RE: [PATCH v5 06/14] x86/ioremap: Support hypervisor specified range to map as encrypted

[Michael Kelley (LINUX)]

From: Dave Hansen <dave.hansen@xxxxxxxxx> Sent: Thursday, February 23, 2023 12:42 PM
> 
> On 2/23/23 12:26, Dave Hansen wrote:
> >> +       if (cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT)) {
> >> +               /*
> >> +               * Ensure fixmaps for IOAPIC MMIO respect memory encryption pgprot
> >> +               * bits, just like normal ioremap():
> >> +               */
> >> +               if (x86_platform.hyper.is_private_mmio(phys))
> >> +                       flags = pgprot_encrypted(flags);
> >> +               else
> >> +                       flags = pgprot_decrypted(flags);
> >> +       }
> ...
> > It does seem a bit odd that there's a new CC_ATTR_GUEST_MEM_ENCRYPT
> > check wrapping this whole thing.  I guess the trip through
> > pgprot_decrypted() is harmless on normal platforms, though.
> 
> Yeah, that's _really_ odd.  Sean, were you trying to optimize away the
> indirect call or something?
> 
> I would just expect the Hyper-V/vTOM code to leave
> x86_platform.hyper.is_private_mmio alone unless
> it *knows* the platform has private MMIO *and* CC_ATTR_GUEST_MEM_ENCRYPT.

Agreed.

> 
> Is there ever a case where CC_ATTR_GUEST_MEM_ENCRYPT==0 and he
> Hyper-V/vTOM code would need to set x86_platform.hyper.is_private_mmio?

There's no such case. 

I agree that gating with CC_ATTR_GUEST_MEM_ENCRYPT isn't really necessary.
Current upstream code always does the pgprot_decrypted(), and as you said,
that's a no-op on platforms with no memory encryption.

Michael