Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp837783ybv; Thu, 20 Feb 2020 08:10:13 -0800 (PST) X-Google-Smtp-Source: APXvYqyQq4xCMY8xQrMXMvn/tyoTRRddRzd2Gmm9lgP+zMdOut9IYpS+lsq2FaJ7rtTU7yoPU0Bq X-Received: by 2002:a9d:6b17:: with SMTP id g23mr24636565otp.139.1582215013738; Thu, 20 Feb 2020 08:10:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582215013; cv=none; d=google.com; s=arc-20160816; b=NbYxz0iofDdApGeG0KyGqO56Go85P/Mkri/8+T2PIuQv8iauYDTKPBP4QPic68icAD y3Mk16++B/E/e5E/q/GMukxVcwirn8l5qBzEGLsUEY1kRlwBvdMVH5K83EkokAlHYCKJ UG3NkiU36IIhgSaQgatBuVrrUpXqo2R5OB3Xj8EPO5yUQttUORhYQZxhNguRsTdTuEkr zbYEa5HUBRqN3sS0gSmOZHjcQNIaJDlEoJNhFIvpQJs8kggBwvbN9Gc1RU3VPSpf/tC3 4qt6rVAsvo3y3b/ejBpBc9r3rwnmKyGcJcJr2tFztvENDUdm1MwXEchPrYQtakaHlPHe hNIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=Qy4WI2GmL+EsUgh4xQiSEx6TlkpeYUWc49+YLh4XAAo=; b=H+c4xbCFmlUYhRRqgxdquDM4M/YmLLdeJHnCQf1AvZccUstAs1PNrW7MQaUD6cNqk7 Q5hvJTxgvLLy2YRdrJ4ciQttUPSB9CtochIgKRvN9MKKN3Xfl8tBYI4+6zZ5LFZd6YXe iXl0zoRW1Rbd+FKHuMD+aRSYLgteLjDoUf7JrIDYGrhl52nTPXaem8S75G9gO+zgIxBa l12qpQVaKGchvPm/6CgtA+/IMU5CV+34ClMi4roCLSm6PzGzX7rVlGMePpV1e/kwPiV/ O69EcIvnz0uCLvAWehMNgbMJI5ULh4kMcaf/MaZ1wa5o6PKy1+/TI8kPySmmBpWzXlyr +d5Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m11si11044619oim.223.2020.02.20.08.09.51; Thu, 20 Feb 2020 08:10:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728529AbgBTQIC (ORCPT + 99 others); Thu, 20 Feb 2020 11:08:02 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:23296 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728387AbgBTQIC (ORCPT ); Thu, 20 Feb 2020 11:08:02 -0500 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 01KG0LJt099393 for ; Thu, 20 Feb 2020 11:08:01 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2y8ubgfkur-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 20 Feb 2020 11:08:00 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 20 Feb 2020 16:07:58 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 20 Feb 2020 16:07:53 -0000 Received: from d06av26.portsmouth.uk.ibm.com (d06av26.portsmouth.uk.ibm.com [9.149.105.62]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 01KG6bC651511464 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 20 Feb 2020 16:06:37 GMT Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3E262AE055; Thu, 20 Feb 2020 16:06:37 +0000 (GMT) Received: from d06av26.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AF0B3AE058; Thu, 20 Feb 2020 16:06:36 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by d06av26.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 20 Feb 2020 16:06:36 +0000 (GMT) From: Halil Pasic To: "Michael S. Tsirkin" , Jason Wang , Marek Szyprowski , Robin Murphy , Christoph Hellwig Cc: Halil Pasic , linux-s390@vger.kernel.org, virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org, Christian Borntraeger , Janosch Frank , Viktor Mihajlovski , Cornelia Huck , Ram Pai , Thiago Jung Bauermann , David Gibson , "Lendacky, Thomas" , Michael Mueller Subject: [PATCH 0/2] virtio: decouple protected guest RAM form VIRTIO_F_IOMMU_PLATFORM Date: Thu, 20 Feb 2020 17:06:04 +0100 X-Mailer: git-send-email 2.17.1 X-TM-AS-GCONF: 00 x-cbid: 20022016-0016-0000-0000-000002E8A994 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 20022016-0017-0000-0000-0000334BC6D6 Message-Id: <20200220160606.53156-1-pasic@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138,18.0.572 definitions=2020-02-20_04:2020-02-19,2020-02-20 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 suspectscore=0 mlxscore=0 mlxlogscore=969 bulkscore=0 malwarescore=0 spamscore=0 impostorscore=0 phishscore=0 adultscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2001150001 definitions=main-2002200118 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Currently if one intends to run a memory protection enabled VM with virtio devices and linux as the guest OS, one needs to specify the VIRTIO_F_IOMMU_PLATFORM flag for each virtio device to make the guest linux use the DMA API, which in turn handles the memory encryption/protection stuff if the guest decides to turn itself into a protected one. This however makes no sense due to multiple reasons: * The device is not changed by the fact that the guest RAM is protected. The so called IOMMU bypass quirk is not affected. * This usage is not congruent with standardised semantics of VIRTIO_F_IOMMU_PLATFORM. Guest memory protected is an orthogonal reason for using DMA API in virtio (orthogonal with respect to what is expressed by VIRTIO_F_IOMMU_PLATFORM). This series aims to decouple 'have to use DMA API because my (guest) RAM is protected' and 'have to use DMA API because the device told me VIRTIO_F_IOMMU_PLATFORM'. Please find more detailed explanations about the conceptual aspects in the individual patches. There is however also a very practical problem that is addressed by this series. For vhost-net the feature VIRTIO_F_IOMMU_PLATFORM has the following side effect The vhost code assumes it the addresses on the virtio descriptor ring are not guest physical addresses but iova's, and insists on doing a translation of these regardless of what transport is used (e.g. whether we emulate a PCI or a CCW device). (For details see commit 6b1e6cc7855b "vhost: new device IOTLB API".) On s390 this results in severe performance degradation (c.a. factor 10). BTW with ccw I/O there is (architecturally) no IOMMU, so the whole address translation makes no sense in the context of virtio-ccw. Halil Pasic (2): mm: move force_dma_unencrypted() to mem_encrypt.h virtio: let virtio use DMA API when guest RAM is protected drivers/virtio/virtio_ring.c | 3 +++ include/linux/dma-direct.h | 9 --------- include/linux/mem_encrypt.h | 10 ++++++++++ 3 files changed, 13 insertions(+), 9 deletions(-) base-commit: ca7e1fd1026c5af6a533b4b5447e1d2f153e28f2 -- 2.17.1