From nobody Fri Apr 3 02:58:08 2026 Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 992DD296BBC for ; Wed, 25 Mar 2026 07:56:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774425421; cv=none; b=DB8R5EVc8sZka+M9LAQz1XBY+gYdU9SbchBE8iY542uc6d3L0ryMhcKJIurpeU3/WeZxcZfSX152LGngOG0cCutHsbg/73m9KkwBuWZyNEQo0748jJuo13R40UPjFsn/Ov8r5V5klI/wb2e7jfmYBUq+VN6xB2F/A16sY/sbH4U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774425421; c=relaxed/simple; bh=Nlk2krWXigXedYIVbGLe3NHoVJ85MDZPNxBmyiex99U=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=nG4owm/+KaX9MzJF+/WR1WO9nA+b0qu1utchpHwAoXRqI2jHxBakz7+vvg475Q+WOWpIOHZWOQa7YBHKBhD59Y4t6LHz42DXaX99mTdpFZdZgmzbQ6VVNDhj/eBOfdezhDjql/XmeiRnirElj7uwFUzxxEpriydNzwYgSgMlKbA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=MKQYQ3Iy; arc=none smtp.client-ip=209.85.216.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="MKQYQ3Iy" Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-3567e2b4159so1533299a91.0 for ; Wed, 25 Mar 2026 00:56:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1774425415; x=1775030215; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=kdEHDzLyvba5udnwz8c2vdy7nbbUB2Sw/8exS3LVD2c=; b=MKQYQ3IyqsZjThYDBeRWLtpl6yJ8coH0kS/vw9KZ47IV/SFf8Yu9fxWR09oeAe/EnE dtoI5rMIXDJ3ksWArbKVLeHg52UYFo2OZ9FIoDH+XjoToAXLFMGtIY5oV6eojKUDuoyL Q+yIaGYiZCLEMqHw6HYC7fIsyqnesi6obYlaud2F/3nVwc68BmQ4YBX89eLWVB2F0BKL vFddS+mRCpUGGdgEdTcWBhffjxa+oyFCEXgHFjuV4urwgg3vH9P9GeB+8ZDF+rfHkZxO BYXWnPiF7h7oOywv2usOOdTYRfkQN1qycABVcjt+qTN+9N0q168mxY0xhjDHsme3gbse i7MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774425415; x=1775030215; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=kdEHDzLyvba5udnwz8c2vdy7nbbUB2Sw/8exS3LVD2c=; b=PPAj3kMiMkFqcJ2nSlFR5O+YOiji1f8rGHIbbD/k0GhfGPFcrAz0fc0mZem3ZdD8St bG9gjQoDAF7o/pThUCLATm8k/W08G3Ne4gOrPeKy2GjFp3wJPmHkPEElA+x9/9FDU4ft R2Gy3IZqtr3znBWBbtOv1ieLfYQo1oP04g3+na1Tni9fUlEpoxWCYZpUuhqjGpDET69D L6f8C2NbZdOHWbjAvgkQn60twJlKlNMinhu5Q+9d3wrxwlYidRulEQH+6kfBzkUBLrXr GrxC47GNPPHRwCVybuC+2QHyc1WOeo/JvWGCVIHweylTVg740aXq9gecxrs6BX1gNDiM fjtg== X-Forwarded-Encrypted: i=1; AJvYcCXOfM42vn8wUqH6/VIAEgmCmgsnv5Ucp9hRf+8iTGZTv4u/Eae0I3P7Rzrm6D1bHdrJs7IBRMIdR1aon8s=@vger.kernel.org X-Gm-Message-State: AOJu0YyafaN3FvOMP7wICIP1gl2wvPVN5DD0feWfaxBRN9xyehO8WgZA iV5ES9M6GPEraaQdVBNxbKvaveR/lecFK4InvbL2jpg9UXeC+5M9OJ3M X-Gm-Gg: ATEYQzwM3eVRUjJuuAJOCFx05B6UM3jM7prEnYcd+6ay98fwwtfy17aLAMo06sYGznz 0GwL6clj9xgWO1Mf/nRMTHAxK85fpLKSzTqnnASHzGD29bVHaGCTmeNWxYCszyMgVzZX/DnRvc0 Pz+vhEJR1/7dgvMDuJDfUjlEnn4iinI3Q8TzcE9r063YBKmjQed5x2MtXehUkd1Oo5TYTu17/ht Gs42jwyJMxqmkey2tpPfKUb+bWvqmdA6oQMpby8sBnTWZJ5rLQziDtP8gKyDCPCWHcaCp6d9Xbb Ps2FeLRT3JCfYqTmCjgKksJC4xaVGyxB15ffCbcmIp1Cw8RLZ1GtPmzxZCSYd8tH1UGevry8kTO iZek5pr5sEPMxu2rMwhPnYEax5HPrs/P9yLOHP5cd/jo724tzLKjf3UtxAlG8rOK8a0XlcsqoCa IYS48aSBkonBLt1x+AjNvNgLzHzR/CyVrJ+b8FfhOtdMSUM1oR/KQ+u/xViA== X-Received: by 2002:a17:90b:17c8:b0:35b:e591:99d1 with SMTP id 98e67ed59e1d1-35c0ddc4118mr2246370a91.29.1774425415489; Wed, 25 Mar 2026 00:56:55 -0700 (PDT) Received: from ubuntu-Virtual-Machine.mshome.net ([104.43.2.14]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-35c0ac5b287sm2769966a91.4.2026.03.25.00.56.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Mar 2026 00:56:55 -0700 (PDT) From: Tianyu Lan X-Google-Original-From: Tianyu Lan To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, longli@microsoft.com, m.szyprowski@samsung.com, robin.murphy@arm.com Cc: Tianyu Lan , iommu@lists.linux.dev, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, hch@infradead.org, vdso@hexbites.dev, Michael Kelley Subject: [RFC PATCH V3] x86/VMBus: Confidential VMBus for dynamic DMA transfers Date: Wed, 25 Mar 2026 03:56:49 -0400 Message-Id: <20260325075649.248241-1-tiala@microsoft.com> X-Mailer: git-send-email 2.25.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Hyper-V provides Confidential VMBus to communicate between device model and device guest driver via encrypted/private memory in Confidential VM. The device model is in OpenHCL (https://openvmm.dev/guide/user_guide/openhcl.html) that plays the paravisor role. For a VMBus device, there are two communication methods to talk with Host/Hypervisor. 1) VMBUS Ring buffer 2) Dynamic DMA transfer. The Confidential VMBus Ring buffer has been upstreamed by Roman Kisel(commit 6802d8af47d1). The dynamic DMA transition of VMBus device normally goes through DMA core and it uses SWIOTLB as bounce buffer in a CoCo VM. The Confidential VMBus device can do DMA directly to private/encrypted memory. Because the swiotlb is decrypted memory, the DMA transfer must not be bounced through the swiotlb, so as to preserve confidentiality. This is different from the default for Linux CoCo VMs, so disable the VMBus device's use of swiotlb. Expose swiotlb_dev_disable() from DMA Core to disable bounce buffer for device. Suggested-by: Michael Kelley Signed-off-by: Tianyu Lan --- drivers/hv/vmbus_drv.c | 6 +++++- include/linux/swiotlb.h | 5 +++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c index 3d1a58b667db..84e6971fc90f 100644 --- a/drivers/hv/vmbus_drv.c +++ b/drivers/hv/vmbus_drv.c @@ -2184,11 +2184,15 @@ int vmbus_device_register(struct hv_device *child_d= evice_obj) child_device_obj->device.dma_mask =3D &child_device_obj->dma_mask; dma_set_mask(&child_device_obj->device, DMA_BIT_MASK(64)); =20 + device_initialize(&child_device_obj->device); + if (child_device_obj->channel->co_external_memory) + swiotlb_dev_disable(&child_device_obj->device); + /* * Register with the LDM. This will kick off the driver/device * binding...which will eventually call vmbus_match() and vmbus_probe() */ - ret =3D device_register(&child_device_obj->device); + ret =3D device_add(&child_device_obj->device); if (ret) { pr_err("Unable to register child device\n"); put_device(&child_device_obj->device); diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h index 3dae0f592063..7c572570d5d9 100644 --- a/include/linux/swiotlb.h +++ b/include/linux/swiotlb.h @@ -169,6 +169,11 @@ static inline struct io_tlb_pool *swiotlb_find_pool(st= ruct device *dev, return NULL; } =20 +static inline bool swiotlb_dev_disable(struct device *dev) +{ + return dev->dma_io_tlb_mem =3D=3D NULL; +} + static inline bool is_swiotlb_force_bounce(struct device *dev) { struct io_tlb_mem *mem =3D dev->dma_io_tlb_mem; --=20 2.50.1