Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2034053ybl; Tue, 3 Dec 2019 17:09:58 -0800 (PST) X-Google-Smtp-Source: APXvYqwoEwTtiFZalnYca+F99QUnlwFTuqIHG1YA1vBwniRb4+9LbeRXrSeTh21WFyLNersdyN6Y X-Received: by 2002:aca:61c4:: with SMTP id v187mr572907oib.8.1575421798814; Tue, 03 Dec 2019 17:09:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1575421798; cv=none; d=google.com; s=arc-20160816; b=UZFbB/d9Tlqatl2bP4XRmmCgnTe/EulwklYPQNxlui7K5QdoPasJzeUhX51wTCozuM GVxU7DteR8lEcTxEWodoJLR9SX0cvDLwgJ1Srs35s1NpOxvuZbVjURxofqgq7O/8mU4c 5HUpHwoazpTHusOl3kVA4ey8ERwHZPwkS1hOvOvWamRcbzIKiNYWQtbqzNBb+zI/AmdH 1j6oGrqghQQY3rTEPlb6DC7VMnhCABcCLFl64Gn1UD1CxoAoDv3cI8x8x/XowawkMu2T XD6y1W68JqZJ4+NM8BtmDox6C9lD1rePar54iHMVqCg4YgFzQPnUWQJ5+9ST4crSAPcB 77ZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:autocrypt:from:references:cc:to:subject:dkim-signature; bh=IClJ4Ci4IgP0MkUG0V+kGpSH0F8mwL4QhZpVGP3voVg=; b=Vphv8upxxbsixWhndO7+ox1qSGirvNg36GeMqSIzV4daFUDOPGzPs0JjUSzS+QAzaV ZXZZO4WETax/+robfSH6uKjsQMWg7yLVGIUtWGonBf3sixjv3SsbutxRsaJhqmrpMZat Zx4a7qAqjLQtwkS/X2SsHl6UP1hwuVXApxLa0/+lqhsjksuYAo/+tGG2YhvmGMOrt8HM O0wz9OEmGu+Ylqr9Dod+/NCGHa15eOVbNZt45u+fS2/2bwqBGyMI017AFI9G+p7+HMee P3Wq5+MpNbFz9yl1L6l+K1D5rRys6pS5hFC1Wj/5l/lHrzV99lnvq255zA/hmxStKIhE mv1Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@ozlabs-ru.20150623.gappssmtp.com header.s=20150623 header.b=f2snFG1q; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d6si2358298otq.41.2019.12.03.17.09.45; Tue, 03 Dec 2019 17:09:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@ozlabs-ru.20150623.gappssmtp.com header.s=20150623 header.b=f2snFG1q; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726505AbfLDBIS (ORCPT + 99 others); Tue, 3 Dec 2019 20:08:18 -0500 Received: from mail-pg1-f195.google.com ([209.85.215.195]:34982 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726060AbfLDBIR (ORCPT ); Tue, 3 Dec 2019 20:08:17 -0500 Received: by mail-pg1-f195.google.com with SMTP id l24so2488709pgk.2 for ; Tue, 03 Dec 2019 17:08:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ozlabs-ru.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:autocrypt:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=IClJ4Ci4IgP0MkUG0V+kGpSH0F8mwL4QhZpVGP3voVg=; b=f2snFG1qzjvk2vd3TTfjUdL5xqB1mDFQEMPf1QH05eeov3/WTtJ9WRsMN+KRvv0eqo Ll2YVDy8VVZhqT/41pZaMbEMJuuVJp6LglPW4vd9C9DV1u5M7e9hBmtK0Ow/DRbW0d4/ 0H8jrUaxfGkmMjT14yOpWPSoYBcbjjMERs7a1i8Cizdou4jiBqLVWMgtLehM7NwivBR8 PNTqBj98pr9EvY1z+yjBV1go6SXn42z44sk+S9OVcXAMFIu+AnR3QWzJB5xsXLhQD4WM oNPeTxTE1bEryr8A234ETWyEtkgJAltD5S1M9gH6GdGceqCJc9iER61xQsN86ixKQ5XA riyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=IClJ4Ci4IgP0MkUG0V+kGpSH0F8mwL4QhZpVGP3voVg=; b=tvRxuUrQuzB484TlGBCRH6qow3WeeUSD76DZQ1eL5fhEixfBSBqZkhU5gp8sxour2V +kc3ftAw60cc09bZPDgLcGJu57eoKIhGaARhLd2nB7yf3YyLQUwCXC4o0a4dZA62Vj1F p8qMo+dk8TU2aevVQe5Togc3/bCqng57giJcCq36G59ZTdNP3z3ubp+66lDUrtyXkniG XCAqcO1D5mwesGb9K9Ja3HaHqLiVWdvjekbw6cQE8F8ir2xWhPuNi27HFVpiS/hlPtT7 fD0HT6urns/e7HVNT+8QCneeDWRHYPWkLUSSYiTpwsgWfqN31T+muB8pSW/dL840ATHk QWfQ== X-Gm-Message-State: APjAAAUVCfHTRGSrK6FNqmq/akYU6VNutSixnZ87AXVC0DIEw+/4VqL7 5nTaoajZhBMH/QcTzlkPsStmZ9VcJqI= X-Received: by 2002:a63:3f4f:: with SMTP id m76mr624102pga.353.1575421696345; Tue, 03 Dec 2019 17:08:16 -0800 (PST) Received: from [10.61.2.175] ([122.99.82.10]) by smtp.gmail.com with ESMTPSA id 3sm2374990pfi.13.2019.12.03.17.08.10 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 03 Dec 2019 17:08:15 -0800 (PST) Subject: Re: [PATCH v4 1/2] powerpc/pseries/iommu: Share the per-cpu TCE page with the hypervisor. To: Ram Pai Cc: linuxppc-dev@lists.ozlabs.org, mpe@ellerman.id.au, benh@kernel.crashing.org, david@gibson.dropbear.id.au, paulus@ozlabs.org, mdroth@linux.vnet.ibm.com, hch@lst.de, andmike@us.ibm.com, sukadev@linux.vnet.ibm.com, mst@redhat.com, ram.n.pai@gmail.com, cai@lca.pw, tglx@linutronix.de, bauerman@linux.ibm.com, linux-kernel@vger.kernel.org References: <1575269124-17885-1-git-send-email-linuxram@us.ibm.com> <1575269124-17885-2-git-send-email-linuxram@us.ibm.com> <20191203020850.GA12354@oc0525413822.ibm.com> <0b56ce3e-6c32-5f3b-e7cc-0d419a61d71d@ozlabs.ru> <20191203040509.GB12354@oc0525413822.ibm.com> <20191203165204.GA5079@oc0525413822.ibm.com> <3a17372a-fcee-efbf-0a05-282ffb1adc90@ozlabs.ru> <20191204004958.GB5063@oc0525413822.ibm.com> From: Alexey Kardashevskiy Autocrypt: addr=aik@ozlabs.ru; keydata= mQINBE+rT0sBEADFEI2UtPRsLLvnRf+tI9nA8T91+jDK3NLkqV+2DKHkTGPP5qzDZpRSH6mD EePO1JqpVuIow/wGud9xaPA5uvuVgRS1q7RU8otD+7VLDFzPRiRE4Jfr2CW89Ox6BF+q5ZPV /pS4v4G9eOrw1v09lEKHB9WtiBVhhxKK1LnUjPEH3ifkOkgW7jFfoYgTdtB3XaXVgYnNPDFo PTBYsJy+wr89XfyHr2Ev7BB3Xaf7qICXdBF8MEVY8t/UFsesg4wFWOuzCfqxFmKEaPDZlTuR tfLAeVpslNfWCi5ybPlowLx6KJqOsI9R2a9o4qRXWGP7IwiMRAC3iiPyk9cknt8ee6EUIxI6 t847eFaVKI/6WcxhszI0R6Cj+N4y+1rHfkGWYWupCiHwj9DjILW9iEAncVgQmkNPpUsZECLT WQzMuVSxjuXW4nJ6f4OFHqL2dU//qR+BM/eJ0TT3OnfLcPqfucGxubhT7n/CXUxEy+mvWwnm s9p4uqVpTfEuzQ0/bE6t7dZdPBua7eYox1AQnk8JQDwC3Rn9kZq2O7u5KuJP5MfludMmQevm pHYEMF4vZuIpWcOrrSctJfIIEyhDoDmR34bCXAZfNJ4p4H6TPqPh671uMQV82CfTxTrMhGFq 8WYU2AH86FrVQfWoH09z1WqhlOm/KZhAV5FndwVjQJs1MRXD8QARAQABtCRBbGV4ZXkgS2Fy ZGFzaGV2c2tpeSA8YWlrQG96bGFicy5ydT6JAjgEEwECACIFAk+rT0sCGwMGCwkIBwMCBhUI AgkKCwQWAgMBAh4BAheAAAoJEIYTPdgrwSC5fAIP/0wf/oSYaCq9PhO0UP9zLSEz66SSZUf7 AM9O1rau1lJpT8RoNa0hXFXIVbqPPKPZgorQV8SVmYRLr0oSmPnTiZC82x2dJGOR8x4E01gK TanY53J/Z6+CpYykqcIpOlGsytUTBA+AFOpdaFxnJ9a8p2wA586fhCZHVpV7W6EtUPH1SFTQ q5xvBmr3KkWGjz1FSLH4FeB70zP6uyuf/B2KPmdlPkyuoafl2UrU8LBADi/efc53PZUAREih sm3ch4AxaL4QIWOmlE93S+9nHZSRo9jgGXB1LzAiMRII3/2Leg7O4hBHZ9Nki8/fbDo5///+ kD4L7UNbSUM/ACWHhd4m1zkzTbyRzvL8NAVQ3rckLOmju7Eu9whiPueGMi5sihy9VQKHmEOx OMEhxLRQbzj4ypRLS9a+oxk1BMMu9cd/TccNy0uwx2UUjDQw/cXw2rRWTRCxoKmUsQ+eNWEd iYLW6TCfl9CfHlT6A7Zmeqx2DCeFafqEd69DqR9A8W5rx6LQcl0iOlkNqJxxbbW3ddDsLU/Y r4cY20++WwOhSNghhtrroP+gouTOIrNE/tvG16jHs8nrYBZuc02nfX1/gd8eguNfVX/ZTHiR gHBWe40xBKwBEK2UeqSpeVTohYWGBkcd64naGtK9qHdo1zY1P55lHEc5Uhlk743PgAnOi27Q ns5zuQINBE+rT0sBEACnV6GBSm+25ACT+XAE0t6HHAwDy+UKfPNaQBNTTt31GIk5aXb2Kl/p AgwZhQFEjZwDbl9D/f2GtmUHWKcCmWsYd5M/6Ljnbp0Ti5/xi6FyfqnO+G/wD2VhGcKBId1X Em/B5y1kZVbzcGVjgD3HiRTqE63UPld45bgK2XVbi2+x8lFvzuFq56E3ZsJZ+WrXpArQXib2 hzNFwQleq/KLBDOqTT7H+NpjPFR09Qzfa7wIU6pMNF2uFg5ihb+KatxgRDHg70+BzQfa6PPA o1xioKXW1eHeRGMmULM0Eweuvpc7/STD3K7EJ5bBq8svoXKuRxoWRkAp9Ll65KTUXgfS+c0x gkzJAn8aTG0z/oEJCKPJ08CtYQ5j7AgWJBIqG+PpYrEkhjzSn+DZ5Yl8r+JnZ2cJlYsUHAB9 jwBnWmLCR3gfop65q84zLXRQKWkASRhBp4JK3IS2Zz7Nd/Sqsowwh8x+3/IUxVEIMaVoUaxk Wt8kx40h3VrnLTFRQwQChm/TBtXqVFIuv7/Mhvvcq11xnzKjm2FCnTvCh6T2wJw3de6kYjCO 7wsaQ2y3i1Gkad45S0hzag/AuhQJbieowKecuI7WSeV8AOFVHmgfhKti8t4Ff758Z0tw5Fpc BFDngh6Lty9yR/fKrbkkp6ux1gJ2QncwK1v5kFks82Cgj+DSXK6GUQARAQABiQIfBBgBAgAJ BQJPq09LAhsMAAoJEIYTPdgrwSC5NYEP/2DmcEa7K9A+BT2+G5GXaaiFa098DeDrnjmRvumJ BhA1UdZRdfqICBADmKHlJjj2xYo387sZpS6ABbhrFxM6s37g/pGPvFUFn49C47SqkoGcbeDz Ha7JHyYUC+Tz1dpB8EQDh5xHMXj7t59mRDgsZ2uVBKtXj2ZkbizSHlyoeCfs1gZKQgQE8Ffc F8eWKoqAQtn3j4nE3RXbxzTJJfExjFB53vy2wV48fUBdyoXKwE85fiPglQ8bU++0XdOr9oyy j1llZlB9t3tKVv401JAdX8EN0++ETiOovQdzE1m+6ioDCtKEx84ObZJM0yGSEGEanrWjiwsa nzeK0pJQM9EwoEYi8TBGhHC9ksaAAQipSH7F2OHSYIlYtd91QoiemgclZcSgrxKSJhyFhmLr QEiEILTKn/pqJfhHU/7R7UtlDAmFMUp7ByywB4JLcyD10lTmrEJ0iyRRTVfDrfVP82aMBXgF tKQaCxcmLCaEtrSrYGzd1sSPwJne9ssfq0SE/LM1J7VdCjm6OWV33SwKrfd6rOtvOzgadrG6 3bgUVBw+bsXhWDd8tvuCXmdY4bnUblxF2B6GOwSY43v6suugBttIyW5Bl2tXSTwP+zQisOJo +dpVG2pRr39h+buHB3NY83NEPXm1kUOhduJUA17XUY6QQCAaN4sdwPqHq938S3EmtVhsuQIN BFq54uIBEACtPWrRdrvqfwQF+KMieDAMGdWKGSYSfoEGGJ+iNR8v255IyCMkty+yaHafvzpl PFtBQ/D7Fjv+PoHdFq1BnNTk8u2ngfbre9wd9MvTDsyP/TmpF0wyyTXhhtYvE267Av4X/BQT lT9IXKyAf1fP4BGYdTNgQZmAjrRsVUW0j6gFDrN0rq2J9emkGIPvt9rQt6xGzrd6aXonbg5V j6Uac1F42ESOZkIh5cN6cgnGdqAQb8CgLK92Yc8eiCVCH3cGowtzQ2m6U32qf30cBWmzfSH0 HeYmTP9+5L8qSTA9s3z0228vlaY0cFGcXjdodBeVbhqQYseMF9FXiEyRs28uHAJEyvVZwI49 CnAgVV/n1eZa5qOBpBL+ZSURm8Ii0vgfvGSijPGbvc32UAeAmBWISm7QOmc6sWa1tobCiVmY SNzj5MCNk8z4cddoKIc7Wt197+X/X5JPUF5nQRvg3SEHvfjkS4uEst9GwQBpsbQYH9MYWq2P PdxZ+xQE6v7cNB/pGGyXqKjYCm6v70JOzJFmheuUq0Ljnfhfs15DmZaLCGSMC0Amr+rtefpA y9FO5KaARgdhVjP2svc1F9KmTUGinSfuFm3quadGcQbJw+lJNYIfM7PMS9fftq6vCUBoGu3L j4xlgA/uQl/LPneu9mcvit8JqcWGS3fO+YeagUOon1TRqQARAQABiQRsBBgBCAAgFiEEZSrP ibrORRTHQ99dhhM92CvBILkFAlq54uICGwICQAkQhhM92CvBILnBdCAEGQEIAB0WIQQIhvWx rCU+BGX+nH3N7sq0YorTbQUCWrni4gAKCRDN7sq0YorTbVVSD/9V1xkVFyUCZfWlRuryBRZm S4GVaNtiV2nfUfcThQBfF0sSW/aFkLP6y+35wlOGJE65Riw1C2Ca9WQYk0xKvcZrmuYkK3DZ 0M9/Ikkj5/2v0vxz5Z5w/9+IaCrnk7pTnHZuZqOh23NeVZGBls/IDIvvLEjpD5UYicH0wxv+ X6cl1RoP2Kiyvenf0cS73O22qSEw0Qb9SId8wh0+ClWet2E7hkjWFkQfgJ3hujR/JtwDT/8h 3oCZFR0KuMPHRDsCepaqb/k7VSGTLBjVDOmr6/C9FHSjq0WrVB9LGOkdnr/xcISDZcMIpbRm EkIQ91LkT/HYIImL33ynPB0SmA+1TyMgOMZ4bakFCEn1vxB8Ir8qx5O0lHMOiWMJAp/PAZB2 r4XSSHNlXUaWUg1w3SG2CQKMFX7vzA31ZeEiWO8tj/c2ZjQmYjTLlfDK04WpOy1vTeP45LG2 wwtMA1pKvQ9UdbYbovz92oyZXHq81+k5Fj/YA1y2PI4MdHO4QobzgREoPGDkn6QlbJUBf4To pEbIGgW5LRPLuFlOPWHmIS/sdXDrllPc29aX2P7zdD/ivHABslHmt7vN3QY+hG0xgsCO1JG5 pLORF2N5XpM95zxkZqvYfC5tS/qhKyMcn1kC0fcRySVVeR3tUkU8/caCqxOqeMe2B6yTiU1P aNDq25qYFLeYxg67D/4w/P6BvNxNxk8hx6oQ10TOlnmeWp1q0cuutccblU3ryRFLDJSngTEu ZgnOt5dUFuOZxmMkqXGPHP1iOb+YDznHmC0FYZFG2KAc9pO0WuO7uT70lL6larTQrEneTDxQ CMQLP3qAJ/2aBH6SzHIQ7sfbsxy/63jAiHiT3cOaxAKsWkoV2HQpnmPOJ9u02TPjYmdpeIfa X2tXyeBixa3i/6dWJ4nIp3vGQicQkut1YBwR7dJq67/FCV3Mlj94jI0myHT5PIrCS2S8LtWX ikTJSxWUKmh7OP5mrqhwNe0ezgGiWxxvyNwThOHc5JvpzJLd32VDFilbxgu4Hhnf6LcgZJ2c Zd44XWqUu7FzVOYaSgIvTP0hNrBYm/E6M7yrLbs3JY74fGzPWGRbBUHTZXQEqQnZglXaVB5V ZhSFtHopZnBSCUSNDbB+QGy4B/E++Bb02IBTGl/JxmOwG+kZUnymsPvTtnNIeTLHxN/H/ae0 c7E5M+/NpslPCmYnDjs5qg0/3ihh6XuOGggZQOqrYPC3PnsNs3NxirwOkVPQgO6mXxpuifvJ DG9EMkK8IBXnLulqVk54kf7fE0jT/d8RTtJIA92GzsgdK2rpT1MBKKVffjRFGwN7nQVOzi4T XrB5p+6ML7Bd84xOEGsj/vdaXmz1esuH7BOZAGEZfLRCHJ0GVCSssg== Message-ID: <5963ff32-2119-be7c-d1e5-63457888a73b@ozlabs.ru> Date: Wed, 4 Dec 2019 12:08:09 +1100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <20191204004958.GB5063@oc0525413822.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/12/2019 11:49, Ram Pai wrote: > On Wed, Dec 04, 2019 at 11:04:04AM +1100, Alexey Kardashevskiy wrote: >> >> >> On 04/12/2019 03:52, Ram Pai wrote: >>> On Tue, Dec 03, 2019 at 03:24:37PM +1100, Alexey Kardashevskiy wrote: >>>> >>>> >>>> On 03/12/2019 15:05, Ram Pai wrote: >>>>> On Tue, Dec 03, 2019 at 01:15:04PM +1100, Alexey Kardashevskiy wrote: >>>>>> >>>>>> >>>>>> On 03/12/2019 13:08, Ram Pai wrote: >>>>>>> On Tue, Dec 03, 2019 at 11:56:43AM +1100, Alexey Kardashevskiy wrote: >>>>>>>> >>>>>>>> >>>>>>>> On 02/12/2019 17:45, Ram Pai wrote: >>>>>>>>> H_PUT_TCE_INDIRECT hcall uses a page filled with TCE entries, as one of >>>>>>>>> its parameters. One page is dedicated per cpu, for the lifetime of the >>>>>>>>> kernel for this purpose. On secure VMs, contents of this page, when >>>>>>>>> accessed by the hypervisor, retrieves encrypted TCE entries. Hypervisor >>>>>>>>> needs to know the unencrypted entries, to update the TCE table >>>>>>>>> accordingly. There is nothing secret or sensitive about these entries. >>>>>>>>> Hence share the page with the hypervisor. >>>>>>>> >>>>>>>> This unsecures a page in the guest in a random place which creates an >>>>>>>> additional attack surface which is hard to exploit indeed but >>>>>>>> nevertheless it is there. >>>>>>>> A safer option would be not to use the >>>>>>>> hcall-multi-tce hyperrtas option (which translates FW_FEATURE_MULTITCE >>>>>>>> in the guest). >>>>>>> >>>>>>> >>>>>>> Hmm... How do we not use it? AFAICT hcall-multi-tce option gets invoked >>>>>>> automatically when IOMMU option is enabled. >>>>>> >>>>>> It is advertised by QEMU but the guest does not have to use it. >>>>> >>>>> Are you suggesting that even normal-guest, not use hcall-multi-tce? >>>>> or just secure-guest? >>>> >>>> >>>> Just secure. >>> >>> hmm.. how are the TCE entries communicated to the hypervisor, if >>> hcall-multi-tce is disabled? >> >> Via H_PUT_TCE which updates 1 entry at once (sets or clears). >> hcall-multi-tce enables H_PUT_TCE_INDIRECT (512 entries at once) and >> H_STUFF_TCE (clearing, up to 4bln at once? many), these are simply an >> optimization. > > Do you still think, secure-VM should use H_PUT_TCE and not > H_PUT_TCE_INDIRECT? And normal VM should use H_PUT_TCE_INDIRECT? > Is there any advantage of special casing it for secure-VMs. Reducing the amount of insecure memory at random location. > In fact, we could make use of as much optimization as possible. > > >> >>>>>> Is not this for pci+swiotlb? > ..snip.. >>>>> This patch is purely to help the hypervisor setup the TCE table, in the >>>>> presence of a IOMMU. >>>> >>>> Then the hypervisor should be able to access the guest pages mapped for >>>> DMA and these pages should be made unsecure for this to work. Where/when >>>> does this happen? >>> >>> This happens in the SWIOTLB code. The code to do that is already >>> upstream. >>> >>> The sharing of the pages containing the SWIOTLB bounce buffers is done >>> in init_svm() which calls swiotlb_update_mem_attributes() which calls >>> set_memory_decrypted(). In the case of pseries, set_memory_decrypted() calls >>> uv_share_page(). >> >> >> This does not seem enough as when you enforce iommu_platform=on, QEMU >> starts accessing virtio buffers via IOMMU so bounce buffers have to be >> mapped explicitly, via H_PUT_TCE&co, where does this happen? >> > > I think, it happens at boot time. Every page of the guest memory is TCE > mapped, if iommu is enabled. SWIOTLB pages get implicitly TCE-mapped > as part of that operation. Ah I see. This works via the huge dma window. Ok, makes sense now. It just seems like a waste that we could map swiotlb 1:1 via the always existing small DMA window but instead we rely on a huge window to map these small buffers. This way we are wasting the entire 32bit window and most of the huge window. We may fix it in the future (not right now) but for now I would still avoid unsecuring additional memory. Thanks, -- Alexey