Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1521915yba; Thu, 25 Apr 2019 00:55:13 -0700 (PDT) X-Google-Smtp-Source: APXvYqwu8gDw8gs4Kwre8fpVwLGFeswTLFIUUARR5kwE4FwSnsAIT6KvTWjeLtCAz7JTqqILXjLF X-Received: by 2002:a63:5014:: with SMTP id e20mr11414452pgb.312.1556178913503; Thu, 25 Apr 2019 00:55:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556178913; cv=none; d=google.com; s=arc-20160816; b=CQVgX8+YFtrEQiyW3bzSaoT2k/eSU3zwO/yxjNC3nrpGxlgb1nENr6P09DTs/I0OAA bdIUZZZefujc32ETRjoMdeNHq3p4Visid5OUn3jfbG450KgyCOSCxUG7YSWBAMWC6Y9f N7To9u+ZSDZF2cpA0anj8qt5wuA0vUbERjJmacLSHopQkGB5fcIqVHfUA7VlrfUPyEwc NSY0WfkF8FCxogkzhyiGqoIkAEGXzdDB7zvIZDzgmfAzg1np874JwEz59ZSL1ik9gzI+ +KwoJ5PAE9n+bOgozKnvX+ZmUByuH6ZZr1V668NjsaKZavs6cKFoGCthr2kbtHo1fXyt fcuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:mime-version:date:in-reply-to :subject:cc:to:from:user-agent:references; bh=/qr3lFcvY+s/tmUQ5bRdxihl5on8BHEdrr5FOULqttE=; b=qkDW2AJ0yYdQt8VRw+ahoA/ncqLddQNnZW07Tg6jq8/3VRQyMfX4swjCF1qTkZBmwS H/Hm9RSup3enb94I4cWAXuf1x4uoDEJDzw41sxRwnLCH2RFnTOibfEs774O6iMWJuzCk iyFOUSwmx2qKnMYIi2F0zwOdEIGC3Cay8T4V/tlULxEeatmaOHJFwkoR90zfOebi0nd+ X6S18pX1D95FGkJrKuRxXR+CiuOsCSElSP03hik2v1ByXyiUXVzl/IanaLgIvGcsamVo znh0Yk3+480i8wJfq0qoBHelmO6Z3b/v0zCdSqxz9xTfj+P/0xn/xoGj/JvrWJKvD/3Q baJw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x5si21729320pfa.41.2019.04.25.00.54.58; Thu, 25 Apr 2019 00:55:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728662AbfDYBCZ (ORCPT + 99 others); Wed, 24 Apr 2019 21:02:25 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:44352 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726380AbfDYBCZ (ORCPT ); Wed, 24 Apr 2019 21:02:25 -0400 Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x3P0rbYe186363 for ; Wed, 24 Apr 2019 21:02:23 -0400 Received: from e31.co.us.ibm.com (e31.co.us.ibm.com [32.97.110.149]) by mx0b-001b2d01.pphosted.com with ESMTP id 2s2xk91ek6-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 24 Apr 2019 21:02:23 -0400 Received: from localhost by e31.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 25 Apr 2019 02:02:22 +0100 Received: from b03cxnp08025.gho.boulder.ibm.com (9.17.130.17) by e31.co.us.ibm.com (192.168.1.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 25 Apr 2019 02:02:18 +0100 Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x3P12GT328311574 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 25 Apr 2019 01:02:16 GMT Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1B130780B1; Thu, 25 Apr 2019 01:02:16 +0000 (GMT) Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AAED578080; Thu, 25 Apr 2019 01:02:03 +0000 (GMT) Received: from morokweng.localdomain (unknown [9.80.232.248]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTPS; Thu, 25 Apr 2019 01:02:02 +0000 (GMT) References: <87zhrj8kcp.fsf@morokweng.localdomain> <87womn8inf.fsf@morokweng.localdomain> <20190129134750-mutt-send-email-mst@kernel.org> <877eefxvyb.fsf@morokweng.localdomain> <20190204144048-mutt-send-email-mst@kernel.org> <87ef71seve.fsf@morokweng.localdomain> <20190320171027-mutt-send-email-mst@kernel.org> <87tvfvbwpb.fsf@morokweng.localdomain> <20190323165456-mutt-send-email-mst@kernel.org> <87a7go71hz.fsf@morokweng.localdomain> <20190419190258-mutt-send-email-mst@kernel.org> User-agent: mu4e 1.0; emacs 26.1 From: Thiago Jung Bauermann To: "Michael S. Tsirkin" Cc: virtualization@lists.linux-foundation.org, linuxppc-dev@lists.ozlabs.org, iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Jason Wang , Christoph Hellwig , David Gibson , Alexey Kardashevskiy , Paul Mackerras , Benjamin Herrenschmidt , Ram Pai , Jean-Philippe Brucker , Michael Roth , Mike Anderson Subject: Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted In-reply-to: <20190419190258-mutt-send-email-mst@kernel.org> Date: Wed, 24 Apr 2019 22:01:56 -0300 MIME-Version: 1.0 Content-Type: text/plain X-TM-AS-GCONF: 00 x-cbid: 19042501-8235-0000-0000-00000E869D0D X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00010990; HX=3.00000242; KW=3.00000007; PH=3.00000004; SC=3.00000285; SDB=6.01193942; UDB=6.00625930; IPR=6.00974766; MB=3.00026582; MTD=3.00000008; XFM=3.00000015; UTC=2019-04-25 01:02:21 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19042501-8236-0000-0000-00004547C62A Message-Id: <875zr228zf.fsf@morokweng.localdomain> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-04-25_01:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904250004 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Michael S. Tsirkin writes: > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: >> >> Michael S. Tsirkin writes: >> >> > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: >> >> >> >> Michael S. Tsirkin writes: >> >> >> >> > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: >> >> >> >From what I understand of the ACCESS_PLATFORM definition, the host will >> >> >> only ever try to access memory addresses that are supplied to it by the >> >> >> guest, so all of the secure guest memory that the host cares about is >> >> >> accessible: >> >> >> >> >> >> If this feature bit is set to 0, then the device has same access to >> >> >> memory addresses supplied to it as the driver has. In particular, >> >> >> the device will always use physical addresses matching addresses >> >> >> used by the driver (typically meaning physical addresses used by the >> >> >> CPU) and not translated further, and can access any address supplied >> >> >> to it by the driver. When clear, this overrides any >> >> >> platform-specific description of whether device access is limited or >> >> >> translated in any way, e.g. whether an IOMMU may be present. >> >> >> >> >> >> All of the above is true for POWER guests, whether they are secure >> >> >> guests or not. >> >> >> >> >> >> Or are you saying that a virtio device may want to access memory >> >> >> addresses that weren't supplied to it by the driver? >> >> > >> >> > Your logic would apply to IOMMUs as well. For your mode, there are >> >> > specific encrypted memory regions that driver has access to but device >> >> > does not. that seems to violate the constraint. >> >> >> >> Right, if there's a pre-configured 1:1 mapping in the IOMMU such that >> >> the device can ignore the IOMMU for all practical purposes I would >> >> indeed say that the logic would apply to IOMMUs as well. :-) >> >> >> >> I guess I'm still struggling with the purpose of signalling to the >> >> driver that the host may not have access to memory addresses that it >> >> will never try to access. >> > >> > For example, one of the benefits is to signal to host that driver does >> > not expect ability to access all memory. If it does, host can >> > fail initialization gracefully. >> >> But why would the ability to access all memory be necessary or even >> useful? When would the host access memory that the driver didn't tell it >> to access? > > When I say all memory I mean even memory not allowed by the IOMMU. Yes, but why? How is that memory relevant? >> >> >> >> > But the name "sev_active" makes me scared because at least AMD guys who >> >> >> >> > were doing the sensible thing and setting ACCESS_PLATFORM >> >> >> >> >> >> >> >> My understanding is, AMD guest-platform knows in advance that their >> >> >> >> guest will run in secure mode and hence sets the flag at the time of VM >> >> >> >> instantiation. Unfortunately we dont have that luxury on our platforms. >> >> >> > >> >> >> > Well you do have that luxury. It looks like that there are existing >> >> >> > guests that already acknowledge ACCESS_PLATFORM and you are not happy >> >> >> > with how that path is slow. So you are trying to optimize for >> >> >> > them by clearing ACCESS_PLATFORM and then you have lost ability >> >> >> > to invoke DMA API. >> >> >> > >> >> >> > For example if there was another flag just like ACCESS_PLATFORM >> >> >> > just not yet used by anyone, you would be all fine using that right? >> >> >> >> >> >> Yes, a new flag sounds like a great idea. What about the definition >> >> >> below? >> >> >> >> >> >> VIRTIO_F_ACCESS_PLATFORM_NO_IOMMU This feature has the same meaning as >> >> >> VIRTIO_F_ACCESS_PLATFORM both when set and when not set, with the >> >> >> exception that the IOMMU is explicitly defined to be off or bypassed >> >> >> when accessing memory addresses supplied to the device by the >> >> >> driver. This flag should be set by the guest if offered, but to >> >> >> allow for backward-compatibility device implementations allow for it >> >> >> to be left unset by the guest. It is an error to set both this flag >> >> >> and VIRTIO_F_ACCESS_PLATFORM. >> >> > >> >> > It looks kind of narrow but it's an option. >> >> >> >> Great! >> >> >> >> > I wonder how we'll define what's an iommu though. >> >> >> >> Hm, it didn't occur to me it could be an issue. I'll try. >> >> I rephrased it in terms of address translation. What do you think of >> this version? The flag name is slightly different too: >> >> >> VIRTIO_F_ACCESS_PLATFORM_NO_TRANSLATION This feature has the same >> meaning as VIRTIO_F_ACCESS_PLATFORM both when set and when not set, >> with the exception that address translation is guaranteed to be >> unnecessary when accessing memory addresses supplied to the device >> by the driver. Which is to say, the device will always use physical >> addresses matching addresses used by the driver (typically meaning >> physical addresses used by the CPU) and not translated further. This >> flag should be set by the guest if offered, but to allow for >> backward-compatibility device implementations allow for it to be >> left unset by the guest. It is an error to set both this flag and >> VIRTIO_F_ACCESS_PLATFORM. > > Thanks, I'll think about this approach. Will respond next week. Thanks! >> >> > Another idea is maybe something like virtio-iommu? >> >> >> >> You mean, have legacy guests use virtio-iommu to request an IOMMU >> >> bypass? If so, it's an interesting idea for new guests but it doesn't >> >> help with guests that are out today in the field, which don't have A >> >> virtio-iommu driver. >> > >> > I presume legacy guests don't use encrypted memory so why do we >> > worry about them at all? >> >> They don't use encrypted memory, but a host machine will run a mix of >> secure and legacy guests. And since the hypervisor doesn't know whether >> a guest will be secure or not at the time it is launched, legacy guests >> will have to be launched with the same configuration as secure guests. > > OK and so I think the issue is that hosts generally fail if they set > ACCESS_PLATFORM and guests do not negotiate it. > So you can not just set ACCESS_PLATFORM for everyone. > Is that the issue here? Yes, that is one half of the issue. The other is that even if hosts didn't fail, existing legacy guests wouldn't "take the initiative" of not negotiating ACCESS_PLATFORM to get the improved performance. They'd have to be modified to do that. -- Thiago Jung Bauermann IBM Linux Technology Center