Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1032584pxj; Wed, 2 Jun 2021 18:50:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJykUqmAxNXFrrxbxHziHV6kNMRCKQ8yDmAVIbOyq+EBbL0avRyaiuV7tK41xYxR5cSPkF60 X-Received: by 2002:a17:906:4c57:: with SMTP id d23mr13780695ejw.147.1622685025183; Wed, 02 Jun 2021 18:50:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622685025; cv=none; d=google.com; s=arc-20160816; b=A2HIky8pBHKa1P15uN3MHgacvOL4jVgSp0KzVkkxyC6/WBBzwFCkaCsGYIYMpft+P3 OMzMPJUcBRe1HzzvTXG9+Znu2A7+LtMg8abVJ+7nDsHuTUw6KsMbQ1WJyKWjTSai7J49 hqmwuV36oI9SDpW3d+Wtve9uQWPc7U0Mck2UgK67WbRALlnWfJZtUUw4g4dUf8uRmUCI M+cNce9fcQkJxd54veljwabRm+HNakpSBg6jCzi+q50biD6LFa0PA8rYk59nNMM7MYu5 i76SPCnREqjynA5ObWfDZ9n+2BYgxcayqmkKsJNk5RkA40IYmRdMbKdYU/dI57TZxgsp KDTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-language:content-transfer-encoding :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=/iWs4MlUDCYgGbLiI4IK2Rcz0som0GSVCzBhi4kZTZI=; b=0aPjkd75HHQatRCeRzIi3Vd4TrE5EVv+KzQ4RO3WmFHd78DMeu9XE5PMFlJxGKvto3 aSkU8DJKU1EkD+SRd7yP7aJNFhrFIOz+vqT1u3Cnn6DuadfhSf5UQqaxicpMRIIAN8On apE5FhzdlrI1OxcTbJ26WMvLqXL0mo5fIkXx3UEVoP9SEYPqgBpUtHV9+TMz2DnWM6yv gM9Y8YZsBjGPAogIfLSSaGgVMsXkPc25Zow3hoZL49SqK66EvwUIoBcNwiIsLAtE35Mw DIWbHLCXZ+RZKA8khDI9KJcfJ5IpEOiCKmBs9gJz4lehPLXYe8pN5K9RLncLB7GVTlNY 4HtQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s7si1285779edx.5.2021.06.02.18.50.02; Wed, 02 Jun 2021 18:50:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229758AbhFCBt6 (ORCPT + 99 others); Wed, 2 Jun 2021 21:49:58 -0400 Received: from mga14.intel.com ([192.55.52.115]:55980 "EHLO mga14.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229719AbhFCBt5 (ORCPT ); Wed, 2 Jun 2021 21:49:57 -0400 IronPort-SDR: C3rH+OiG5ElAAe1yiMYeP/OCBsm/9GJ9esNaMJe9zW1EsBCEcU/0S5MR4tJCWib/nyNTyYlaFc QvkjOBd21eeg== X-IronPort-AV: E=McAfee;i="6200,9189,10003"; a="203753700" X-IronPort-AV: E=Sophos;i="5.83,244,1616482800"; d="scan'208";a="203753700" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jun 2021 18:48:13 -0700 IronPort-SDR: Jyw3YKKGYvj7bwLmvWR2S0qa6bCxBwrGKuTWS3IjTqLGizol08X7sJz0tD5Vwuml83+tl+G6q3 taWf8WDdxL7A== X-IronPort-AV: E=Sophos;i="5.83,244,1616482800"; d="scan'208";a="550517043" Received: from akleen-mobl1.amr.corp.intel.com (HELO [10.209.87.193]) ([10.209.87.193]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Jun 2021 18:48:12 -0700 Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest To: Jason Wang , mst@redhat.com Cc: virtualization@lists.linux-foundation.org, hch@lst.de, m.szyprowski@samsung.com, robin.murphy@arm.com, iommu@lists.linux-foundation.org, x86@kernel.org, sathyanarayanan.kuppuswamy@linux.intel.com, jpoimboe@redhat.com, linux-kernel@vger.kernel.org References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-2-ak@linux.intel.com> <28c8302b-6833-10b4-c0eb-67456e7c4069@redhat.com> From: Andi Kleen Message-ID: <09e17c7f-ce51-1a46-72c4-12223bee4e3a@linux.intel.com> Date: Wed, 2 Jun 2021 18:48:11 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <28c8302b-6833-10b4-c0eb-67456e7c4069@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > So we will see huge performance regression without indirect > descriptor. We need to consider to address this. A regression would be when some existing case would be slower. That's not the case because the behavior for the existing cases does not change. Anyways when there are performance problems they can be addressed, but first is to make it secure. -Andi > > Thanks > > >>               break; >>           case VIRTIO_RING_F_EVENT_IDX: >>               break; >> @@ -2231,9 +2240,12 @@ void vring_transport_features(struct >> virtio_device *vdev) >>           case VIRTIO_F_ACCESS_PLATFORM: >>               break; >>           case VIRTIO_F_RING_PACKED: >> +            if (protected_guest_has(VM_MEM_ENCRYPT)) >> +                goto clear; >>               break; >>           case VIRTIO_F_ORDER_PLATFORM: >>               break; >> +        clear: >>           default: >>               /* We don't understand this bit. */ >>               __virtio_clear_bit(vdev, i); >