On Tuesday, January 3, 2023 9:40 AM, Chao Peng wrote: > > Because guest memory defaults to private, and now this patch stores > > the attributes with KVM_MEMORY_ATTRIBUTE_PRIVATE instead of > _SHARED, > > it would bring more KVM_EXIT_MEMORY_FAULT exits at the beginning of > > boot time. Maybe it can be optimized somehow in other places? e.g. set > > mem attr in advance. > > KVM defaults to 'shared' because this ioctl can also be potentially used by > normal VMs and 'shared' sounds a value meaningful for both normal VMs and > confidential VMs. Do you mean a normal VM could have pages marked private? What's the usage? (If all the pages are just marked shared for normal VMs, then why do we need it) > As for more KVM_EXIT_MEMORY_FAULT exits during the > booting time, yes, setting all memory to 'private' for confidential VMs through > this ioctl in userspace before guest launch is an approach for KVM userspace to > 'override' the KVM default and reduce the number of implicit conversions. Most pages of a confidential VM are likely to be private pages. It seems more efficient (and not difficult to check vm_type) to have KVM defaults to "private" for confidential VMs and defaults to "shared" for normal VMs.
