lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1e1e98ea-5215-be21-b732-58c67e9c8fd6@amd.com>
Date:   Fri, 20 Jan 2023 16:42:26 -0600
From:   Tom Lendacky <thomas.lendacky@....com>
To:     "Kalra, Ashish" <ashish.kalra@....com>,
        Jason Gunthorpe <jgg@...pe.ca>
Cc:     Suravee Suthikulpanit <suravee.suthikulpanit@....com>,
        linux-kernel@...r.kernel.org, iommu@...ts.linux.dev,
        joro@...tes.org, robin.murphy@....com, vasant.hegde@....com,
        jon.grimm@....com
Subject: Re: [PATCH 1/4] iommu/amd: Introduce Protection-domain flag VFIO

On 1/20/23 13:55, Kalra, Ashish wrote:
> On 1/20/2023 11:50 AM, Jason Gunthorpe wrote:
>> On Fri, Jan 20, 2023 at 11:01:21AM -0600, Kalra, Ashish wrote:
>>
>>> We basically get the RMP #PF from the IOMMU because there is a page size
>>> mismatch between the RMP table and the IOMMU page table. The RMP table's
>>> large page entry has been smashed to 4K PTEs to handle page state 
>>> change to
>>> shared on 4K mappings, so this change has to be synced up with the IOMMU
>>> page table, otherwise there is now a page size mismatch between RMP table
>>> and IOMMU page table which causes the RMP #PF.
>>
>> I understand that, you haven't answered my question:
>>
>> Why is the IOMMU being programmed with pages it cannot access in the
>> first place?
>>
> 
> I believe the IOMMU page tables are setup as part of device pass-through 
> to be able to do DMA to all of the guest memory, but i am not an IOMMU 
> expert, so i will let Suravee elaborate on this.

Right. And what I believe Jason is saying is, that for SNP, since we know 
we can only DMA into shared pages, there is no need to setup the initial 
IOMMU page tables for all of guest memory. Instead, wait and set up IOMMU 
mappings when we do a page state change to shared and remove any mappings 
when we do a page state change to private.

Thanks,
Tom

> 
> Thanks,
> Ashish
> 
>> Don't do that is the obvious solution there, and preserves huge page
>> IO performance.
>>
>> Jason
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ