On Sun, Aug 11, 2019 at 07:56:07AM +0200, Christoph Hellwig wrote: > And once again this is entirely going in the wrong direction. The only > way using the DMA API is going to work at all is if the device is ready > for it. So the point made is that if DMA addresses are also physical addresses (not necessarily the same physical addresses that driver supplied), then DMA API actually works even though device itself uses CPU page tables. To put it in other terms: it would be possible to make all or part of memory unenecrypted and then have virtio access all of it. SEV guests at the moment make a decision to instead use a bounce buffer, forcing an extra copy but gaining security. -- MST _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization