From: Jason Gunthorpe <jgg@nvidia.com>
To: Wei Wang <wei.w.wang@hotmail.com>
Cc: alex@shazbot.org, thomas.lendacky@amd.com, vasant.hegde@amd.com,
suravee.suthikulpanit@amd.com, joro@8bytes.org, aik@amd.com,
kevin.tian@intel.com, linux-kernel@vger.kernel.org,
iommu@lists.linux.dev
Subject: Re: [PATCH v3 1/2] iommupt: Do not set C-bit on MMIO backed PTEs
Date: Mon, 17 Nov 2025 15:15:26 -0400 [thread overview]
Message-ID: <20251117191526.GI10864@nvidia.com> (raw)
In-Reply-To: <SI2PR01MB4393D642190C5C04A0543236DCCDA@SI2PR01MB4393.apcprd01.prod.exchangelabs.com>
On Thu, Nov 13, 2025 at 11:54:06PM +0800, Wei Wang wrote:
> AMD Secure Memory Encryption (SME) marks individual memory pages as
> encrypted by setting the C-bit in page table entries. According to the
> AMD APM,any pages corresponding to MMIO addresses must be configured
> with the C-bit clear.
>
> The current *_iommu_set_prot() implementation sets the C-bit on all PTEs
> in the IOMMU page tables. This is incorrect for PTEs backed by MMIO, and
> can break PCIe peer-to-peer communication when IOVA is used. Fix this by
> avoiding the C-bit for MMIO-backed mappings.
>
> For amdv2 IOMMU page tables, there is a usage scenario for GVA->GPA
> mappings, and for the trusted MMIO in the TEE-IO case, the C-bit will need
> to be added to GPA. However, SNP guests do not yet support vIOMMU, and the
> trusted MMIO support is not ready in upstream. Adding the C-bit for trusted
> MMIO can be considered once those features land.
>
> Fixes: 879ced2bab1b ("iommupt: Add the AMD IOMMU v1 page table format")
> Fixes: aef5de756ea8 ("iommupt: Add the x86 64 bit page table format")
> Suggested-by: Jason Gunthorpe <jgg@nvidia.com>
> Signed-off-by: Wei Wang <wei.w.wang@hotmail.com>
> ---
> drivers/iommu/generic_pt/fmt/amdv1.h | 3 ++-
> drivers/iommu/generic_pt/fmt/x86_64.h | 3 ++-
> 2 files changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Jason
next prev parent reply other threads:[~2025-11-17 19:15 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-13 15:54 [PATCH v3 0/2] iommu: Avoid setting C-bit for MMIO addresses Wei Wang
2025-11-13 15:54 ` [PATCH v3 1/2] iommupt: Do not set C-bit on MMIO backed PTEs Wei Wang
2025-11-17 19:15 ` Jason Gunthorpe [this message]
2025-12-12 2:19 ` Tian, Kevin
2025-11-13 15:54 ` [PATCH v3 2/2] vfio/type1: Set IOMMU_MMIO in dma->prot for MMIO-backed addresses Wei Wang
2025-12-03 1:21 ` Wei Wang
2025-12-12 2:36 ` Tian, Kevin
2025-12-12 7:00 ` Jason Gunthorpe
2025-12-12 7:26 ` Tian, Kevin
2025-12-16 5:40 ` Wei Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251117191526.GI10864@nvidia.com \
--to=jgg@nvidia.com \
--cc=aik@amd.com \
--cc=alex@shazbot.org \
--cc=iommu@lists.linux.dev \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=suravee.suthikulpanit@amd.com \
--cc=thomas.lendacky@amd.com \
--cc=vasant.hegde@amd.com \
--cc=wei.w.wang@hotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.