Re: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted

From: Borislav Petkov
Date: Fri Feb 10 2023 - 14:04:04 EST

Next message: Francesco Dolcini: "Re: [PATCH v2 0/5] Bluetooth: hci_mrvl: Add serdev support for 88W8997"
Previous message: Mark Brown: "Re: [PATCH v2] spi: intel: Update help text of PCI and Platform drivers"
In reply to: Dave Hansen: "Re: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
Next in thread: Michael Kelley (LINUX): "RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 10, 2023 at 06:41:54PM +0000, Sean Christopherson wrote:
> Anyways, tying things back to the actual code being discussed, I vote against
> CC_ATTR_PARAVISOR. Being able to trust device emulation is not unique to a
> paravisor. A single flag also makes too many assumptions about what is trusted
> and thus should be accessed encrypted.

I'm not crazy about the alternative either: one flag per access type:
IO APIC, vTPM, and soon.

Soon this will become an unmaintainable zoo of different guest types
people want the kernel to support. I don't think I want that madness in
kernel proper.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Francesco Dolcini: "Re: [PATCH v2 0/5] Bluetooth: hci_mrvl: Add serdev support for 88W8997"
Previous message: Mark Brown: "Re: [PATCH v2] spi: intel: Update help text of PCI and Platform drivers"
In reply to: Dave Hansen: "Re: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
Next in thread: Michael Kelley (LINUX): "RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]