On Thu, Aug 01, 2024, Fuad Tabba wrote: > Make __kvm_read_guest_page/__kvm_write_guest_page capable of > accessing guest memory if no userspace address is available. > Moreover, check that the memory being accessed is shared with the > host before attempting the access. > > KVM at the host might need to access shared memory that is not > mapped in the host userspace but is in fact shared with the host, > e.g., when accounting for stolen time. This allows the access > without relying on the slot's userspace_addr being set. Why? As evidenced by the amount of code below, special casing guest_memfd isn't trivial, and taking kvm->slots_lock is likely a complete non-starter. In the happy case, uaccess is about as fast as can be, and has no inherent scaling issues. > This does not circumvent protection, since the access is only > attempted if the memory is mappable by the host, which implies > shareability. > > Signed-off-by: Fuad Tabba <tabba@xxxxxxxxxx> > --- > virt/kvm/kvm_main.c | 127 ++++++++++++++++++++++++++++++++++++++------ > 1 file changed, 111 insertions(+), 16 deletions(-) > > diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c > index f4b4498d4de6..ec6255c7325e 100644 > --- a/virt/kvm/kvm_main.c > +++ b/virt/kvm/kvm_main.c > @@ -3385,20 +3385,108 @@ int kvm_gmem_clear_mappable(struct kvm *kvm, gfn_t start, gfn_t end) > return kvm_gmem_toggle_mappable(kvm, start, end, false); > } > > +static int __kvm_read_private_guest_page(struct kvm *kvm, The changelog says this is for accessing memory that is shared, but this says "private". > + struct kvm_memory_slot *slot, > + gfn_t gfn, void *data, int offset, > + int len)
