On Thu, May 07, 2026 at 08:09:25PM -0500, Ira Weiny wrote:
>
> 2) What you propose above does not give the gmem 'protection' for CoCo's.
> So yea that is the bigger issue.
>
Realistically, what you actually want is to add:
private_dax.c
+
MEMORY_DEVICE_CONFIDENTIAL
And just make sure they work together to produce:
a) open() works -> produces an FD
b) no direct-mappings, struct page exists, can be accessed by KVM
c) all userland operations fault (memory is never in direct map)
d) unbind explicitly zeroes or calls a registered sanitize() func
But this adds a new dax mode and a new ZONE_DEVICE mode.
A private node with NP_OPT_NOMAP might be cleaner, but you still have to
do the hotplug/memremap dance either way.
~Gregory
