similar to: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted

On Mon, Feb 04, 2019 at 04:15:41PM -0200, Thiago Jung Bauermann wrote: > > Christoph Hellwig <hch at lst.de> writes: > > > On Tue, Jan 29, 2019 at 09:36:08PM -0500, Michael S. Tsirkin wrote: > >> This has been discussed ad nauseum. virtio is all about compatibility. > >> Losing a couple of lines of code isn't worth breaking working setups. > >>

Christoph Hellwig <hch at lst.de> writes: > On Tue, Jan 29, 2019 at 09:36:08PM -0500, Michael S. Tsirkin wrote: >> This has been discussed ad nauseum. virtio is all about compatibility. >> Losing a couple of lines of code isn't worth breaking working setups. >> People that want "just use DMA API no tricks" now have the option. >> Setting a flag in a

Christoph Hellwig <hch at lst.de> writes: > On Tue, Jan 29, 2019 at 09:36:08PM -0500, Michael S. Tsirkin wrote: >> This has been discussed ad nauseum. virtio is all about compatibility. >> Losing a couple of lines of code isn't worth breaking working setups. >> People that want "just use DMA API no tricks" now have the option. >> Setting a flag in a

On Sat, Mar 23, 2019 at 05:01:35PM -0400, Michael S. Tsirkin wrote: > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: > > Michael S. Tsirkin <mst at redhat.com> writes: [snip] > > >> > Is there any justification to doing that beyond someone putting > > >> > out slow code in the past? > > >> > > >> The

On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: > > Michael S. Tsirkin <mst at redhat.com> writes: > > > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: > >> >> Another way of looking at this issue which also explains our reluctance > >> >> is that the only difference between a secure guest and a

On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: > > Michael S. Tsirkin <mst at redhat.com> writes: > > > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: > >> > >> Michael S. Tsirkin <mst at redhat.com> writes: > >> > >> > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann

On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: > >> Another way of looking at this issue which also explains our reluctance > >> is that the only difference between a secure guest and a regular guest > >> (at least regarding virtio) is that the former uses swiotlb while the > >> latter doens't. > > > > But swiotlb is just

On Sun, Aug 11, 2019 at 04:55:27AM -0400, Michael S. Tsirkin wrote: > On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > > So we need a flag on the virtio device, exposed by the > > hypervisor (or hardware for hw virtio devices) that says: hey, I'm real, > > don't take a shortcut. > > The point here is that it's actually still not real. So

On Tue, Aug 13, 2019 at 03:26:17PM +0200, Christoph Hellwig wrote: > On Mon, Aug 12, 2019 at 07:51:56PM +1000, David Gibson wrote: > > AFAICT we already kind of abuse this for the VIRTIO_F_IOMMU_PLATFORM, > > because to handle for cases where it *is* a device limitation, we > > assume that if the hypervisor presents VIRTIO_F_IOMMU_PLATFORM then > > the guest *must*

On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > sev_active() is gone now in linux-next, at least as a global API. > > And once again this is entirely going in the wrong direction. The only > way using the DMA API is going to work at all is if the device is ready > for it. So we need a flag on the virtio device, exposed by the > hypervisor (or hardware for

On Mon, Feb 04, 2019 at 04:14:20PM -0200, Thiago Jung Bauermann wrote: > > Hello Michael, > > Michael S. Tsirkin <mst at redhat.com> writes: > > > On Tue, Jan 29, 2019 at 03:42:44PM -0200, Thiago Jung Bauermann wrote: > >> > >> Fixing address of powerpc mailing list. > >> > >> Thiago Jung Bauermann <bauerman at linux.ibm.com>

On Wed, Apr 24, 2019 at 10:01:56PM -0300, Thiago Jung Bauermann wrote: > > Michael S. Tsirkin <mst at redhat.com> writes: > > > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: > >> > >> Michael S. Tsirkin <mst at redhat.com> writes: > >> > >> > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann

On Mon, Jun 03, 2019 at 10:13:59PM -0300, Thiago Jung Bauermann wrote: > > > Michael S. Tsirkin <mst at redhat.com> writes: > > > On Wed, Apr 17, 2019 at 06:42:00PM -0300, Thiago Jung Bauermann wrote: > >> I rephrased it in terms of address translation. What do you think of > >> this version? The flag name is slightly different too: > >> >

On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > sev_active() is gone now in linux-next, at least as a global API. > > And once again this is entirely going in the wrong direction. The only > way using the DMA API is going to work at all is if the device is ready > for it. So we need a flag on the virtio device, exposed by the > hypervisor (or hardware for

On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > So we need a flag on the virtio device, exposed by the > hypervisor (or hardware for hw virtio devices) that says: hey, I'm real, > don't take a shortcut. The point here is that it's actually still not real. So we would still use a physical address. However Linux decides that it wants extra security by

Michael S. Tsirkin <mst at redhat.com> writes: > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: >> >> Michael S. Tsirkin <mst at redhat.com> writes: >> >> > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: >> >> >From what I understand of the ACCESS_PLATFORM definition, the host will >>

Michael S. Tsirkin <mst at redhat.com> writes: > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: >> >> Another way of looking at this issue which also explains our reluctance >> >> is that the only difference between a secure guest and a regular guest >> >> (at least regarding virtio) is that the former uses swiotlb while the

Michael S. Tsirkin <mst at redhat.com> writes: > On Thu, Mar 21, 2019 at 09:05:04PM -0300, Thiago Jung Bauermann wrote: >> >> Michael S. Tsirkin <mst at redhat.com> writes: >> >> > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: >> >> >From what I understand of the ACCESS_PLATFORM definition, the host will >>

Michael S. Tsirkin <mst at redhat.com> writes: > On Wed, Mar 20, 2019 at 01:13:41PM -0300, Thiago Jung Bauermann wrote: >> >> Another way of looking at this issue which also explains our reluctance >> >> is that the only difference between a secure guest and a regular guest >> >> (at least regarding virtio) is that the former uses swiotlb while the

On Mon, Feb 04, 2019 at 04:38:21PM -0500, Michael S. Tsirkin wrote: > It was designed to make, when set, as many guests as we can work > correctly, and it seems to be successful in doing exactly that. > > Unfortunately there could be legacy guests that do work correctly but > become slow. Whether trying to somehow work around that > can paint us into a corner where things again