TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a12578e147
twx-linux/include
History
Fuad Tabba a12578e147 KVM: guest_memfd: Add plumbing to host to map guest_memfd pages 
Introduce the core infrastructure to enable host userspace to mmap()
guest_memfd-backed memory. This is needed for several evolving KVM use
cases:

* Non-CoCo VM backing: Allows VMMs like Firecracker to run guests
  entirely backed by guest_memfd, even for non-CoCo VMs [1]. This
  provides a unified memory management model and simplifies guest memory
  handling.

* Direct map removal for enhanced security: This is an important step
  for direct map removal of guest memory [2]. By allowing host userspace
  to fault in guest_memfd pages directly, we can avoid maintaining host
  kernel direct maps of guest memory. This provides additional hardening
  against Spectre-like transient execution attacks by removing a
  potential attack surface within the kernel.

* Future guest_memfd features: This also lays the groundwork for future
  enhancements to guest_memfd, such as supporting huge pages and
  enabling in-place sharing of guest memory with the host for CoCo
  platforms that permit it [3].

Enable the basic mmap and fault handling logic within guest_memfd, but
hold off on allow userspace to actually do mmap() until the architecture
support is also in place.

[1] https://github.com/firecracker-microvm/firecracker/tree/feature/secret-hiding
[2] https://lore.kernel.org/linux-mm/cc1bb8e9bc3e1ab637700a4d3defeec95b55060a.camel@amazon.com
[3] https://lore.kernel.org/all/c1c9591d-218a-495c-957b-ba356c8f8e09@redhat.com/T/#u

Reviewed-by: Gavin Shan <gshan@redhat.com>
Reviewed-by: Shivank Garg <shivankg@amd.com>
Acked-by: David Hildenbrand <david@redhat.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Fuad Tabba <tabba@google.com>
Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com>
Signed-off-by: Sean Christopherson <seanjc@google.com>
Message-ID: <20250729225455.670324-11-seanjc@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2025-08-27 04:35:00 -04:00
..
acpi mailbox/pcc: support mailbox management of the shared buffer 2025-08-07 23:49:56 -05:00
asm-generic Deferred unwind changes for 6.17 2025-08-01 09:46:24 -07:00
clocksource
crypto This push fixes a regression that breaks hmac(sha3-224-s390). 2025-08-09 07:26:19 +03:00
cxl
drm Short summary of fixes pull: 2025-08-14 07:51:34 +10:00
dt-bindings Pin control changes for v6.17 2025-08-02 12:07:09 -07:00
hyperv
keys
kunit linux_kselftest-kunit-6.17-rc1 2025-07-29 12:43:10 -07:00
kvm KVM/arm64 changes for 6.17, round #1 2025-07-29 12:27:40 -04:00
linux KVM: guest_memfd: Add plumbing to host to map guest_memfd pages 2025-08-27 04:35:00 -04:00
math-emu
media
memory
misc
net bonding: update LACP activity flag after setting lacp_active 2025-08-21 09:35:20 +02:00
pcmcia
ras
rdma
rv
scsi
soc This is the usual collection of primarily clk driver updates. The big part of 2025-07-31 13:36:27 -07:00
sound ASoC: Fixes for v6.17 2025-08-21 09:02:28 +02:00
target
trace tracing changes for 6.17 2025-08-01 10:29:36 -07:00
uapi block-6.17-20250822 2025-08-22 09:29:51 -04:00
ufs
vdso
video
xen Significant patch series in this pull request: 2025-08-03 16:23:09 -07:00
Kbuild