Enable host userspace mmap support for guest_memfd-backed memory when running KVM with the KVM_X86_DEFAULT_VM type: * Define kvm_arch_supports_gmem_mmap() for KVM_X86_DEFAULT_VM: Introduce the architecture-specific kvm_arch_supports_gmem_mmap() macro, specifically enabling mmap support for KVM_X86_DEFAULT_VM instances. This macro, gated by CONFIG_KVM_GMEM_SUPPORTS_MMAP, ensures that only the default VM type can leverage guest_memfd mmap functionality on x86. This explicit enablement prevents CoCo VMs, which use guest_memfd primarily for private memory and rely on hardware-enforced privacy, from accidentally exposing guest memory via host userspace mappings. * Select CONFIG_KVM_GMEM_SUPPORTS_MMAP in KVM_X86: Enable the CONFIG_KVM_GMEM_SUPPORTS_MMAP Kconfig option when KVM_X86 is selected. This ensures that the necessary code for guest_memfd mmap support (introduced earlier) is compiled into the kernel for x86. This Kconfig option acts as a system-wide gate for the guest_memfd mmap capability. It implicitly enables CONFIG_KVM_GMEM, making guest_memfd available, and then layers the mmap capability on top specifically for the default VM. These changes make guest_memfd a more versatile memory backing for standard KVM guests, allowing VMMs to use a unified guest_memfd model for both private (CoCo) and non-private (default) VMs. This is a prerequisite for use cases such as running Firecracker guests entirely backed by guest_memfd and implementing direct map removal for non-CoCo VMs. Acked-by: David Hildenbrand <david@xxxxxxxxxx> Co-developed-by: Ackerley Tng <ackerleytng@xxxxxxxxxx> Signed-off-by: Ackerley Tng <ackerleytng@xxxxxxxxxx> Signed-off-by: Fuad Tabba <tabba@xxxxxxxxxx> --- arch/x86/include/asm/kvm_host.h | 9 +++++++++ arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/x86.c | 3 ++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 543d09fd4bca..e1426adfa93e 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2279,9 +2279,18 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forced_root_level, #ifdef CONFIG_KVM_GMEM #define kvm_arch_has_private_mem(kvm) ((kvm)->arch.has_private_mem) #define kvm_arch_supports_gmem(kvm) ((kvm)->arch.supports_gmem) + +/* + * CoCo VMs with hardware support that use guest_memfd only for backing private + * memory, e.g., TDX, cannot use guest_memfd with userspace mapping enabled. + */ +#define kvm_arch_supports_gmem_mmap(kvm) \ + (IS_ENABLED(CONFIG_KVM_GMEM_SUPPORTS_MMAP) && \ + (kvm)->arch.vm_type == KVM_X86_DEFAULT_VM) #else #define kvm_arch_has_private_mem(kvm) false #define kvm_arch_supports_gmem(kvm) false +#define kvm_arch_supports_gmem_mmap(kvm) false #endif #define kvm_arch_has_readonly_mem(kvm) (!(kvm)->arch.has_protected_state) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 12e723bb76cc..4acecfb70811 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -48,6 +48,7 @@ config KVM_X86 select KVM_GENERIC_PRE_FAULT_MEMORY select KVM_GMEM if KVM_SW_PROTECTED_VM select KVM_GENERIC_MEMORY_ATTRIBUTES if KVM_SW_PROTECTED_VM + select KVM_GMEM_SUPPORTS_MMAP if X86_64 select KVM_WERROR if WERROR config KVM diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index adbdc2cc97d4..ca99187a566e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -12781,7 +12781,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) kvm->arch.vm_type = type; kvm->arch.has_private_mem = (type == KVM_X86_SW_PROTECTED_VM); - kvm->arch.supports_gmem = (type == KVM_X86_SW_PROTECTED_VM); + kvm->arch.supports_gmem = + type == KVM_X86_DEFAULT_VM || type == KVM_X86_SW_PROTECTED_VM; /* Decided by the vendor code for other VM types. */ kvm->arch.pre_fault_allowed = type == KVM_X86_DEFAULT_VM || type == KVM_X86_SW_PROTECTED_VM; -- 2.50.0.727.gbf7dc18ff4-goog
