From nobody Sun Apr 19 04:22:41 2026
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1DBA6C43334
	for <linux-kernel@archiver.kernel.org>; Wed,  6 Jul 2022 19:51:39 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234234AbiGFTvh (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Wed, 6 Jul 2022 15:51:37 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41774 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233350AbiGFTve (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Jul 2022 15:51:34 -0400
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com
 [IPv6:2a00:1450:4864:20::535])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0F9D18390;
        Wed,  6 Jul 2022 12:51:31 -0700 (PDT)
Received: by mail-ed1-x535.google.com with SMTP id k30so12455013edk.8;
        Wed, 06 Jul 2022 12:51:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=940NON5ZiCzvUCu0CiIkGxD8PkrHui9fksTxAlvFF2Q=;
        b=WD0C7sqAbS/txx8ZqA2ZODw2GWOvOZUpy0KcNt4GEbk3hexy6PqipKnUOgnU/RQZj7
         DAPrsGVCzF2QPmv9S6BDYMgfx9Ic7s1TIWhwJSf5xBaivP9Ymlr9cWWFdW78LXCa3ZJc
         zdIU2bTW3ijEsmGqK7YeX+sgqONpDpotZUTnlmvDJ0YT4D/t1pYpKal5WjL2bp5NUxNu
         PcOP/CfQqL+bX9x27rKyKKehJ6719Bl0f7yb+57RBkEOO6GZtffD2YffmLbr9nRfGTi2
         GrbJNHqUcZNtdn52CTSFohmmQ6/2uaCCLchXKCO8IHROMUd7DXmlGifRDXi6wOjdOEog
         GtrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=940NON5ZiCzvUCu0CiIkGxD8PkrHui9fksTxAlvFF2Q=;
        b=3DJdFmAAsW2RE2H2VaJxUqqJbg1dVlK+RUFOqYUWo4JNFRKH9kzdsWjLlViffYA3Si
         loL6navyHXamjcvDynDzgMZwlohgiqrdAxqKSwKKM6tfxPlFAetu/Wh9Uv0/N1xYeaHL
         JIEIPTZcSedGlPVTsL3jcKcxa3rhFKI4R/1h3+/RnNUunoG0pVukRqEJ2oV2p+dznsGD
         VhKoQSutKjL0/jEwqXWP5yH5KRO7Jkr6/3wC6uP1f3D+zyiJnqHw7jiqLEeLFwqQSHQy
         NTr1e4PQpdX/5GsyIMZvbsoeNZmks7kQzupDgDbVzKMuwlC+kpZDLtAJUBF5lSrKGCh6
         XckQ==
X-Gm-Message-State: AJIora9eYyTYWYdokytbTY/q4GfISA7XcpBrLORKydyYHwn4f4Eh8sm9
        BxsV7+Y70TJK7mxojBvvKeo=
X-Google-Smtp-Source: 
 AGRyM1uUFyCfr9/9lM3NU3hu2Vav+/0R7nlwqn8fsfMebpuG36p/QatZHggyU+N4+LYrdP/Tmf2M8A==
X-Received: by 2002:a05:6402:4507:b0:43a:5b42:2be5 with SMTP id
 ez7-20020a056402450700b0043a5b422be5mr23610276edb.392.1657137090388;
        Wed, 06 Jul 2022 12:51:30 -0700 (PDT)
Received: from anparri.mshome.net (host-79-49-199-193.retail.telecomitalia.it.
 [79.49.199.193])
        by smtp.gmail.com with ESMTPSA id
 kz11-20020a17090777cb00b0072af18329c4sm1968127ejc.225.2022.07.06.12.51.28
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 06 Jul 2022 12:51:30 -0700 (PDT)
From: "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
To: Christoph Hellwig <hch@lst.de>,
        Marek Szyprowski <m.szyprowski@samsung.com>,
        Robin Murphy <robin.murphy@arm.com>,
        KY Srinivasan <kys@microsoft.com>,
        Haiyang Zhang <haiyangz@microsoft.com>,
        Stephen Hemminger <sthemmin@microsoft.com>,
        Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
        Michael Kelley <mikelley@microsoft.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Anvin <hpa@zytor.com>
Cc: linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org,
        iommu@lists.linux.dev, linux-hyperv@vger.kernel.org,
        x86@kernel.org, "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
Subject: [RFC PATCH 1/2] swiotlb,dma-direct: Move swiotlb_unencrypted_base to
 direct.c
Date: Wed,  6 Jul 2022 21:50:26 +0200
Message-Id: <20220706195027.76026-2-parri.andrea@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20220706195027.76026-1-parri.andrea@gmail.com>
References: <20220706195027.76026-1-parri.andrea@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

The variable will come in handy to enable dma_direct_{alloc,free}()
for Hyper-V AMD SEV-SNP Isolated VMs.

Rename swiotlb_unencrypted_base to dma_unencrypted_base to indicate
that the notion is not restricted to SWIOTLB.

No functional change.

Suggested-by: Michael Kelley <mikelley@microsoft.com>
Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com>
---
Yeah, this is in some sense trading the dependency on SWIOTLB for a
dependency on HAS_DMA:

Q1. I'm unable to envision a scenario where SWIOTLB without HAS_DMA
would make sense but I'm also expecting one of the kernel test bots
to try such a nonsensical configuration... should the references to
dma_unencrypted_base in swiotlb.c be protected with HAS_DMA? other?

Q2. Can the #ifdef CONFIG_HAS_DMA in arch/x86/kernel/cpu/mshyperv.c
be removed? can we make HYPERV "depends on HAS_DMA"?

...

 arch/x86/kernel/cpu/mshyperv.c |  6 +++---
 include/linux/dma-direct.h     |  2 ++
 include/linux/swiotlb.h        |  2 --
 kernel/dma/direct.c            |  8 ++++++++
 kernel/dma/swiotlb.c           | 12 +++++-------
 5 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c
index 831613959a92a..47e9cece86ff8 100644
--- a/arch/x86/kernel/cpu/mshyperv.c
+++ b/arch/x86/kernel/cpu/mshyperv.c
@@ -18,7 +18,7 @@
 #include <linux/kexec.h>
 #include <linux/i8253.h>
 #include <linux/random.h>
-#include <linux/swiotlb.h>
+#include <linux/dma-direct.h>
 #include <asm/processor.h>
 #include <asm/hypervisor.h>
 #include <asm/hyperv-tlfs.h>
@@ -333,8 +333,8 @@ static void __init ms_hyperv_init_platform(void)
=20
 		if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) {
 			static_branch_enable(&isolation_type_snp);
-#ifdef CONFIG_SWIOTLB
-			swiotlb_unencrypted_base =3D ms_hyperv.shared_gpa_boundary;
+#ifdef CONFIG_HAS_DMA
+			dma_unencrypted_base =3D ms_hyperv.shared_gpa_boundary;
 #endif
 		}
 		/* Isolation VMs are unenlightened SEV-based VMs, thus this check: */
diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
index 18aade195884d..0b7e4c4b7b34c 100644
--- a/include/linux/dma-direct.h
+++ b/include/linux/dma-direct.h
@@ -14,6 +14,8 @@
=20
 extern unsigned int zone_dma_bits;
=20
+extern phys_addr_t dma_unencrypted_base;
+
 /*
  * Record the mapping of CPU physical to DMA addresses for a given region.
  */
diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h
index 7ed35dd3de6e7..fa2e85f21af61 100644
--- a/include/linux/swiotlb.h
+++ b/include/linux/swiotlb.h
@@ -190,6 +190,4 @@ static inline bool is_swiotlb_for_alloc(struct device *=
dev)
 }
 #endif /* CONFIG_DMA_RESTRICTED_POOL */
=20
-extern phys_addr_t swiotlb_unencrypted_base;
-
 #endif /* __LINUX_SWIOTLB_H */
diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
index 8d0b68a170422..06b2b901e37a3 100644
--- a/kernel/dma/direct.c
+++ b/kernel/dma/direct.c
@@ -22,6 +22,14 @@
  */
 unsigned int zone_dma_bits __ro_after_init =3D 24;
=20
+/*
+ * Certain Confidential Computing solutions, such as Hyper-V AMD SEV-SNP
+ * isolated VMs, use dma_unencrypted_base as a watermark: memory addresses
+ * below dma_unencrypted_base are treated as private, while memory above
+ * dma_unencrypted_base is treated as shared.
+ */
+phys_addr_t dma_unencrypted_base;
+
 static inline dma_addr_t phys_to_dma_direct(struct device *dev,
 		phys_addr_t phys)
 {
diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index cb50f8d383606..78d4f5294a56c 100644
--- a/kernel/dma/swiotlb.c
+++ b/kernel/dma/swiotlb.c
@@ -67,8 +67,6 @@ static bool swiotlb_force_disable;
=20
 struct io_tlb_mem io_tlb_default_mem;
=20
-phys_addr_t swiotlb_unencrypted_base;
-
 static unsigned long default_nslabs =3D IO_TLB_DEFAULT_SIZE >> IO_TLB_SHIF=
T;
=20
 static int __init
@@ -142,7 +140,7 @@ static inline unsigned long nr_slots(u64 val)
=20
 /*
  * Remap swioltb memory in the unencrypted physical address space
- * when swiotlb_unencrypted_base is set. (e.g. for Hyper-V AMD SEV-SNP
+ * when dma_unencrypted_base is set. (e.g. for Hyper-V AMD SEV-SNP
  * Isolation VMs).
  */
 #ifdef CONFIG_HAS_IOMEM
@@ -150,8 +148,8 @@ static void *swiotlb_mem_remap(struct io_tlb_mem *mem, =
unsigned long bytes)
 {
 	void *vaddr =3D NULL;
=20
-	if (swiotlb_unencrypted_base) {
-		phys_addr_t paddr =3D mem->start + swiotlb_unencrypted_base;
+	if (dma_unencrypted_base) {
+		phys_addr_t paddr =3D mem->start + dma_unencrypted_base;
=20
 		vaddr =3D memremap(paddr, bytes, MEMREMAP_WB);
 		if (!vaddr)
@@ -213,10 +211,10 @@ static void swiotlb_init_io_tlb_mem(struct io_tlb_mem=
 *mem, phys_addr_t start,
 	}
=20
 	/*
-	 * If swiotlb_unencrypted_base is set, the bounce buffer memory will
+	 * If dma_unencrypted_base is set, the bounce buffer memory will
 	 * be remapped and cleared in swiotlb_update_mem_attributes.
 	 */
-	if (swiotlb_unencrypted_base)
+	if (dma_unencrypted_base)
 		return;
=20
 	memset(vaddr, 0, bytes);
--=20
2.25.1
From nobody Sun Apr 19 04:22:41 2026
Return-Path: <linux-kernel-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CC9A4C433EF
	for <linux-kernel@archiver.kernel.org>; Wed,  6 Jul 2022 19:51:43 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234262AbiGFTvm (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Wed, 6 Jul 2022 15:51:42 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41794 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234193AbiGFTvg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Jul 2022 15:51:36 -0400
Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com
 [IPv6:2a00:1450:4864:20::52c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3E61F167C1;
        Wed,  6 Jul 2022 12:51:35 -0700 (PDT)
Received: by mail-ed1-x52c.google.com with SMTP id v12so7955208edc.10;
        Wed, 06 Jul 2022 12:51:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=uVRJxLaJq0X2dTEVHdjs/5npr6gEQxLAwcn1IdURs/k=;
        b=eJwRJaLjPY6p5OlY+dBZS+pQVxXthYVL1N5jmkzT/c94q/b9iLcykBlgK1Du7PYrbj
         MxeFxICUJdjjcV4pgyo6rucoawbvITuvIkDRgC3y6E0n3STMKsOWkCwG5d7oPtTTKfaQ
         CFJbvl3MaraUV2zfvMLcdpwYHQKkjh3E7iJ+ZuipphJXXm+sIz2ZtJKGA+lV1IAJKXp6
         gIDZb7UUy806TIzAtvVMLr5gXqD9LzJuCS61E1hq0d01/JhNgeMip92sz5laViF3SkKM
         OJDCVy+nMHqMI6LD/lQHtr3WAK81du9NPbq0PKiyiXcAkgdviF3QyjkUjKFU06wnf7Gi
         pZyA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=uVRJxLaJq0X2dTEVHdjs/5npr6gEQxLAwcn1IdURs/k=;
        b=21LlfSCrHwQfMPdige7ZGK1I1m69p6oBgVsxejQYUi+pggwEXx2vEZg7cbNhmut2Qg
         c8Vfj53ntc3cAimUrN2SGuMs5IP4EUAsvPOYrWS0wgplpkMBVYH4PqLAHC4Z9uXcExqN
         lke4GXHzlPUc0H9FkCh+kuAGLqjzOPF+MIkffz/aeCNSytpAzH1Dtm4jNJQ8vrTgZlKh
         PQB26cj1uL0Frf4O9NWqH/AX9nE2XFu06mK0d7bM2uO1AAYpxygBG1AuDAOs82aDK8rs
         gBhqEZ7NCc9SIBslBnxIKjsG/IDgxhYoW1K7vkXL36NxshsK01crvUPpPYDSdRKRHfl9
         aUlQ==
X-Gm-Message-State: AJIora9QCBzdtAdHFcJ6cBVpUcJMsGHiBGOjVEKqxTXe7dipXDO0NOzT
        NQx5OnHcntqKtxVFz6zOIiw=
X-Google-Smtp-Source: 
 AGRyM1tywxH6QPdE1PtguR+LhaF12MVypJNb2omAg0HEbg3t9kWKGwOUtVflZEIr6YXGTMyib1Cy6w==
X-Received: by 2002:aa7:c45a:0:b0:435:d7a4:99bc with SMTP id
 n26-20020aa7c45a000000b00435d7a499bcmr56253345edr.158.1657137093482;
        Wed, 06 Jul 2022 12:51:33 -0700 (PDT)
Received: from anparri.mshome.net (host-79-49-199-193.retail.telecomitalia.it.
 [79.49.199.193])
        by smtp.gmail.com with ESMTPSA id
 kz11-20020a17090777cb00b0072af18329c4sm1968127ejc.225.2022.07.06.12.51.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 06 Jul 2022 12:51:33 -0700 (PDT)
From: "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
To: Christoph Hellwig <hch@lst.de>,
        Marek Szyprowski <m.szyprowski@samsung.com>,
        Robin Murphy <robin.murphy@arm.com>,
        KY Srinivasan <kys@microsoft.com>,
        Haiyang Zhang <haiyangz@microsoft.com>,
        Stephen Hemminger <sthemmin@microsoft.com>,
        Wei Liu <wei.liu@kernel.org>, Dexuan Cui <decui@microsoft.com>,
        Michael Kelley <mikelley@microsoft.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Peter Anvin <hpa@zytor.com>
Cc: linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org,
        iommu@lists.linux.dev, linux-hyperv@vger.kernel.org,
        x86@kernel.org, "Andrea Parri (Microsoft)" <parri.andrea@gmail.com>
Subject: [RFC PATCH 2/2] dma-direct: Fix dma_direct_{alloc,free}() for
 Hyperv-V IVMs
Date: Wed,  6 Jul 2022 21:50:27 +0200
Message-Id: <20220706195027.76026-3-parri.andrea@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20220706195027.76026-1-parri.andrea@gmail.com>
References: <20220706195027.76026-1-parri.andrea@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

In Hyper-V AMD SEV-SNP Isolated VMs, the virtual address returned by
dma_direct_alloc() must map above dma_unencrypted_base because the
memory is shared with the hardware device and must not be encrypted.

Modify dma_direct_alloc() to do the necessary remapping.  In
dma_direct_free(), use the (unmodified) DMA address to derive the
original virtual address and re-encrypt the pages.

Suggested-by: Michael Kelley <mikelley@microsoft.com>
Co-developed-by: Dexuan Cui <decui@microsoft.com>
Signed-off-by: Dexuan Cui <decui@microsoft.com>
Signed-off-by: Andrea Parri (Microsoft) <parri.andrea@gmail.com>
---
 kernel/dma/direct.c | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
index 06b2b901e37a3..c4ce277687a49 100644
--- a/kernel/dma/direct.c
+++ b/kernel/dma/direct.c
@@ -13,6 +13,7 @@
 #include <linux/vmalloc.h>
 #include <linux/set_memory.h>
 #include <linux/slab.h>
+#include <linux/io.h> /* for memremap() */
 #include "direct.h"
=20
 /*
@@ -305,6 +306,21 @@ void *dma_direct_alloc(struct device *dev, size_t size,
 		ret =3D page_address(page);
 		if (dma_set_decrypted(dev, ret, size))
 			goto out_free_pages;
+#ifdef CONFIG_HAS_IOMEM
+		/*
+		 * Remap the pages in the unencrypted physical address space
+		 * when dma_unencrypted_base is set (e.g., for Hyper-V AMD
+		 * SEV-SNP isolated guests).
+		 */
+		if (dma_unencrypted_base) {
+			phys_addr_t ret_pa =3D virt_to_phys(ret);
+
+			ret_pa +=3D dma_unencrypted_base;
+			ret =3D memremap(ret_pa, size, MEMREMAP_WB);
+			if (!ret)
+				goto out_encrypt_pages;
+		}
+#endif
 	}
=20
 	memset(ret, 0, size);
@@ -360,11 +376,23 @@ void dma_direct_free(struct device *dev, size_t size,
 	    dma_free_from_pool(dev, cpu_addr, PAGE_ALIGN(size)))
 		return;
=20
-	if (is_vmalloc_addr(cpu_addr)) {
+	/*
+	 * If dma_unencrypted_base is set, the virtual address returned by
+	 * dma_direct_alloc() is in the vmalloc address range.
+	 */
+	if (!dma_unencrypted_base && is_vmalloc_addr(cpu_addr)) {
 		vunmap(cpu_addr);
 	} else {
 		if (IS_ENABLED(CONFIG_ARCH_HAS_DMA_CLEAR_UNCACHED))
 			arch_dma_clear_uncached(cpu_addr, size);
+#ifdef CONFIG_HAS_IOMEM
+		if (dma_unencrypted_base) {
+			memunmap(cpu_addr);
+			/* re-encrypt the pages using the original address */
+			cpu_addr =3D page_address(pfn_to_page(PHYS_PFN(
+					dma_to_phys(dev, dma_addr))));
+		}
+#endif
 		if (dma_set_encrypted(dev, cpu_addr, size))
 			return;
 	}
--=20
2.25.1