9b4e0 100644 > > --- a/arch/arm64/kvm/mmu.c > > +++ b/arch/arm64/kvm/mmu.c > > @@ -2274,6 +2274,14 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, > > if ((new->base_gfn + new->npages) > (kvm_phys_size(&kvm->arch.mmu) >> PAGE_SHIFT)) > > return -EFAULT; > > > > + /* > > + * Only support guest_memfd backed memslots with mappable memory, since > > + * there aren't any CoCo VMs that support only private memory on arm64. > > + */ > > + BUILD_BUG_ON(IS_ENABLED(CONFIG_KVM_GMEM) && !IS_ENABLED(CONFIG_KVM_GMEM_SUPPORTS_MMAP)); > > + if (kvm_slot_has_gmem(new) && !kvm_memslot_is_gmem_only(new)) > > + return -EINVAL; > > + > > hva = new->userspace_addr; > > reg_end = hva + (new->npages << PAGE_SHIFT); > > > > Honestly, I don't see the point in making CONFIG_KVM_GMEM a buy in. We > have *no* configurability for KVM/arm64, the only exception being the > PMU support, and that has been a pain at every step of the way. > > Either KVM is enabled, and it comes with "batteries included", or it's > not. Either way, we know exactly what we're getting, and it makes > reproducing problems much easier. Batteries included is always best I think (all the times I got disappointed as a kid..... sight :) ). I'll always enable guest_memfd when KVM is enabled on arm64. Cheers, /fuad > Thanks, > > M. > > -- > Without deviation from the norm, progress is not possible.
