From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 21412CD4F26 for ; Fri, 19 Jun 2026 13:36:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: Message-ID:Date:References:In-Reply-To:Subject:Cc:To:From:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=MBitVv/Wp6PuH6BWLvxBrPjtZ76g3L5KKs3NVrBh8ZQ=; b=e9oMd6a3cfAML0svgPTDoAeDCu 4WHsuvL3W+3gpvrkSOpDxn8AlYhevaZub9jUYPXyM5CHW+P++1CZlGXlCuXX73tmYDtGehkMF2eFy CigEa+zgnD8u9OY2EmZj3Tqn8SYgzNa8qDsOuB4DDvmcOqxO31XYtTbuQHyhrXywDWhNhcejyid3j 98aG1AfFfgD8v/6edwmz/On8z3grokPkQoEQRq/TaCf5l9F5gCuuvTs9rjG7S/ZAP5DxEWeczAilR 4Lcg/vJ5IqJAYupv1WLZBhkSuZe8T5GP6lx5Hq3ICI7sNXvI0NEOoLtICRqiXIA+FEMWPfnM4yY45 UMxPvQnQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.99.1 #2 (Red Hat Linux)) id 1waZOZ-00000002UcM-1WS8; Fri, 19 Jun 2026 13:36:31 +0000 Received: from tor.source.kernel.org ([172.105.4.254]) by bombadil.infradead.org with esmtps (Exim 4.99.1 #2 (Red Hat Linux)) id 1waZOY-00000002UcG-0laY for linux-arm-kernel@lists.infradead.org; Fri, 19 Jun 2026 13:36:30 +0000 Received: from smtp.kernel.org (quasi.space.kernel.org [100.103.45.18]) by tor.source.kernel.org (Postfix) with ESMTP id 5A9A0601E2; Fri, 19 Jun 2026 13:36:29 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CEF291F000E9; Fri, 19 Jun 2026 13:36:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kernel.org; s=k20260515; t=1781876189; bh=MBitVv/Wp6PuH6BWLvxBrPjtZ76g3L5KKs3NVrBh8ZQ=; h=From:To:Cc:Subject:In-Reply-To:References:Date; b=kAH1+xXXWAZrnqaGD7/jcVVJZXKo1zqhlJeoVFzORJVb9aVkw/eIs71MOGxdZcaTO gLj5qu44i7FTmN2rf5o3o/3j1qWmECbRssq5GeQm2sT4GmMMGH4Lse//y80zxxhIqT eyzkJU4bptugVm248QSCRQqo6wkaBO5MtCdvWI+LkKIpVqimUNwXQyk7VRJgm6IXk3 ndmjfdpm/R6nLX5ltoS7VekJgvgsRGw66rPjZVRqav3g0KHKladHM/yUbPDEHAuJZV RUHs/hLvB02W/2/PHdotsxouWvZD8zoQIaFae5QnDu6Xlklqdeh3wTLyYSkbez2bG/ fcXGVjxDeiEiw== X-Mailer: emacs 30.2 (via feedmail 11-beta-1 I) From: Aneesh Kumar K.V To: Jason Gunthorpe Cc: Alexey Kardashevskiy , Catalin Marinas , iommu@lists.linux.dev, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev, Robin Murphy , Marek Szyprowski , Will Deacon , Marc Zyngier , Steven Price , Suzuki K Poulose , Jiri Pirko , Mostafa Saleh , Petr Tesarik , Dan Williams , Xu Yilun , linuxppc-dev@lists.ozlabs.org, linux-s390@vger.kernel.org, Madhavan Srinivasan , Michael Ellerman , Nicholas Piggin , "Christophe Leroy (CS GROUP)" , Alexander Gordeev , Gerald Schaefer , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , Sven Schnelle , x86@kernel.org Subject: Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths In-Reply-To: <20260619122148.GL231643@ziepe.ca> References: <20260604083959.1265923-1-aneesh.kumar@kernel.org> <20260609144746.GL2764304@ziepe.ca> <2ecfa1a8-6202-4319-9692-a6ffeb5a3dbf@amd.com> <20260618153705.GH231643@ziepe.ca> <20260619122148.GL231643@ziepe.ca> Date: Fri, 19 Jun 2026 14:36:19 +0100 Message-ID: MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Jason Gunthorpe writes: > On Fri, Jun 19, 2026 at 01:14:13PM +0100, Aneesh Kumar K.V wrote: >> > And this is more insane logic. The right fix is to allocate the >> > swiotlb bounce from the *encrypted* pools when running on the >> > hypervisor which requires undoing this abuse of force_dma_decrypted(). >> > >> >> Agreed. If the device can do encrypted DMA and requires bouncing, it >> should bounce through encrypted pools. We don't support encrypted pools >> now and that means, we mark the option ("mem_encrypt=on iommu=pt >> swiotlb=force") not supported for now? > > ?? if you don't have a CC system then the swiotlb is "encrypted" > meaning ordinary struct page system memory. > > The hypervisor should not be triggering any CC special stuff here, it > is not a CC guest. > > Agree we don't need to worry about swiotlb=force with a trusted device > in the GUEST for now, but it should be something to fix eventually. > If i understand this correctly, the setup Alexey is referring to here is bare metal system with memory encryption enabled and dma address doesn't need C bit cleared because it is handled in iommu. ( I consider this as memory encryption that is handled transparently, device can access any address because that encryption details are now managed by iommu). Thinking about this more, I guess we should mark the swiotlb as cc_shared only with CC_ATTR_GUEST_MEM_ENCRYPT instead of CC_ATTR_MEM_ENCRYPT as we have below. /* * if platform support memory encryption, swiotlb buffers are * shared by default. */ if (cc_platform_has(CC_ATTR_MEM_ENCRYPT)) io_tlb_default_mem.cc_shared = true; else io_tlb_default_mem.cc_shared = false; .... if (io_tlb_default_mem.cc_shared) set_memory_decrypted((unsigned long)mem->vaddr, bytes >> PAGE_SHIFT); So we consider swiotlb as encrypted pool in such config. Now we have the case of host memory encryption where the C-bit needs to be cleared in dma_addr_t. That requires special handling in the kernel, and I believe we need to mark swiotlb as unencrypted in this configuration. I am still not clear whether there is a config option or runtime check we can use to identify this case. -aneesh