Re: [PATCH v4 14/32] iommu: introduce iommu_domain_alloc_type and the KVM type

From: Jason Gunthorpe
Date: Fri Mar 18 2022 - 10:13:27 EST

Next message: David Hildenbrand: "Re: [PATCH v1 4/7] arm64/pgtable: support __HAVE_ARCH_PTE_SWP_EXCLUSIVE"
Previous message: Andy Shevchenko: "Re: [PATCH] iio:imu:bmi160: disable regulator in error path"
In reply to: Tian, Kevin: "RE: [PATCH v4 14/32] iommu: introduce iommu_domain_alloc_type and the KVM type"
Next in thread: Tian, Kevin: "RE: [PATCH v4 14/32] iommu: introduce iommu_domain_alloc_type and the KVM type"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 18, 2022 at 02:23:57AM +0000, Tian, Kevin wrote:

> Yes, that is another major part work besides the iommufd work. And
> it is not compatible with KVM features which rely on the dynamic
> manner of EPT. Though It is a bit questionable whether it's worthy of
> doing so just for saving memory footprint while losing other capabilities,
> it is a requirement for some future security extension in Intel trusted
> computing architecture. And KVM has been pinning pages for SEV/TDX/etc.
> today thus some facilities can be reused. But I agree it is not a simple
> task thus we need start discussion early to explore various gaps in
> iommu and kvm.

Yikes. IMHO this might work better going the other way, have KVM
import the iommu_domain and use that as the KVM page table than vice
versa.

The semantics are a heck of a lot clearer, and it is really obvious
that alot of KVM becomes disabled if you do this.

Jason

Next message: David Hildenbrand: "Re: [PATCH v1 4/7] arm64/pgtable: support __HAVE_ARCH_PTE_SWP_EXCLUSIVE"
Previous message: Andy Shevchenko: "Re: [PATCH] iio:imu:bmi160: disable regulator in error path"
In reply to: Tian, Kevin: "RE: [PATCH v4 14/32] iommu: introduce iommu_domain_alloc_type and the KVM type"
Next in thread: Tian, Kevin: "RE: [PATCH v4 14/32] iommu: introduce iommu_domain_alloc_type and the KVM type"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]