On 26.02.20 16:13, Christian Borntraeger wrote: > > > On 26.02.20 16:11, Janosch Frank wrote: >> On 2/26/20 3:59 PM, David Hildenbrand wrote: >>> On 26.02.20 13:20, Janosch Frank wrote: >>>> Ballooning in protected VMs can only be done when the guest shares the >>>> pages it gives to the host. Hence, until we have a solution for this >>>> in the guest kernel, we inhibit ballooning when switching into >>>> protected mode and reverse that once we move out of it. >>> >>> I don't understand what you mean here, sorry. zapping a page will mean >>> that a fresh one will be faulted in when accessed. And AFAIK, that means >>> it will be encrypted again when needed. >> >> Yes, as soon as the host alters non-shared memory we'll run into >> integrity issues. >> >> >> I've been talking to Halil after I sent this out and it looks like we'll >> rather try to automatically enable the IOMMU for all devices when >> switching into protected mode. He said that if the IOMMU is set the >> balloon code will do an early exit on feature negotiation. > > I think we should fence the balloon here nevertheless, so the patch in > itself is probably fine.
+1, this is a global "don't use ram_block_discard" trigger. -- Thanks, David / dhildenb
