On 5/5/20 7:31 AM, Christian Borntraeger wrote: >> So, the requirements are: >> >> 1. Allow host-side DMA and CPU access to shared pages >> 2. Stop host-side DMA and CPU access to encrypted pages >> 3. Allow pages to be converted between the states at the request of the >> guest >> >> Stopping the DMA is pretty easy, even across the gazillions of drivers >> in the tree because even random ethernet drivers do stuff like: >> >> txdr->buffer_info[i].dma = >> dma_map_single(&pdev->dev, skb->data, skb->len, >> DMA_TO_DEVICE); >> >> So the DMA can be stopped at the mapping layer. It's a *LOT* easier to >> catch there since the IOMMUs already provide isolation between the I/O >> and CPU address spaces. > And your problem is that the guest could convert this after the dma_map? > So you looked into our code if this would help? Yep, it seemed like a close-enough problem.
