[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory r
|
From: |
Sean Christopherson |
|
Subject: |
Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions |
|
Date: |
Wed, 20 Jul 2022 16:44:32 +0000 |
On Wed, Jul 06, 2022, Chao Peng wrote:
> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
> index 230c8ff9659c..bb714c2a4b06 100644
> --- a/virt/kvm/kvm_main.c
> +++ b/virt/kvm/kvm_main.c
> @@ -914,6 +914,35 @@ static int kvm_init_mmu_notifier(struct kvm *kvm)
>
> #endif /* CONFIG_MMU_NOTIFIER && KVM_ARCH_WANT_MMU_NOTIFIER */
>
> +#ifdef CONFIG_HAVE_KVM_PRIVATE_MEM
> +#define KVM_MEM_ATTR_PRIVATE 0x0001
> +static int kvm_vm_ioctl_set_encrypted_region(struct kvm *kvm, unsigned int
> ioctl,
> + struct kvm_enc_region *region)
> +{
> + unsigned long start, end;
As alluded to in a different reply, because this will track GPAs instead of
HVAs,
the type needs to be "gpa_t", not "unsigned long". Oh, actually, they need to
be gfn_t, since those are what gets shoved into the xarray.
> + void *entry;
> + int r;
> +
> + if (region->size == 0 || region->addr + region->size < region->addr)
> + return -EINVAL;
> + if (region->addr & (PAGE_SIZE - 1) || region->size & (PAGE_SIZE - 1))
> + return -EINVAL;
> +
> + start = region->addr >> PAGE_SHIFT;
> + end = (region->addr + region->size - 1) >> PAGE_SHIFT;
> +
> + entry = ioctl == KVM_MEMORY_ENCRYPT_REG_REGION ?
> + xa_mk_value(KVM_MEM_ATTR_PRIVATE) : NULL;
> +
> + r = xa_err(xa_store_range(&kvm->mem_attr_array, start, end,
> + entry, GFP_KERNEL_ACCOUNT));
IIUC, this series treats memory as shared by default. I think we should invert
that and have KVM's ABI be that all guest memory as private by default, i.e.
require the guest to opt into sharing memory instead of opt out of sharing
memory.
And then the xarray would track which regions are shared.
Regarding mem_attr_array, it probably makes sense to explicitly include what
it's
tracking in the name, i.e. name it {private,shared}_mem_array depending on
whether
it's used to track private vs. shared memory. If we ever need to track metadata
beyond shared/private then we can tweak the name as needed, e.g. if hardware
ever
supports secondary non-ephemeral encryption keys.
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, (continued)
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Gupta, Pankaj, 2022/07/19
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Chao Peng, 2022/07/20
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Gupta, Pankaj, 2022/07/20
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Sean Christopherson, 2022/07/20
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Gupta, Pankaj, 2022/07/20
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Wei Wang, 2022/07/21
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Chao Peng, 2022/07/21
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Sean Christopherson, 2022/07/21
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Chao Peng, 2022/07/25
- Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions, Sean Christopherson, 2022/07/29
Re: [PATCH v7 11/14] KVM: Register/unregister the guest private memory regions,
Sean Christopherson <=
[PATCH v7 09/14] KVM: Extend the memslot to support fd-based private memory, Chao Peng, 2022/07/06
[PATCH v7 10/14] KVM: Add KVM_EXIT_MEMORY_FAULT exit, Chao Peng, 2022/07/06
[PATCH v7 12/14] KVM: Handle page fault for private memory, Chao Peng, 2022/07/06
[PATCH v7 13/14] KVM: Enable and expose KVM_MEM_PRIVATE, Chao Peng, 2022/07/06
[PATCH v7 14/14] memfd_create.2: Describe MFD_INACCESSIBLE flag, Chao Peng, 2022/07/06