On Thu, May 14, 2026 at 11:37:33AM -0300, Jason Gunthorpe wrote: > On Thu, May 14, 2026 at 06:18:05PM +0530, Aneesh Kumar K.V wrote: > > > There is no problem with non-protected guests as they don't use memory > > > encryption, my initial thought was that th encrpyted/decrypted is > > > per-pool property which is decided by FW (device-tree). > > > > What I meant was that we need a generic way to identify a pKVM guest, so > > that we can use it in the conditional above. > > If I understood Mostafa's remarks I think different devices in the > guest need shared/decrypted and some don't? Ie a virtio hypervisor > device needs shared while a real PCI device doesn't? Is that right?
In upstream, device passthrough is not supported, but that case is supported in Android and we plan to upstream it (it currently depends on the SMMUv3 series first) > > In CC terms that would be a mixture of T=0 and T=1 devices hardwired > and signaled by firwmare.. > > Ideally we'd have a flow where if the arch precreates a swiotlb pool > with special parameters this overrides all other decision making. Then > this series is about making CC NOT use that flow... ?? Yes, I believe that will be needed, we do this at android by a per-pool property added in the device tree. Thanks, Mostafa > > Jason
