> From: Alexey Kardashevskiy <aik@xxxxxxx>
> Sent: Thursday, April 10, 2025 2:40 PM
> >> @@ -2549,12 +2561,15 @@ amd_iommu_domain_alloc_paging_flags(struct
> device *dev, u32 flags,
> >> {
> >> struct amd_iommu *iommu = get_amd_iommu_from_dev(dev);
> >> const u32 supported_flags = IOMMU_HWPT_ALLOC_DIRTY_TRACKING
> |
> >> + IOMMU_HWPT_ALLOC_PASID
> |
> >> +
> IOMMU_HWPT_ALLOC_NEST_PARENT;
> >> + const u32 supported_flags2 = IOMMU_HWPT_ALLOC_DIRTY_TRACKING
> |
> >> IOMMU_HWPT_ALLOC_PASID;
> >
> > Just ignore NEST_PARENT? That seems wrong, it should force a V1 page
> > table??
>
>
> Ahhh... This is because I still have troubles with what
> IOMMU_DOMAIN_NESTED means (and iommufd.rst does not help me). There is
> one device, one IOMMU table buuut 2 domains? Uh.
(not yet catch up with the whole thread. so just for basics)
one device can be attached to only one domain. When the attached domain
is NESTED, the output from that domain will be further translated by another
domain (PARENT). so yes, 2 domains could be involved and two IOMMU
page tables chained in translation.
In that configuration, the NESTED domain is also called stage-1/s1 and its
parent domain is called stage-2/s2.
Typically seen in a setup where the guest sees a vIOMMU and manages its
own I/O page tables (translating guest IOVA to GPA). Then the GPA is
further translated by a host-managed I/O paging table (PAGING domain,
GPA->HPA).
a special case of s1 is 1:1 identity mapping (or passthrough), with which
effectively only one domain (s2) manages translation but the concept of
nested translation still holds.
