Xen project Mailing List

Re: Allocating SEV C-bit-cleared pages (without relying on swiotlb)

To: "Michael Kelley" <mhklinux@xxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxxxxxxxx

From: "Teddy Astie" <teddy.astie@xxxxxxxxxx>

Date: Fri, 28 Mar 2025 17:46:44 +0000

Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 28 Mar 2025 17:46:58 +0000

Feedback-id: 30504962:30504962.20250328:md

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Le 28/03/2025 à 17:31, Michael Kelley a écrit : > From: Teddy Astie <teddy.astie@xxxxxxxxxx> Sent: Thursday, March 27, 2025 > 7:12 AM >> To: linux-kernel@xxxxxxxxxxxxxxx; linux-mm@xxxxxxxxxxxxxxx >> Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx> >> Subject: Allocating SEV C-bit-cleared pages (without relying on swiotlb) >> >> Hello Linux mailing list ! >> >> For porting Linux code to make it work on Xen with AMD-SEV, I need to >> change the allocation of some pages to use "shared pages" (C-bit >> cleared) instead of private pages (C-bit set, which is the default kind) >> as these pages needs to be shared with the hypervisor/Dom0. >> >> Is there a facility to allocate pages with C-bit cleared (and if not >> running under SEV, just allocate a plain page) ? Current Linux code for >> SEV seems to only rely on swiotlb as access to shared page is mostly >> made through DMA-kind devices (e.g virtio or emulated device), but I >> don't think it is the best approach. >> > > For allocating memory that can be shared with the hypervisor, > allocate memory as usual (with alloc_pages(), for example), then > call set_memory_decrypted() on that memory. This approach > works in general for Confidential Computing (CoCo) VMs, > regardless of whether the underlying hardware is AMD SEV-SNP, > Intel TDX, or ARM64 CCA. If you are running in a non-CoCo > VM, set_memory_decrypted() is a no-op, so you can call it > without having to check whether you are in a CoCo VM. > > When freeing the memory, do the reverse. Call > set_memory_encrypted() first, then free the memory as > usual. Note that if set_memory_encrypted() fails for any > reason, just leak the memory instead of freeing it because > the encrypted state is unknown after such a failure. > > If you search for set_memory_decrypted() in kernel code, > you'll find several examples. See drivers/hv/hv_connection.c > as one place where code for running on Hyper-V follows > this paradigm. There are several other examples as well. > > Michael set_memory_decrypted does the job. Thanks Teddy Teddy Astie | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.