From: Jason Gunthorpe <jgg@nvidia.com>
To: Jacob Pan <jacob.pan@linux.microsoft.com>
Cc: Dave Hansen <dave.hansen@intel.com>,
Lu Baolu <baolu.lu@linux.intel.com>,
Joerg Roedel <joro@8bytes.org>, Will Deacon <will@kernel.org>,
Robin Murphy <robin.murphy@arm.com>,
Kevin Tian <kevin.tian@intel.com>, Jann Horn <jannh@google.com>,
Vasant Hegde <vasant.hegde@amd.com>,
Alistair Popple <apopple@nvidia.com>,
Peter Zijlstra <peterz@infradead.org>,
Uladzislau Rezki <urezki@gmail.com>,
Jean-Philippe Brucker <jean-philippe@linaro.org>,
Andy Lutomirski <luto@kernel.org>,
iommu@lists.linux.dev, security@kernel.org,
linux-kernel@vger.kernel.org, stable@vger.kernel.org
Subject: Re: [PATCH 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush
Date: Wed, 9 Jul 2025 15:54:11 -0300 [thread overview]
Message-ID: <20250709185411.GJ1599700@nvidia.com> (raw)
In-Reply-To: <20250709114432.294425ff@DESKTOP-0403QTC.>
On Wed, Jul 09, 2025 at 11:44:32AM -0700, Jacob Pan wrote:
> So you are saying IOMMU can cache user DMA initiated walks and cache
> with supervisor privilige? Since the SVA PASID is a user PASID, even if
> IOMMU uses the cache later on, how could it get supervior privilege?
The walk cache (aka paging structure cache) and IOTLB cache are
different things.
The walk cache has no concept of privilege. All memory holding page
tables can be loaded into the walk cache. Meaning any table in the
radix tree is eligible to reside in the walk cache.
So we point the IOMMU at the CR3 of a MM struct with KVA's mapped into
it and the walk cache is permitted to somehow cache every single 4k
page that comprises that radix tree.
Supervisor does not come into it at all. I had hoped the U/S bits
within the table structure itself would effect the walk cache but it
was confirmed that it does not.
Jason
next prev parent reply other threads:[~2025-07-09 18:54 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-04 13:30 [PATCH 1/1] iommu/sva: Invalidate KVA range on kernel TLB flush Lu Baolu
2025-07-04 13:38 ` Jason Gunthorpe
2025-07-05 3:50 ` Baolu Lu
2025-07-05 9:06 ` Vasant Hegde
2025-07-08 5:42 ` Baolu Lu
2025-07-08 12:27 ` Jason Gunthorpe
2025-07-08 14:06 ` Jason Gunthorpe
2025-07-09 1:25 ` Baolu Lu
2025-07-09 15:51 ` Jacob Pan
2025-07-09 16:27 ` Jason Gunthorpe
2025-07-09 18:15 ` Jacob Pan
2025-07-09 18:22 ` Dave Hansen
2025-07-09 18:44 ` Jacob Pan
2025-07-09 18:54 ` Jason Gunthorpe [this message]
2025-07-14 12:39 ` David Laight
2025-07-14 13:19 ` Uladzislau Rezki
2025-07-14 14:50 ` Mike Rapoport
2025-07-15 0:05 ` Tian, Kevin
2025-07-15 1:19 ` Baolu Lu
2025-07-10 2:57 ` Baolu Lu
2025-07-10 15:28 ` Jacob Pan
2025-07-10 15:35 ` Jason Gunthorpe
2025-07-11 14:36 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250709185411.GJ1599700@nvidia.com \
--to=jgg@nvidia.com \
--cc=apopple@nvidia.com \
--cc=baolu.lu@linux.intel.com \
--cc=dave.hansen@intel.com \
--cc=iommu@lists.linux.dev \
--cc=jacob.pan@linux.microsoft.com \
--cc=jannh@google.com \
--cc=jean-philippe@linaro.org \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=robin.murphy@arm.com \
--cc=security@kernel.org \
--cc=stable@vger.kernel.org \
--cc=urezki@gmail.com \
--cc=vasant.hegde@amd.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.