On 5/27/2025 11:55 AM, Yan Zhao wrote:
On Wed, May 14, 2025 at 04:41:45PM -0700, Ackerley Tng wrote:
Query guest_memfd for private/shared status if those guest_memfds
track private/shared status.
With this patch, Coco VMs can use guest_memfd for both shared and
private memory. If Coco VMs choose to use guest_memfd for both
shared and private memory, by creating guest_memfd with the
GUEST_MEMFD_FLAG_SUPPORT_SHARED flag, guest_memfd will be used to
provide the private/shared status of the memory, instead of
kvm->mem_attr_array.
Change-Id: I8f23d7995c12242aa4e09ccf5ec19360e9c9ed83
Signed-off-by: Ackerley Tng <ackerleytng@xxxxxxxxxx>
---
include/linux/kvm_host.h | 19 ++++++++++++-------
virt/kvm/guest_memfd.c | 22 ++++++++++++++++++++++
2 files changed, 34 insertions(+), 7 deletions(-)
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index b317392453a5..91279e05e010 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -2508,12 +2508,22 @@ static inline void kvm_prepare_memory_fault_exit(struct kvm_vcpu *vcpu,
}
#ifdef CONFIG_KVM_GMEM_SHARED_MEM
+
bool kvm_gmem_memslot_supports_shared(const struct kvm_memory_slot *slot);
+bool kvm_gmem_is_private(struct kvm_memory_slot *slot, gfn_t gfn);
+
#else
+
static inline bool kvm_gmem_memslot_supports_shared(const struct kvm_memory_slot *slot)
{
return false;
}
+
+static inline bool kvm_gmem_is_private(struct kvm_memory_slot *slot, gfn_t gfn)
+{
+ return false;
+}
+
#endif /* CONFIG_KVM_GMEM_SHARED_MEM */
#ifdef CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES
@@ -2544,13 +2554,8 @@ static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn)
return false;
slot = gfn_to_memslot(kvm, gfn);
- if (kvm_slot_has_gmem(slot) && kvm_gmem_memslot_supports_shared(slot)) {
- /*
- * For now, memslots only support in-place shared memory if the
- * host is allowed to mmap memory (i.e., non-Coco VMs).
- */
- return false;
- }
+ if (kvm_slot_has_gmem(slot) && kvm_gmem_memslot_supports_shared(slot))
+ return kvm_gmem_is_private(slot, gfn);
When userspace gets an exit reason KVM_EXIT_MEMORY_FAULT, looks it needs to
update both KVM memory attribute and gmem shareability, via two separate ioctls?
IIUC, when userspace sets flag GUEST_MEMFD_FLAG_SUPPORT_SHARED to create the
guest_memfd, the check for memory attribute will go through the guest_memfd way,
the information in kvm->mem_attr_array will not be used.
So if userspace sets GUEST_MEMFD_FLAG_SUPPORT_SHARED, it uses
KVM_GMEM_CONVERT_SHARED/PRIVATE to update gmem shareability.
If userspace doesn't set GUEST_MEMFD_FLAG_SUPPORT_SHARED, it still uses
KVM_SET_MEMORY_ATTRIBUTES to update KVM memory attribute tracking.
return kvm_get_memory_attributes(kvm, gfn) & KVM_MEMORY_ATTRIBUTE_PRIVATE;
}
