[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <yq5aldmp1ggg.fsf@kernel.org>
Date: Mon, 08 Sep 2025 14:14:31 +0530
From: Aneesh Kumar K.V <aneesh.kumar@...nel.org>
To: Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org,
iommu@...ts.linux.dev, linux-coco@...ts.linux.dev
Cc: Catalin Marinas <catalin.marinas@....com>, will@...nel.org,
maz@...nel.org, robin.murphy@....com, suzuki.poulose@....com,
akpm@...ux-foundation.org, jgg@...pe.ca, steven.price@....com
Subject: Re: [RFC PATCH] arm64: swiotlb: dma: its: Ensure shared buffers are
properly aligned
Thomas Gleixner <tglx@...utronix.de> writes:
> On Fri, Sep 05 2025 at 11:24, Aneesh Kumar K. V. wrote:
>> When running with private memory guests, the guest kernel must allocate
>> memory with specific constraints when sharing it with the hypervisor.
>>
>> These shared memory buffers are also accessed by the host kernel, which
>> means they must be aligned to the host kernel's page size.
>>
>> This patch introduces a new helper, arch_shared_mem_alignment(), which
>
> # git grep "This patch" Documentation/process/
>
>> can be used to enforce proper alignment of shared buffers.
>>
>> The actual implementation of arch_shared_mem_alignment() is deferred
>> to a follow-up patch.
>>
>> Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@...nel.org>
>> ---
>> arch/arm64/include/asm/mem_encrypt.h | 6 ++++++
>> arch/arm64/mm/init.c | 4 +++-
>> arch/arm64/mm/mem_encrypt.c | 6 ++++++
>> drivers/irqchip/irq-gic-v3-its.c | 8 ++++++--
>> include/linux/mem_encrypt.h | 7 +++++++
>> include/linux/swiotlb.h | 7 ++++---
>> kernel/dma/direct.c | 7 +++++++
>> kernel/dma/pool.c | 1 +
>> kernel/dma/swiotlb.c | 28 +++++++++++++++++-----------
>
> This does too many things at once and breaks all swiotlb users except
> arm64. Seriously?
>
>> -void swiotlb_init(bool addressing_limited, unsigned int flags);
>> +void swiotlb_init(bool addressing_limited, unsigned int alignment, unsigned int flags);
>
> Why do you need this alignment argument in the first place?
>
> In quite some other places you use arch_shared_mem_alignment(), which
> defaults to PAGE_SIZE if the architecture does not implement it's own
> variant. What's preventing you from using that in the init functions as
> well?
>
This patch is required to ensure that a guest using a 4K page size can
safely share pages with a non-secure host that uses a 64K page size.
Without this, the non-secure host may inadvertently map protected
memory.
Memory attribute tracking in the non-secure host (via
set_guest_memory_attributes()) operates in units of the host's
PAGE_SIZE. Attempting to set memory attributes at 4K granularity—when
the host uses 64K pages—will fail with -EINVAL. This makes it impossible
to correctly manage mixed-private/shared regions without enforcing
alignment between guest and host page sizes or introducing finer-grained
handling.
-aneesh
Powered by blists - more mailing lists