From: Jason Gunthorpe <jgg@ziepe.ca>
To: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@kernel.org>,
linux-coco@lists.linux.dev, kvmarm@lists.linux.dev,
linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
aik@amd.com, lukas@wunner.de, Samuel Ortiz <sameo@rivosinc.com>,
Xu Yilun <yilun.xu@linux.intel.com>,
Steven Price <steven.price@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>
Subject: Re: [RFC PATCH v1 04/38] tsm: Support DMA Allocation from private memory
Date: Thu, 31 Jul 2025 09:17:40 -0300 [thread overview]
Message-ID: <20250731121740.GQ26511@ziepe.ca> (raw)
In-Reply-To: <bbe2a41a-8f72-4224-a0bc-225c1e35a180@arm.com>
On Wed, Jul 30, 2025 at 11:09:35AM +0100, Suzuki K Poulose wrote:
> > > It is unclear whether devices would need to perform DMA to shared
> > > (unencrypted) memory while operating in this mode, as TLPs with T=1
> > > are generally expected to target private memory.
> >
> > PCI SIG supports it, kernel should support it.
>
> ACK. On Arm CCA, the device can access shared IPA, with T=1 transaction
> as long as the mapping is active in the Stage2 managed by RMM.
Right, I expect that the T=0 SMMU S2 translation is a perfect subset of
the T=1 S2 rmm translation. At most pages that are not available to
T=0 should be removed when making the subset.
I'm not sure what the plan is here on ARM though, do you expect to
pre-load the entire T=0 SMMU S2 with the shared IPA aliases and rely
on the GPT for protection or will the hypervisor dynamically change
the T=0 SMMU S2 after each shared/private change? Same question for
the RMM S2?
The first option sounds fairly appealing, IMHO
> Rather than mapping the entire memory from the host, it would be ideal
> if the Coco vms have some sort of a callback to "make sure the DMA
> wouldn't fault for a device".
Isn't that a different topic? For right now we expect that all pages
are pinned and loaded into both S2s. Upon any private/shared
conversion the pages should be reloaded into the appropriate S2s if
required. The VM never needs to tell the hypervisor that it wants to
do DMA.
There are all sorts of options here to relax this but exploring them
it an entirely different project that CCA, IMHO.
Jason
next prev parent reply other threads:[~2025-07-31 12:17 UTC|newest]
Thread overview: 158+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-28 13:51 [RFC PATCH v1 00/38] ARM CCA Device Assignment support Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 01/38] tsm: Add tsm_bind/unbind helpers Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 02/38] tsm: Move tsm core outside the host directory Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 03/38] tsm: Move dsm_dev from pci_tdi to pci_tsm Aneesh Kumar K.V (Arm)
2025-08-04 21:52 ` Bjorn Helgaas
2025-08-05 9:24 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 04/38] tsm: Support DMA Allocation from private memory Aneesh Kumar K.V (Arm)
2025-07-28 14:33 ` Jason Gunthorpe
2025-07-29 8:23 ` Aneesh Kumar K.V
2025-07-29 14:33 ` Jason Gunthorpe
2025-07-30 10:09 ` Suzuki K Poulose
2025-07-31 12:17 ` Jason Gunthorpe [this message]
2025-07-31 13:48 ` Suzuki K Poulose
2025-07-31 16:44 ` Jason Gunthorpe
2025-08-01 9:30 ` Suzuki K Poulose
2025-08-01 14:53 ` Jason Gunthorpe
2025-08-02 8:44 ` Aneesh Kumar K.V
2025-08-02 13:41 ` Jason Gunthorpe
2025-08-04 6:58 ` Aneesh Kumar K.V
2025-08-05 15:54 ` Jason Gunthorpe
2025-08-05 10:22 ` Alexey Kardashevskiy
2025-08-05 16:08 ` Jason Gunthorpe
2025-08-04 21:54 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 05/38] tsm: Don't overload connect Aneesh Kumar K.V (Arm)
2025-08-04 22:00 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 06/38] iommufd: Add and option to request for bar mapping with IORESOURCE_EXCLUSIVE Aneesh Kumar K.V (Arm)
2025-07-28 14:08 ` Jason Gunthorpe
2025-07-29 8:28 ` Aneesh Kumar K.V
2025-07-29 14:29 ` Jason Gunthorpe
2025-07-30 6:55 ` Xu Yilun
2025-07-31 12:22 ` Jason Gunthorpe
2025-08-05 2:26 ` Xu Yilun
2025-08-05 16:10 ` Jason Gunthorpe
2025-07-30 6:43 ` Xu Yilun
2025-08-06 21:18 ` dan.j.williams
2025-07-28 13:51 ` [RFC PATCH v1 07/38] iommufd/viommu: Add support to associate viommu with kvm instance Aneesh Kumar K.V (Arm)
2025-07-28 14:10 ` Jason Gunthorpe
2025-07-29 8:30 ` Aneesh Kumar K.V
2025-07-29 16:26 ` Jonathan Cameron
2025-07-29 23:16 ` Jason Gunthorpe
2025-07-28 13:51 ` [RFC PATCH v1 08/38] iommufd/tsm: Add tsm_op iommufd ioctls Aneesh Kumar K.V (Arm)
2025-07-29 16:34 ` Jonathan Cameron
2025-08-02 9:03 ` Aneesh Kumar K.V
2025-08-04 22:25 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 09/38] iommufd/vdevice: Add TSM Guest request uAPI Aneesh Kumar K.V (Arm)
2025-08-04 22:03 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 10/38] iommufd/vdevice: Add TSM map ioctl Aneesh Kumar K.V (Arm)
2025-07-28 14:17 ` Jason Gunthorpe
2025-07-29 8:37 ` Aneesh Kumar K.V
2025-07-29 14:31 ` Jason Gunthorpe
2025-08-04 2:32 ` Alexey Kardashevskiy
2025-08-04 8:28 ` Aneesh Kumar K.V
2025-08-05 1:29 ` Alexey Kardashevskiy
2025-08-05 15:48 ` Jason Gunthorpe
2025-07-28 13:51 ` [RFC PATCH v1 11/38] KVM: arm64: CCA: register host tsm platform device Aneesh Kumar K.V (Arm)
2025-07-29 17:10 ` Jonathan Cameron
2025-07-29 23:19 ` Jason Gunthorpe
2025-07-30 8:42 ` Aneesh Kumar K.V
2025-07-30 10:38 ` Jonathan Cameron
2025-07-30 12:23 ` Jonathan Cameron
2025-07-30 13:07 ` Greg KH
2025-07-31 12:11 ` Jason Gunthorpe
2025-07-31 13:22 ` Jonathan Cameron
2025-07-31 16:46 ` Jason Gunthorpe
2025-08-01 8:31 ` Greg KH
2025-08-02 0:54 ` dan.j.williams
2025-07-28 13:51 ` [RFC PATCH v1 12/38] coco: host: arm64: CCA host platform device driver Aneesh Kumar K.V (Arm)
2025-07-29 17:22 ` Jonathan Cameron
2025-07-29 23:22 ` Jason Gunthorpe
2025-07-30 10:28 ` Jonathan Cameron
2025-07-31 12:26 ` Jason Gunthorpe
2025-07-30 8:58 ` Aneesh Kumar K.V
2025-07-30 10:25 ` Jonathan Cameron
2025-07-28 13:51 ` [RFC PATCH v1 13/38] coco: host: arm64: Create a PDEV with rmm Aneesh Kumar K.V (Arm)
2025-07-30 12:39 ` Jonathan Cameron
2025-08-02 10:54 ` Aneesh Kumar K.V
2025-07-31 11:47 ` Arto Merilainen
2025-08-02 10:57 ` Aneesh Kumar K.V
2025-08-04 22:28 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 14/38] coco: host: arm64: Device communication support Aneesh Kumar K.V (Arm)
2025-07-30 13:52 ` Jonathan Cameron
2025-07-31 12:28 ` Jason Gunthorpe
2025-08-04 4:17 ` Aneesh Kumar K.V
2025-08-04 22:29 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 15/38] coco: host: arm64: Stop and destroy the physical device Aneesh Kumar K.V (Arm)
2025-07-30 13:57 ` Jonathan Cameron
2025-08-04 4:22 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 16/38] X.509: Make certificate parser public Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 17/38] X.509: Parse Subject Alternative Name in certificates Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 18/38] X.509: Move certificate length retrieval into new helper Aneesh Kumar K.V (Arm)
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 19/38] coco: host: arm64: set_pubkey support Aneesh Kumar K.V (Arm)
2025-07-30 14:08 ` Jonathan Cameron
2025-08-04 4:29 ` Aneesh Kumar K.V
2025-08-04 22:26 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 20/38] coco: host: arm64: Add support for creating a virtual device Aneesh Kumar K.V (Arm)
2025-07-30 14:12 ` Jonathan Cameron
2025-07-28 13:51 ` [RFC PATCH v1 21/38] coco: host: arm64: Add support for virtual device communication Aneesh Kumar K.V (Arm)
2025-07-30 14:13 ` Jonathan Cameron
2025-08-04 4:45 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 22/38] coco: host: arm64: Stop and destroy virtual device Aneesh Kumar K.V (Arm)
2025-07-30 14:15 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 23/38] coco: guest: arm64: Update arm CCA guest driver Aneesh Kumar K.V (Arm)
2025-07-30 14:22 ` Jonathan Cameron
2025-07-31 12:29 ` Jason Gunthorpe
2025-07-31 13:54 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 24/38] arm64: CCA: Register guest tsm callback Aneesh Kumar K.V (Arm)
2025-07-30 14:26 ` Jonathan Cameron
2025-08-04 4:50 ` Aneesh Kumar K.V
2025-07-28 13:52 ` [RFC PATCH v1 25/38] cca: guest: arm64: Realm device lock support Aneesh Kumar K.V (Arm)
2025-07-30 14:32 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 26/38] KVM: arm64: Add exit handler related to device assignment Aneesh Kumar K.V (Arm)
2025-07-30 14:35 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 27/38] coco: host: arm64: add RSI_RDEV_GET_INSTANCE_ID related exit handler Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 28/38] coco: host: arm64: Add support for device communication " Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 29/38] coco: guest: arm64: Add support for collecting interface reports Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 30/38] coco: host: arm64: Add support for realm host interface (RHI) Aneesh Kumar K.V (Arm)
2025-07-30 14:43 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 31/38] coco: guest: arm64: Add support for fetching interface report and certificate chain from host Aneesh Kumar K.V (Arm)
2025-07-30 14:46 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 32/38] coco: guest: arm64: Add support for guest initiated TDI bind/unbind Aneesh Kumar K.V (Arm)
2025-07-30 14:51 ` Jonathan Cameron
2025-08-04 22:28 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 33/38] KVM: arm64: CCA: handle dev mem map/unmap Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 34/38] coco: guest: arm64: Validate mmio range found in the interface report Aneesh Kumar K.V (Arm)
2025-07-30 15:06 ` Jonathan Cameron
2025-07-31 11:39 ` Arto Merilainen
2025-07-31 16:53 ` Jason Gunthorpe
2025-08-04 6:37 ` Aneesh Kumar K.V
2025-08-04 8:27 ` Arto Merilainen
2025-08-04 22:31 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 35/38] coco: guest: arm64: Add Realm device start and stop support Aneesh Kumar K.V (Arm)
2025-07-31 10:40 ` Jonathan Cameron
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 36/38] KVM: arm64: CCA: enable DA in realm create parameters Aneesh Kumar K.V (Arm)
2025-08-04 22:31 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 37/38] coco: guest: arm64: Add support for fetching device measurements Aneesh Kumar K.V (Arm)
2025-07-31 10:16 ` Jonathan Cameron
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 38/38] coco: guest: arm64: Add support for fetching device info Aneesh Kumar K.V (Arm)
2025-07-31 10:36 ` Jonathan Cameron
2025-08-04 6:48 ` Aneesh Kumar K.V
2025-08-04 10:23 ` Jonathan Cameron
2025-08-08 23:37 ` Eric Biggers
2025-07-30 16:03 ` [RFC PATCH v1 00/38] ARM CCA Device Assignment support Jason Gunthorpe
2025-08-01 2:07 ` dan.j.williams
2025-08-01 15:51 ` Jason Gunthorpe
2025-08-01 21:19 ` dan.j.williams
2025-08-02 14:17 ` Jason Gunthorpe
2025-08-02 23:50 ` dan.j.williams
2025-08-03 22:26 ` Jason Gunthorpe
2025-08-05 5:07 ` Aneesh Kumar K.V
2025-08-05 17:27 ` Jason Gunthorpe
2025-08-05 18:27 ` dan.j.williams
2025-08-05 18:42 ` Jason Gunthorpe
2025-08-05 19:06 ` dan.j.williams
2025-08-05 19:38 ` Jason Gunthorpe
2025-08-05 4:50 ` Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250731121740.GQ26511@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=aik@amd.com \
--cc=aneesh.kumar@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sameo@rivosinc.com \
--cc=steven.price@arm.com \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).