On Fri, Aug 11, 2023 at 02:48:25PM -0700, Dexuan Cui <decui@xxxxxxxxxxxxx> wrote: > TDX guest memory is private by default and the VMM may not access it. > However, in cases where the guest needs to share data with the VMM, > the guest and the VMM can coordinate to make memory shared between > them. > > The guest side of this protocol includes the "MapGPA" hypercall. This > call takes a guest physical address range. The hypercall spec (aka. > the GHCI) says that the MapGPA call is allowed to return partial > progress in mapping this range and indicate that fact with a special > error code. A guest that sees such partial progress is expected to > retry the operation for the portion of the address range that was not > completed. > > Hyper-V does this partial completion dance when set_memory_decrypted() > is called to "decrypt" swiotlb bounce buffers that can be up to 1GB > in size. It is evidently the only VMM that does this, which is why > nobody noticed this until now. Now TDX KVM + TDX qemu supports partial completion because TD guest can pass very large range. e.g. 1GB order. I tested this patch with (patched) TDX KVM/qemu. Reviewed-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> Tested-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> -- Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
