Add kvm guest memfd related capabilities

The capabilities are required to properly setup a guest_memfd to provide better
host and guest memory isolation. The memory attributes capability returns an
integer with each bits representing different configs. For example, the return
integer & KVM_MEMORY_ATTRIBUTE_PRIVATE > 0 means the vm is capable of setting
memory pages to private.

Signed-off-by: Sida Chen <[email protected]>

Author: KeyboardNerd

CHANGELOG.md

@@ -9,6 +9,8 @@
 - [[#273](https://github.com/rust-vmm/kvm-ioctls/pull/273)]: `DeviceFd::get_device_attr` is now
   marked as unsafe.
 - [[#277](https://github.com/rust-vmm/kvm-ioctls/pull/277)]: Updated kvm-bindings to 0.9.1.
+- [[#287](https://github.com/rust-vmm/kvm-ioctls/pull/287)]: Add kvm guest memfd related
+  capabilities.
 
 ## v0.18.0
 

src/cap.rs

@@ -171,4 +171,7 @@ pub enum Cap {
     ExitHypercall = KVM_CAP_EXIT_HYPERCALL,
     #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
     MemoryFaultInfo = KVM_CAP_MEMORY_FAULT_INFO,
+    UserMemory2 = KVM_CAP_USER_MEMORY2,
+    GuestMemfd = KVM_CAP_GUEST_MEMFD,
+    MemoryAttributes = KVM_CAP_MEMORY_ATTRIBUTES,
 }

src/ioctls/vm.rs

@@ -1390,10 +1390,53 @@ impl VmFd {
     /// Wrapper over `KVM_CHECK_EXTENSION`.
     ///
     /// Returns 0 if the capability is not available and a positive integer otherwise.
-    fn check_extension_int(&self, c: Cap) -> i32 {
-        // SAFETY: Safe because we know that our file is a VM fd and that the extension is one of
-        // the ones defined by kernel.
-        unsafe { ioctl_with_val(self, KVM_CHECK_EXTENSION(), c as c_ulong) }
+    /// See the documentation for `KVM_CHECK_EXTENSION`.
+    ///
+    /// # Arguments
+    ///
+    /// * `c` - KVM capability to check.
+    ///
+    /// # Example
+    ///
+    /// ```
+    /// extern crate kvm_bindings;
+    ///
+    /// # use kvm_bindings::{KVM_MEMORY_ATTRIBUTE_PRIVATE};
+    /// # use kvm_ioctls::Kvm;
+    /// use kvm_ioctls::Cap;
+    ///
+    /// let kvm = Kvm::new().unwrap();
+    /// assert!(
+    ///     kvm.check_extension_int(Cap::MemoryAttributes) as u32 & KVM_MEMORY_ATTRIBUTE_PRIVATE > 0
+    /// );
+    /// ```
+    pub fn check_extension_int(&self, c: Cap) -> i32 {
+        self.check_extension_raw(c as c_ulong)
+    }
+
+    /// Wrapper over `KVM_CHECK_EXTENSION`.
+    ///
+    /// Returns 0 if the capability is not available and a positive integer otherwise.
+    /// See the documentation for `KVM_CHECK_EXTENSION`.
+    ///
+    /// # Arguments
+    ///
+    /// * `c` - KVM capability to check in a form of a raw integer.
+    ///
+    /// # Example
+    ///
+    /// ```
+    /// # use kvm_ioctls::Kvm;
+    /// # use std::os::raw::c_ulong;
+    /// use kvm_ioctls::Cap;
+    ///
+    /// let kvm = Kvm::new().unwrap();
+    /// assert!(kvm.check_extension_raw(Cap::GuestMemfd as c_ulong) > 0);
+    /// ```
+    pub fn check_extension_raw(&self, c: c_ulong) -> i32 {
+        // SAFETY: Safe because we know that our file is a KVM fd.
+        // If `c` is not a known kernel extension, kernel will return 0.
+        unsafe { ioctl_with_val(self, KVM_CHECK_EXTENSION(), c) }
     }
 
     /// Checks if a particular `Cap` is available.
@@ -2513,6 +2556,20 @@ mod tests {
         assert!(vm.check_extension(Cap::MpState));
     }
 
+    #[test]
+    fn test_check_extension_int() {
+        let kvm = Kvm::new().unwrap();
+        let vm = kvm.create_vm().unwrap();
+        assert!(vm.check_extension_int(Cap::MpState) > 0);
+    }
+
+    #[test]
+    fn test_check_extension_raw() {
+        let kvm = Kvm::new().unwrap();
+        let vm = kvm.create_vm().unwrap();
+        assert!(vm.check_extension_raw(Cap::MpState as c_ulong) > 0);
+    }
+
     #[test]
     #[cfg(any(target_arch = "x86", target_arch = "x86_64"))]
     #[cfg_attr(not(has_sev), ignore)]