[PATCH v14 27/44] arm64: RMI: Set RIPAS of initial memslots
Aneesh Kumar K.V
aneesh.kumar at kernel.org
Tue May 19 03:02:16 PDT 2026
Steven Price <steven.price at arm.com> writes:
> The memory which the realm guest accesses must be set to RIPAS_RAM.
> Iterate over the memslots and set all gmem memslots to RIPAS_RAM.
>
> Signed-off-by: Steven Price <steven.price at arm.com>
> ---
...
> +static int set_ripas_of_protected_regions(struct kvm *kvm)
> +{
> + struct kvm_memslots *slots;
> + struct kvm_memory_slot *memslot;
> + int idx, bkt;
> + int ret = 0;
> +
> + idx = srcu_read_lock(&kvm->srcu);
> +
> + slots = kvm_memslots(kvm);
> + kvm_for_each_memslot(memslot, bkt, slots) {
> + if (!kvm_slot_has_gmem(memslot))
> + continue;
> +
> + ret = realm_init_ipa_state(kvm, memslot->base_gfn,
> + memslot->npages);
> + if (ret)
> + break;
> + }
> + srcu_read_unlock(&kvm->srcu, idx);
> +
> + return ret;
> +}
> +
> int kvm_arm_rmi_populate(struct kvm *kvm,
> struct kvm_arm_rmi_populate *args)
> {
> @@ -890,6 +922,10 @@ int kvm_activate_realm(struct kvm *kvm)
> return ret;
> }
>
> + ret = set_ripas_of_protected_regions(kvm);
> + if (ret)
> + return ret;
> +
> ret = rmi_realm_activate(virt_to_phys(realm->rd));
> if (ret)
> return -ENXIO;
relam guest already does.
for_each_mem_range(i, &start, &end) {
if (rsi_set_memory_range_protected_safe(start, end)) {
panic("Failed to set memory range to protected: %pa-%pa",
&start, &end);
}
}
if so why is host required to do this ?
-aneesh
More information about the linux-arm-kernel
mailing list