@@ -220,13 +220,41 @@ bool pkvm_is_hyp_created(struct kvm *host_kvm)
return READ_ONCE(host_kvm->arch.pkvm.handle);
}
+static int pkvm_mark_protected_mem_not_mappable(struct kvm *kvm)
+{
+ struct kvm_memory_slot *memslot;
+ struct kvm_memslots *slots;
+ int bkt, r;
+
+ if (!IS_ENABLED(CONFIG_KVM_GENERIC_PRIVATE_MEM_MAPPABLE))
+ return 0;
+
+ slots = kvm_memslots(kvm);
+ kvm_for_each_memslot(memslot, bkt, slots) {
+ if (!kvm_slot_can_be_private(memslot))
+ continue;
+
+ r = kvm_vm_set_mem_attributes_kernel(kvm,
+ memslot->base_gfn, memslot->base_gfn + memslot->npages,
+ KVM_MEMORY_ATTRIBUTE_NOT_MAPPABLE);
+ if (r)
+ return r;
+ }
+
+ return 0;
+}
+
int pkvm_create_hyp_vm(struct kvm *host_kvm)
{
int ret = 0;
mutex_lock(&host_kvm->lock);
- if (!pkvm_is_hyp_created(host_kvm))
- ret = __pkvm_create_hyp_vm(host_kvm);
+ if (!pkvm_is_hyp_created(host_kvm)) {
+ if (kvm_vm_is_protected(host_kvm))
+ ret = pkvm_mark_protected_mem_not_mappable(host_kvm);
+ if (!ret)
+ ret = __pkvm_create_hyp_vm(host_kvm);
+ }
mutex_unlock(&host_kvm->lock);
return ret;
A protected VM's memory is private by default and not mappable by the host until explicitly shared by the guest. Therefore, start off with all the memory of a protected guest as NOT_MAPPABLE. Signed-off-by: Fuad Tabba <tabba@google.com> --- arch/arm64/kvm/pkvm.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-)