From: Christoph Hellwig <hch@lst.de>
To: Tom Roeder <tmroeder@google.com>
Cc: Keith Busch <kbusch@kernel.org>, Jens Axboe <axboe@fb.com>,
Christoph Hellwig <hch@lst.de>, Sagi Grimberg <sagi@grimberg.me>,
Peter Gonda <pgonda@google.com>,
Marios Pomonis <pomonis@google.com>,
linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] nvme: Cache DMA descriptors to prevent corruption.
Date: Fri, 20 Nov 2020 09:02:43 +0100 [thread overview]
Message-ID: <20201120080243.GA20463@lst.de> (raw)
In-Reply-To: <20201120012738.2953282-1-tmroeder@google.com>
On Thu, Nov 19, 2020 at 05:27:37PM -0800, Tom Roeder wrote:
> This patch changes the NVMe PCI implementation to cache host_mem_descs
> in non-DMA memory instead of depending on descriptors stored in DMA
> memory. This change is needed under the malicious-hypervisor threat
> model assumed by the AMD SEV and Intel TDX architectures, which encrypt
> guest memory to make it unreadable. Some versions of these architectures
> also make it cryptographically hard to modify guest memory without
> detection.
I don't think this is a useful threat model, and I've not seen a
discussion on lkml where we had any discussion on this kind of threat
model either.
Before you start sending patches that regress optimizations in various
drivers (and there will be lots with this model) we need to have a
broader discussion first.
And HMB support, which is for low-end consumer devices that are usually
not directly assigned to VMs aren't a good starting point for this.
next prev parent reply other threads:[~2020-11-20 8:03 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 1:27 [PATCH v2] nvme: Cache DMA descriptors to prevent corruption Tom Roeder
2020-11-20 8:02 ` Christoph Hellwig [this message]
2020-11-20 14:29 ` Keith Busch
2020-11-30 18:55 ` Tom Roeder
2020-11-30 18:50 ` Tom Roeder
2020-12-02 16:31 ` Tom Lendacky
-- strict thread matches above, loose matches on Subject: below --
2023-01-24 17:24 Julien Bachmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201120080243.GA20463@lst.de \
--to=hch@lst.de \
--cc=axboe@fb.com \
--cc=kbusch@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=pgonda@google.com \
--cc=pomonis@google.com \
--cc=sagi@grimberg.me \
--cc=tmroeder@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox