From: Jason Gunthorpe <jgg@ziepe.ca>
To: Alexey Kardashevskiy <aik@amd.com>
Cc: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org>,
linux-coco@lists.linux.dev, kvmarm@lists.linux.dev,
linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org,
lukas@wunner.de, Samuel Ortiz <sameo@rivosinc.com>,
Xu Yilun <yilun.xu@linux.intel.com>,
Suzuki K Poulose <Suzuki.Poulose@arm.com>,
Steven Price <steven.price@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Marc Zyngier <maz@kernel.org>, Will Deacon <will@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>
Subject: Re: [RFC PATCH v1 04/38] tsm: Support DMA Allocation from private memory
Date: Tue, 5 Aug 2025 13:08:53 -0300 [thread overview]
Message-ID: <20250805160853.GV26511@ziepe.ca> (raw)
In-Reply-To: <a22a1ab7-95c1-41be-b33b-a4009b55631c@amd.com>
On Tue, Aug 05, 2025 at 08:22:10PM +1000, Alexey Kardashevskiy wrote:
>> static inline dma_addr_t phys_to_dma_direct(struct device *dev,
>> phys_addr_t phys)
>> {
>> if (force_dma_unencrypted(dev))
>> return phys_to_dma_unencrypted(dev, phys);
>> return phys_to_dma(dev, phys);
On AMD what is the force_dma_unencrypted() for?
I thought AMD had only one IOMMU and effectively one S2 mapping. Why
does it need to change the phys depending on it being shared or private?
> On AMD, T=1 only encrypts the PCIe trafic, when a DMA request hits
> the IOMMU, the IOMMU decrypts it and then decides whether to encrypt
> it with a memory key: if there is secure vIOMMU - it will do what
> Cbit says in the guest IOMMU table (this is in the works) oooor just
> always set Cbit without guest vIOMMU (which is a big knob per a
> device and this is what my patches do now).
AMD doesn't have the split IOMMU design that something like ARM has,
so it is bit different..
On ARM the T=1 IOMMU should map the entire CPU address space, so any
IOVA with any address should just work. So I'd expect AMD and ARM to
be the same here.
For the T=0 iommu ARM (I think) will only map the shared pages to the
shared IPA alias, so the guest VM has to ensure the shared physical
alias is used. Then it sounds like the CPU will sometimes accept the
private physical alias, and linus will sometimes prefer the physical
alias, for the shared memory too so Linux gets things muddled.
IMHO ARM probably should fix this much higher up the stack when it has
more information to tell if the phys_addr is actualy the private alias
a shared page.
> > > + bool tdi_enabled:1;
> > > };
> >
> > I would give the dev->tdi_enabled a clearer name, maybe
> > dev->encrypted_dma_supported ?
>
>
> May be but "_enabled", not "_supported". And, ideally, with vIOMMU, at least AMD won't be needing it.
Yes
Jason
next prev parent reply other threads:[~2025-08-05 16:08 UTC|newest]
Thread overview: 158+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-28 13:51 [RFC PATCH v1 00/38] ARM CCA Device Assignment support Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 01/38] tsm: Add tsm_bind/unbind helpers Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 02/38] tsm: Move tsm core outside the host directory Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 03/38] tsm: Move dsm_dev from pci_tdi to pci_tsm Aneesh Kumar K.V (Arm)
2025-08-04 21:52 ` Bjorn Helgaas
2025-08-05 9:24 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 04/38] tsm: Support DMA Allocation from private memory Aneesh Kumar K.V (Arm)
2025-07-28 14:33 ` Jason Gunthorpe
2025-07-29 8:23 ` Aneesh Kumar K.V
2025-07-29 14:33 ` Jason Gunthorpe
2025-07-30 10:09 ` Suzuki K Poulose
2025-07-31 12:17 ` Jason Gunthorpe
2025-07-31 13:48 ` Suzuki K Poulose
2025-07-31 16:44 ` Jason Gunthorpe
2025-08-01 9:30 ` Suzuki K Poulose
2025-08-01 14:53 ` Jason Gunthorpe
2025-08-02 8:44 ` Aneesh Kumar K.V
2025-08-02 13:41 ` Jason Gunthorpe
2025-08-04 6:58 ` Aneesh Kumar K.V
2025-08-05 15:54 ` Jason Gunthorpe
2025-08-05 10:22 ` Alexey Kardashevskiy
2025-08-05 16:08 ` Jason Gunthorpe [this message]
2025-08-04 21:54 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 05/38] tsm: Don't overload connect Aneesh Kumar K.V (Arm)
2025-08-04 22:00 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 06/38] iommufd: Add and option to request for bar mapping with IORESOURCE_EXCLUSIVE Aneesh Kumar K.V (Arm)
2025-07-28 14:08 ` Jason Gunthorpe
2025-07-29 8:28 ` Aneesh Kumar K.V
2025-07-29 14:29 ` Jason Gunthorpe
2025-07-30 6:55 ` Xu Yilun
2025-07-31 12:22 ` Jason Gunthorpe
2025-08-05 2:26 ` Xu Yilun
2025-08-05 16:10 ` Jason Gunthorpe
2025-07-30 6:43 ` Xu Yilun
2025-08-06 21:18 ` dan.j.williams
2025-07-28 13:51 ` [RFC PATCH v1 07/38] iommufd/viommu: Add support to associate viommu with kvm instance Aneesh Kumar K.V (Arm)
2025-07-28 14:10 ` Jason Gunthorpe
2025-07-29 8:30 ` Aneesh Kumar K.V
2025-07-29 16:26 ` Jonathan Cameron
2025-07-29 23:16 ` Jason Gunthorpe
2025-07-28 13:51 ` [RFC PATCH v1 08/38] iommufd/tsm: Add tsm_op iommufd ioctls Aneesh Kumar K.V (Arm)
2025-07-29 16:34 ` Jonathan Cameron
2025-08-02 9:03 ` Aneesh Kumar K.V
2025-08-04 22:25 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 09/38] iommufd/vdevice: Add TSM Guest request uAPI Aneesh Kumar K.V (Arm)
2025-08-04 22:03 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 10/38] iommufd/vdevice: Add TSM map ioctl Aneesh Kumar K.V (Arm)
2025-07-28 14:17 ` Jason Gunthorpe
2025-07-29 8:37 ` Aneesh Kumar K.V
2025-07-29 14:31 ` Jason Gunthorpe
2025-08-04 2:32 ` Alexey Kardashevskiy
2025-08-04 8:28 ` Aneesh Kumar K.V
2025-08-05 1:29 ` Alexey Kardashevskiy
2025-08-05 15:48 ` Jason Gunthorpe
2025-07-28 13:51 ` [RFC PATCH v1 11/38] KVM: arm64: CCA: register host tsm platform device Aneesh Kumar K.V (Arm)
2025-07-29 17:10 ` Jonathan Cameron
2025-07-29 23:19 ` Jason Gunthorpe
2025-07-30 8:42 ` Aneesh Kumar K.V
2025-07-30 10:38 ` Jonathan Cameron
2025-07-30 12:23 ` Jonathan Cameron
2025-07-30 13:07 ` Greg KH
2025-07-31 12:11 ` Jason Gunthorpe
2025-07-31 13:22 ` Jonathan Cameron
2025-07-31 16:46 ` Jason Gunthorpe
2025-08-01 8:31 ` Greg KH
2025-08-02 0:54 ` dan.j.williams
2025-07-28 13:51 ` [RFC PATCH v1 12/38] coco: host: arm64: CCA host platform device driver Aneesh Kumar K.V (Arm)
2025-07-29 17:22 ` Jonathan Cameron
2025-07-29 23:22 ` Jason Gunthorpe
2025-07-30 10:28 ` Jonathan Cameron
2025-07-31 12:26 ` Jason Gunthorpe
2025-07-30 8:58 ` Aneesh Kumar K.V
2025-07-30 10:25 ` Jonathan Cameron
2025-07-28 13:51 ` [RFC PATCH v1 13/38] coco: host: arm64: Create a PDEV with rmm Aneesh Kumar K.V (Arm)
2025-07-30 12:39 ` Jonathan Cameron
2025-08-02 10:54 ` Aneesh Kumar K.V
2025-07-31 11:47 ` Arto Merilainen
2025-08-02 10:57 ` Aneesh Kumar K.V
2025-08-04 22:28 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 14/38] coco: host: arm64: Device communication support Aneesh Kumar K.V (Arm)
2025-07-30 13:52 ` Jonathan Cameron
2025-07-31 12:28 ` Jason Gunthorpe
2025-08-04 4:17 ` Aneesh Kumar K.V
2025-08-04 22:29 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 15/38] coco: host: arm64: Stop and destroy the physical device Aneesh Kumar K.V (Arm)
2025-07-30 13:57 ` Jonathan Cameron
2025-08-04 4:22 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 16/38] X.509: Make certificate parser public Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 17/38] X.509: Parse Subject Alternative Name in certificates Aneesh Kumar K.V (Arm)
2025-07-28 13:51 ` [RFC PATCH v1 18/38] X.509: Move certificate length retrieval into new helper Aneesh Kumar K.V (Arm)
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 19/38] coco: host: arm64: set_pubkey support Aneesh Kumar K.V (Arm)
2025-07-30 14:08 ` Jonathan Cameron
2025-08-04 4:29 ` Aneesh Kumar K.V
2025-08-04 22:26 ` Bjorn Helgaas
2025-07-28 13:51 ` [RFC PATCH v1 20/38] coco: host: arm64: Add support for creating a virtual device Aneesh Kumar K.V (Arm)
2025-07-30 14:12 ` Jonathan Cameron
2025-07-28 13:51 ` [RFC PATCH v1 21/38] coco: host: arm64: Add support for virtual device communication Aneesh Kumar K.V (Arm)
2025-07-30 14:13 ` Jonathan Cameron
2025-08-04 4:45 ` Aneesh Kumar K.V
2025-07-28 13:51 ` [RFC PATCH v1 22/38] coco: host: arm64: Stop and destroy virtual device Aneesh Kumar K.V (Arm)
2025-07-30 14:15 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 23/38] coco: guest: arm64: Update arm CCA guest driver Aneesh Kumar K.V (Arm)
2025-07-30 14:22 ` Jonathan Cameron
2025-07-31 12:29 ` Jason Gunthorpe
2025-07-31 13:54 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 24/38] arm64: CCA: Register guest tsm callback Aneesh Kumar K.V (Arm)
2025-07-30 14:26 ` Jonathan Cameron
2025-08-04 4:50 ` Aneesh Kumar K.V
2025-07-28 13:52 ` [RFC PATCH v1 25/38] cca: guest: arm64: Realm device lock support Aneesh Kumar K.V (Arm)
2025-07-30 14:32 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 26/38] KVM: arm64: Add exit handler related to device assignment Aneesh Kumar K.V (Arm)
2025-07-30 14:35 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 27/38] coco: host: arm64: add RSI_RDEV_GET_INSTANCE_ID related exit handler Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 28/38] coco: host: arm64: Add support for device communication " Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 29/38] coco: guest: arm64: Add support for collecting interface reports Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 30/38] coco: host: arm64: Add support for realm host interface (RHI) Aneesh Kumar K.V (Arm)
2025-07-30 14:43 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 31/38] coco: guest: arm64: Add support for fetching interface report and certificate chain from host Aneesh Kumar K.V (Arm)
2025-07-30 14:46 ` Jonathan Cameron
2025-07-28 13:52 ` [RFC PATCH v1 32/38] coco: guest: arm64: Add support for guest initiated TDI bind/unbind Aneesh Kumar K.V (Arm)
2025-07-30 14:51 ` Jonathan Cameron
2025-08-04 22:28 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 33/38] KVM: arm64: CCA: handle dev mem map/unmap Aneesh Kumar K.V (Arm)
2025-07-28 13:52 ` [RFC PATCH v1 34/38] coco: guest: arm64: Validate mmio range found in the interface report Aneesh Kumar K.V (Arm)
2025-07-30 15:06 ` Jonathan Cameron
2025-07-31 11:39 ` Arto Merilainen
2025-07-31 16:53 ` Jason Gunthorpe
2025-08-04 6:37 ` Aneesh Kumar K.V
2025-08-04 8:27 ` Arto Merilainen
2025-08-04 22:31 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 35/38] coco: guest: arm64: Add Realm device start and stop support Aneesh Kumar K.V (Arm)
2025-07-31 10:40 ` Jonathan Cameron
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 36/38] KVM: arm64: CCA: enable DA in realm create parameters Aneesh Kumar K.V (Arm)
2025-08-04 22:31 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 37/38] coco: guest: arm64: Add support for fetching device measurements Aneesh Kumar K.V (Arm)
2025-07-31 10:16 ` Jonathan Cameron
2025-08-04 22:27 ` Bjorn Helgaas
2025-07-28 13:52 ` [RFC PATCH v1 38/38] coco: guest: arm64: Add support for fetching device info Aneesh Kumar K.V (Arm)
2025-07-31 10:36 ` Jonathan Cameron
2025-08-04 6:48 ` Aneesh Kumar K.V
2025-08-04 10:23 ` Jonathan Cameron
2025-08-08 23:37 ` Eric Biggers
2025-07-30 16:03 ` [RFC PATCH v1 00/38] ARM CCA Device Assignment support Jason Gunthorpe
2025-08-01 2:07 ` dan.j.williams
2025-08-01 15:51 ` Jason Gunthorpe
2025-08-01 21:19 ` dan.j.williams
2025-08-02 14:17 ` Jason Gunthorpe
2025-08-02 23:50 ` dan.j.williams
2025-08-03 22:26 ` Jason Gunthorpe
2025-08-05 5:07 ` Aneesh Kumar K.V
2025-08-05 17:27 ` Jason Gunthorpe
2025-08-05 18:27 ` dan.j.williams
2025-08-05 18:42 ` Jason Gunthorpe
2025-08-05 19:06 ` dan.j.williams
2025-08-05 19:38 ` Jason Gunthorpe
2025-08-05 4:50 ` Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250805160853.GV26511@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=Suzuki.Poulose@arm.com \
--cc=aik@amd.com \
--cc=aneesh.kumar@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=maz@kernel.org \
--cc=oliver.upton@linux.dev \
--cc=sameo@rivosinc.com \
--cc=steven.price@arm.com \
--cc=will@kernel.org \
--cc=yilun.xu@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).