Re: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted
From: Borislav Petkov
Date: Fri Feb 10 2023 - 14:04:04 EST
On Fri, Feb 10, 2023 at 06:41:54PM +0000, Sean Christopherson wrote:
> Anyways, tying things back to the actual code being discussed, I vote against
> CC_ATTR_PARAVISOR. Being able to trust device emulation is not unique to a
> paravisor. A single flag also makes too many assumptions about what is trusted
> and thus should be accessed encrypted.
I'm not crazy about the alternative either: one flag per access type:
IO APIC, vTPM, and soon.
Soon this will become an unmaintainable zoo of different guest types
people want the kernel to support. I don't think I want that madness in
kernel proper.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette