Re: [PATCH v2 5/6] platform/x86: intel_tdx_attest: Add TDX Guest attestation interface driver

[Dave Hansen]

On 7/12/21 5:33 PM, Kuppuswamy, Sathyanarayanan wrote:

> On 7/8/21 5:38 PM, Andi Kleen wrote:
>>> Expensive and permanently fractures the direct map.
>>> 
>>> I'm struggling to figure out why the direct map is even touched
>>> here.
>> I think Sathya did it this way because the TD interface requires a 
>> physical address.
>>> Why not just use a vmalloc area mapping?  You really just need
>>> *a* decrypted mapping to the page.  You don't need to make
>>> *every* mapping to the page decrypted.
>> 
>> Yes it would be possible to use vmap() on the page and only set
>> the vmap encrypted by passing the right flags directly.
> 
> Is it alright to have non coherent mappings? If yes, any
> documentation reference for it?

Do you mean non-cache-coherent mappings?  I'm not sure what that has to
do with creating "unencrypted" (shared) mappings.

Are you asking exactly which arguments to pass to vmap() or to vmap_pfn()?