Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp5111555iob; Mon, 9 May 2022 08:50:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxccDzAr3k0LlRLughTO/DUWV/QtanmivAppxVcrMi2F4B5Qvz5Go6EL4xy6SNl8zVZO3t8 X-Received: by 2002:a05:6808:17a8:b0:322:7964:1b6c with SMTP id bg40-20020a05680817a800b0032279641b6cmr11594748oib.25.1652111429380; Mon, 09 May 2022 08:50:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652111429; cv=none; d=google.com; s=arc-20160816; b=CRa75SB3JpWGPoOLjA1tQn6TTfChAN6WFGJJqBjBFPhP4Z33HVfmT+usbWboLkz/GJ 6vA8XgukLbc4yekfJ64fFPUJ+Xls4jPXgBaIb9RwaaQgcYoFh/vei3Gkfh1XqnUjShcK LBfQ9r+A6HMQ33kxVaemKSjCHaYgYt2uDozrFMC1KcyAFEvCcbUXSpG3FUl1LfNKammR cP7rf+PcEAh4ootw6d2UXtrOlVaL1quDEbBP1JMlRBRkIbZ7lOiasXBUjHNbBvozgCsS P4R2a7WOkkyUgLly3SMPLzdIMygowKS/oBHJDJw/vWaecAiTZnDpeFpxRIA8JiJ+ioJ8 EovA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=kuTWwq9KPfO1hJKgITLMX46ZZjSGS7M8xoN+CMav070=; b=l0Um1saRTDP0ISbFRD1aUAHkgNMz7A4ZbxKWUpntsVssrTpXXqizaZV+jkjbOZ0oUK pPz/DTPYEJ8vYk0BTIvvlAf6xS96m8yY/mdp/ofyosILFNfoNRX5IK+OGCxLNjeXTtnq fd04mtd8medoXW0cI1UtKlqbJodugWTtmxJ4cin+btFgY+E3uWytNuJ+yyxkvrrCxb/n P6j77FwDq9Am4bnYempfyKreRl8iyWvKnknKhGZySBtTdNUSI8sWO952aJkG3H1E9UHZ rGGMjGJv+L1hg3aImJPe36Thm5ETsEuWloTxIQUHTiduIlX1Sb+PAkyHqzpBWTPYIQAv 83Iw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=C9quxwEM; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id bp17-20020a056808239100b00326e0205df5si935236oib.203.2022.05.09.08.50.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 May 2022 08:50:29 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=C9quxwEM; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id D99D945525; Mon, 9 May 2022 08:43:13 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238548AbiEIPrC (ORCPT + 99 others); Mon, 9 May 2022 11:47:02 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58974 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238415AbiEIPrB (ORCPT ); Mon, 9 May 2022 11:47:01 -0400 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CBDC6167C6 for ; Mon, 9 May 2022 08:43:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652110987; x=1683646987; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=F07pa9D+FBqxW75bj3/sUmJoTeJzP7PbSvZK6FEkXfE=; b=C9quxwEMtO56JXBUEpbPdXNRz0atiZRXtwb1NoNGCL3m1YVA7m1w4oDM vGVKHG2SpBUl6y7APedHRtTzVGFN2LiUvXs7by6Vs1Sws2T2+PmOpkvQ5 pSjedKdSu3KuacXIa1A0h6qlm9+eRaqcpHvXB/AQyVcAqbBtGnr0cCY7X Hbqzgs+xfTM0/PJBGM1rJJx2R8zlPQ6CEpXbU43GVLGvtQ/79z25xZk4D E294KCe3ORbTACmROzgL/YYG5GfUSqcyfPnBYN7BLALp3mvcsMfjGLFiy xPZWBht3rVQ5oMX70B8MN7ax1vOxdcWpY3uFm36OBr7RCHMqTen9j0Pbc w==; X-IronPort-AV: E=McAfee;i="6400,9594,10342"; a="256623358" X-IronPort-AV: E=Sophos;i="5.91,211,1647327600"; d="scan'208";a="256623358" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2022 08:43:07 -0700 X-IronPort-AV: E=Sophos;i="5.91,211,1647327600"; d="scan'208";a="669379347" Received: from smveseck-mobl2.amr.corp.intel.com (HELO [10.251.26.62]) ([10.251.26.62]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2022 08:43:05 -0700 Message-ID: <09b28e14-cb55-6945-bc03-7554e5e6ae61@linux.intel.com> Date: Mon, 9 May 2022 08:43:03 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0 Thunderbird/91.7.0 Subject: Re: [PATCH v5 3/3] x86/tdx: Add Quote generation support Content-Language: en-US To: "Kirill A. Shutemov" , Dave Hansen Cc: "Kirill A. Shutemov" , Kai Huang , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H . Peter Anvin" , Tony Luck , Andi Kleen , Wander Lairson Costa , Isaku Yamahata , marcelo.cerri@canonical.com, tim.gardner@canonical.com, khalid.elmously@canonical.com, philip.cox@canonical.com, linux-kernel@vger.kernel.org References: <40ccd0f0-35a1-5aa7-9e51-25ab196d79e5@linux.intel.com> <2ed5c9cc316950a5a47ee714715b7980f358a140.camel@intel.com> <20220507004236.5p5dyksftge7wwr3@black.fi.intel.com> <45d184273f1950320843f6696eb3071f7d354fd3.camel@intel.com> <20220509120927.7rg6v5pyc3f4pxsh@box.shutemov.name> <4506e2c2-af4b-623d-5618-48269e65c295@intel.com> <20220509153534.i6v4xcb2g24ia2i4@black.fi.intel.com> From: Sathyanarayanan Kuppuswamy In-Reply-To: <20220509153534.i6v4xcb2g24ia2i4@black.fi.intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-3.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/9/22 8:35 AM, Kirill A. Shutemov wrote: > On Mon, May 09, 2022 at 07:14:20AM -0700, Dave Hansen wrote: >> On 5/9/22 05:09, Kirill A. Shutemov wrote: >>> Private->Shared conversion is destructive. You have to split SEPT, flush >>> TLB. Backward conversion even more costly. >>> >>> Rule of thumb is avoid conversion where possible. DMA API is there for >>> you. >> >> Kirill, I understand that the DMA API is a quick fix today. But is it >> _really_ the right long-term interface? > > Yes, I think so. > >> There will surely come a time when TDX I/O devices won't be using fixed >> bounce buffers. What will the quote generation code do then? How will >> we know to come back around and fix this up? > > VirtIO will not go away with TDX I/O in picture. TDX I/O will be addition > to existing stuff, not replacement. > > And we have hooks in place to accommodate this: force_dma_unencrypted() > will return false for devices capable of TDX I/O. While the rest of > devices, including VirtIO and attestation, keep using existing paths with > swiotlb. > >> Does SEV or the s390 ultravisor need anything like this? > > At quick glance sev-guest.c uses set_memory_decrypted()/encrypted() for > allocation and freeing shared memory. I consider it inferior to using DMA > API. Following is the link for the SEV attestation driver. It does seem to use alloc_pages() and set_memory_*() calls. https://lore.kernel.org/lkml/20220307215344.2799259-1-brijesh.singh@amd.com/ > -- Sathyanarayanan Kuppuswamy Linux Kernel Developer