[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240805232246.GH478300@nvidia.com>
Date: Mon, 5 Aug 2024 20:22:46 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: "Tian, Kevin" <kevin.tian@...el.com>
Cc: David Hildenbrand <david@...hat.com>,
Mostafa Saleh <smostafa@...gle.com>,
John Hubbard <jhubbard@...dia.com>,
Elliot Berman <quic_eberman@...cinc.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Shuah Khan <shuah@...nel.org>, Matthew Wilcox <willy@...radead.org>,
"maz@...nel.org" <maz@...nel.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-arm-msm@...r.kernel.org" <linux-arm-msm@...r.kernel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
Fuad Tabba <tabba@...gle.com>, "Xu, Yilun" <yilun.xu@...el.com>,
"Qiang, Chenyi" <chenyi.qiang@...el.com>
Subject: Re: [PATCH RFC 0/5] mm/gup: Introduce exclusive GUP pinning
On Mon, Aug 05, 2024 at 02:24:42AM +0000, Tian, Kevin wrote:
>
> According to [3],
>
> "
> With SNP, when pages are marked as guest-owned in the RMP table,
> they are assigned to a specific guest/ASID, as well as a specific GFN
> with in the guest. Any attempts to map it in the RMP table to a different
> guest/ASID, or a different GFN within a guest/ASID, will result in an RMP
> nested page fault.
> "
>
> With that measure in place my impression is that even the CPU's GPA
> translation can be controlled by the unsecure world in SEV-SNP.
Sure, but the GPA is the KVM S2, not the IOMMU. If there is some
complicated way to lock down the KVM S2 then it doesn't necessarily
apply to every IOVA to GPA translation as well.
The guest/hypervisor could have a huge number of iommu domains, where
would you even store such granular data?
About the only thing that could possibly do is setup a S2 IOMMU
identity translation reliably and have no support for vIOMMU - which
doesn't sound like a sane architecture to me.
It is not insurmountable, but it is going to be annoying if someone
needs access to the private pages physical address in the iommufd
side.
Jason
Powered by blists - more mailing lists