From: "Cédric Le Goater" <clg@redhat.com>
To: Zhenzhong Duan <zhenzhong.duan@intel.com>, qemu-devel@nongnu.org
Cc: alex.williamson@redhat.com, eric.auger@redhat.com,
mst@redhat.com, jasowang@redhat.com, peterx@redhat.com,
ddutile@redhat.com, jgg@nvidia.com, nicolinc@nvidia.com,
skolothumtho@nvidia.com, joao.m.martins@oracle.com,
clement.mathieu--drif@eviden.com, kevin.tian@intel.com,
yi.l.liu@intel.com, chao.p.peng@intel.com
Subject: Re: [PATCH v7 19/23] Workaround for ERRATA_772415_SPR17
Date: Fri, 24 Oct 2025 19:38:26 +0200 [thread overview]
Message-ID: <ad429497-65cb-4eeb-80a4-250c93b0df14@redhat.com> (raw)
In-Reply-To: <20251024084349.102322-20-zhenzhong.duan@intel.com>
On 10/24/25 10:43, Zhenzhong Duan wrote:
> On a system influenced by ERRATA_772415, IOMMU_HW_INFO_VTD_ERRATA_772415_SPR17
> is repored by IOMMU_DEVICE_GET_HW_INFO. Due to this errata, even the readonly
> range mapped on second stage page table could still be written.
>
> Reference from 4th Gen Intel Xeon Processor Scalable Family Specification
> Update, Errata Details, SPR17.
> https://edc.intel.com/content/www/us/en/design/products-and-solutions/processors-and-chipsets/eagle-stream/sapphire-rapids-specification-update/
>
> Also copied the SPR17 details from above link:
> "Problem: When remapping hardware is configured by system software in
> scalable mode as Nested (PGTT=011b) and with PWSNP field Set in the
> PASID-table-entry, it may Set Accessed bit and Dirty bit (and Extended
> Access bit if enabled) in first-stage page-table entries even when
> second-stage mappings indicate that corresponding first-stage page-table
> is Read-Only.
>
> Implication: Due to this erratum, pages mapped as Read-only in second-stage
> page-tables may be modified by remapping hardware Access/Dirty bit updates.
>
> Workaround: None identified. System software enabling nested translations
> for a VM should ensure that there are no read-only pages in the
> corresponding second-stage mappings."
>
> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
> ---
> hw/vfio/iommufd.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/hw/vfio/iommufd.c b/hw/vfio/iommufd.c
> index f9d0926274..f9da0e79cc 100644
> --- a/hw/vfio/iommufd.c
> +++ b/hw/vfio/iommufd.c
> @@ -15,6 +15,7 @@
> #include <linux/vfio.h>
> #include <linux/iommufd.h>
>
> +#include "hw/iommu.h"
Changes look ok apart from this include.
Thanks,
C.
> #include "hw/vfio/vfio-device.h"
> #include "qemu/error-report.h"
> #include "trace.h"
> @@ -351,6 +352,7 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev,
> VFIOContainer *bcontainer = VFIO_IOMMU(container);
> uint32_t type, flags = 0;
> uint64_t hw_caps;
> + VendorCaps caps;
> VFIOIOASHwpt *hwpt;
> uint32_t hwpt_id;
> int ret;
> @@ -396,7 +398,8 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev,
> * instead.
> */
> if (!iommufd_backend_get_device_info(vbasedev->iommufd, vbasedev->devid,
> - &type, NULL, 0, &hw_caps, errp)) {
> + &type, &caps, sizeof(caps), &hw_caps,
> + errp)) {
> return false;
> }
>
> @@ -411,6 +414,11 @@ static bool iommufd_cdev_autodomains_get(VFIODevice *vbasedev,
> */
> if (vfio_device_get_viommu_flags_want_nesting(vbasedev)) {
> flags |= IOMMU_HWPT_ALLOC_NEST_PARENT;
> +
> + if (host_iommu_extract_quirks(type, &caps) &
> + HOST_IOMMU_QUIRK_NESTING_PARENT_BYPASS_RO) {
> + bcontainer->bypass_ro = true;
> + }
> }
>
> if (cpr_is_incoming()) {
next prev parent reply other threads:[~2025-10-24 17:39 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-24 8:43 [PATCH v7 00/23] intel_iommu: Enable first stage translation for passthrough device Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 01/23] intel_iommu: Rename vtd_ce_get_rid2pasid_entry to vtd_ce_get_pasid_entry Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 02/23] intel_iommu: Delete RPS capability related supporting code Zhenzhong Duan
2025-10-31 7:50 ` Eric Auger
2025-10-31 9:49 ` Duan, Zhenzhong
2025-10-24 8:43 ` [PATCH v7 03/23] intel_iommu: Update terminology to match VTD spec Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 04/23] hw/pci: Export pci_device_get_iommu_bus_devfn() and return bool Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 05/23] hw/pci: Introduce pci_device_get_viommu_flags() Zhenzhong Duan
2025-10-24 17:18 ` Cédric Le Goater
2025-10-28 6:57 ` Duan, Zhenzhong
2025-10-28 15:19 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 06/23] intel_iommu: Implement get_viommu_flags() callback Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 07/23] intel_iommu: Introduce a new structure VTDHostIOMMUDevice Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 08/23] vfio/iommufd: Force creating nesting parent HWPT Zhenzhong Duan
2025-10-24 16:23 ` Cédric Le Goater
2025-10-28 6:00 ` Duan, Zhenzhong
2025-10-24 8:43 ` [PATCH v7 09/23] intel_iommu: Stick to system MR for IOMMUFD backed host device when x-flts=on Zhenzhong Duan
2025-10-31 8:09 ` Eric Auger
2025-10-31 9:52 ` Duan, Zhenzhong
2025-11-05 2:45 ` Nicolin Chen
2025-10-24 8:43 ` [PATCH v7 10/23] intel_iommu: Check for compatibility with IOMMUFD backed " Zhenzhong Duan
2025-10-24 17:29 ` Cédric Le Goater
2025-10-29 7:37 ` Duan, Zhenzhong
2025-10-24 8:43 ` [PATCH v7 11/23] intel_iommu: Fail passthrough device under PCI bridge if x-flts=on Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 12/23] intel_iommu: Add some macros and inline functions Zhenzhong Duan
2025-10-24 16:39 ` Cédric Le Goater
2025-10-28 6:01 ` Duan, Zhenzhong
2025-11-02 11:15 ` Eric Auger
2025-11-03 3:44 ` Duan, Zhenzhong
2025-11-03 7:23 ` Eric Auger
2025-11-06 4:25 ` Duan, Zhenzhong
2025-10-24 8:43 ` [PATCH v7 13/23] intel_iommu: Bind/unbind guest page table to host Zhenzhong Duan
2025-10-24 17:01 ` Cédric Le Goater
2025-11-03 9:25 ` Eric Auger
2025-10-24 17:33 ` Cédric Le Goater
2025-10-29 9:56 ` Duan, Zhenzhong
2025-11-03 9:37 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 14/23] intel_iommu: Propagate PASID-based iotlb invalidation " Zhenzhong Duan
2025-11-03 10:04 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 15/23] intel_iommu: Replay all pasid bindings when either SRTP or TE bit is changed Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 16/23] intel_iommu: Replay pasid bindings after context cache invalidation Zhenzhong Duan
2025-11-03 10:45 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 17/23] iommufd: Introduce a helper function to extract vendor capabilities Zhenzhong Duan
2025-10-24 16:44 ` Cédric Le Goater
2025-10-28 9:43 ` Duan, Zhenzhong
2025-10-24 17:34 ` Cédric Le Goater
2025-10-28 9:28 ` Duan, Zhenzhong
2025-11-03 12:57 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 18/23] vfio: Add a new element bypass_ro in VFIOContainer Zhenzhong Duan
2025-11-03 13:01 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 19/23] Workaround for ERRATA_772415_SPR17 Zhenzhong Duan
2025-10-24 17:36 ` Cédric Le Goater
2025-10-24 17:38 ` Cédric Le Goater [this message]
2025-11-03 13:14 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 20/23] vfio: Bypass readonly region for dirty tracking Zhenzhong Duan
2025-10-24 16:32 ` Cédric Le Goater
2025-10-28 9:47 ` Duan, Zhenzhong
2025-11-03 13:07 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 21/23] intel_iommu: Add migration support with x-flts=on Zhenzhong Duan
2025-11-03 13:16 ` Eric Auger
2025-10-24 8:43 ` [PATCH v7 22/23] intel_iommu: Enable host device when x-flts=on in scalable mode Zhenzhong Duan
2025-10-24 8:43 ` [PATCH v7 23/23] docs/devel: Add IOMMUFD nesting documentation Zhenzhong Duan
2025-11-03 13:23 ` Eric Auger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ad429497-65cb-4eeb-80a4-250c93b0df14@redhat.com \
--to=clg@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=chao.p.peng@intel.com \
--cc=clement.mathieu--drif@eviden.com \
--cc=ddutile@redhat.com \
--cc=eric.auger@redhat.com \
--cc=jasowang@redhat.com \
--cc=jgg@nvidia.com \
--cc=joao.m.martins@oracle.com \
--cc=kevin.tian@intel.com \
--cc=mst@redhat.com \
--cc=nicolinc@nvidia.com \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=skolothumtho@nvidia.com \
--cc=yi.l.liu@intel.com \
--cc=zhenzhong.duan@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).