Re: [Patch v4 01/13] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Dec 06, 2022 at 07:54:02PM +0000, Michael Kelley (LINUX) wrote:
> Exactly correct.

Ok, thanks.

Let's put that in the commit message and get rid of the "subsequent
patch" wording as patch order in git is ambiguous.

IOW, something like this:

    Current code always maps the IO-APIC as shared (decrypted) in a
    confidential VM. But Hyper-V guest VMs on AMD SEV-SNP with vTOM enabled
    use a paravisor running in VMPL0 to emulate the IO-APIC.

    In such a case, the IO-APIC must be accessed as private (encrypted)
    because the paravisor emulates the IO-APIC in the lower half of the vTOM
    where all accesses must be encrypted.

    Add a new CC attribute which determines how the IO-APIC MMIO mapping
    should be established depending on the platform the kernel is running on
    as a guest.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux