On 4/25/25 05:00, Jason Gunthorpe wrote:
On Thu, Apr 24, 2025 at 05:49:20PM -0700, Tushar Dave wrote:
In the above topology, we setup ACS flags on DSP 0008:02:03.0 and
0008:02:00.0 to achieve desired p2p configuration for GPU and DMA-PF.
Apparently, this creates multi-device group with GPU being only device with
PASID support in that group. In this case, set_dev_pasid() ops invoked for
each device within the group with pasid=1 and doesn't fail.
Hurm, it doesn't fail, but it corrupts memory in the driver :\
int arm_smmu_set_pasid(struct arm_smmu_master *master,
struct arm_smmu_domain *smmu_domain, ioasid_t pasid,
struct arm_smmu_cd *cd, struct iommu_domain *old)
{
struct iommu_domain *sid_domain = iommu_get_domain_for_dev(master->dev);
struct arm_smmu_attach_state state = {
.master = master,
.ssid = pasid,
.old_domain = old,
};
struct arm_smmu_cd *cdptr;
int ret;
/* The core code validates pasid */
^^^^^^^^^^
Which is not true after this patch.
The core code may not call the driver's set_pasid() function with a PASID
larger than that specific device's device->dev->iommu->max_pasids
Yup. And I should be adding similar check (i.e. max_pasid > 0 ) before invoking
set_dev_pasid and remove_dev_pasid (as Kevin already asked earlier).
I can do that in v2.
-Tushar
Jason
