Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp12786ybm; Mon, 20 May 2019 11:00:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqyDLMCP8WIcAkNAfh5KUu/DXJFAa0T3z4k06kN75l7SMLFLf0dY41GltVYq0gfPZH+qy3fl X-Received: by 2002:a65:5c8c:: with SMTP id a12mr76808362pgt.452.1558375230347; Mon, 20 May 2019 11:00:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558375230; cv=none; d=google.com; s=arc-20160816; b=p1VzronzYAfyanGeNywuCy0V4x+PvReWhIug+gYWHill3ngv3RNBvbn8rfHSN0oL1D nxZiynJPQFxYjCecxSzroOOMwHAzZkBwSQvdMnvd2H+u34zKbASQ3/nwriAncfvOPJNn ngK4AQBb1q+glYIw54SIGzNarud6xMI/VeBC6A0f5zY8/SsroDYpls7Fo7UB0ttgIjf8 8GxHj88otmHZ0OenV5RLt154xPqT3ue09tCOMFVK6s9XveFv60vYj7xl0SlBuEjd37g+ Juqeh/2xBPi6JR3U7RVQKby1KxC81AiUb6OuJatY0WBYnosZMU9AR3swVbbLGL8pEoDB lZ9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=bZcyqtPfiR8OnSe7X+YvU6P3WmrTts8Lp+0qyg4aj2M=; b=vHLeOrq1+xokHD8UdFHvN5SQFh/cp8qE15gO/th0IWtcCGycCtVdce0JVIalUVqZZw 0LzRDk8vkgyYCUGeWOuQ/wJifrChLNchT7VpXnQF15YBkY/b5sVlkF1XhAdlpNextIM7 ZKJAxrXFrRi5YYsC3nFqI1bHDczFWhEwwIi9UJtfvXC4pGKH8WvTnOLqU9pSyabzDj4q v/nRvjDB11Hr945MjdJgbmFNIsU/9QM7c5qS3tI1i4W6kl39/ZSHCNiijtByX7lyAUds +rBIEHW7tcesAeQk+aJqsC/ODGmoXZ8IOoOxUSOA2PSeuXfTEMiXsXC8/W+laxKhLtWy HfIQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h1si13076588pgs.290.2019.05.20.11.00.15; Mon, 20 May 2019 11:00:30 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732012AbfETNRD (ORCPT + 99 others); Mon, 20 May 2019 09:17:03 -0400 Received: from mail-qk1-f194.google.com ([209.85.222.194]:45784 "EHLO mail-qk1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727319AbfETNRC (ORCPT ); Mon, 20 May 2019 09:17:02 -0400 Received: by mail-qk1-f194.google.com with SMTP id j1so8718784qkk.12 for ; Mon, 20 May 2019 06:17:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=bZcyqtPfiR8OnSe7X+YvU6P3WmrTts8Lp+0qyg4aj2M=; b=otTZ8hslW6f26HeQGPPbVC9gSkBoKmbGfUTypf7xs0j65RiRHRhaTVTvaIASO6graT H+5ftdBZnZCnKJACBEeKPyjGAJ3woYdulbV5G/NOZ4/kqsIZaGle+mlHIv3LJJTpnVa8 uA4eNTGTmcgQX9s7osiR+5b1Tew8g/C+ZzAIQJ/jvfw2ASA8jzsT5j7GmQRYvAm44emr WNwKJnG5tQWgIEufO1mbJ7gAjJ2RXz4bIp+vRmOaFCMk7Pqi2dwpQWuAQU5MOiNBQo2a 5emHL2+WB52mAtO+D1cIC7MjMScclVusEL2m/VZHzdhiQaD+wNdeRhLr9u17pTbUFGTc 1hCg== X-Gm-Message-State: APjAAAXtU4AIV/RjxWCurndkNnbl1uBfbIoB634uADVwbXzCMW3NMOGI Sj0mJcs04zus0CvRiMUlLTDPDQ== X-Received: by 2002:a37:4c02:: with SMTP id z2mr46791719qka.1.1558358222050; Mon, 20 May 2019 06:17:02 -0700 (PDT) Received: from redhat.com (pool-173-76-105-71.bstnma.fios.verizon.net. [173.76.105.71]) by smtp.gmail.com with ESMTPSA id d16sm11577917qtd.73.2019.05.20.06.16.59 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Mon, 20 May 2019 06:17:00 -0700 (PDT) Date: Mon, 20 May 2019 09:16:57 -0400 From: "Michael S. Tsirkin" To: Thiago Jung Bauermann Cc: virtualization@lists.linux-foundation.org, linuxppc-dev@lists.ozlabs.org, iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Jason Wang , Christoph Hellwig , David Gibson , Alexey Kardashevskiy , Paul Mackerras , Benjamin Herrenschmidt , Ram Pai , Jean-Philippe Brucker , Michael Roth , Mike Anderson Subject: Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted Message-ID: <20190520090939-mutt-send-email-mst@kernel.org> References: <87zhrj8kcp.fsf@morokweng.localdomain> <87womn8inf.fsf@morokweng.localdomain> <20190129134750-mutt-send-email-mst@kernel.org> <877eefxvyb.fsf@morokweng.localdomain> <20190204144048-mutt-send-email-mst@kernel.org> <87ef71seve.fsf@morokweng.localdomain> <20190320171027-mutt-send-email-mst@kernel.org> <87tvfvbwpb.fsf@morokweng.localdomain> <20190323165456-mutt-send-email-mst@kernel.org> <87a7go71hz.fsf@morokweng.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <87a7go71hz.fsf@morokweng.localdomain> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: > I rephrased it in terms of address translation. What do you think of > this version? The flag name is slightly different too: > > > VIRTIO_F_ACCESS_PLATFORM_NO_TRANSLATION This feature has the same > meaning as VIRTIO_F_ACCESS_PLATFORM both when set and when not set, > with the exception that address translation is guaranteed to be > unnecessary when accessing memory addresses supplied to the device > by the driver. Which is to say, the device will always use physical > addresses matching addresses used by the driver (typically meaning > physical addresses used by the CPU) and not translated further. This > flag should be set by the guest if offered, but to allow for > backward-compatibility device implementations allow for it to be > left unset by the guest. It is an error to set both this flag and > VIRTIO_F_ACCESS_PLATFORM. OK so VIRTIO_F_ACCESS_PLATFORM is designed to allow unpriveledged drivers. This is why devices fail when it's not negotiated. This confuses me. If driver is unpriveledged then what happens with this flag? It can supply any address it wants. Will that corrupt kernel memory? -- MST