On Fri, Oct 24, 2025, Ackerley Tng wrote:
> Sean Christopherson <[email protected]> writes:
> >>
> >> [...snip...]
> >>
>
> I've been thinking more about this:
>
> #ifdef CONFIG_KVM_VM_MEMORY_ATTRIBUTES
> case KVM_CAP_MEMORY_ATTRIBUTES2:
> case KVM_CAP_MEMORY_ATTRIBUTES:
> if (!vm_memory_attributes)
> return 0;
>
> return kvm_supported_mem_attributes(kvm);
> #endif
>
> And the purpose of adding KVM_CAP_MEMORY_ATTRIBUTES2 is that
> KVM_CAP_MEMORY_ATTRIBUTES2 tells userspace that
> KVM_SET_MEMORY_ATTRIBUTES2 is available iff there are valid
> attributes.
>
> (So there's still a purpose)
>
> Without valid attributes, userspace can't tell if it should use
> KVM_SET_MEMORY_ATTRIBUTES or the 2 version.
To do what? If there are no attributes, userspace can't do anything useful
anyways.
> I also added KVM_CAP_GUEST_MEMFD_MEMORY_ATTRIBUTES, which tells
> userspace the valid attributes when calling KVM_SET_MEMORY_ATTRIBUTES2
> on a guest_memfd:
Ya, and that KVM_SET_MEMORY_ATTRIBUTES2 is supported on guest_memfd.
> #ifdef CONFIG_KVM_GUEST_MEMFD
> case KVM_CAP_GUEST_MEMFD:
> return 1;
> case KVM_CAP_GUEST_MEMFD_FLAGS:
> return kvm_gmem_get_supported_flags(kvm);
> case KVM_CAP_GUEST_MEMFD_MEMORY_ATTRIBUTES:
> if (vm_memory_attributes)
> return 0;
>
> return kvm_supported_mem_attributes(kvm);
> #endif
>
> So to set memory attributes, userspace should
Userspace *can*. User could also decide it only wants to support guest_memfd
attributes, e.g. because the platform admins controls the entire stack and built
their entire operation around in-place conversion.
> if (kvm_check_cap(KVM_CAP_GUEST_MEMFD_MEMORY_ATTRIBUTES) > 0)
> use KVM_SET_MEMORY_ATTRIBUTES2 with guest_memfd
> else if (kvm_check_cap(KVM_CAP_MEMORY_ATTRIBUTES2) > 0)
> use KVM_SET_MEMORY_ATTRIBUTES2 with VM fd
> else if (kvm_check_cap(KVM_CAP_MEMORY_ATTRIBUTES) > 0)
> use KVM_SET_MEMORY_ATTRIBUTES with VM fd
> else
> can't set memory attributes
>
> Something like that?
More or else, ya.
> In selftests there's this, when KVM_SET_USER_MEMORY_REGION2 was
> introduced:
>
> #define TEST_REQUIRE_SET_USER_MEMORY_REGION2() \
> __TEST_REQUIRE(kvm_has_cap(KVM_CAP_USER_MEMORY2), \
> "KVM selftests now require KVM_SET_USER_MEMORY_REGION2
> (introduced in v6.8)")
>
> But looks like there's no direct equivalent for the introduction of
> KVM_SET_MEMORY_ATTRIBUTES2?
KVM_CAP_USER_MEMORY2 is the equivalent.
There's was no need to enumerate anything beyond yes/no, because
SET_USER_MEMORY_REGION2 didn't introduce new flags, it expanded the size of the
structure passed in from userspace so that KVM_CAP_GUEST_MEMFD could be
introduced
without breaking backwards compatibility.
> The closest would be to add a TEST_REQUIRE_VALID_ATTRIBUTES() which
> checks KVM_CAP_MEMORY_ATTRIBUTES2 or
> KVM_CAP_GUEST_MEMFD_MEMORY_ATTRIBUTES before making the vm or
> guest_memfd ioctl respsectively.
Yes. This is what I did in my (never posted, but functional) version:
@@ -486,6 +488,7 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint32_t
nr_runnable_vcpus,
}
guest_rng = new_guest_random_state(guest_random_seed);
sync_global_to_guest(vm, guest_rng);
+ sync_global_to_guest(vm, kvm_has_gmem_attributes);
kvm_arch_vm_post_create(vm, nr_runnable_vcpus);
@@ -2319,6 +2333,8 @@ void __attribute((constructor)) kvm_selftest_init(void)
guest_random_seed = last_guest_seed = random();
pr_info("Random seed: 0x%x\n", guest_random_seed);
+ kvm_has_gmem_attributes =
kvm_has_cap(KVM_CAP_GUEST_MEMFD_MEMORY_ATTRIBUTES);
+
kvm_selftest_arch_init();
}
That way the core library code can pivot on gmem vs. VM attributes without
having
to rely on tests to define anything. E.g.
static inline void vm_mem_set_memory_attributes(struct kvm_vm *vm, uint64_t gpa,
uint64_t size, uint64_t attrs)
{
if (kvm_has_gmem_attributes) {
off_t fd_offset;
uint64_t len;
int fd;
fd = kvm_gpa_to_guest_memfd(vm, gpa, &fd_offset, &len);
TEST_ASSERT(len >= size, "Setting attributes beyond the length
of a guest_memfd");
gmem_set_memory_attributes(fd, fd_offset, size, attrs);
} else {
vm_set_memory_attributes(vm, gpa, size, attrs);
}
}
