On 11.09.25 12:15, Nikita Kalyazin wrote:
On 10/09/2025 22:23, James Houghton wrote:
On Tue, Sep 2, 2025 at 4:20 AM Kalyazin, Nikita kalyazin@amazon.co.uk wrote:
From: Nikita Kalyazin kalyazin@amazon.com
Hi Nikita,
Hi James,
Thanks for the review!
write syscall populates guest_memfd with user-supplied data in a generic way, ie no vendor-specific preparation is performed. This is supposed to be used in non-CoCo setups where guest memory is not hardware-encrypted.
What's meant to happen if we do use this for CoCo VMs? I would expect write() to fail, but I don't see why it would (seems like we need/want a check that we aren't write()ing to private memory).
I am not so sure that write() should fail even in CoCo VMs if we access not-yet-prepared pages. My understanding was that the CoCoisation of the memory occurs during "preparation". But I may be wrong here.
But how do you handle that a page is actually inaccessible and should not be touched?
IOW, with CXL you could crash the host.
There is likely some state check missing, or it should be restricted to VM types.
Do we know how this would interact with the direct-map removal?