Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp2443136ybl; Sun, 11 Aug 2019 01:43:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqy9vHCkmvV/CJnfm3KRE/pArtHSPPWvj54Yt26IDQgkgPrpqHL2i6ubWbd7YR3hKMznwHht X-Received: by 2002:a17:90a:ae15:: with SMTP id t21mr5195925pjq.50.1565513013937; Sun, 11 Aug 2019 01:43:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1565513013; cv=none; d=google.com; s=arc-20160816; b=Scf6tUrCDT4bz+2jqZYnVz7tFuI+GmEhE7ZeX9IULwnFuanVCM09ZA4pqvFfT3EvQA gufsR2/ezv4p0B1+ahYeLkMXNeqa5EDFNPNzKU9Vqf8lE7j+5VcuwmD0rKHjVcUntlDH JFN/iEEVH9cD4eYr4W+3J29Ij00R7/+KbBf6XSJiqObqel1BfLS/RD7kBaTTspbT9AL7 ZSkG1Jd+LhiZDAT386DUx7KdXwny9j3qghCbx8UQDL5/u1Me/d5CxUQvOS7MywIPyKbi 7s5mg9wpgbrkJGGyKS0DtVXRvANdwiIzyU3HhkwAfR/TutsD8D5+jNXCYbyVxB3CK2l2 xNbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=OwTyRG3c0uWeDZrJY6ZpPNgUs/dENdNyzYLQJF235ng=; b=slRrG/ilYnw3A++LQvGTVHy58AXP74UZEfWt1H2tlBCBFuTCT+enoq7HuX5NYN8dMS SaUWkjDAfq56GfuY1MAATFn7S4f7tWjbM0Lpxe57lorH5/2k3bgD8D57cM0aCN6fnRUu bd1URgpjOzpv2tzeRd6Wlic5SluIXWGnQn9dn/ICXu83zrPNDt2Z0VTwyCbziu6rPUWg mbIokKGIYRpEcc+erbr5vamK4GT+2EIvynW8VsiztqW6kbiP6colySOJrB0akpkZsN42 wYwEDO9HcpA/TMEeDsYgOeGzbbETWGyf5FDOkWeyQytR9Seil18q8kuT7oDIGTgO0tN8 dQjQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v23si57011812pgn.557.2019.08.11.01.43.18; Sun, 11 Aug 2019 01:43:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726070AbfHKImr (ORCPT + 99 others); Sun, 11 Aug 2019 04:42:47 -0400 Received: from mail-qt1-f195.google.com ([209.85.160.195]:44435 "EHLO mail-qt1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725826AbfHKImr (ORCPT ); Sun, 11 Aug 2019 04:42:47 -0400 Received: by mail-qt1-f195.google.com with SMTP id 44so68957758qtg.11 for ; Sun, 11 Aug 2019 01:42:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=OwTyRG3c0uWeDZrJY6ZpPNgUs/dENdNyzYLQJF235ng=; b=D/zrSdi96VOcyqWD2WscCTxTBz0aEu/Nzvlt3G6e4aw1CrcBV647apLOKvB8v+F8fE HROBF2wImCx0D/ULRtSKAk3I+w5qKrNl9BIDs5TdDjb5+JSdTTpZ0ZSaMw14u8hzCjY7 GKWNvK+9nmltfQhAr4f0c12Ek1r5O7cRdwAhtRqukDF7u2NDvlYckFiI6sxehhQoymNa PlYL2Jg7FIWMEPUv0Pwxn79OZOGT0k0nYGQJVeOK8COmVTnAoC5AcNs9EMl3dxXZU6H5 6G0sJuPHbJoDp6J5Hq8wmDz7heYrsKxYEL8K7TeV4i3FFBo4SkbbuK4C7HQjyKN1O9vP WPNg== X-Gm-Message-State: APjAAAUQc5uB1qwt0O9HQYbcfkHATrLSqxKvkvUt2FbyXqB5XDtnjAeE 6j9m5uTp6yYVOKGaYuULWBvGIw== X-Received: by 2002:a0c:ae6d:: with SMTP id z42mr25654119qvc.8.1565512966475; Sun, 11 Aug 2019 01:42:46 -0700 (PDT) Received: from redhat.com (bzq-79-181-91-42.red.bezeqint.net. [79.181.91.42]) by smtp.gmail.com with ESMTPSA id m5sm42472030qkb.117.2019.08.11.01.42.41 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Sun, 11 Aug 2019 01:42:45 -0700 (PDT) Date: Sun, 11 Aug 2019 04:42:38 -0400 From: "Michael S. Tsirkin" To: Christoph Hellwig Cc: Ram Pai , Thiago Jung Bauermann , virtualization@lists.linux-foundation.org, linuxppc-devel@lists.ozlabs.org, iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Jason Wang , David Gibson , Alexey Kardashevskiy , Paul Mackerras , Benjamin Herrenschmidt Subject: Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted Message-ID: <20190811041636-mutt-send-email-mst@kernel.org> References: <87zhrj8kcp.fsf@morokweng.localdomain> <20190810143038-mutt-send-email-mst@kernel.org> <20190810220702.GA5964@ram.ibm.com> <20190811055607.GA12488@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190811055607.GA12488@lst.de> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > And once again this is entirely going in the wrong direction. The only > way using the DMA API is going to work at all is if the device is ready > for it. So the point made is that if DMA addresses are also physical addresses (not necessarily the same physical addresses that driver supplied), then DMA API actually works even though device itself uses CPU page tables. To put it in other terms: it would be possible to make all or part of memory unenecrypted and then have virtio access all of it. SEV guests at the moment make a decision to instead use a bounce buffer, forcing an extra copy but gaining security. -- MST