From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qv1-f50.google.com (mail-qv1-f50.google.com [209.85.219.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7A6403CF670 for ; Mon, 27 Apr 2026 13:49:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.50 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777297748; cv=none; b=ttsw8nEBGWv4fd9m9y5gM0vAkubZJY/ncfyG2KpzdHtMce48skmtsP+WO80/jDmwpBRB6ADauhkWZMRfSkSrtd2CslVPbeY3PBHz7hU9VKfHS4Lo3H6q+juF75ViuF3xRQ64KR3zFes/8HOui+E5jkhVYBWsiD4ekWZ33yFxexw= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777297748; c=relaxed/simple; bh=AiaEXL2vP7Re9WDbKnigCW6bt2LfZHNbeafJta6NglE=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=Ab2mVJ1W9y3K31SZ5uzu4ZI4nKlfXMRY9UDjp/g9VwpBjIMOElHmh9TqxghZ4TaOq6sfkx4R5fjiXRFIMboYgj51rsQwQHNn9rtW4OvC04erh24O2uhZTqnM+DQiP9vu+x3fpzLJTF/0DEynvwmnHSVhLWYV/g1rozPS017wqq0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca; spf=pass smtp.mailfrom=ziepe.ca; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b=fxXX4093; arc=none smtp.client-ip=209.85.219.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ziepe.ca Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b="fxXX4093" Received: by mail-qv1-f50.google.com with SMTP id 6a1803df08f44-8a210c813f8so65704526d6.0 for ; Mon, 27 Apr 2026 06:49:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ziepe.ca; s=google; t=1777297745; x=1777902545; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=8PYGlOXEG6E9/P2t0qYpdnkfCSnyFBuw0mLKh5MPI4E=; b=fxXX4093QskQeIx7t8QBDrJJIyBdsclYZc/AsnJKw8HYGFiq9sWsowB97gRqJWvpNf v/tESHcOWN5J4i/C9y8ouqOX4+QUgf20Jax5epAomdQdKjnIpJ6dnlaa2YZd0autod8j r1phc11CBj/Kz8CjWL8hH4AIKtmAc1r2yGp23R00uQnjdoYGiSfjt6Wngl7HqRoJQ3VV GZf5XYYY/ojeavEiey6oqaj5DOtlHEj2N80gtW4EXIq6tjeigUplxV5XMwphMKj5aKHh 9PYnRKYj1k1982tqFrs6RKQf+ipqcovFtMbRJX3FUfYA90NCdbsCTBzsAAgfP5TtMXYt fNdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777297745; x=1777902545; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8PYGlOXEG6E9/P2t0qYpdnkfCSnyFBuw0mLKh5MPI4E=; b=JJFNVQWudaBOjcvNr0R0wvCg4cBcRlXJeZJhVBm6lAxI6Fkv8spsJGshASud412Hab 2giupUhLisidXPi6kahP3RS92bsjuVvwkzSRI2QiNlm8PtPaW4sxhj2eF7xRa9p2wprN yzisVVn2fV9+Clnb8yzsfmwo66x0wY71bNp4uLHjay6wc3KXYLcDo6pV0a7tvPU6OcJL aeU/TNeH6q7xqCTK874oPKUePbjB48b4Fbl2iyPY/rAkeq5tNgvgJONGn1uKvKfZ2KxK 5Ljq1FAM2hTTa8hq1/cBUG/F+1a/kxz66w3MkiwY7h/vOkz8VTOwIEo1UxEvZobY0zmD YSaA== X-Gm-Message-State: AOJu0YxhE+syD2J0/EyP7sUofdg3ob+iB9JNBpZMHepT1tHp/o1PYyNu X3b8OuB0kZgKd/Dj7Pg/ZQbpSweCaWPqPD+YW1pA2oxCo8WDfmH0Ml7QT5azm4sBHgY= X-Gm-Gg: AeBDietzZEf7lpPzOZPSR+D9il+p9i/Wovw3L50Rp4t2SNRPbL5YJs/BdsTFGwACAS8 PATkRrgisQ4wIzqj7owr2F89D68wCoDqYYlq8VqG9BRV0iZ0BpfOdEzfrZ3iE4vtYgnT6rXhfve mlTIniB+hDIfUsuV88SN9vCb3i5sFbph0icQFIqltQMJut9HuEdwOy5ZneXYtVBJ1qMLd3RxO5k 5LnwdnxHt7hceykp2bPejjgonN3RiN+MPqtFIhH10FcgodUS9YuV/FqK6g0uiYOQY+i/cWp5b3O Pzf29Wx88qyVK6XO6EPd70ERXI9ZcZ4kNrhCGcHJPc/MQASp1j7dqEv6gkbefpJwqlOWU4QRu7z F89rPCPc+mMwXJpCsGyJ8nThn3RKr47qdsHxzCPxoDs8S1zCi7par16QNuGSPnWVYeWJU9D2RFs KoA+eRFcLHV/hNeqEY42BFjl1xfcgr7Tk+JtZYlGbzTubH3TI+lMSRK4zx0gaBTuWDKFC/DV/sW rd2IYgS+jNFxU4o X-Received: by 2002:a05:6214:6107:b0:8a5:bd5b:e5f with SMTP id 6a1803df08f44-8b02817a4a5mr537295746d6.51.1777297745279; Mon, 27 Apr 2026 06:49:05 -0700 (PDT) Received: from ziepe.ca (crbknf0213w-47-54-130-67.pppoe-dynamic.high-speed.nl.bellaliant.net. [47.54.130.67]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-8b02aa4f1f9sm257474006d6.0.2026.04.27.06.49.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Apr 2026 06:49:04 -0700 (PDT) Received: from jgg by wakko with local (Exim 4.97) (envelope-from ) id 1wHMKd-00000003T5r-43dX; Mon, 27 Apr 2026 10:49:03 -0300 Date: Mon, 27 Apr 2026 10:49:03 -0300 From: Jason Gunthorpe To: "Aneesh Kumar K.V (Arm)" Cc: linux-kernel@vger.kernel.org, iommu@lists.linux.dev, linux-coco@lists.linux.dev, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev, Catalin Marinas , Marc Zyngier , Marek Szyprowski , Robin Murphy , Steven Price , Suzuki K Poulose , Thomas Gleixner , Will Deacon Subject: Re: [PATCH v4 2/3] swiotlb: dma: its: Enforce host page-size alignment for shared buffers Message-ID: <20260427134903.GA740385@ziepe.ca> References: <20260427063108.909019-1-aneesh.kumar@kernel.org> <20260427063108.909019-3-aneesh.kumar@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260427063108.909019-3-aneesh.kumar@kernel.org> On Mon, Apr 27, 2026 at 12:01:07PM +0530, Aneesh Kumar K.V (Arm) wrote: > When running private-memory guests, the guest kernel must apply additional > constraints when allocating buffers that are shared with the hypervisor. This patch has way too much stuff in it. I think your patch structure should be changed around 1) Patch to add mem_decrypt_granule_size(), and explain it as the alignment & size of what can be passed to set_memory_encrypted/decrypted() 2) Add support for mem_decrypt_granule_size() to ARM Then patches going caller by caller of set_memory_decrypted() to make them follow the new rule: 3) its 4) swiotlb 3) dma_alloc_coherent etc. don't forget about the new dma buf heaps too: drivers/dma-buf/heaps/system_heap.c: ret = set_memory_decrypted(addr, nr_pages); It is worth calling out in the cover letter that all the ARM CCA relevant places are fixed but drivers/hv/ is left for future. > @@ -33,18 +32,30 @@ int arm64_mem_crypt_ops_register(const struct arm64_mem_crypt_ops *ops) > > int set_memory_encrypted(unsigned long addr, int numpages) > { > - if (likely(!crypt_ops) || WARN_ON(!PAGE_ALIGNED(addr))) > + if (likely(!crypt_ops)) > return 0; > > + if (WARN_ON(!IS_ALIGNED(addr, mem_decrypt_granule_size()))) > + return -EINVAL; > + > + if (WARN_ON(!IS_ALIGNED(numpages << PAGE_SHIFT, mem_decrypt_granule_size()))) > + return -EINVAL; > + > return crypt_ops->encrypt(addr, numpages); > } > EXPORT_SYMBOL_GPL(set_memory_encrypted); > > int set_memory_decrypted(unsigned long addr, int numpages) > { > - if (likely(!crypt_ops) || WARN_ON(!PAGE_ALIGNED(addr))) > + if (likely(!crypt_ops)) > return 0; > > + if (WARN_ON(!IS_ALIGNED(addr, mem_decrypt_granule_size()))) > + return -EINVAL; > + > + if (WARN_ON(!IS_ALIGNED(numpages << PAGE_SHIFT, mem_decrypt_granule_size()))) > + return -EINVAL; > + > return crypt_ops->decrypt(addr, numpages); > } > EXPORT_SYMBOL_GPL(set_memory_decrypted); This should go in the ARM patch adding mem_decrypt_granule_size() to CCA > diff --git a/include/linux/mem_encrypt.h b/include/linux/mem_encrypt.h > index 07584c5e36fb..1e01c9ac697f 100644 > --- a/include/linux/mem_encrypt.h > +++ b/include/linux/mem_encrypt.h > @@ -11,6 +11,8 @@ > #define __MEM_ENCRYPT_H__ > > #ifndef __ASSEMBLY__ > +#include > +#include > > #ifdef CONFIG_ARCH_HAS_MEM_ENCRYPT > > @@ -54,6 +56,18 @@ > #define dma_addr_canonical(x) (x) > #endif > > +#ifndef mem_decrypt_granule_size > +static inline size_t mem_decrypt_granule_size(void) > +{ > + return PAGE_SIZE; > +} > +#endif > + > +static inline size_t mem_decrypt_align(size_t size) > +{ > + return ALIGN(size, mem_decrypt_granule_size()); > +} > + > #endif /* __ASSEMBLY__ */ > > #endif /* __MEM_ENCRYPT_H__ */ I know it seems a bit small, but put this in its own patch and explain how it works. I'd also like to see a kdoc here, and add a kdoc to set_memory_decrypted() that links back so people have a better chance to know about this. Jason