dsg/cloud-hypervisor
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hypervisor: update cache when a shared page is revoked

Browse source 
During the lifecycle of a confidential VM, the guest may revoke
previously shared pages via an attribute-intercept VM exit.
When this happens, the host-side cache must be updated so that any
subsequent access by the VMM triggers a fresh request for the guest
to re-share the page.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
This commit is contained in:
Muminul Islam 2025-11-26 15:24:55 -08:00 committed by Wei Liu
parent afcb2b285f
commit b163fea66a
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
hypervisor/src/mshv/mod.rs
View file

@ -740,6 +740,14 @@ impl cpu::Vcpu for MshvVcpu {
let mut gpas = Vec::new();
let ranges = info.ranges;
let (gfn_start, gfn_count) = snp::parse_gpa_range(ranges[0]).unwrap();
// Update the bitmap(cache) to mark the pages as host inaccessible
self.host_access_pages.rcu(|bitmap| {
let bm = bitmap.clone();
bm.reset_addr_range(gfn_start as usize, gfn_count as usize);
bm
});
debug!("Releasing pages: gfn_start: {gfn_start:x?}, gfn_count: {gfn_count:?}");
let gpa_start = gfn_start * HV_PAGE_SIZE as u64;
for i in 0..gfn_count {