Displaying 20 results from an estimated 73 matches for "force_dma_unencrypt".
Did you mean:
force_dma_unencrypted
2020 Jun 12
0
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
...> 1. Do all CPU families we care about (which are?) support IOMMU? Ex:
> would it recognize an ARM thingie with SMMU? [1]
In Message-ID: <6356ba7f-afab-75e1-05ff-4a22b88c610e at linux.ibm.com>
(as answer to Jason) I modified the patch and propose to take care of
this problem by using force_dma_unencrypted() inside virtio core instead
of a S390 specific test.
If we use force_dma_unencrypted(dev) to check if we must refuse a device
without the VIRTIO_F_IOMMU_PLATFORM feature, we are safe:
only architectures defining CONFIG_ARCH_HAS_FORCE_DMA_UNENCRYPTED will
have to define force_dma_unencrypted(...
2020 Jun 15
3
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
...ve the possibility to provide the device
>> as argument and take actions depending it, this may answer Halil's
>> concern.
>>
>> Regards,
>> Pierre
>>
>
> hum, in between I found another way which seems to me much better:
>
> We already have the force_dma_unencrypted() function available which
> AFAIU is what we want for encrypted memory protection and is already
> used by power and x86 SEV/SME in a way that seems AFAIU compatible
> with our problem.
>
> Even DMA and IOMMU are different things, I think they should be used
> together in o...
2020 Jun 15
3
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
...ve the possibility to provide the device
>> as argument and take actions depending it, this may answer Halil's
>> concern.
>>
>> Regards,
>> Pierre
>>
>
> hum, in between I found another way which seems to me much better:
>
> We already have the force_dma_unencrypted() function available which
> AFAIU is what we want for encrypted memory protection and is already
> used by power and x86 SEV/SME in a way that seems AFAIU compatible
> with our problem.
>
> Even DMA and IOMMU are different things, I think they should be used
> together in o...
2020 Jun 15
0
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
On Mon, 15 Jun 2020 11:01:55 +0800
Jason Wang <jasowang at redhat.com> wrote:
> > hum, in between I found another way which seems to me much better:
> >
> > We already have the force_dma_unencrypted() function available which
> > AFAIU is what we want for encrypted memory protection and is already
> > used by power and x86 SEV/SME in a way that seems AFAIU compatible
> > with our problem.
> >
> > Even DMA and IOMMU are different things, I think they should be...
2020 Jun 16
3
[PATCH v2 1/1] s390: virtio: let arch accept devices without IOMMU feature
...ude <asm/uv.h>
> +#include <linux/virtio.h>
arch/s390/mm/init.c including virtio.h looks a bit strange to me, but
if Heiko and Vasily don't mind, neither do I.
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +int arch_needs_iommu_platform(struct virtio_device *dev)
Maybe prefixing the name with virtio_ would help provide the
proper context.
> +{
> + return is_prot_virt_guest();
> +}
> +
> /* protected virtu...
2020 Jun 16
3
[PATCH v2 1/1] s390: virtio: let arch accept devices without IOMMU feature
...ude <asm/uv.h>
> +#include <linux/virtio.h>
arch/s390/mm/init.c including virtio.h looks a bit strange to me, but
if Heiko and Vasily don't mind, neither do I.
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +int arch_needs_iommu_platform(struct virtio_device *dev)
Maybe prefixing the name with virtio_ would help provide the
proper context.
> +{
> + return is_prot_virt_guest();
> +}
> +
> /* protected virtu...
2020 Jun 12
2
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
On 2020-06-11 05:10, Jason Wang wrote:
>
> On 2020/6/10 ??9:11, Pierre Morel wrote:
>> Protected Virtualisation protects the memory of the guest and
>> do not allow a the host to access all of its memory.
>>
>> Let's refuse a VIRTIO device which does not use IOMMU
>> protected access.
>>
>> Signed-off-by: Pierre Morel <pmorel at
2020 Jun 12
2
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
On 2020-06-11 05:10, Jason Wang wrote:
>
> On 2020/6/10 ??9:11, Pierre Morel wrote:
>> Protected Virtualisation protects the memory of the guest and
>> do not allow a the host to access all of its memory.
>>
>> Let's refuse a VIRTIO device which does not use IOMMU
>> protected access.
>>
>> Signed-off-by: Pierre Morel <pmorel at
2020 Jul 09
4
[PATCH v5 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...it.c
> @@ -45,6 +45,7 @@
> #include <asm/kasan.h>
> #include <asm/dma-mapping.h>
> #include <asm/uv.h>
> +#include <linux/virtio_config.h>
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -161,6 +162,32 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +/*
> + * arch_validate_virtio_features
> + * @dev: the VIRTIO device being added
> + *
> + * Return an error if required features are missing on a guest running
> + * with protected virtualization.
> +...
2020 Jul 09
4
[PATCH v5 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...it.c
> @@ -45,6 +45,7 @@
> #include <asm/kasan.h>
> #include <asm/dma-mapping.h>
> #include <asm/uv.h>
> +#include <linux/virtio_config.h>
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -161,6 +162,32 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +/*
> + * arch_validate_virtio_features
> + * @dev: the VIRTIO device being added
> + *
> + * Return an error if required features are missing on a guest running
> + * with protected virtualization.
> +...
2020 Jul 15
5
[PATCH v7 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...ude <asm/kasan.h>
> > > #include <asm/dma-mapping.h>
> > > #include <asm/uv.h>
> > > +#include <linux/virtio_config.h>
> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
> > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev)
> > > return is_prot_virt_guest();
> > > }
> > > +/*
> > > + * arch_validate_virtio_features
> > > + * @dev: the VIRTIO device being added
> > > + *
> > > + * Return an error if required features are missing o...
2020 Jul 15
5
[PATCH v7 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...ude <asm/kasan.h>
> > > #include <asm/dma-mapping.h>
> > > #include <asm/uv.h>
> > > +#include <linux/virtio_config.h>
> > > pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
> > > @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev)
> > > return is_prot_virt_guest();
> > > }
> > > +/*
> > > + * arch_validate_virtio_features
> > > + * @dev: the VIRTIO device being added
> > > + *
> > > + * Return an error if required features are missing o...
2020 Jun 15
4
[PATCH v2 0/1] s390: virtio: let's arch choose to accept devices without IOMMU feature
An architecture protecting the guest memory against unauthorized host
access may want to enforce VIRTIO I/O device protection through the
use of VIRTIO_F_IOMMU_PLATFORM.
Let's give a chance to the architecture to accept or not devices
without VIRTIO_F_IOMMU_PLATFORM.
Pierre Morel (1):
s390: virtio: let arch accept devices without IOMMU feature
arch/s390/mm/init.c | 6 ++++++
2020 Jun 16
1
[PATCH v2 1/1] s390: virtio: let arch accept devices without IOMMU feature
On Tue, 16 Jun 2020 12:52:50 +0200
Pierre Morel <pmorel at linux.ibm.com> wrote:
> On 2020-06-16 11:52, Halil Pasic wrote:
> > On Mon, 15 Jun 2020 14:39:24 +0200
> > Pierre Morel <pmorel at linux.ibm.com> wrote:
> >> @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev)
> >> return is_prot_virt_guest();
> >> }
> >>
> >> +int arch_needs_iommu_platform(struct virtio_device *dev)
> >
> > Maybe prefixing the name with virtio_ would help provide the
> > proper context.
>
> T...
2020 Jul 15
2
[PATCH v7 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...it.c
> @@ -45,6 +45,7 @@
> #include <asm/kasan.h>
> #include <asm/dma-mapping.h>
> #include <asm/uv.h>
> +#include <linux/virtio_config.h>
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +/*
> + * arch_validate_virtio_features
> + * @dev: the VIRTIO device being added
> + *
> + * Return an error if required features are missing on a guest running
> + * with protected virtualization.
> +...
2020 Jul 15
2
[PATCH v7 2/2] s390: virtio: PV needs VIRTIO I/O device protection
...it.c
> @@ -45,6 +45,7 @@
> #include <asm/kasan.h>
> #include <asm/dma-mapping.h>
> #include <asm/uv.h>
> +#include <linux/virtio_config.h>
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -161,6 +162,33 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +/*
> + * arch_validate_virtio_features
> + * @dev: the VIRTIO device being added
> + *
> + * Return an error if required features are missing on a guest running
> + * with protected virtualization.
> +...
2020 Jun 17
6
[PATCH v3 0/1] s390: virtio: let arch choose to accept devices without IOMMU feature
An architecture protecting the guest memory against unauthorized host
access may want to enforce VIRTIO I/O device protection through the
use of VIRTIO_F_IOMMU_PLATFORM.
Let's give a chance to the architecture to accept or not devices
without VIRTIO_F_IOMMU_PLATFORM.
Pierre Morel (1):
s390: virtio: let arch accept devices without IOMMU feature
arch/s390/mm/init.c | 6 ++++++
2020 Jun 12
0
[PATCH] s390: protvirt: virtio: Refuse device without IOMMU
...exible.
>
> With a function, we also have the possibility to provide the device as
> argument and take actions depending it, this may answer Halil's concern.
>
> Regards,
> Pierre
>
hum, in between I found another way which seems to me much better:
We already have the force_dma_unencrypted() function available which
AFAIU is what we want for encrypted memory protection and is already
used by power and x86 SEV/SME in a way that seems AFAIU compatible with
our problem.
Even DMA and IOMMU are different things, I think they should be used
together in our case.
What do you think?...
2020 Jun 16
0
[PATCH v2 1/1] s390: virtio: let arch accept devices without IOMMU feature
...;
>> +#include <linux/virtio.h>
>
> arch/s390/mm/init.c including virtio.h looks a bit strange to me, but
> if Heiko and Vasily don't mind, neither do I.
Do we have a better place to install the hook?
I though that since it is related to memory management and that, since
force_dma_unencrypted already is there, it would be a good place.
However, kvm-s390 is another candidate.
>
>>
>> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>>
>> @@ -162,6 +163,11 @@ bool force_dma_unencrypted(struct device *dev)
>> return is_pro...
2020 Jun 17
1
[PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature
...390/mm/init.c
> @@ -45,6 +45,7 @@
> #include <asm/kasan.h>
> #include <asm/dma-mapping.h>
> #include <asm/uv.h>
> +#include <linux/virtio.h>
>
> pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>
> @@ -161,6 +162,11 @@ bool force_dma_unencrypted(struct device *dev)
> return is_prot_virt_guest();
> }
>
> +int arch_needs_virtio_iommu_platform(struct virtio_device *dev)
> +{
> + return is_prot_virt_guest();
> +}
> +
> /* protected virtualization */
> static void pv_init(void)
Can we please stop dumping r...