| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Feb 2024 13:20:03 +0100 From: Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com> To: Vishal Annapurve <vannapurve@...gle.com>, x86@...nel.org, linux-kernel@...r.kernel.org Cc: pbonzini@...hat.com, rientjes@...gle.com, bgardon@...gle.com, seanjc@...gle.com, erdemaktas@...gle.com, ackerleytng@...gle.com, jxgao@...gle.com, sagis@...gle.com, oupton@...gle.com, peterx@...hat.com, vkuznets@...hat.com, dmatlack@...gle.com, pgonda@...gle.com, michael.roth@....com, kirill@...temov.name, thomas.lendacky@....com, dave.hansen@...ux.intel.com, linux-coco@...ts.linux.dev, chao.p.peng@...ux.intel.com, isaku.yamahata@...il.com, andrew.jones@...ux.dev, corbet@....net, hch@....de, m.szyprowski@...sung.com, bp@...e.de, rostedt@...dmis.org, iommu@...ts.linux.dev Subject: Re: [RFC V1 3/5] x86: CVMs: Enable dynamic swiotlb by default for CVMs On 12/01/2024 06:52, Vishal Annapurve wrote: > CVMs used SWIOTLB for non-trusted IO using dma_map_* APIs. This series > will ensure that dma_alloc_* API to also allocate from SWIOTLB pools. > Initial size of SWIOTLB pool is decided using heuristics and has been > working with CVM usecases so far. > > It's better to allow SWIOTLB to scale up on demand rather than keeping > the size fixed to avoid failures with possibly increased usage of > SWIOTLB with dma_alloc_* APIs allocating from SWIOTLB pools. This should > also help in future with more devices getting used from CVMs for > non-trusted IO. > > Signed-off-by: Vishal Annapurve <vannapurve@...gle.com> > --- > arch/x86/Kconfig | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index 1566748f16c4..035c8a022c4c 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -884,6 +884,7 @@ config INTEL_TDX_GUEST > select X86_MEM_ENCRYPT > select X86_MCE > select UNACCEPTED_MEMORY > + select SWIOTLB_DYNAMIC > help > Support running as a guest under Intel TDX. Without this support, > the guest kernel can not boot or run under TDX. > @@ -1534,6 +1535,7 @@ config AMD_MEM_ENCRYPT > select ARCH_HAS_CC_PLATFORM > select X86_MEM_ENCRYPT > select UNACCEPTED_MEMORY > + select SWIOTLB_DYNAMIC > help > Say yes to enable support for the encryption of system memory. > This requires an AMD processor that supports Secure Memory What this does is unconditionally enable SWIOTLB_DYNAMIC for every kernel compiled to support memory encryption, regardless of whether it runs inside a confidential guest. I don't think that is what you intended. Best wishes, Jeremi
Powered by blists - more mailing lists