> Michael S. Tsirkin <m...@redhat.com> hat am 22.10.2020 13:39 geschrieben: > > > On Wed, Oct 21, 2020 at 05:14:25PM +0200, Sebastian Hofmann wrote: > > virtio_ring does not work with active memory encryption because the host > > cannot read it. Fix this by enforcing the use of DMA which uses shared > > (unencrypted) memory pages. > > > > Signed-off-by: Sebastian Hofmann <sebast...@kaemmelot.de> > > > Sorry, no. > host which can not access all of driver memory must set > VIRTIO_F_ACCESS_PLATFORM. > > Not worth it to work around broken hosts. > > Xen is an exception we carry around since it predates the > introduction of VIRTIO_F_ACCESS_PLATFORM. > >
Thanks for pointing out VIRTIO_F_ACCESS_PLATFORM which I was not aware of. Maybe that patch was a bit naïve. Basically I'm looking for a way to use vsock with qemu on AMD SEV. When I try to use IOMMU for vsock I get an EOPNOTSUPP out of vhost_vsock_set_features. Is there a reason why vhost_vsock_set_features doesn't use vhost_init_device_iotlb as done in the net device? Because that would have been my next attempt. I would appreciate a short comment on this idea or a recommendation for another solution that is better than the patch below. > > --- > > drivers/virtio/virtio_ring.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > > index becc77697960..8c68c475ec21 100644 > > --- a/drivers/virtio/virtio_ring.c > > +++ b/drivers/virtio/virtio_ring.c > > @@ -12,6 +12,7 @@ > > #include <linux/hrtimer.h> > > #include <linux/dma-mapping.h> > > #include <xen/xen.h> > > +#include <linux/mem_encrypt.h> > > > > #ifdef DEBUG > > /* For development, we want to crash whenever the ring is screwed. */ > > @@ -255,6 +256,10 @@ static bool vring_use_dma_api(struct virtio_device > > *vdev) > > if (xen_domain()) > > return true; > > > > + /* Memory encryption requires DMA */ > > + if (mem_encrypt_active()) > > + return true; > > + > > return false; > > } > > > > -- > > 2.25.1 _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization
