Re: [PATCH v5 05/20] dma-pool: track decrypted atomic pools and select them via attrs

Next message: Rosen Penev: "[PATCH] i2c: cpm: Use platform_get_irq() to retrieve interrupt"
Previous message: Rosen Penev: "[PATCH] watchdog: sama5d4_wdt: use platform_get_irq()"
In reply to: Michael Kelley: "RE: [PATCH v5 05/20] dma-pool: track decrypted atomic pools and select them via attrs"
Next in thread: Michael Kelley: "RE: [PATCH v5 05/20] dma-pool: track decrypted atomic pools and select them via attrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jason Gunthorpe

Date: Tue Jun 02 2026 - 20:55:12 EST

On Tue, Jun 02, 2026 at 02:24:40PM +0000, Michael Kelley wrote:

> Except that in a normal VM, the "unencrypted" pool attribute does *not*
> describe the state of the memory itself. In a normal VM, the memory is
> unencrypted, but the "unencrypted" pool attribute is false. That
> contradiction is the essence of my concern.

I would argue no..

When CC is enabled the default state of memory in a Linux environment
is "encrypted". You have to take a special action to "decrypt" it.

Thus the default state of memory in a non-CC environment is also
paradoxically "encrypted" too. "decryption" is impossible.

Therefore the "unencrypted" state is a special state that only memory
inside a CC VM can have. A normal VM can never have "unencrypted"
memory at all, so having it be false in the pool is accurate as far as
the APIs go.

un-encrypted = true means "the memory in this pool was transformed with
set_memory_decrypted()" - which is impossible on a normal VM.

Jason