From: Jason Gunthorpe <jgg@ziepe.ca>
To: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>,
linux-kernel@vger.kernel.org, iommu@lists.linux.dev,
linux-coco@lists.linux.dev,
Catalin Marinas <catalin.marinas@arm.com>,
will@kernel.org, robin.murphy@arm.com, steven.price@arm.com,
Marek Szyprowski <m.szyprowski@samsung.com>
Subject: Re: [PATCH 1/2] dma-direct: Validate DMA mask against canonical DMA addresses
Date: Tue, 20 Jan 2026 11:11:27 -0400 [thread overview]
Message-ID: <20260120151127.GP961572@ziepe.ca> (raw)
In-Reply-To: <0da8b73c-5bec-44c3-9902-221a11142c34@arm.com>
On Tue, Jan 20, 2026 at 02:39:14PM +0000, Suzuki K Poulose wrote:
> > > > diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
> > > > index 8e04f72baaa3..a5639e9415f5 100644
> > > > --- a/kernel/dma/direct.c
> > > > +++ b/kernel/dma/direct.c
> > > > @@ -580,12 +580,12 @@ int dma_direct_supported(struct device *dev, u64 mask)
> > > > /*
> > > > * This check needs to be against the actual bit mask value, so use
> > > > - * phys_to_dma_unencrypted() here so that the SME encryption mask isn't
> > > > + * __phys_to_dma() here so that the arch specific encryption mask isn't
> > > > * part of the check.
> > > > */
> > > > if (IS_ENABLED(CONFIG_ZONE_DMA))
> > > > min_mask = min_t(u64, min_mask, zone_dma_limit);
> > > > - return mask >= phys_to_dma_unencrypted(dev, min_mask);
> > > > + return mask >= __phys_to_dma(dev, min_mask);
> > >
> > > This is wrong, isn't it ? For e.g., for CCA, even though the "Flag" is
> > > added to the PA, it is really part of the actual "PA" and thus must be
> > > checked against the full PA ?
> > >
> >
> > That is true only when the device is operating in untrusted mode?. For a
> > trusted device that mask is valid mask right?
>
> Irrespective of the mode in which the device is operating, the DMA
> address must include the fully qualified "{I}PA" address, right ?
> i.e., "the Unencrypted" bit is only a software construct and the full
> PA must be used, irrespective of the mode of the device.
But you could make an argument that a trusted device won't DMA to
shared memory, ie it would SWIOTLB to private memory if that is
required.
Otherwise these two limitations will exclude huge numbers of real
devices from working with ARM CCA at all.
Jason
next prev parent reply other threads:[~2026-01-20 15:11 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-20 6:42 [PATCH 1/2] dma-direct: Validate DMA mask against canonical DMA addresses Aneesh Kumar K.V (Arm)
2026-01-20 6:42 ` [PATCH 2/2] dma-direct: Make phys_to_dma() pick encrypted vs unencrypted per device Aneesh Kumar K.V (Arm)
2026-01-20 9:33 ` kernel test robot
2026-01-20 10:49 ` kernel test robot
2026-01-20 9:59 ` [PATCH 1/2] dma-direct: Validate DMA mask against canonical DMA addresses Suzuki K Poulose
2026-01-20 11:59 ` Robin Murphy
2026-01-20 14:25 ` Aneesh Kumar K.V
2026-01-20 19:22 ` Robin Murphy
2026-01-21 4:50 ` Aneesh Kumar K.V
2026-01-20 14:18 ` Aneesh Kumar K.V
2026-01-20 14:39 ` Suzuki K Poulose
2026-01-20 15:11 ` Jason Gunthorpe [this message]
2026-01-20 17:11 ` Robin Murphy
2026-01-20 17:54 ` Jason Gunthorpe
2026-01-20 18:47 ` Robin Murphy
2026-01-20 19:54 ` Jason Gunthorpe
2026-01-20 10:59 ` kernel test robot
2026-01-20 13:26 ` Jason Gunthorpe
2026-01-20 15:25 ` Aneesh Kumar K.V
2026-01-20 15:43 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260120151127.GP961572@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=aneesh.kumar@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=iommu@lists.linux.dev \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=robin.murphy@arm.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox