Re: [PATCH 3/9] iommu/arm-smmu-v3: Use the HW arm_smmu_cmd in cmdq submission functions

Linux-ARM-Kernel Archive on lore.kernel.org
 help / color / mirror / Atom feed

From: Jason Gunthorpe <jgg@nvidia.com>
To: Pranjal Shrivastava <praan@google.com>
Cc: iommu@lists.linux.dev, Jonathan Hunter <jonathanh@nvidia.com>,
	Joerg Roedel <joro@8bytes.org>,
	linux-arm-kernel@lists.infradead.org,
	linux-tegra@vger.kernel.org, Robin Murphy <robin.murphy@arm.com>,
	Thierry Reding <thierry.reding@kernel.org>,
	Krishna Reddy <vdumpa@nvidia.com>, Will Deacon <will@kernel.org>,
	David Matlack <dmatlack@google.com>,
	Pasha Tatashin <pasha.tatashin@soleen.com>,
	patches@lists.linux.dev, Samiullah Khawaja <skhawaja@google.com>,
	Mostafa Saleh <smostafa@google.com>
Subject: Re: [PATCH 3/9] iommu/arm-smmu-v3: Use the HW arm_smmu_cmd in cmdq submission functions
Date: Fri, 8 May 2026 13:00:41 -0300	[thread overview]
Message-ID: <20260508160041.GF9254@nvidia.com> (raw)
In-Reply-To: <af2ebtfgOPzJMXFK@google.com>

On Fri, May 08, 2026 at 08:27:26AM +0000, Pranjal Shrivastava wrote:
> >  /* Should be installed after arm_smmu_install_ste_for_dev() */
> > @@ -4823,7 +4826,8 @@ static int arm_smmu_device_reset(struct arm_smmu_device *smmu)
> >  {
> >  	int ret;
> >  	u32 reg, enables;
> > -	struct arm_smmu_cmdq_ent cmd;
> > +	struct arm_smmu_cmdq_ent ent;
> 
> This shouldn't be uninitialized, we only seem to be setting ent.opcode
> later in the function. 

Yes, that's how the existing code is.

        struct arm_smmu_cmdq_ent cmd;

        cmd.opcode = CMDQ_OP_CFGI_ALL;
        arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd);

                cmd.opcode = CMDQ_OP_TLBI_EL2_ALL;
                arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd);

        cmd.opcode = CMDQ_OP_TLBI_NSNH_ALL;
        arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd);

> Since arm_smmu_cmdq_build_cmd reads other fields
> of ent to build the cmd, we are potentially sending stack garbage in ent

Ah, it is tricky, it doesn't:

static int arm_smmu_cmdq_build_cmd(u64 *cmd, struct arm_smmu_cmdq_ent *ent)
{
        memset(cmd, 0, 1 << CMDQ_ENT_SZ_SHIFT);
        cmd[0] |= FIELD_PREP(CMDQ_0_OP, ent->opcode);

        switch (ent->opcode) {
        case CMDQ_OP_TLBI_EL2_ALL:
        case CMDQ_OP_TLBI_NSNH_ALL:
                break;
[..]
        case CMDQ_OP_CFGI_ALL:
                /* Cover the entire SID range */
                cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_RANGE, 31);
                break;

Only opcode is used, so it's "fine"

Later patches remove ent and this trickyness so let's just leave it:

	/* Invalidate any cached configuration */
	arm_smmu_cmdq_issue_cmd_with_sync(smmu, arm_smmu_make_cmd_cfgi_all());

	/* Invalidate any stale TLB entries */
	if (smmu->features & ARM_SMMU_FEAT_HYP) {
		arm_smmu_cmdq_issue_cmd_with_sync(
			smmu, arm_smmu_make_cmd_op(CMDQ_OP_TLBI_EL2_ALL));
	}

	arm_smmu_cmdq_issue_cmd_with_sync(
		smmu, arm_smmu_make_cmd_op(CMDQ_OP_TLBI_NSNH_ALL));

Jason

next prev parent reply	other threads:[~2026-05-08 16:01 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-01 14:29 [PATCH 0/9] Remove SMMUv3 struct arm_smmu_cmdq_ent Jason Gunthorpe
2026-05-01 14:29 ` [PATCH 1/9] iommu/arm-smmu-v3: Add struct arm_smmu_cmd to represent the HW format command Jason Gunthorpe
2026-05-06  6:11   ` Nicolin Chen
2026-05-06 23:41   ` Samiullah Khawaja
2026-05-07  9:19   ` Mostafa Saleh
2026-05-08  7:29   ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 2/9] iommu/arm-smmu-v3: Use the HW arm_smmu_cmd in cmdq selection functions Jason Gunthorpe
2026-05-07  9:21   ` Mostafa Saleh
2026-05-08 15:49     ` Jason Gunthorpe
2026-05-08  7:47   ` Pranjal Shrivastava
2026-05-08 15:54     ` Jason Gunthorpe
2026-05-08 16:58       ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 3/9] iommu/arm-smmu-v3: Use the HW arm_smmu_cmd in cmdq submission functions Jason Gunthorpe
2026-05-07  9:21   ` Mostafa Saleh
2026-05-08  8:27   ` Pranjal Shrivastava
2026-05-08 16:00     ` Jason Gunthorpe [this message]
2026-05-08 17:00       ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 4/9] iommu/arm-smmu-v3: Convert arm_smmu_cmdq_batch cmds to struct arm_smmu_cmd Jason Gunthorpe
2026-05-07  9:22   ` Mostafa Saleh
2026-05-08  9:26   ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 5/9] iommu/arm-smmu-v3: Remove CMDQ_OP_CFGI_CD_ALL from arm_smmu_cmdq_build_cmd() Jason Gunthorpe
2026-05-07  9:22   ` Mostafa Saleh
2026-05-08  9:45   ` Pranjal Shrivastava
2026-05-08 16:02     ` Jason Gunthorpe
2026-05-08 17:17       ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 6/9] iommu/arm-smmu-v3: Directly encode simple commands Jason Gunthorpe
2026-05-07  9:22   ` Mostafa Saleh
2026-05-08 11:33   ` Pranjal Shrivastava
2026-05-08 17:37     ` Jason Gunthorpe
2026-05-08 20:09       ` Pranjal Shrivastava
2026-05-08 23:36         ` Jason Gunthorpe
2026-05-10 18:59           ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 7/9] iommu/arm-smmu-v3: Directly encode CMDQ_OP_ATC_INV Jason Gunthorpe
2026-05-07  9:23   ` Mostafa Saleh
2026-05-08 11:46   ` Pranjal Shrivastava
2026-05-09 16:54     ` Jason Gunthorpe
2026-05-01 14:29 ` [PATCH 8/9] iommu/arm-smmu-v3: Directly encode CMDQ_OP_SYNC Jason Gunthorpe
2026-05-07  9:23   ` Mostafa Saleh
2026-05-08 13:41   ` Pranjal Shrivastava
2026-05-01 14:29 ` [PATCH 9/9] iommu/arm-smmu-v3: Directly encode TLBI commands Jason Gunthorpe
2026-05-07  9:24   ` Mostafa Saleh
2026-05-08 14:00   ` Pranjal Shrivastava
2026-05-07  9:26 ` [PATCH 0/9] Remove SMMUv3 struct arm_smmu_cmdq_ent Mostafa Saleh
2026-05-08 14:03 ` Pranjal Shrivastava

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260508160041.GF9254@nvidia.com \
    --to=jgg@nvidia.com \
    --cc=dmatlack@google.com \
    --cc=iommu@lists.linux.dev \
    --cc=jonathanh@nvidia.com \
    --cc=joro@8bytes.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-tegra@vger.kernel.org \
    --cc=pasha.tatashin@soleen.com \
    --cc=patches@lists.linux.dev \
    --cc=praan@google.com \
    --cc=robin.murphy@arm.com \
    --cc=skhawaja@google.com \
    --cc=smostafa@google.com \
    --cc=thierry.reding@kernel.org \
    --cc=vdumpa@nvidia.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox