> From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > Sent: Monday, August 14, 2023 12:04 PM > To: Dexuan Cui <decui@xxxxxxxxxxxxx> > [...] > > On Fri, Aug 11, 2023 at 02:48:25PM -0700, > Dexuan Cui <decui@xxxxxxxxxxxxx> wrote: > > > TDX guest memory is private by default and the VMM may not access it. > > However, in cases where the guest needs to share data with the VMM, > > the guest and the VMM can coordinate to make memory shared between > > them. > > > > The guest side of this protocol includes the "MapGPA" hypercall. This > > call takes a guest physical address range. The hypercall spec (aka. > > the GHCI) says that the MapGPA call is allowed to return partial > > progress in mapping this range and indicate that fact with a special > > error code. A guest that sees such partial progress is expected to > > retry the operation for the portion of the address range that was not > > completed. > > > > Hyper-V does this partial completion dance when set_memory_decrypted() > > is called to "decrypt" swiotlb bounce buffers that can be up to 1GB > > in size. It is evidently the only VMM that does this, which is why > > nobody noticed this until now. > > Now TDX KVM + TDX qemu supports partial completion because TD guest > can pass > very large range. e.g. 1GB order. I tested this patch with (patched) TDX > KVM/qemu. > > Reviewed-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > Tested-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> Thanks Isaku for reviewing and testing the patch! @Dave, may I know if the 2 updated patches look good to you?
