Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption.

From: Christoph Hellwig
Date: Fri Nov 20 2020 - 03:03:48 EST

Next message: Alex Shi: "[PATCH next] mm/vmscan: __isolate_lru_page_prepare clean up"
Previous message: Geert Uytterhoeven: "Re: [PATCH] m68k/mac: Remove redundant VIA register writes"
In reply to: Tom Roeder: "[PATCH v2] nvme: Cache DMA descriptors to prevent corruption."
Next in thread: Keith Busch: "Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 19, 2020 at 05:27:37PM -0800, Tom Roeder wrote:
> This patch changes the NVMe PCI implementation to cache host_mem_descs
> in non-DMA memory instead of depending on descriptors stored in DMA
> memory. This change is needed under the malicious-hypervisor threat
> model assumed by the AMD SEV and Intel TDX architectures, which encrypt
> guest memory to make it unreadable. Some versions of these architectures
> also make it cryptographically hard to modify guest memory without
> detection.

I don't think this is a useful threat model, and I've not seen a
discussion on lkml where we had any discussion on this kind of threat
model either.

Before you start sending patches that regress optimizations in various
drivers (and there will be lots with this model) we need to have a
broader discussion first.

And HMB support, which is for low-end consumer devices that are usually
not directly assigned to VMs aren't a good starting point for this.

Next message: Alex Shi: "[PATCH next] mm/vmscan: __isolate_lru_page_prepare clean up"
Previous message: Geert Uytterhoeven: "Re: [PATCH] m68k/mac: Remove redundant VIA register writes"
In reply to: Tom Roeder: "[PATCH v2] nvme: Cache DMA descriptors to prevent corruption."
Next in thread: Keith Busch: "Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]