Re: [PATCHv6 27/30] x86/kvm: Make SWIOTLB buffer shared for TD guest

From: Dave Hansen
Date: Wed Mar 16 2022 - 18:24:50 EST

Next message: Kees Cook: "Re: [PATCH] x86: Remove a.out support"
Previous message: Luck, Tony: "RE: [PATCH v2 3/8] iommu/vt-d: Implement device_pasid domain attach ops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/15/22 19:08, Kirill A. Shutemov wrote:
> Intel TDX doesn't allow VMM to directly access guest private memory.
> Any memory that is required for communication with the VMM must be
> shared explicitly. The same rule applies for any DMA to and from the
> TDX guest. All DMA pages have to be marked as shared pages. A generic way
> to achieve this without any changes to device drivers is to use the
> SWIOTLB framework.
>
> Make SWIOTLB buffer shared by generalizing mem_encrypt_init() to cover
> TDX.

This could have saved me a trip to the console if it would have also said:

Stop selecting DYNAMIC_PHYSICAL_MASK directly. It will get set
indirectly by selcting X86_MEM_ENCRYPT.

It's probably also worth noting:

mem_encrypt_init() is currently under an AMD-specific #ifdef.
Move it to a more generic area of the header.

The other adorable thing about this patch:

> arch/x86/Kconfig | 2 +-
> arch/x86/coco/core.c | 1 +
> arch/x86/include/asm/mem_encrypt.h | 6 +++---
> arch/x86/mm/mem_encrypt.c | 9 ++++++++-
> 4 files changed, 13 insertions(+), 5 deletions(-)

Is that it superficially has *zero* to do with SWIOTLB, also known as
the declared Subject. It almost looks like this patch found a smaller
and weaker patch, beat it up, and stole its Subject.

I'd be fine with an "x86/mm" tag on this too. I'm not sure what makes
it truly KVM-specific.

Can you send a revision with something a bit more descriptive, please?

Next message: Kees Cook: "Re: [PATCH] x86: Remove a.out support"
Previous message: Luck, Tony: "RE: [PATCH v2 3/8] iommu/vt-d: Implement device_pasid domain attach ops"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]