On Tue, Feb 03, 2026 at 02:16:18PM -0400, Jason Gunthorpe wrote: > On Tue, Feb 03, 2026 at 05:56:37PM +0800, Xu Yilun wrote: > > > +1. For guest_memfd, we initially defined per-VM memory attributes to > > > track > > > private vs. shared. But as Ackerley noted, we are in the process of > > > deprecating > > > that support, e.g. by making it incompatible with various guest_memfd > > > features, > > > in favor of having each guest_memfd instance track the state of a given > > > page. > > > > > > The original guest_memfd design was that it would _only_ hold private > > > pages, and > > > so tracking private vs. shared in guest_memfd didn't make any sense. As > > > we've > > > pivoted to in-place conversion, tracking private vs. shared in the > > > guest_memfd > > > has basically become mandatory. We could maaaaaybe make it work with > > > per-VM > > > attributes, but it would be insanely complex. > > > > > > For a dmabuf fd, the story is the same as guest_memfd. Unless private > > > vs. shared > > > is all or nothing, and can never change, then the only entity that can > > > track that > > > info is the owner of the dmabuf. And even if the private vs. shared > > > attributes > > > are constant, tracking it external to KVM makes sense, because then the > > > provider > > > can simply hardcode %true/%false. > > > > For CoCo-VM and Tee-IO, I'm wondering if host or KVM has to maintain > > the private/shared attribute for "assigned MMIO". I'm not naming them > > "host MMIO" cause unlike RAM host never needs to access them, either in > > private manner or shared manner. > > > > Traditionally, host maps these MMIOs only because KVM needs HVA->HPA > > mapping to find pfn and setup KVM MMU. > > This is not actually completely true, the host mapping still ends up > being used by KVM if it happens to trap and emulate a MMIO touching > instruction. > > It really shouldn't do this, but there is a whole set of complex > machinery in KVM and qemu to handle this case. > > For example if the MSI-X window is not properly aligned then you have > some MMIO that is trapped and must be reflected to real HW.
In this case, the affected pages are not assigned MMIOs and KVM won't import them. Mapping them is just OK. > > So the sharable parts of the BAR should still end up being mmaped into > userspace, I think. This does mean we can't make VFIO totally unmappable. But VFIO can still try to create unmappable dmabufs for assigned MMIO regions, fail dmabuf creation or fail mmap() based on the addresses. > > Which means we need VFIO to know what they are, and hopefully it is > just static based on the TDISP reports.. I don't think VMM need to check TDISP report. The only special thing is the MSI-X mixed pages which can be figured out by standard PCI discovery. Seems this doesn't impact the idea that KVM needs no implication of Private/Shared from VFIO, as long as VFIO keeps exported dmabufs unmapped.
