[PATCH 3/3] arm64/coco: Add pKVM as a CC platform
Mostafa Saleh
smostafa at google.com
Fri Jun 12 01:44:06 PDT 2026
On Thu, Jun 04, 2026 at 02:29:00PM +0530, Aneesh Kumar K.V wrote:
> Mostafa Saleh <smostafa at google.com> writes:
>
> > pKVM does support memory encryption, expose that to the rest of
> > the kernel through cc_platform_has()
> >
> > At the moment, all devices inside the guest are emulated which
> > requires its memory to be shared back to the host (decrypted), so
> > set force_dma_unencrypted() to always return true.
> >
> > Although, typically pKVM guests rely on restricted-dma-pools to
> > bounce traffic, with this change, it is possible to solely rely on
> > the default SWIOTLB for that (assuming the appropriate size is set
> > from the command line)
> >
> > Signed-off-by: Mostafa Saleh <smostafa at google.com>
> > ---
> > This change is critical for the ongoing refactoring of the DMA-API[1]
> > that will break protected guests under pKVM with this patch. That is
> > due to this rework will make the state of the SWIOTLB and restricted
> > dma pools depends on the value returned by cc_platform_has()
> >
> > [1] https://lore.kernel.org/all/20260522042815.370873-1-aneesh.kumar@kernel.org/
> > ---
> > arch/arm64/include/asm/hypervisor.h | 13 +++++++++++++
> > arch/arm64/include/asm/mem_encrypt.h | 3 ++-
> > arch/arm64/kernel/rsi.c | 12 ------------
> > arch/arm64/mm/init.c | 15 ++++++++++++++-
> > drivers/virt/coco/pkvm-guest/arm-pkvm-guest.c | 3 +++
> > 5 files changed, 32 insertions(+), 14 deletions(-)
> >
> > index d66291def0f4..26fe9c3f22e3 100644
[...]
> > --- a/drivers/virt/coco/pkvm-guest/arm-pkvm-guest.c
> > +++ b/drivers/virt/coco/pkvm-guest/arm-pkvm-guest.c
> > @@ -17,6 +17,7 @@
> > #include <asm/hypervisor.h>
> >
> > static size_t pkvm_granule;
> > +DEFINE_STATIC_KEY_FALSE_RO(pkvm_guest);
> >
>
> Do we need EXPORT_SYMBOL on this?
I was not sure about that, all users of this are in tree, I saw RME
code have the EXPORT but did not know why?
Thanks,
Mostafa
>
>
> -aneesh
More information about the linux-arm-kernel
mailing list