On Wed, Jan 05, 2022 at 08:06:10AM -0600, Tom Lendacky wrote: > On 1/4/22 4:49 PM, Kirill A. Shutemov wrote: > > Hi Tom, > > > > For larger TDX VM, memset() after set_memory_decrypted() in > > swiotlb_update_mem_attributes() takes substantial portion of boot time. > > > > It makes me wounder why do we need it there? Malicious VMM can mess with > > decrypted/shared buffer at any point and for normal use it will be > > populated with real data anyway. > > > > Can we drop it? > > Probably more a question for Christoph. Does SWIOTLB need to be initialized > to zeroes? If it does, then the memset after the set_memory_decrypted() is > required, otherwise it will appear as ciphertext to SWIOTLB.
While the traditional swiotlb initialization zeroes it I can't really see any reason why we would want to zero it. If we really care about not leaking data to the device we'd need to zero the padding at mapping time. _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu
