From: Petr Tesarik <ptesarik@suse•com>
To: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel•org>
Cc: iommu@lists•linux.dev, linux-arm-kernel@lists•infradead.org,
linux-kernel@vger•kernel.org, linux-coco@lists•linux.dev,
Robin Murphy <robin.murphy@arm•com>,
Marek Szyprowski <m.szyprowski@samsung•com>,
Will Deacon <will@kernel•org>, Marc Zyngier <maz@kernel•org>,
Steven Price <steven.price@arm•com>,
Suzuki K Poulose <Suzuki.Poulose@arm•com>,
Catalin Marinas <catalin.marinas@arm•com>,
Jiri Pirko <jiri@resnulli•us>, Jason Gunthorpe <jgg@ziepe•ca>,
Mostafa Saleh <smostafa@google•com>,
Alexey Kardashevskiy <aik@amd•com>,
Dan Williams <dan.j.williams@intel•com>,
Xu Yilun <yilun.xu@linux•intel.com>,
linuxppc-dev@lists•ozlabs.org, linux-s390@vger•kernel.org,
Madhavan Srinivasan <maddy@linux•ibm.com>,
Michael Ellerman <mpe@ellerman•id.au>,
Nicholas Piggin <npiggin@gmail•com>,
"Christophe Leroy (CS GROUP)" <chleroy@kernel•org>,
Alexander Gordeev <agordeev@linux•ibm.com>,
Gerald Schaefer <gerald.schaefer@linux•ibm.com>,
Heiko Carstens <hca@linux•ibm.com>,
Vasily Gorbik <gor@linux•ibm.com>,
Christian Borntraeger <borntraeger@linux•ibm.com>,
Sven Schnelle <svens@linux•ibm.com>,
x86@kernel•org, Jiri Pirko <jiri@nvidia•com>,
Michael Kelley <mhklinux@outlook•com>
Subject: Re: [PATCH v6 02/20] dma-direct: swiotlb: handle swiotlb alloc/free outside __dma_direct_alloc_pages
Date: Tue, 9 Jun 2026 14:15:48 +0200 [thread overview]
Message-ID: <20260609141548.70a5848d@mordecai> (raw)
In-Reply-To: <20260604083959.1265923-3-aneesh.kumar@kernel.org>
On Thu, 4 Jun 2026 14:09:41 +0530
"Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel•org> wrote:
> Move swiotlb allocation out of __dma_direct_alloc_pages() and handle it in
> dma_direct_alloc() / dma_direct_alloc_pages().
>
> This is needed for follow-up changes that simplify the handling of
> memory encryption/decryption based on the DMA attribute flags.
>
> swiotlb backing pages are already mapped decrypted by
> swiotlb_update_mem_attributes() and rmem_swiotlb_device_init(), so
> dma-direct should not call dma_set_decrypted() on allocation nor
> dma_set_encrypted() on free for swiotlb-backed memory.
>
> Update alloc/free paths to detect swiotlb-backed pages and skip
> encrypt/decrypt transitions for those paths. Keep the existing highmem
> rejection in dma_direct_alloc_pages() for swiotlb allocations.
>
> Only for "restricted-dma-pool", we currently set `for_alloc = true`, while
> rmem_swiotlb_device_init() decrypts the whole pool up front. This pool is
> typically used together with "shared-dma-pool", where the shared region is
> accessed after remap/ioremap and the returned address is suitable for
> decrypted memory access. So existing code paths remain valid.
>
> Tested-by: Jiri Pirko <jiri@nvidia•com>
> Tested-by: Michael Kelley <mhklinux@outlook•com>
> Tested-by: Mostafa Saleh <smostafa@google•com>
> Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@kernel•org>
> ---
> include/linux/swiotlb.h | 6 ++++
> kernel/dma/direct.c | 71 ++++++++++++++++++++++++++++++-----------
> kernel/dma/swiotlb.c | 6 ++++
> 3 files changed, 65 insertions(+), 18 deletions(-)
>
> diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h
> index 3dae0f592063..133bb8ca9032 100644
> --- a/include/linux/swiotlb.h
> +++ b/include/linux/swiotlb.h
> @@ -284,6 +284,8 @@ extern void swiotlb_print_info(void);
> #ifdef CONFIG_DMA_RESTRICTED_POOL
> struct page *swiotlb_alloc(struct device *dev, size_t size);
> bool swiotlb_free(struct device *dev, struct page *page, size_t size);
> +void swiotlb_free_from_pool(struct device *dev, phys_addr_t tlb_addr,
> + size_t size, struct io_tlb_pool *pool);
>
> static inline bool is_swiotlb_for_alloc(struct device *dev)
> {
> @@ -299,6 +301,10 @@ static inline bool swiotlb_free(struct device *dev, struct page *page,
> {
> return false;
> }
> +static inline void swiotlb_free_from_pool(struct device *dev, phys_addr_t tlb_addr,
> + size_t size, struct io_tlb_pool *pool)
> +{
> +}
> static inline bool is_swiotlb_for_alloc(struct device *dev)
> {
> return false;
> diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
> index 583c5922bca2..a741c8a2ee66 100644
> --- a/kernel/dma/direct.c
> +++ b/kernel/dma/direct.c
> @@ -96,14 +96,6 @@ static int dma_set_encrypted(struct device *dev, void *vaddr, size_t size)
> return ret;
> }
>
> -static void __dma_direct_free_pages(struct device *dev, struct page *page,
> - size_t size)
> -{
> - if (swiotlb_free(dev, page, size))
> - return;
> - dma_free_contiguous(dev, page, size);
> -}
> -
> static struct page *dma_direct_alloc_swiotlb(struct device *dev, size_t size)
> {
> struct page *page = swiotlb_alloc(dev, size);
> @@ -125,9 +117,6 @@ static struct page *__dma_direct_alloc_pages(struct device *dev, size_t size,
>
> WARN_ON_ONCE(!PAGE_ALIGNED(size));
>
> - if (is_swiotlb_for_alloc(dev))
> - return dma_direct_alloc_swiotlb(dev, size);
> -
> gfp |= dma_direct_optimal_gfp_mask(dev, &phys_limit);
> page = dma_alloc_contiguous(dev, size, gfp);
> if (page) {
> @@ -204,6 +193,7 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> dma_addr_t *dma_handle, gfp_t gfp, unsigned long attrs)
> {
> bool remap = false, set_uncached = false;
> + bool mark_mem_decrypt = true;
> struct page *page;
> void *ret;
>
> @@ -250,11 +240,21 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> dma_direct_use_pool(dev, gfp))
> return dma_direct_alloc_from_pool(dev, size, dma_handle, gfp);
>
> + if (is_swiotlb_for_alloc(dev)) {
> + page = dma_direct_alloc_swiotlb(dev, size);
> + if (page) {
> + mark_mem_decrypt = false;
> + goto setup_page;
> + }
> + return NULL;
> + }
> +
> /* we always manually zero the memory once we are done */
> page = __dma_direct_alloc_pages(dev, size, gfp & ~__GFP_ZERO, true);
> if (!page)
> return NULL;
>
> +setup_page:
> /*
> * dma_alloc_contiguous can return highmem pages depending on a
> * combination the cma= arguments and per-arch setup. These need to be
> @@ -281,7 +281,7 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> goto out_free_pages;
> } else {
> ret = page_address(page);
> - if (dma_set_decrypted(dev, ret, size))
> + if (mark_mem_decrypt && dma_set_decrypted(dev, ret, size))
> goto out_leak_pages;
> }
>
> @@ -298,10 +298,11 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> return ret;
>
> out_encrypt_pages:
> - if (dma_set_encrypted(dev, page_address(page), size))
> + if (mark_mem_decrypt && dma_set_encrypted(dev, page_address(page), size))
> return NULL;
> out_free_pages:
> - __dma_direct_free_pages(dev, page, size);
> + if (!swiotlb_free(dev, page, size))
> + dma_free_contiguous(dev, page, size);
> return NULL;
> out_leak_pages:
> return NULL;
> @@ -310,6 +311,9 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> void dma_direct_free(struct device *dev, size_t size,
> void *cpu_addr, dma_addr_t dma_addr, unsigned long attrs)
> {
> + phys_addr_t phys;
> + bool mark_mem_encrypted = true;
> + struct io_tlb_pool *swiotlb_pool;
> unsigned int page_order = get_order(size);
>
> if ((attrs & DMA_ATTR_NO_KERNEL_MAPPING) &&
> @@ -338,16 +342,25 @@ void dma_direct_free(struct device *dev, size_t size,
> dma_free_from_pool(dev, cpu_addr, PAGE_ALIGN(size)))
> return;
>
> + phys = dma_to_phys(dev, dma_addr);
> + swiotlb_pool = swiotlb_find_pool(dev, phys);
> + if (swiotlb_pool)
> + /* Swiotlb doesn't need a page attribute update on free */
> + mark_mem_encrypted = false;
> +
> if (is_vmalloc_addr(cpu_addr)) {
> vunmap(cpu_addr);
> } else {
> if (IS_ENABLED(CONFIG_ARCH_HAS_DMA_CLEAR_UNCACHED))
> arch_dma_clear_uncached(cpu_addr, size);
> - if (dma_set_encrypted(dev, cpu_addr, size))
> + if (mark_mem_encrypted && dma_set_encrypted(dev, cpu_addr, size))
> return;
> }
>
> - __dma_direct_free_pages(dev, dma_direct_to_page(dev, dma_addr), size);
> + if (swiotlb_pool)
> + swiotlb_free_from_pool(dev, phys, size, swiotlb_pool);
> + else
> + dma_free_contiguous(dev, dma_direct_to_page(dev, dma_addr), size);
> }
>
> struct page *dma_direct_alloc_pages(struct device *dev, size_t size,
> @@ -359,6 +372,15 @@ struct page *dma_direct_alloc_pages(struct device *dev, size_t size,
> if (force_dma_unencrypted(dev) && dma_direct_use_pool(dev, gfp))
> return dma_direct_alloc_from_pool(dev, size, dma_handle, gfp);
>
> + if (is_swiotlb_for_alloc(dev)) {
> + page = dma_direct_alloc_swiotlb(dev, size);
> + if (!page)
> + return NULL;
> +
> + ret = page_address(page);
> + goto setup_page;
> + }
> +
> page = __dma_direct_alloc_pages(dev, size, gfp, false);
> if (!page)
> return NULL;
> @@ -366,6 +388,7 @@ struct page *dma_direct_alloc_pages(struct device *dev, size_t size,
> ret = page_address(page);
> if (dma_set_decrypted(dev, ret, size))
> goto out_leak_pages;
> +setup_page:
> memset(ret, 0, size);
> *dma_handle = phys_to_dma_direct(dev, page_to_phys(page));
> return page;
> @@ -377,16 +400,28 @@ void dma_direct_free_pages(struct device *dev, size_t size,
> struct page *page, dma_addr_t dma_addr,
> enum dma_data_direction dir)
> {
> + phys_addr_t phys;
> void *vaddr = page_address(page);
> + struct io_tlb_pool *swiotlb_pool;
> + bool mark_mem_encrypted = true;
>
> /* If cpu_addr is not from an atomic pool, dma_free_from_pool() fails */
> if (IS_ENABLED(CONFIG_DMA_COHERENT_POOL) &&
> dma_free_from_pool(dev, vaddr, size))
> return;
>
> - if (dma_set_encrypted(dev, vaddr, size))
> + phys = page_to_phys(page);
> + swiotlb_pool = swiotlb_find_pool(dev, phys);
> + if (swiotlb_pool)
> + mark_mem_encrypted = false;
> +
> + if (mark_mem_encrypted && dma_set_encrypted(dev, vaddr, size))
> return;
> - __dma_direct_free_pages(dev, page, size);
> +
> + if (swiotlb_pool)
> + swiotlb_free_from_pool(dev, phys, size, swiotlb_pool);
> + else
> + dma_free_contiguous(dev, page, size);
> }
>
> #if defined(CONFIG_ARCH_HAS_SYNC_DMA_FOR_DEVICE) || \
> diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
> index 1abd3e6146f4..ac03a6856c2e 100644
> --- a/kernel/dma/swiotlb.c
> +++ b/kernel/dma/swiotlb.c
> @@ -1809,6 +1809,12 @@ bool swiotlb_free(struct device *dev, struct page *page, size_t size)
> return true;
> }
>
> +void swiotlb_free_from_pool(struct device *dev, phys_addr_t tlb_addr, size_t size,
> + struct io_tlb_pool *pool)
What's the reason to pass the buffer size if it's not used?
Other than that, this patch looks good to me.
Petr T
> +{
> + swiotlb_release_slots(dev, tlb_addr, pool);
> +}
> +
> static int rmem_swiotlb_device_init(struct reserved_mem *rmem,
> struct device *dev)
> {
next prev parent reply other threads:[~2026-06-09 12:16 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-04 8:39 [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 01/20] s390: Expose protected virtualization through cc_platform_has() Aneesh Kumar K.V (Arm)
2026-06-06 0:34 ` JAEHOON KIM
2026-06-09 13:44 ` Catalin Marinas
2026-06-04 8:39 ` [PATCH v6 02/20] dma-direct: swiotlb: handle swiotlb alloc/free outside __dma_direct_alloc_pages Aneesh Kumar K.V (Arm)
2026-06-09 12:15 ` Petr Tesarik [this message]
2026-06-04 8:39 ` [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths Aneesh Kumar K.V (Arm)
2026-06-09 12:18 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs Aneesh Kumar K.V (Arm)
2026-06-09 12:23 ` Petr Tesarik
2026-06-09 14:32 ` Jason Gunthorpe
2026-06-04 8:39 ` [PATCH v6 05/20] dma: swiotlb: pass mapping attributes by reference Aneesh Kumar K.V (Arm)
2026-06-09 12:21 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 06/20] dma: swiotlb: track pool encryption state and honor DMA_ATTR_CC_SHARED Aneesh Kumar K.V (Arm)
2026-06-09 12:48 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 07/20] dma-mapping: make dma_pgprot() " Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 08/20] dma-direct: pass attrs to dma_capable() for DMA_ATTR_CC_SHARED checks Aneesh Kumar K.V (Arm)
2026-06-09 12:50 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 09/20] dma-direct: make dma_direct_map_phys() honor DMA_ATTR_CC_SHARED Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 10/20] dma-direct: set decrypted flag for remapped DMA allocations Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 11/20] dma-direct: select DMA address encoding from DMA_ATTR_CC_SHARED Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 12/20] dma-pool: fix page leak in atomic_pool_expand() cleanup Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 13/20] dma-direct: rename ret to cpu_addr in alloc helpers Aneesh Kumar K.V (Arm)
2026-06-09 12:54 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 14/20] dma-direct: return struct page from dma_direct_alloc_from_pool() Aneesh Kumar K.V (Arm)
2026-06-09 13:12 ` Petr Tesarik
2026-06-09 13:45 ` Catalin Marinas
2026-06-09 14:15 ` Jason Gunthorpe
2026-06-04 8:39 ` [PATCH v6 15/20] iommu/dma: Check atomic pool allocation result directly Aneesh Kumar K.V (Arm)
2026-06-09 13:13 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 16/20] dma: swiotlb: free dynamic pools from process context Aneesh Kumar K.V (Arm)
2026-06-09 13:23 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 17/20] dma: swiotlb: handle set_memory_decrypted() failures Aneesh Kumar K.V (Arm)
2026-06-09 13:32 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 18/20] dma: free atomic pool pages by physical address Aneesh Kumar K.V (Arm)
2026-06-04 8:39 ` [PATCH v6 19/20] swiotlb: Preserve allocation virtual address for dynamic pools Aneesh Kumar K.V (Arm)
2026-06-09 13:40 ` Petr Tesarik
2026-06-04 8:39 ` [PATCH v6 20/20] swiotlb: remove unused SWIOTLB_FORCE flag Aneesh Kumar K.V (Arm)
2026-06-09 13:44 ` Petr Tesarik
2026-06-09 13:43 ` [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths Catalin Marinas
2026-06-09 14:47 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260609141548.70a5848d@mordecai \
--to=ptesarik@suse$(echo .)com \
--cc=Suzuki.Poulose@arm$(echo .)com \
--cc=agordeev@linux$(echo .)ibm.com \
--cc=aik@amd$(echo .)com \
--cc=aneesh.kumar@kernel$(echo .)org \
--cc=borntraeger@linux$(echo .)ibm.com \
--cc=catalin.marinas@arm$(echo .)com \
--cc=chleroy@kernel$(echo .)org \
--cc=dan.j.williams@intel$(echo .)com \
--cc=gerald.schaefer@linux$(echo .)ibm.com \
--cc=gor@linux$(echo .)ibm.com \
--cc=hca@linux$(echo .)ibm.com \
--cc=iommu@lists$(echo .)linux.dev \
--cc=jgg@ziepe$(echo .)ca \
--cc=jiri@nvidia$(echo .)com \
--cc=jiri@resnulli$(echo .)us \
--cc=linux-arm-kernel@lists$(echo .)infradead.org \
--cc=linux-coco@lists$(echo .)linux.dev \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=linux-s390@vger$(echo .)kernel.org \
--cc=linuxppc-dev@lists$(echo .)ozlabs.org \
--cc=m.szyprowski@samsung$(echo .)com \
--cc=maddy@linux$(echo .)ibm.com \
--cc=maz@kernel$(echo .)org \
--cc=mhklinux@outlook$(echo .)com \
--cc=mpe@ellerman$(echo .)id.au \
--cc=npiggin@gmail$(echo .)com \
--cc=robin.murphy@arm$(echo .)com \
--cc=smostafa@google$(echo .)com \
--cc=steven.price@arm$(echo .)com \
--cc=svens@linux$(echo .)ibm.com \
--cc=will@kernel$(echo .)org \
--cc=x86@kernel$(echo .)org \
--cc=yilun.xu@linux$(echo .)intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox