On Wed, Sep 06, 2023 at 05:18:51PM +0100, Robin Murphy wrote: > Indeed a bunch of work has gone into SWIOTLB recently trying to make it a > bit more efficient for such cases where it can't be avoided, so it is > definitely still interesting to learn about impacts at other levels like > this. Maybe there's a bit of a get-out for confidential VMs though, since > presumably there's not much point COW-ing encrypted private memory, so > perhaps KVM might end up wanting to optimise that out and thus happen to > end up less sensitive to unavoidable SWIOTLB behaviour anyway? Well, the fix for bounce buffering is to trust the device, and there is a lot of work going into device authentication and attesttion right now so that will happen. On the swiotlb side a new version of the dma_sync_*_device APIs that specifies the mapping len and the data length transfer would avoid some of the overhead here. We've decided that it is a good idea last time, but so far no one has volunteers to implement it.
