From nobody Tue Nov 18 02:50:37 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1607060987; cv=none; d=zohomail.com; s=zohoarc; b=XbZSKvN78GZxLBk0rA3IVBkMyb0msEdxBrocUE2nfakbwXoAFWNij52vhQu7DxLQy9lA7Otkj93dntCdfHWzxtnZegeSPduIJhwy/ZUwR53MgDKJk5LxV45LlJ02c/zStCZWo6csWBLsw759AWhXPtizh5QPvO/WMWTHWWDRreA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1607060987; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xI5FvMBNBNduVNuT75KdH+l7g5t544cMrpJfSNk34aA=; b=TwUEJF3kn5hYQlXf6PExxyXYpwzmv48Y5zV1G2J3xVlyDE6EDFjjiAhmnEO7rgMzRO2q3usjXggZMfrP8VF8zJeazh5+2YYDDZctvGXUUmz9uVAepds1iUn62F247j/X7n93ek7c0sZf3oKJT6QixOnGcBwc4xMMx6xTa2/qkFs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1607060987643223.76002652915656; Thu, 3 Dec 2020 21:49:47 -0800 (PST) Received: from localhost ([::1]:47924 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kl3yU-0003dp-IC for importer@patchew.org; Fri, 04 Dec 2020 00:49:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:56862) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kl3tX-0004EV-Rn; Fri, 04 Dec 2020 00:44:39 -0500 Received: from bilbo.ozlabs.org ([203.11.71.1]:46815 helo=ozlabs.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kl3tV-00006I-9r; Fri, 04 Dec 2020 00:44:39 -0500 Received: by ozlabs.org (Postfix, from userid 1007) id 4CnM8j2ctRz9sWD; Fri, 4 Dec 2020 16:44:21 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gibson.dropbear.id.au; s=201602; t=1607060661; bh=VJ+LxQJOkUVbhfEUmAX9VA/bXYtOMYSQX40lQmDmveM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=n/hPt3e/EfOiifh/tLDcORyx4cp37QBDhJC+dZIUX84hluIDTzl9WSZvn2hpjXPci iutHioNHKh8PvMKfetFpm85FIdF3HrtE9XlCKmt8JHPB0ePHauUOLRQyH6eq8Y1d0P K3T3aL3fPzr4KyCGKJ9rj8SPkzOU8TG8bRBuz+E0= From: David Gibson To: pair@us.ibm.com, pbonzini@redhat.com, frankja@linux.ibm.com, brijesh.singh@amd.com, dgilbert@redhat.com, qemu-devel@nongnu.org Subject: [for-6.0 v5 12/13] securable guest memory: Alter virtio default properties for protected guests Date: Fri, 4 Dec 2020 16:44:14 +1100 Message-Id: <20201204054415.579042-13-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201204054415.579042-1-david@gibson.dropbear.id.au> References: <20201204054415.579042-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=203.11.71.1; envelope-from=dgibson@ozlabs.org; helo=ozlabs.org X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, cohuck@redhat.com, berrange@redhat.com, Eduardo Habkost , kvm@vger.kernel.org, "Michael S. Tsirkin" , Richard Henderson , Marcelo Tosatti , david@redhat.com, mdroth@linux.vnet.ibm.com, pasic@linux.ibm.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, qemu-ppc@nongnu.org, David Gibson , rth@twiddle.net Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" The default behaviour for virtio devices is not to use the platforms normal DMA paths, but instead to use the fact that it's running in a hypervisor to directly access guest memory. That doesn't work if the guest's memory is protected from hypervisor access, such as with AMD's SEV or POWER's PEF. So, if a securable guest memory mechanism is enabled, then apply the iommu_platform=3Don option so it will go through normal DMA mechanisms. Those will presumably have some way of marking memory as shared with the hypervisor or hardware so that DMA will work. Signed-off-by: David Gibson Reviewed-by: Dr. David Alan Gilbert Reviewed-by: Cornelia Huck --- hw/core/machine.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/core/machine.c b/hw/core/machine.c index a67a27d03c..d16273d75d 100644 --- a/hw/core/machine.c +++ b/hw/core/machine.c @@ -28,6 +28,8 @@ #include "hw/mem/nvdimm.h" #include "migration/vmstate.h" #include "exec/securable-guest-memory.h" +#include "hw/virtio/virtio.h" +#include "hw/virtio/virtio-pci.h" =20 GlobalProperty hw_compat_5_1[] =3D { { "vhost-scsi", "num_queues", "1"}, @@ -1169,6 +1171,17 @@ void machine_run_board_init(MachineState *machine) * areas. */ machine_set_mem_merge(OBJECT(machine), false, &error_abort); + + /* + * Virtio devices can't count on directly accessing guest + * memory, so they need iommu_platform=3Don to use normal DMA + * mechanisms. That requires also disabling legacy virtio + * support for those virtio pci devices which allow it. + */ + object_register_sugar_prop(TYPE_VIRTIO_PCI, "disable-legacy", + "on", true); + object_register_sugar_prop(TYPE_VIRTIO_DEVICE, "iommu_platform", + "on", false); } =20 machine_class->init(machine); --=20 2.28.0