On Fri, Jan 17, 2025 at 03:14:18PM +0800, Wencheng Yang wrote: > When SME is enabled, memory encryption bit is set in IOMMU page table > pte entry, it works fine if the pfn of the pte entry is memory. > However, if the pfn is MMIO address, for example, map other device's mmio > space to its io page table, in such situation, setting memory encryption > bit in pte would cause P2P failure. This doesn't seem entirely right to me, the encrypted bit should flow in from the entity doing the map and be based on more detailed knowledge about what is happening. Not be guessed at inside the iommu. We have non-encrpyted CPU memory, and (someday) encrypted MMIO. Jason
