On Wed, Oct 21, 2020 at 05:14:25PM +0200, Sebastian Hofmann wrote: > virtio_ring does not work with active memory encryption because the host cannot read it. Fix this by enforcing the use of DMA which uses shared (unencrypted) memory pages. > > Signed-off-by: Sebastian Hofmann <sebastian@xxxxxxxxxxxx> Sorry, no. host which can not access all of driver memory must set VIRTIO_F_ACCESS_PLATFORM. Not worth it to work around broken hosts. Xen is an exception we carry around since it predates the introduction of VIRTIO_F_ACCESS_PLATFORM. > --- > drivers/virtio/virtio_ring.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > index becc77697960..8c68c475ec21 100644 > --- a/drivers/virtio/virtio_ring.c > +++ b/drivers/virtio/virtio_ring.c > @@ -12,6 +12,7 @@ > #include <linux/hrtimer.h> > #include <linux/dma-mapping.h> > #include <xen/xen.h> > +#include <linux/mem_encrypt.h> > > #ifdef DEBUG > /* For development, we want to crash whenever the ring is screwed. */ > @@ -255,6 +256,10 @@ static bool vring_use_dma_api(struct virtio_device *vdev) > if (xen_domain()) > return true; > > + /* Memory encryption requires DMA */ > + if (mem_encrypt_active()) > + return true; > + > return false; > } > > -- > 2.25.1 _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization
