Re: [PATCH rc] iommu: Skip PASID validation for devices without PASID capability

From: Jason Gunthorpe
Date: Fri Apr 25 2025 - 08:01:03 EST

Next message: Linjun Bao: "[PATCH] nvme: avoid missing db ring during reset"
Previous message: George Moussalem via B4 Relay: "[PATCH v8 1/2] arm64: dts: qcom: ipq5018: Add PCIe related nodes"
In reply to: Tushar Dave: "Re: [PATCH rc] iommu: Skip PASID validation for devices without PASID capability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 24, 2025 at 05:49:20PM -0700, Tushar Dave wrote:

> In the above topology, we setup ACS flags on DSP 0008:02:03.0 and
> 0008:02:00.0 to achieve desired p2p configuration for GPU and DMA-PF.
> Apparently, this creates multi-device group with GPU being only device with
> PASID support in that group. In this case, set_dev_pasid() ops invoked for
> each device within the group with pasid=1 and doesn't fail.

Hurm, it doesn't fail, but it corrupts memory in the driver :\

int arm_smmu_set_pasid(struct arm_smmu_master *master,
struct arm_smmu_domain *smmu_domain, ioasid_t pasid,
struct arm_smmu_cd *cd, struct iommu_domain *old)
{
struct iommu_domain *sid_domain = iommu_get_domain_for_dev(master->dev);
struct arm_smmu_attach_state state = {
.master = master,
.ssid = pasid,
.old_domain = old,
};
struct arm_smmu_cd *cdptr;
int ret;

/* The core code validates pasid */
^^^^^^^^^^

Which is not true after this patch.

The core code may not call the driver's set_pasid() function with a PASID
larger than that specific device's device->dev->iommu->max_pasids

Jason

Next message: Linjun Bao: "[PATCH] nvme: avoid missing db ring during reset"
Previous message: George Moussalem via B4 Relay: "[PATCH v8 1/2] arm64: dts: qcom: ipq5018: Add PCIe related nodes"
In reply to: Tushar Dave: "Re: [PATCH rc] iommu: Skip PASID validation for devices without PASID capability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]