A protected VM's memory is private by default and not mappable by
the host until explicitly shared by the guest. Therefore, start
off with all the memory of a protected guest as NOT_MAPPABLE.
Signed-off-by: Fuad Tabba <tabba@xxxxxxxxxx>
---
arch/arm64/kvm/pkvm.c | 32 ++++++++++++++++++++++++++++++--
1 file changed, 30 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kvm/pkvm.c b/arch/arm64/kvm/pkvm.c
index bfd4858a7bd1..75247a3ced3d 100644
--- a/arch/arm64/kvm/pkvm.c
+++ b/arch/arm64/kvm/pkvm.c
@@ -220,13 +220,41 @@ bool pkvm_is_hyp_created(struct kvm *host_kvm)
return READ_ONCE(host_kvm->arch.pkvm.handle);
}
+static int pkvm_mark_protected_mem_not_mappable(struct kvm *kvm)
+{
+ struct kvm_memory_slot *memslot;
+ struct kvm_memslots *slots;
+ int bkt, r;
+
+ if (!IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE))
+ return 0;
+
+ slots = kvm_memslots(kvm);
+ kvm_for_each_memslot(memslot, bkt, slots) {
+ if (!kvm_slot_can_be_private(memslot))
+ continue;
+
+ r = kvm_vm_set_mem_attributes_kernel(kvm,
+ memslot->base_gfn, memslot->base_gfn + memslot->npages,
+ KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE);
+ if (r)
+ return r;
+ }
+
+ return 0;
+}
+
int pkvm_create_hyp_vm(struct kvm *host_kvm)
{
int ret = 0;
mutex_lock(&host_kvm->lock);
- if (!pkvm_is_hyp_created(host_kvm))
- ret = __pkvm_create_hyp_vm(host_kvm);
+ if (!pkvm_is_hyp_created(host_kvm)) {
+ if (kvm_vm_is_protected(host_kvm))
+ ret = pkvm_mark_protected_mem_not_mappable(host_kvm);
+ if (!ret)
+ ret = __pkvm_create_hyp_vm(host_kvm);
+ }
mutex_unlock(&host_kvm->lock);
return ret;
--
2.44.0.rc1.240.g4c46232300-goog
