Merge tag 'kvm-x86-guest_memfd_fixes-6.8' of https://github.com/kvm-x86/linux into...

KVM GUEST_MEMFD fixes for 6.8:

 - Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY to
   avoid creating ABI that KVM can't sanely support.

 - Update documentation for KVM_SW_PROTECTED_VM to make it abundantly
   clear that such VMs are purely a development and testing vehicle, and
   come with zero guarantees.

 - Limit KVM_SW_PROTECTED_VM guests to the TDP MMU, as the long term plan
   is to support confidential VMs with deterministic private memory (SNP
   and TDX) only in the TDP MMU.

 - Fix a bug in a GUEST_MEMFD negative test that resulted in false passes
   when verifying that KVM_MEM_GUEST_MEMFD memslots can't be dirty logged.

diff --cc arch/arm64/kvm/Kconfig
Simple merge

diff --cc arch/x86/kvm/Kconfig
Simple merge

diff --cc virt/kvm/kvm_main.c
index ff588677beb7dc2df2103a352b6d238b14a492fd,0f50960b0e3a89215757163ad3b458c92670f4de..054d20ec61b97780b9e3f87e10cb619c01216a25
--- 1/virt/kvm/kvm_main.c
--- 2/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@@ -1614,8 -1614,14 +1614,14 @@@ static int check_memory_region_flags(st
        if (mem->flags & KVM_MEM_GUEST_MEMFD)
                valid_flags &= ~KVM_MEM_LOG_DIRTY_PAGES;
  
 -#ifdef __KVM_HAVE_READONLY_MEM
 +#ifdef CONFIG_HAVE_KVM_READONLY_MEM
-       valid_flags |= KVM_MEM_READONLY;
+       /*
+        * GUEST_MEMFD is incompatible with read-only memslots, as writes to
+        * read-only memslots have emulated MMIO, not page fault, semantics,
+        * and KVM doesn't allow emulated MMIO for private memory.
+        */
+       if (!(mem->flags & KVM_MEM_GUEST_MEMFD))
+               valid_flags |= KVM_MEM_READONLY;
  #endif
  
        if (mem->flags & ~valid_flags)