Re: [PATCH v2 05/13] KVM: guest_memfd: Allow mmap() on guest_memfd for x86 VMs with private memory

[Ackerley Tng <ackerleytng@google.com>]

Sean Christopherson <seanjc@google.com> writes:

> Allow mmap() on guest_memfd instances for x86 VMs with private memory as
> the need to track private vs. shared state in the guest_memfd instance is
> only pertinent to INIT_SHARED.  Doing mmap() on private memory isn't
> terrible useful (yet!), but it's now possible, and will be desirable when
> guest_memfd gains support for other VMA-based syscalls, e.g. mbind() to
> set NUMA policy.
>
> Lift the restriction now, before MMAP support is officially released, so
> that KVM doesn't need to add another capability to enumerate support for
> mmap() on private memory.
>

Also thought through this: before this series, CoCo VMs could not use
mmap, but that's a tighter constraint, relaxed in this patch.

The actual restriction is that private memory must not be mapped to host
userspace.

In this patch series, guest_memfd's shared/private state is controlled
only by the presence of INIT_SHARED. CoCo VMs cannot use INIT_SHARED,
and hence cannot have guest_memfd memory that has shared status.

CoCo VMs can only use guest_memfd memory with private status, private
memory can't be mapped to host userspace, so we're good in terms of CoCo
safety and keeping the original purpose of guest_memfd satisfied.

> Fixes: 3d3a04fad25a ("KVM: Allow and advertise support for host mmap() on guest_memfd files")
> Signed-off-by: Sean Christopherson <seanjc@google.com>

Reviewed-by: Ackerley Tng <ackerleytng@google.com>
Tested-by: Ackerley Tng <ackerleytng@google.com>

> ---
>  arch/x86/kvm/x86.c       |  7 ++++---
>  include/linux/kvm_host.h | 12 +++++++++++-
>  virt/kvm/guest_memfd.c   |  9 ++-------
>  virt/kvm/kvm_main.c      |  6 +-----
>  4 files changed, 18 insertions(+), 16 deletions(-)
>
> 
> [...snip...]
>