Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted

From: Michael S. Tsirkin
Date: Sun Aug 11 2019 - 04:55:36 EST

Next message: Paul Chaignon: "Re: [PATCH] seccomp: allow BPF_MOD ALU instructions"
Previous message: Byungchul Park: "Re: [PATCH RFC v1 1/2] rcu/tree: Add basic support for kfree_rcu batching"
In reply to: Michael S. Tsirkin: "Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted"
Next in thread: Christoph Hellwig: "Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote:
> So we need a flag on the virtio device, exposed by the
> hypervisor (or hardware for hw virtio devices) that says: hey, I'm real,
> don't take a shortcut.

The point here is that it's actually still not real. So we would still
use a physical address. However Linux decides that it wants extra
security by moving all data through the bounce buffer. The distinction
made is that one can actually give device a physical address of the
bounce buffer.

--
MST

Next message: Paul Chaignon: "Re: [PATCH] seccomp: allow BPF_MOD ALU instructions"
Previous message: Byungchul Park: "Re: [PATCH RFC v1 1/2] rcu/tree: Add basic support for kfree_rcu batching"
In reply to: Michael S. Tsirkin: "Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted"
Next in thread: Christoph Hellwig: "Re: [RFC PATCH] virtio_ring: Use DMA API if guest memory is encrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]