lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 2 Feb 2024 10:10:56 +0530
From: Vishal Annapurve <vannapurve@...gle.com>
To: Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, pbonzini@...hat.com, 
	rientjes@...gle.com, seanjc@...gle.com, erdemaktas@...gle.com, 
	ackerleytng@...gle.com, jxgao@...gle.com, sagis@...gle.com, oupton@...gle.com, 
	peterx@...hat.com, vkuznets@...hat.com, dmatlack@...gle.com, 
	pgonda@...gle.com, michael.roth@....com, kirill@...temov.name, 
	thomas.lendacky@....com, dave.hansen@...ux.intel.com, 
	linux-coco@...ts.linux.dev, chao.p.peng@...ux.intel.com, 
	isaku.yamahata@...il.com, andrew.jones@...ux.dev, corbet@....net, hch@....de, 
	m.szyprowski@...sung.com, rostedt@...dmis.org, iommu@...ts.linux.dev
Subject: Re: [RFC V1 3/5] x86: CVMs: Enable dynamic swiotlb by default for CVMs

On Thu, Feb 1, 2024 at 5:50 PM Jeremi Piotrowski
<jpiotrowski@...ux.microsoft.com> wrote:
>
> On 12/01/2024 06:52, Vishal Annapurve wrote:
> > CVMs used SWIOTLB for non-trusted IO using dma_map_* APIs. This series
> > will ensure that dma_alloc_* API to also allocate from SWIOTLB pools.
> > Initial size of SWIOTLB pool is decided using heuristics and has been
> > working with CVM usecases so far.
> >
> > It's better to allow SWIOTLB to scale up on demand rather than keeping
> > the size fixed to avoid failures with possibly increased usage of
> > SWIOTLB with dma_alloc_* APIs allocating from SWIOTLB pools. This should
> > also help in future with more devices getting used from CVMs for
> > non-trusted IO.
> >
> > Signed-off-by: Vishal Annapurve <vannapurve@...gle.com>
> > ---
> >  arch/x86/Kconfig | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 1566748f16c4..035c8a022c4c 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kconfig
> > @@ -884,6 +884,7 @@ config INTEL_TDX_GUEST
> >       select X86_MEM_ENCRYPT
> >       select X86_MCE
> >       select UNACCEPTED_MEMORY
> > +     select SWIOTLB_DYNAMIC
> >       help
> >         Support running as a guest under Intel TDX.  Without this support,
> >         the guest kernel can not boot or run under TDX.
> > @@ -1534,6 +1535,7 @@ config AMD_MEM_ENCRYPT
> >       select ARCH_HAS_CC_PLATFORM
> >       select X86_MEM_ENCRYPT
> >       select UNACCEPTED_MEMORY
> > +     select SWIOTLB_DYNAMIC
> >       help
> >         Say yes to enable support for the encryption of system memory.
> >         This requires an AMD processor that supports Secure Memory
>
> What this does is unconditionally enable SWIOTLB_DYNAMIC for every kernel compiled
> to support memory encryption, regardless of whether it runs inside a confidential guest.
> I don't think that is what you intended.
>

Right, I will have to add a way to toggle this support dynamically in
addition to having the support built in, based on more discussion
around 2M allocations and dynamic scaling.

> Best wishes,
> Jeremi
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ