From: "Michael Kelley (LINUX)" <mikelley@microsoft.com>
To: Borislav Petkov <bp@alien8.de>
Cc: "hpa@zytor.com" <hpa@zytor.com>,
KY Srinivasan <kys@microsoft.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
"wei.liu@kernel.org" <wei.liu@kernel.org>,
Dexuan Cui <decui@microsoft.com>,
"luto@kernel.org" <luto@kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"davem@davemloft.net" <davem@davemloft.net>,
"edumazet@google.com" <edumazet@google.com>,
"kuba@kernel.org" <kuba@kernel.org>,
"pabeni@redhat.com" <pabeni@redhat.com>,
"lpieralisi@kernel.org" <lpieralisi@kernel.org>,
"robh@kernel.org" <robh@kernel.org>,
"kw@linux.com" <kw@linux.com>,
"bhelgaas@google.com" <bhelgaas@google.com>,
"arnd@arndb.de" <arnd@arndb.de>, "hch@lst.de" <hch@lst.de>,
"m.szyprowski@samsung.com" <m.szyprowski@samsung.com>,
"robin.murphy@arm.com" <robin.murphy@arm.com>,
"thomas.lendacky@amd.com" <thomas.lendacky@amd.com>,
"brijesh.singh@amd.com" <brijesh.singh@amd.com>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"mingo@redhat.com" <mingo@redhat.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
Tianyu Lan <Tianyu.Lan@microsoft.com>,
"kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"sathyanarayanan.kuppuswamy@linux.intel.com"
<sathyanarayanan.kuppuswamy@linux.intel.com>,
"ak@linux.intel.com" <ak@linux.intel.com>,
"isaku.yamahata@intel.com" <isaku.yamahata@intel.com>,
"dan.j.williams@intel.com" <dan.j.williams@intel.com>,
"jane.chu@oracle.com" <jane.chu@oracle.com>,
"seanjc@google.com" <seanjc@google.com>,
"tony.luck@intel.com" <tony.luck@intel.com>,
"x86@kernel.org" <x86@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-hyperv@vger.kernel.org" <linux-hyperv@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
"linux-arch@vger.kernel.org" <linux-arch@vger.kernel.org>,
"iommu@lists.linux.dev" <iommu@lists.linux.dev>
Subject: RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted
Date: Tue, 7 Feb 2023 19:01:25 +0000 [thread overview]
Message-ID: <BYAPR21MB1688A80B91CC4957D938191ED7DB9@BYAPR21MB1688.namprd21.prod.outlook.com> (raw)
In-Reply-To: <Y+JG9+zdSwZlz6FU@zn.tnic>
From: Borislav Petkov <bp@alien8.de> Sent: Tuesday, February 7, 2023 4:41 AM
>
> On Thu, Feb 02, 2023 at 05:49:44AM +0000, Michael Kelley (LINUX) wrote:
> > I could do:
> > 1. CC_ATTR_PARAVISOR_SPLIT_ADDRESS_SPACE, which is similar to
> > what I had for v1 & v2. At the time, somebody commented that
> > this might be a bit too general.
> > 2. Keep CC_ATTR_ACCESS_IOAPIC_ENCRYPTED and add
> > CC_ATTR_ACCESS_TPM_ENCRYPTED, which would decouple them
> > 3. CC_ATTR_ACCESS_IOAPIC_AND_TPM_ENCRYPTED, which is very
> > narrow and specific.
> >
> > I have weak preference for #1 above, but I could go with any of them.
> > What's your preference?
>
> Either 1. but a shorter name or something which works with the TDX side
> too.
Unless there are objections, I'll go with CC_ATTR_PARAVISOR_DEVICES,
which is shorter. The full details of the meaning will be in a comment
where this is defined with all the other CC_ATTR_* values.
>
> Or are there no similar TDX solutions planned where the guest runs
> unmodified and under a paravisor?
The TDX plans are still being sorted out. But if we end up with such
an approach, CC_ATTR_PARAVISOR_DEVICES will be correct for TDX
also.
Michael
>
> > For v6 of the patch series, I've coded devm_ioremap_resource_enc() to call
> > __devm_ioremap(), which then calls ioremap_encrypted(). I've updated the
> > TPM driver to use cc_platform_has() with whatever attribute name we agree
> > on to decide between devm_ioremap_resource_enc() and
> > devm_ioremap_resource().
> >
> > If this approach is OK with the TPM driver maintainers, I'm good with it.
> > More robust handling of a mix of encrypted and decrypted devices can get
> > sorted out later.
>
> Makes sense to me...
>
> Thx.
next prev parent reply other threads:[~2023-02-07 19:01 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-12 21:42 [PATCH v5 00/14] Add PCI pass-thru support to Hyper-V Confidential VMs Michael Kelley
2023-01-12 21:42 ` [PATCH v5 01/14] x86/ioapic: Gate decrypted mapping on cc_platform_has() attribute Michael Kelley
2023-01-12 21:42 ` [PATCH v5 02/14] x86/hyperv: Reorder code to facilitate future work Michael Kelley
2023-01-12 21:42 ` [PATCH v5 03/14] Drivers: hv: Explicitly request decrypted in vmap_pfn() calls Michael Kelley
2023-01-12 21:42 ` [PATCH v5 04/14] x86/mm: Handle decryption/re-encryption of bss_decrypted consistently Michael Kelley
2023-01-12 21:42 ` [PATCH v5 05/14] init: Call mem_encrypt_init() after Hyper-V hypercall init is done Michael Kelley
2023-01-12 21:42 ` [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted Michael Kelley
2023-01-20 20:15 ` Borislav Petkov
2023-01-21 4:10 ` Michael Kelley (LINUX)
2023-01-25 14:55 ` Borislav Petkov
2023-02-02 5:49 ` Michael Kelley (LINUX)
2023-02-07 12:41 ` Borislav Petkov
2023-02-07 19:01 ` Michael Kelley (LINUX) [this message]
2023-02-07 19:33 ` Borislav Petkov
2023-02-07 19:48 ` Michael Kelley (LINUX)
2023-02-07 19:54 ` Borislav Petkov
2023-02-07 19:57 ` Michael Kelley (LINUX)
2023-02-08 0:18 ` Michael Kelley (LINUX)
2023-02-08 15:09 ` Dave Hansen
2023-02-09 17:29 ` Michael Kelley (LINUX)
2023-02-08 17:23 ` Dave Hansen
2023-02-09 17:47 ` Michael Kelley (LINUX)
2023-02-10 18:41 ` Sean Christopherson
2023-02-10 18:58 ` Dave Hansen
2023-02-10 19:03 ` Borislav Petkov
2023-02-10 19:15 ` Michael Kelley (LINUX)
2023-02-10 19:36 ` Borislav Petkov
2023-02-10 19:58 ` Dave Hansen
2023-02-10 20:50 ` Sean Christopherson
2023-02-10 20:57 ` Sean Christopherson
2023-02-10 21:27 ` Michael Kelley (LINUX)
2023-02-10 23:47 ` Sean Christopherson
2023-02-14 7:45 ` Michael Kelley (LINUX)
2023-02-16 13:32 ` Borislav Petkov
2023-02-16 16:16 ` Michael Kelley (LINUX)
2023-02-16 17:06 ` Borislav Petkov
2023-02-17 6:16 ` Michael Kelley (LINUX)
2023-02-17 14:55 ` Borislav Petkov
2023-02-22 22:13 ` Sean Christopherson
2023-02-22 22:33 ` Borislav Petkov
2023-02-22 22:54 ` Sean Christopherson
2023-02-22 23:34 ` Borislav Petkov
2023-02-23 1:21 ` Sean Christopherson
2023-02-23 10:45 ` Borislav Petkov
2023-02-23 20:01 ` Michael Kelley (LINUX)
2023-02-23 20:27 ` Dave Hansen
2023-03-06 21:51 ` Borislav Petkov
2023-03-09 11:12 ` David Woodhouse
2023-03-09 11:59 ` Borislav Petkov
2023-03-09 13:00 ` David Woodhouse
2023-03-09 14:19 ` Tom Lendacky
2023-03-09 14:36 ` Jörg Rödel
2023-03-09 14:45 ` Borislav Petkov
2023-03-09 15:45 ` David Woodhouse
2023-03-09 16:34 ` Borislav Petkov
2023-03-10 10:05 ` David Woodhouse
2023-02-23 20:26 ` Dave Hansen
2023-02-23 20:41 ` Dave Hansen
2023-02-23 20:51 ` Michael Kelley (LINUX)
2023-02-23 21:07 ` Sean Christopherson
2023-02-23 21:15 ` Michael Kelley (LINUX)
2023-02-23 21:24 ` Dave Hansen
2023-01-12 21:42 ` [PATCH v5 07/14] x86/hyperv: Change vTOM handling to use standard coco mechanisms Michael Kelley
2023-01-12 21:42 ` [PATCH v5 08/14] swiotlb: Remove bounce buffer remapping for Hyper-V Michael Kelley
2023-01-12 21:42 ` [PATCH v5 09/14] Drivers: hv: vmbus: Remove second mapping of VMBus monitor pages Michael Kelley
2023-01-12 21:42 ` [PATCH v5 10/14] Drivers: hv: vmbus: Remove second way of mapping ring buffers Michael Kelley
2023-01-12 21:42 ` [PATCH v5 11/14] hv_netvsc: Remove second mapping of send and recv buffers Michael Kelley
2023-01-12 21:42 ` [PATCH v5 12/14] Drivers: hv: Don't remap addresses that are above shared_gpa_boundary Michael Kelley
2023-01-12 21:42 ` [PATCH v5 13/14] PCI: hv: Add hypercalls to read/write MMIO space Michael Kelley
2023-01-12 21:42 ` [PATCH v5 14/14] PCI: hv: Enable PCI pass-thru devices in Confidential VMs Michael Kelley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BYAPR21MB1688A80B91CC4957D938191ED7DB9@BYAPR21MB1688.namprd21.prod.outlook.com \
--to=mikelley@microsoft.com \
--cc=Tianyu.Lan@microsoft.com \
--cc=ak@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=decui@microsoft.com \
--cc=edumazet@google.com \
--cc=haiyangz@microsoft.com \
--cc=hch@lst.de \
--cc=hpa@zytor.com \
--cc=iommu@lists.linux.dev \
--cc=isaku.yamahata@intel.com \
--cc=jane.chu@oracle.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kuba@kernel.org \
--cc=kw@linux.com \
--cc=kys@microsoft.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lpieralisi@kernel.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=peterz@infradead.org \
--cc=robh@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tony.luck@intel.com \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.