From: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
To: Alexey Kardashevskiy <aik@amd.com>, x86@kernel.org
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
linux-pci@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Sean Christopherson <seanjc@google.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Bjorn Helgaas <bhelgaas@google.com>,
Dan Williams <dan.j.williams@intel.com>,
Marek Szyprowski <m.szyprowski@samsung.com>,
Robin Murphy <robin.murphy@arm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Michael Ellerman <mpe@ellerman.id.au>,
Mike Rapoport <rppt@kernel.org>,
Tom Lendacky <thomas.lendacky@amd.com>,
Ard Biesheuvel <ardb@kernel.org>,
Neeraj Upadhyay <Neeraj.Upadhyay@amd.com>,
Ashish Kalra <ashish.kalra@amd.com>,
Stefano Garzarella <sgarzare@redhat.com>,
Melody Wang <huibo.wang@amd.com>,
Seongman Lee <augustus92@kaist.ac.kr>,
Joerg Roedel <joerg.roedel@amd.com>,
Nikunj A Dadhania <nikunj@amd.com>,
Michael Roth <michael.roth@amd.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>,
Andi Kleen <ak@linux.intel.com>,
Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@linux.intel.com>,
Tony Luck <tony.luck@intel.com>,
David Woodhouse <dwmw@amazon.co.uk>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Denis Efremov <efremov@linux.com>,
Geliang Tang <geliang@kernel.org>,
Piotr Gregor <piotrgregor@rsyncme.org>,
"Michael S. Tsirkin" <mst@redhat.com>,
Alex Williamson <alex@shazbot.org>, Arnd Bergmann <arnd@arndb.de>,
Jesse Barnes <jbarnes@virtuousgeek.org>,
Jacob Pan <jacob.jun.pan@linux.intel.com>,
Yinghai Lu <yinghai@kernel.org>,
Kevin Brodsky <kevin.brodsky@arm.com>,
Jonathan Cameron <jonathan.cameron@huawei.com>,
Xu Yilun <yilun.xu@linux.intel.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Kim Phillips <kim.phillips@amd.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Stefano Stabellini <sstabellini@kernel.org>,
Claire Chang <tientzu@chromium.org>,
linux-coco@lists.linux.dev, iommu@lists.linux.dev,
Alexey Kardashevskiy <aik@amd.com>
Subject: Re: [PATCH kernel 4/9] dma/swiotlb: Stop forcing SWIOTLB for TDISP devices
Date: Mon, 02 Mar 2026 13:24:47 +0530 [thread overview]
Message-ID: <yq5acy1mu0mw.fsf@kernel.org> (raw)
In-Reply-To: <20260225053806.3311234-5-aik@amd.com>
Alexey Kardashevskiy <aik@amd.com> writes:
> SWIOTLB is enforced when encrypted guest memory is detected
> in pci_swiotlb_detect() which is required for legacy devices.
>
> Skip SWIOTLB for TDISP devices.
>
> Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
> ---
> include/linux/swiotlb.h | 9 +++++++++
> 1 file changed, 9 insertions(+)
>
> diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h
> index 3dae0f592063..119c25d639a7 100644
> --- a/include/linux/swiotlb.h
> +++ b/include/linux/swiotlb.h
> @@ -173,6 +173,15 @@ static inline bool is_swiotlb_force_bounce(struct device *dev)
> {
> struct io_tlb_mem *mem = dev->dma_io_tlb_mem;
>
> + /*
> + * CC_ATTR_GUEST_MEM_ENCRYPT enforces SWIOTLB_FORCE in
> + * swiotlb_init_remap() to allow legacy devices access arbitrary
> + * VM encrypted memory.
> + * Skip it for TDISP devices capable of DMA-ing the encrypted memory.
> + */
> + if (device_cc_accepted(dev))
> + return false;
> +
> return mem && mem->force_bounce;
> }
>
I’m wondering whether we need more than that. Perhaps we could start
with a simpler assumption: a TDISP-capable device will never require
SWIOTLB bouncing. That would significantly simplify the DMA allocation
path for T=1.
Without this assumption, we might need to implement a private
io_tlb_mem.
We should also avoid supporting TDISP mode on devices that require
things like restricted-memory SWIOTLB pool.
Something like:
modified arch/arm64/mm/mem_encrypt.c
@@ -18,6 +18,7 @@
#include <linux/err.h>
#include <linux/mm.h>
#include <linux/mem_encrypt.h>
+#include <linux/device.h>
static const struct arm64_mem_crypt_ops *crypt_ops;
@@ -53,3 +54,12 @@ int set_memory_decrypted(unsigned long addr, int numpages)
return crypt_ops->decrypt(addr, numpages);
}
EXPORT_SYMBOL_GPL(set_memory_decrypted);
+
+bool force_dma_unencrypted(struct device *dev)
+{
+ if (device_cc_accepted(dev))
+ return false;
+
+ return is_realm_world();
+}
+EXPORT_SYMBOL_GPL(force_dma_unencrypted);
modified include/linux/swiotlb.h
@@ -173,6 +173,11 @@ static inline bool is_swiotlb_force_bounce(struct device *dev)
{
struct io_tlb_mem *mem = dev->dma_io_tlb_mem;
+ if (device_cc_accepted(dev)) {
+ dev_warn_once(dev, "(TIO) Disable SWIOTLB");
+ return false;
+ }
+
return mem && mem->force_bounce;
}
@@ -287,6 +292,9 @@ bool swiotlb_free(struct device *dev, struct page *page, size_t size);
static inline bool is_swiotlb_for_alloc(struct device *dev)
{
+ if (device_cc_accepted(dev))
+ return false;
+
return dev->dma_io_tlb_mem->for_alloc;
}
#else
modified kernel/dma/direct.c
@@ -159,6 +159,14 @@ static struct page *__dma_direct_alloc_pages(struct device *dev, size_t size,
*/
static bool dma_direct_use_pool(struct device *dev, gfp_t gfp)
{
+ /*
+ * Atomic pools are marked decrypted and are used if we require require
+ * updation of pfn mem encryption attributes or for DMA non-coherent
+ * device allocation. Both is not true for trusted device.
+ */
+ if (device_cc_accepted(dev))
+ return false;
+
return !gfpflags_allow_blocking(gfp) && !is_swiotlb_for_alloc(dev);
}
modified kernel/dma/swiotlb.c
@@ -1643,6 +1643,9 @@ bool is_swiotlb_active(struct device *dev)
{
struct io_tlb_mem *mem = dev->dma_io_tlb_mem;
+ if (device_cc_accepted(dev))
+ return false;
+
return mem && mem->nslabs;
}
next prev parent reply other threads:[~2026-03-02 7:55 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-25 5:37 [PATCH kernel 0/9] PCI/TSM: coco/sev-guest: Implement SEV-TIO PCIe TDISP (phase2) Alexey Kardashevskiy
2026-02-25 5:37 ` [PATCH kernel 1/9] pci/tsm: Add TDISP report blob and helpers to parse it Alexey Kardashevskiy
2026-02-25 6:16 ` dan.j.williams
2026-02-25 10:10 ` Arnd Bergmann
2026-02-26 0:09 ` Alexey Kardashevskiy
2026-02-26 2:34 ` dan.j.williams
2026-02-26 3:49 ` Alexey Kardashevskiy
2026-02-26 21:08 ` dan.j.williams
2026-02-25 5:37 ` [PATCH kernel 2/9] pci/tsm: Add tsm_tdi_status Alexey Kardashevskiy
2026-02-25 6:33 ` dan.j.williams
2026-02-25 23:42 ` Alexey Kardashevskiy
2026-03-02 6:58 ` Aneesh Kumar K.V
2026-02-25 5:37 ` [PATCH kernel 3/9] coco/sev-guest: Allow multiple source files in the driver Alexey Kardashevskiy
2026-02-25 5:37 ` [PATCH kernel 4/9] dma/swiotlb: Stop forcing SWIOTLB for TDISP devices Alexey Kardashevskiy
2026-02-25 16:30 ` dan.j.williams
2026-02-25 18:00 ` Robin Murphy
2026-02-25 20:57 ` dan.j.williams
2026-02-28 0:28 ` Jason Gunthorpe
2026-03-02 23:53 ` dan.j.williams
2026-03-03 0:19 ` Jason Gunthorpe
2026-03-03 0:29 ` dan.j.williams
2026-03-03 12:43 ` Jason Gunthorpe
2026-03-04 6:45 ` Alexey Kardashevskiy
2026-03-04 12:43 ` Jason Gunthorpe
2026-03-25 10:42 ` Alexey Kardashevskiy
2026-02-25 16:48 ` Robin Murphy
2026-02-26 0:09 ` Alexey Kardashevskiy
2026-03-02 7:54 ` Aneesh Kumar K.V [this message]
2026-02-25 5:37 ` [PATCH kernel 5/9] x86/mm: Stop forcing decrypted page state " Alexey Kardashevskiy
2026-02-25 16:51 ` dan.j.williams
2026-02-25 5:37 ` [PATCH kernel 6/9] x86/dma-direct: Stop changing encrypted " Alexey Kardashevskiy
2026-02-25 17:08 ` Robin Murphy
2026-02-25 21:35 ` dan.j.williams
2026-02-26 6:22 ` Alexey Kardashevskiy
2026-02-28 0:06 ` Jason Gunthorpe
2026-03-02 0:01 ` Alexey Kardashevskiy
2026-03-02 0:35 ` Jason Gunthorpe
2026-03-02 5:26 ` Alexey Kardashevskiy
2026-03-02 13:35 ` Jason Gunthorpe
2026-03-03 8:19 ` Alexey Kardashevskiy
2026-03-03 12:15 ` Jason Gunthorpe
2026-02-25 5:37 ` [PATCH kernel 7/9] coco/sev-guest: Implement the guest support for SEV TIO (phase2) Alexey Kardashevskiy
2026-02-25 6:00 ` Borislav Petkov
2026-02-26 3:39 ` Alexey Kardashevskiy
2026-02-26 19:52 ` Borislav Petkov
2026-02-25 5:37 ` [PATCH kernel 8/9] RFC: PCI: Avoid needless touching of Command register Alexey Kardashevskiy
2026-02-26 0:24 ` Bjorn Helgaas
2026-02-26 5:58 ` Alexey Kardashevskiy
2026-02-26 0:34 ` dan.j.williams
2026-02-25 5:37 ` [PATCH kernel 9/9] pci: Allow encrypted MMIO mapping via sysfs Alexey Kardashevskiy
2026-03-02 8:20 ` Aneesh Kumar K.V
2026-03-02 8:59 ` Alexey Kardashevskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=yq5acy1mu0mw.fsf@kernel.org \
--to=aneesh.kumar@kernel.org \
--cc=Neeraj.Upadhyay@amd.com \
--cc=aik@amd.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=alex@shazbot.org \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=ashish.kalra@amd.com \
--cc=augustus92@kaist.ac.kr \
--cc=bhelgaas@google.com \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dwmw@amazon.co.uk \
--cc=efremov@linux.com \
--cc=geliang@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=huibo.wang@amd.com \
--cc=iommu@lists.linux.dev \
--cc=jacob.jun.pan@linux.intel.com \
--cc=jbarnes@virtuousgeek.org \
--cc=joerg.roedel@amd.com \
--cc=jonathan.cameron@huawei.com \
--cc=kevin.brodsky@arm.com \
--cc=kim.phillips@amd.com \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=luto@kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=mst@redhat.com \
--cc=nikunj@amd.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=piotrgregor@rsyncme.org \
--cc=robin.murphy@arm.com \
--cc=rppt@kernel.org \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=sgarzare@redhat.com \
--cc=sstabellini@kernel.org \
--cc=suravee.suthikulpanit@amd.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tientzu@chromium.org \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
--cc=yilun.xu@linux.intel.com \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox