From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9284EC83F1A for ; Thu, 17 Jul 2025 16:28:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8026D6B00C6; Thu, 17 Jul 2025 12:27:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 78C706B00C7; Thu, 17 Jul 2025 12:27:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 67ADC6B00C9; Thu, 17 Jul 2025 12:27:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 4F2B86B00C6 for ; Thu, 17 Jul 2025 12:27:50 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 286F110C1ED for ; Thu, 17 Jul 2025 16:27:50 +0000 (UTC) X-FDA: 83674287900.19.5788C99 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) by imf28.hostedemail.com (Postfix) with ESMTP id 54D2CC000B for ; Thu, 17 Jul 2025 16:27:48 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=2gx7GTj9; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of 3giR5aAUKCPkubccbhpphmf.dpnmjovy-nnlwbdl.psh@flex--tabba.bounces.google.com designates 209.85.128.74 as permitted sender) smtp.mailfrom=3giR5aAUKCPkubccbhpphmf.dpnmjovy-nnlwbdl.psh@flex--tabba.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752769668; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VJ+SnMbckSSIhN9bCpI/0R+FpsGYVOPeZJ6oIUky9aI=; b=gyRInBFYD56JV7HDN4ypmU43g72xalDWlXvBoSCb3JMUFDYWfMpSF8O4UBxbP3PCz/UInH vqhH4zg7om0NmSKIIvos7DJ9q7zHGDRoe16s3GmckwAiuJJzWCj+ir3hCqmMV+7nC0wgl1 NObBunAawIP32oDbfdFKdVxNBjMsPnM= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752769668; a=rsa-sha256; cv=none; b=ues2m+BXXX2P7rdJ6k5kaXvxkWXpQphQwiTZtSCPi+a7qxUrcwxnO/l9jou/JihgCyDTf/ eFJo0ndECOM9aWifE5P3IoU+dTLUz56F6GzI6tMHXtuBTfYMzJ/5LO6J1uyy3iQfgQd1zq HfTE3D6SBfp2S3HlSO4OQm4zLg20ZOM= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=2gx7GTj9; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf28.hostedemail.com: domain of 3giR5aAUKCPkubccbhpphmf.dpnmjovy-nnlwbdl.psh@flex--tabba.bounces.google.com designates 209.85.128.74 as permitted sender) smtp.mailfrom=3giR5aAUKCPkubccbhpphmf.dpnmjovy-nnlwbdl.psh@flex--tabba.bounces.google.com Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-4538f375e86so11094865e9.3 for ; Thu, 17 Jul 2025 09:27:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1752769667; x=1753374467; darn=kvack.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=VJ+SnMbckSSIhN9bCpI/0R+FpsGYVOPeZJ6oIUky9aI=; b=2gx7GTj9iM+xWjWgJP90/x+BUc/illnFM/3G7RD0vOrnkuqecfurRgYfLfUYhbalYB ewz4c/Hj0Fe5jCC8k/scnENZmP5vUD52SQxQDSo4FGZ81P1E3/E1W8O1unsjbiyiMjEI KH4319NUwctpWsCdaUNIexCBtKK9cE2t20YHiG8XTj7UanIfyALqmzrhRu8jVZxWm+R6 n1C1JbTY6JrE8uIEipnJg4bESZaAnoGNNKwfoB2z+Cwr3t1uZyTlGVefdz3UeAFeCLes IZRNlVmb+TFMuCD11oDH080kObh8G20+Qxdu8rDMy8/TBpN5TtTsFCpxbLMSQR4+GNRR qvaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752769667; x=1753374467; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VJ+SnMbckSSIhN9bCpI/0R+FpsGYVOPeZJ6oIUky9aI=; b=q6KbXertmtUR+PF9/45OKh7/O0cq/DkdvJUvtd/229gj0A3kPM9L70wrtpwv/ReJ8x Iyy+sUgZea4cTlHmucAB7ZUK70AuYYsJn7xJzDrD7kBWOZ+Vnlc37VRvwQ7XabzfnEuE sHTnMvr6E+nN8kOJF3c4CdBkTwegMAbluPjoMhfTTOTqdsbFImhU3Cp6uEYYmCuRkkXS 3OsNdDuG5NBFLJlQlAV2CrLvwUlSBOUDkNavrAQ6xFnHXcVM+Oh8zCEyH5DwTjoInzdx B0ObQ40Q0QjuB5aVT1GAVpMdaFu55se1nA5Av66PFZmuM7dcGEnYXCgFcwMzsMMu1kgA SOHg== X-Forwarded-Encrypted: i=1; AJvYcCXK6UDUmsQ/xNVrbS8zsODR1MvMNIZgIcbXmVXVWvXVUmv4jwhctsQkU0gAs/t+zUvBWreHts5RmQ==@kvack.org X-Gm-Message-State: AOJu0Yy4cLbF5/eASqeu2YVUi9qudgHxD/SHEPxK4pXiXlRs2y4gK7Ci FVEA0AoTE9Ic2Zk6MPFTSAHNBQ+5/lX/KY12WGwYEv/y3ehL2EEJzSrD4NkTrvcNJs/5kMaQBhW bDA== X-Google-Smtp-Source: AGHT+IHEntPmO9DY+DxchMnwOgYv2GREd1oegFwljdQ3Vt27b6YI+20amCtzyHAiGDugFG1DH5Xc3wIVPQ== X-Received: from wmrm6.prod.google.com ([2002:a05:600c:37c6:b0:456:13a2:2e7e]) (user=tabba job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:8188:b0:456:1923:7549 with SMTP id 5b1f17b1804b1-45634dd8050mr33926905e9.26.1752769666906; Thu, 17 Jul 2025 09:27:46 -0700 (PDT) Date: Thu, 17 Jul 2025 17:27:24 +0100 In-Reply-To: <20250717162731.446579-1-tabba@google.com> Mime-Version: 1.0 References: <20250717162731.446579-1-tabba@google.com> X-Mailer: git-send-email 2.50.0.727.gbf7dc18ff4-goog Message-ID: <20250717162731.446579-15-tabba@google.com> Subject: [PATCH v15 14/21] KVM: x86: Enable guest_memfd mmap for default VM type From: Fuad Tabba To: kvm@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-mm@kvack.org, kvmarm@lists.linux.dev Cc: pbonzini@redhat.com, chenhuacai@kernel.org, mpe@ellerman.id.au, anup@brainfault.org, paul.walmsley@sifive.com, palmer@dabbelt.com, aou@eecs.berkeley.edu, seanjc@google.com, viro@zeniv.linux.org.uk, brauner@kernel.org, willy@infradead.org, akpm@linux-foundation.org, xiaoyao.li@intel.com, yilun.xu@intel.com, chao.p.peng@linux.intel.com, jarkko@kernel.org, amoorthy@google.com, dmatlack@google.com, isaku.yamahata@intel.com, mic@digikod.net, vbabka@suse.cz, vannapurve@google.com, ackerleytng@google.com, mail@maciej.szmigiero.name, david@redhat.com, michael.roth@amd.com, wei.w.wang@intel.com, liam.merwick@oracle.com, isaku.yamahata@gmail.com, kirill.shutemov@linux.intel.com, suzuki.poulose@arm.com, steven.price@arm.com, quic_eberman@quicinc.com, quic_mnalajal@quicinc.com, quic_tsoni@quicinc.com, quic_svaddagi@quicinc.com, quic_cvanscha@quicinc.com, quic_pderrin@quicinc.com, quic_pheragu@quicinc.com, catalin.marinas@arm.com, james.morse@arm.com, yuzenghui@huawei.com, oliver.upton@linux.dev, maz@kernel.org, will@kernel.org, qperret@google.com, keirf@google.com, roypat@amazon.co.uk, shuah@kernel.org, hch@infradead.org, jgg@nvidia.com, rientjes@google.com, jhubbard@nvidia.com, fvdl@google.com, hughd@google.com, jthoughton@google.com, peterx@redhat.com, pankaj.gupta@amd.com, ira.weiny@intel.com, tabba@google.com Content-Type: text/plain; charset="UTF-8" X-Stat-Signature: yyiibmd9uwnfbe4k1n8ks4p55omorqag X-Rspamd-Queue-Id: 54D2CC000B X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1752769668-771643 X-HE-Meta: U2FsdGVkX18zTWfjaYsKY3m/Vsfvx/+KVvZJMoBwpMDXss1CfSclc4W2TKyFx/OXkJxn5CUVR2xN13R0MpSgFKN7lkcwpYvLoEqKApwt0izfLhRJ+82Gg4G4aAzZxwCsgJFAc4+TAAHjnGsVKhtEIF+rpJ0ItXCDyQgqqx1PJuW/J+wnAjDD8/Yxw+0A+Iy8PDxTgW/Jg2jwhheNwsNpsPYrO3KOmg4Va83ZKTgLsMe0CyVX6yERM56tnquqWF2CNqZyIOG4Kgc2VyKLEbD4GveVRHG1F2xpU0NU1zcqy46KktfQhX9Dw5qdu9pyPVVbKLZAtyPOATYL1jKlnxDTxT3hamBctidnQiP6gCok1JUEspy0knM936+C2MH7LGUK8tgO6VzGnjS3liqVG03BnboKYDh3r+c646NB7QldtLQ6p3yMa+sKrUPJuwUJTWgrXOilV6m0e9CH4KXOj0ROa5cixjV83gED6SkHCUJwI+3gIZSf8a02DF1fxYma5WF0w80NsY1VpoUIvHNqwz1921pDWctIvpFXH7ibpXdPPmKU1cU7hXjLQ1zh4K3XCqXUwvXQsJQIDpNWGnRTtvAJBITEshRyNB2ODEVm1HoJK/mXq2/bJ2Tu1TmiTkQpBKnGRFtSuNBi6w3+kakPeIWXDNJ3btGUgMCZlU5pGJ4WUeUaivoeQGUte17Us2Rc06Jf0PAii/GccT66xb3tHhAOoKibRU7CtgbCA18Wy6e/TRf28Cm4vvQ7e6H05ruanRlFTaKC5vZUKvntwbb7opIJWuBJqZHpa1T0gA0938srrzffPPph0Ol651vsqutogCNcPKWiKZCZqeHYm6lad9Om4wPQpoise5KkngB9oXvyUxurz2hpQdXKniBr80ycN6BQFeDsvrx7mG4I+mBPhyUy44r8N36PI27bsdAXTmD3IIKQ868deWTUqg/BKFvydcIb8xfsDvb5AUcAfRbzXGh e3qUI1J9 c3iQ8KqxYR8SvE8vna+N8M4LSFdB4vy9/fogRg9OeCJbublRYOKiWQHTEUoVAhgU18iRH8rU1iaNHe3Txbpc9dvR53DzQCxeO6PqpVJtvy2cXYwzeDLrks59B3EEwFRC2i3hgnEXObprvSoB/8lp/X0nFNLQ3ubuoXQOJtxvEFfYNo1uC/BKdvAzJYOQUVLTUTNG9mLX4uEasjk/C1Ca/If1Wm2LVkxIEy+wPVwI7ERaTV/UPfhfVrwEvvlxXV6Vtr7BePLBbDdpw43XXghWkY7XGxyHPyojORlmrEtVqELD/8EdU000lybohILYybeWYY+O6Y2oge+N9nW2+O9hIfwsPnyOmyQAWIwN3BWtRbahEVXG4Y8uRvTlIe7FJxerIoPKfElpwvCb9mvrsmrRlRB7k1mzm5Huun22D6v/0/EMgugnL6Ooihi4GgSKXv/2aGzezkyv1K2mNYRs5L5i90W3osmQWLBn7dGoKWYgKqy3mEEx7re/T3q+pp/XSy7xIYSx2cWbzV4PtbpwoNhz8KWXZOHMXjobRfKTS/spiZnpF8iA2rO5S+r1R4qMk6kk3bSEl4fqY1C3fSg7gfAHJE+i3uaNY0q+1pPikVBLiFnG2psezC7m3kMtsdVebSvOr+LrlT0UAIQwMDZJPFymdlL55uRMfOlIf2MyAh+gK6RLI3sQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Enable host userspace mmap support for guest_memfd-backed memory when running KVM with the KVM_X86_DEFAULT_VM type: * Define kvm_arch_supports_gmem_mmap() for KVM_X86_DEFAULT_VM: Introduce the architecture-specific kvm_arch_supports_gmem_mmap() macro, specifically enabling mmap support for KVM_X86_DEFAULT_VM instances. This macro, gated by CONFIG_KVM_GMEM_SUPPORTS_MMAP, ensures that only the default VM type can leverage guest_memfd mmap functionality on x86. This explicit enablement prevents CoCo VMs, which use guest_memfd primarily for private memory and rely on hardware-enforced privacy, from accidentally exposing guest memory via host userspace mappings. * Select CONFIG_KVM_GMEM_SUPPORTS_MMAP in KVM_X86: Enable the CONFIG_KVM_GMEM_SUPPORTS_MMAP Kconfig option when KVM_X86 is selected. This ensures that the necessary code for guest_memfd mmap support (introduced earlier) is compiled into the kernel for x86. This Kconfig option acts as a system-wide gate for the guest_memfd mmap capability. It implicitly enables CONFIG_KVM_GMEM, making guest_memfd available, and then layers the mmap capability on top specifically for the default VM. These changes make guest_memfd a more versatile memory backing for standard KVM guests, allowing VMMs to use a unified guest_memfd model for both private (CoCo) and non-private (default) VMs. This is a prerequisite for use cases such as running Firecracker guests entirely backed by guest_memfd and implementing direct map removal for non-CoCo VMs. Acked-by: David Hildenbrand Co-developed-by: Ackerley Tng Signed-off-by: Ackerley Tng Signed-off-by: Fuad Tabba --- arch/x86/include/asm/kvm_host.h | 9 +++++++++ arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/x86.c | 3 ++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 543d09fd4bca..e1426adfa93e 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2279,9 +2279,18 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forced_root_level, #ifdef CONFIG_KVM_GMEM #define kvm_arch_has_private_mem(kvm) ((kvm)->arch.has_private_mem) #define kvm_arch_supports_gmem(kvm) ((kvm)->arch.supports_gmem) + +/* + * CoCo VMs with hardware support that use guest_memfd only for backing private + * memory, e.g., TDX, cannot use guest_memfd with userspace mapping enabled. + */ +#define kvm_arch_supports_gmem_mmap(kvm) \ + (IS_ENABLED(CONFIG_KVM_GMEM_SUPPORTS_MMAP) && \ + (kvm)->arch.vm_type == KVM_X86_DEFAULT_VM) #else #define kvm_arch_has_private_mem(kvm) false #define kvm_arch_supports_gmem(kvm) false +#define kvm_arch_supports_gmem_mmap(kvm) false #endif #define kvm_arch_has_readonly_mem(kvm) (!(kvm)->arch.has_protected_state) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 12e723bb76cc..4acecfb70811 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -48,6 +48,7 @@ config KVM_X86 select KVM_GENERIC_PRE_FAULT_MEMORY select KVM_GMEM if KVM_SW_PROTECTED_VM select KVM_GENERIC_MEMORY_ATTRIBUTES if KVM_SW_PROTECTED_VM + select KVM_GMEM_SUPPORTS_MMAP if X86_64 select KVM_WERROR if WERROR config KVM diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index adbdc2cc97d4..ca99187a566e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -12781,7 +12781,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type) kvm->arch.vm_type = type; kvm->arch.has_private_mem = (type == KVM_X86_SW_PROTECTED_VM); - kvm->arch.supports_gmem = (type == KVM_X86_SW_PROTECTED_VM); + kvm->arch.supports_gmem = + type == KVM_X86_DEFAULT_VM || type == KVM_X86_SW_PROTECTED_VM; /* Decided by the vendor code for other VM types. */ kvm->arch.pre_fault_allowed = type == KVM_X86_DEFAULT_VM || type == KVM_X86_SW_PROTECTED_VM; -- 2.50.0.727.gbf7dc18ff4-goog