On 28.08.25 00:43, Ackerley Tng wrote:
Shivank Garg shivankg@amd.com writes:
[...snip...]
I meant to send this to you before this version went out but you were too quick!
Here's a new version, Fuad and I reviewed this again internally. The changes are:
- Sort linux/pseudo_fs.h after linux/pagemap.h (alphabetical)
- Don't set MNT_NOEXEC on the mount, since SB_I_NOEXEC was already set on the superblock
- Rename kvm_gmem_inode_make_secure_inode() to kvm_gmem_inode_create()
- Emphasizes that there is a creation in this function
- Remove "secure" from the function name to remove confusion that there may be a "non-secure" version
- In kvm_gmem_inode_create_getfile()'s error path, return ERR_PTR(err) directly instead of having a goto
From ada9814b216eac129ed44dffd3acf76fce2cc08a Mon Sep 17 00:00:00 2001 From: Ackerley Tng ackerleytng@google.com Date: Sun, 13 Jul 2025 17:43:35 +0000 Subject: [PATCH] KVM: guest_memfd: Use guest mem inodes instead of anonymous inodes
guest_memfd's inode represents memory the guest_memfd is providing. guest_memfd's file represents a struct kvm's view of that memory.
Using a custom inode allows customization of the inode teardown process via callbacks. For example, ->evict_inode() allows customization of the truncation process on file close, and ->destroy_inode() and ->free_inode() allow customization of the inode freeing process.
Customizing the truncation process allows flexibility in management of guest_memfd memory and customization of the inode freeing process allows proper cleanup of memory metadata stored on the inode.
Memory metadata is more appropriately stored on the inode (as opposed to the file), since the metadata is for the memory and is not unique to a specific binding and struct kvm.
Co-developed-by: Fuad Tabba tabba@google.com Signed-off-by: Fuad Tabba tabba@google.com Signed-off-by: Shivank Garg shivankg@amd.com Signed-off-by: Ackerley Tng ackerleytng@google.com
Acked-by: David Hildenbrand david@redhat.com