Add support for host userspace mapping of guest_memfd-backed memory for VM
types that do NOT use support KVM_MEMORY_ATTRIBUTE_PRIVATE (which isn't
precisely the same thing as CoCo VMs, since x86's SEV-MEM and SEV-ES have
no way to detect private vs. shared).
mmap() support paves the way for several evolving KVM use cases:
* Allows VMMs like Firecracker to run guests entirely backed by
guest_memfd [1]. This provides a unified memory management model for
both confidential and non-confidential guests, simplifying VMM design.
* Enhanced Security via direct map removal: When combined with Patrick's
series for direct map removal [2], this provides additional hardening
against Spectre-like transient execution attacks by eliminating the
need for host kernel direct maps of guest memory.
* Lays the groundwork for *restricted* mmap() support for guest_memfd-backed
memory on CoCo platforms [3] that permit in-place sharing of guest memory
with the host.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
projects / thirdparty / kernel / stable.git / commitdiff
