Re: [RFC PATCH 1/3] content: Add VIRTIO_F_SWIOTLB to negotiate use of SWIOTLB bounce buffers

[David Woodhouse]

On Mon, 2025-04-07 at 00:34 -0700, Christoph Hellwig wrote:
> 
> > > describe this limitation, which is much better than hacking around it
> > > using an odd device model.
> > 
> > It still has the problem that existing drivers in all operating systems
> > produced before 2030 will see the device and try to use it as-is, with
> > no comprehension of this new thing.
> 
> Given how much enablement the various CoCo schemes need it won't work
> anyway.

Not all CoCo-style schemes need any enablement on the guest side at
all. It's perfectly feasible to have a pKVM-like model where the VMM
(and host Linux) are absolutely prevented from accessing guest memory,
without the guest knowing *anything* about it at all.

It's not about attestation to the guest. Deprivileging the host kernel
provides a huge amount of protection against both software and CPU
speculation bugs across the whole of that massive code base.

And you can do it with *full* compatibility. The guest just sees a
standard SMMU for its *actual* network and block devices, which are PCI
passthrough. (Yes, the guest does need to *use* the SMMU).

The caveat is when we have *emulated* devices, like virtio-vsock. That
brings us to LART the IOMMU designers for building a two-stage IOMMU
without considering emulated PCI devices, and then to start this
conversation we're having now about how to do it.

> Btw, you mail formatting in the last days went completely crazy.

Yeah, that's K-9 mail on Android not word wrapping; I'll see if I can
fix it. At least it's a mobile client that doesn't send HTML :)

Attachment: smime.p7s
Description: S/MIME cryptographic signature