| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aYI0LUdXqrjmRcMo@Asurada-Nvidia>
Date: Tue, 3 Feb 2026 09:45:17 -0800
From: Nicolin Chen <nicolinc@...dia.com>
To: Jason Gunthorpe <jgg@...dia.com>
CC: <dan.j.williams@...el.com>, "Tian, Kevin" <kevin.tian@...el.com>,
"Jonathan Cameron" <jonathan.cameron@...wei.com>, "will@...nel.org"
<will@...nel.org>, "robin.murphy@....com" <robin.murphy@....com>,
"bhelgaas@...gle.com" <bhelgaas@...gle.com>, "joro@...tes.org"
<joro@...tes.org>, "praan@...gle.com" <praan@...gle.com>,
"baolu.lu@...ux.intel.com" <baolu.lu@...ux.intel.com>,
"miko.lenczewski@....com" <miko.lenczewski@....com>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>, "iommu@...ts.linux.dev"
<iommu@...ts.linux.dev>, "linux-kernel@...r.kernel.org"
<linux-kernel@...r.kernel.org>, "linux-pci@...r.kernel.org"
<linux-pci@...r.kernel.org>, "linux-cxl@...r.kernel.org"
<linux-cxl@...r.kernel.org>
Subject: Re: [PATCH RFCv1 1/3] PCI: Allow ATS to be always on for CXL.cache
capable devices
On Tue, Feb 03, 2026 at 10:33:48AM -0400, Jason Gunthorpe wrote:
> On Mon, Feb 02, 2026 at 09:13:50PM -0800, Nicolin Chen wrote:
> > On Wed, Jan 28, 2026 at 09:05:20AM -0400, Jason Gunthorpe wrote:
> > > On Tue, Jan 27, 2026 at 04:49:07PM -0800, dan.j.williams@...el.com wrote:
> > > > > Yes, ARM took the position that ATS should be left disabled for
> > > > > IDENTITY both because of SMMU constraints and also because it made
> > > > > some sense that you wouldn't want ATS overhead just to get a 1:1
> > > > > translation.
> > > >
> > > > Does this mean that ARM already today does not enable ATS until driver
> > > > attach, or is incremental work needed for that capability?
> > >
> > > All of the iommu drivers setup an iommu translation and enable ATS
> > > before any driver is bound.
> > >
> > > We would need to do more work in the core to leave the translation
> > > blocked when there is no driver. I don't think it is that difficult
> >
> > Hmm, not sure if we could use group->domain=NULL as "blocked..
>
> Definately not, we need to use a proper blocked domain.
Yea, I suspected so.
> > @@ -437,8 +437,6 @@ static int driver_sysfs_add(struct device *dev)
> > {
> > int ret;
> >
> > - bus_notify(dev, BUS_NOTIFY_BIND_DRIVER);
> > -
> > ret = sysfs_create_link(&dev->driver->p->kobj, &dev->kobj,
> > kobject_name(&dev->kobj));
> > if (ret)
> > @@ -638,10 +636,12 @@ static int really_probe(struct device *dev, const struct device_driver *drv)
> > if (ret)
> > goto pinctrl_bind_failed;
> >
> > + bus_notify(dev, BUS_NOTIFY_BIND_DRIVER);
> > +
> > if (dev->bus->dma_configure) {
> > ret = dev->bus->dma_configure(dev);
> > if (ret)
> > - goto pinctrl_bind_failed;
> > + goto bus_notify_bind_failed;
> > }
>
> We shouldn't need any of these? The dma_configure callback already
> gets into the iommu code to validate the domain and restrict VFIO,
> no further callbacks should be needed.
>
> When the iommu driver is probed to the device we can assume no driver
> is bound and immediately attach the blocked domain.
I was trying to use dev->driver that gets set before dma_configure()
and unset after dma_cleanup(). But looks like we could just keep the
track of group->owner_cnt in iommu_device_use/unuse_default_domain().
Btw, attaching to IOMMU_DOMAIN_BLOCKED/group->blocking_domain is not
allowed in general if require_direct=true. I assume this case can be
an exception since there's no point in allowing a device that has no
driver yet to access any reserved region?
Thanks
Nicolin
Powered by blists - more mailing lists