Re: [RFC PATCH v2 29/32] kvm: svm: Add support for SEV DEBUG_DECRYPT command

From: Paolo Bonzini
Date: Fri Mar 17 2017 - 07:12:51 EST

Next message: Rajneesh Bhardwaj: "Re: [PATCH v2 1/4] platform/x86: intel_pmc_ipc: fix gcr offset"
Previous message: Heiko Stuebner: "Re: [PATCH v2 2/3] arm64: dts: rockchip: add i2s nodes support for RK3368 SoCs"
In reply to: Brijesh Singh: "Re: [RFC PATCH v2 29/32] kvm: svm: Add support for SEV DEBUG_DECRYPT command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 16/03/2017 19:41, Brijesh Singh wrote:
>>
>> Please do add it, it doesn't seem very different from what you're doing
>> in LAUNCH_UPDATE_DATA. There's no need for a separate
>> __sev_dbg_decrypt_page function, you can just pin/unpin here and do a
>> per-page loop as in LAUNCH_UPDATE_DATA.
>
> I can certainly add support to handle crossing the page boundary cases.
> Should we limit the size to prevent user passing arbitrary long length
> and we end up looping inside the kernel? I was thinking to limit to a
> PAGE_SIZE.

I guess it depends on how it's used. PAGE_SIZE makes sense since you
only know if a physical address is encrypted when you reach it from a
visit of the page tables.

Paolo

Next message: Rajneesh Bhardwaj: "Re: [PATCH v2 1/4] platform/x86: intel_pmc_ipc: fix gcr offset"
Previous message: Heiko Stuebner: "Re: [PATCH v2 2/3] arm64: dts: rockchip: add i2s nodes support for RK3368 SoCs"
In reply to: Brijesh Singh: "Re: [RFC PATCH v2 29/32] kvm: svm: Add support for SEV DEBUG_DECRYPT command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]