On Thu, Mar 07, 2024, Xu Yilun wrote: > On Wed, Mar 06, 2024 at 06:45:30AM -0800, Sean Christopherson wrote: > > can be switched between private and shared, e.g. will return false for > > kvm_arch_has_private_mem(). > > > > And KVM _can't_ sanely use private/shared memslots for SEV(-ES), because it's > > impossible to intercept implicit conversions by the guest, i.e. KVM can't prevent > > the guest from encrypting a page that KVM thinks is private, and vice versa. > > Is it because there is no #NPF for RMP violation? Yep, there is no RMP, thus no way for the host to express its view of shared vs. private to hardware. As a result, KVM can't block conversions, and the given state of a page is completely unkown at any given time. E.g. when memory is reclaimed from an SEV(-ES) guest, KVM has to assume that the page is encrypted and thus needs to be flushed (see sev_guest_memory_reclaimed()).
