[RFC PATCH 08/12] vfio/pci: Create host unaccessible dma-buf for private device
Jason Gunthorpe
jgg at nvidia.com
Mon Jan 20 13:25:25 UTC 2025
On Mon, Jun 24, 2024 at 03:59:53AM +0800, Xu Yilun wrote:
> > But it also seems to me that VFIO should be able to support putting
> > the device into the RUN state
>
> Firstly I think VFIO should support putting device into *LOCKED* state.
> From LOCKED to RUN, there are many evidence fetching and attestation
> things that only guest cares. I don't think VFIO needs to opt-in.
VFIO is not just about running VMs. If someone wants to run DPDK on
VFIO they should be able to get the device into a RUN state and work
with secure memory without requiring a KVM. Yes there are many steps
to this, but we should imagine how it can work.
> > without involving KVM or cVMs.
>
> It may not be feasible for all vendors.
It must be. A CC guest with an in kernel driver can definately get the
PCI device into RUN, so VFIO running in the guest should be able as
well.
> I believe AMD would have one firmware call that requires cVM handle
> *AND* move device into LOCKED state. It really depends on firmware
> implementation.
IMHO, you would not use the secure firmware if you are not using VMs.
> Yes, the secure EPT is in the secure world and managed by TDX firmware.
> Now a SW Mirror Secure EPT is introduced in KVM and managed by KVM
> directly, and KVM will finally use firmware calls to propagate Mirror
> Secure EPT changes to secure EPT.
If the secure world managed it then the secure world can have rules
that work with the IOMMU as well..
Jason
More information about the dri-devel
mailing list