From nobody Wed Apr 1 10:59:08 2026 Received: from mail-ed1-f73.google.com (mail-ed1-f73.google.com [209.85.208.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8E4B72F6591 for ; Mon, 30 Mar 2026 14:51:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774882302; cv=none; b=btGbkullOjTLLrvtXpUAGshqYs+I7O/G89B2O7vnMRha3JiXaNOfucd5hsYOOiwMzBe/YCq3A1zE4HYXZEYdCwzHUZDaQlr337yYvv7xUnJME96H5XW0JqD8FVCQT4tekMG0Wnd4+5yffYL9lCCBlH0SSfO//SUEetG/o5j0mzY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774882302; c=relaxed/simple; bh=blqPOdpFL9rgBFWqDEnMj0GQkW/94UGmtk6kjXsP/Ro=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cG1XbyTit+CcNVa+NGqk3+t2BCzhh6j1+wUxoKgbcmng/RVtD37RNtsPIy8oYOGgc4Z74/Rgnh1I4fCwZiffK1xEXy8Rf/H+MHJAOORmFvN0gq4XCCiOT29hGavTvvZNYq3a4L6pdX7RnHGdkPsqS/nSZvVW8//gILWCgQQx6TM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--smostafa.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SR8lOSnR; arc=none smtp.client-ip=209.85.208.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--smostafa.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SR8lOSnR" Received: by mail-ed1-f73.google.com with SMTP id 4fb4d7f45d1cf-66802fe028aso5052321a12.0 for ; Mon, 30 Mar 2026 07:51:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774882299; x=1775487099; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=72NJpUNwgOjfnU3080YLnTh3b+2pO2EMQ9vDQPCjWLY=; b=SR8lOSnRRs3E/mXBHADog4MsVdE7thNhlDmEiaIgKOCII3lxGJPGAJTw3S5z3RaK29 xUehwJH3p2+3oSYMOVxLyErBAPmVq1M2vsMZH8fAxYKRXFD1M1VqhQFfGQesc6gjyZQK siMFKMBBDDasJ/ebDP6TnDfyTir7xsFwNaQtTc60iX2zAmHee8FDk/FQtwX+SFnSaUr5 TK9uXpgMDko64jdf8n2lvG5W0guBMxPTDw21I3bskG7nw6OjmfRO5U9eL+7/+1jAkAmM 9zs9RfTXpTUCIwVItshXxgLLQQrymv/Hekq9nd9TcrIt+YIRwSK8Rci9en6nT21dorXC jpXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774882299; x=1775487099; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=72NJpUNwgOjfnU3080YLnTh3b+2pO2EMQ9vDQPCjWLY=; b=m9OewQhDe3R2THpDD6xVe/VCz6y+PTvnjxFhzcmhEIX7rtLCISXskQYCvQRFDu+BMP N89TD6hKwh8fQumX+jvFS8b5EYxVQm7hZZiCXOZiJDcVUyS9ZupxiTv554sEgJdNjJrf QnUfLysfn9qjvDEZCSOner8RYLZ4oW+IkRQ6QTXySvu8IZFkCUHm9yy365kGHWg3Z0CZ q3X4ikFpBTZ0mbfLsqpeNwuRLABvfq4A6WJX0RKkzaBn708d3+NKndh0qSMi38cWH9ss DRAmLi0NZMEDFBxpMALR5NEpj+5JdlUAIf7Y19Tnhts1kU1NrAFz2/gJxWbq5UF9Xf/o RMFQ== X-Forwarded-Encrypted: i=1; AJvYcCUgTfOA97yNhRv9WvSnef0h0YtHCv7uyWa9a1OkCJUdSWUZirXN31X72zsHcyZodTSN2zioJuM7LetRFcA=@vger.kernel.org X-Gm-Message-State: AOJu0YzstFY8HFD2gg5bNMHmF6qoyld1pg2ptcGIH60+ZyfnqniA8hix htVx5syfa6z6KZgJ43CzQ3FEc2iv9cDjtGVA5gYfh7Wu6zTBJJ53A2XBQ3GEG5lJxIwBPVqCRHH cc3jHOOEufL4EFA== X-Received: from edcz13.prod.google.com ([2002:a05:6402:35cd:b0:66b:eb4d:db46]) (user=smostafa job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6402:510d:b0:66c:7ab:1445 with SMTP id 4fb4d7f45d1cf-66c07ab16a4mr1183900a12.7.1774882298813; Mon, 30 Mar 2026 07:51:38 -0700 (PDT) Date: Mon, 30 Mar 2026 14:50:41 +0000 In-Reply-To: <20260330145043.1586623-1-smostafa@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260330145043.1586623-1-smostafa@google.com> X-Mailer: git-send-email 2.53.0.1185.g05d4b7b318-goog Message-ID: <20260330145043.1586623-4-smostafa@google.com> Subject: [RFC PATCH v2 3/5] dma-mapping: Decrypt memory on remap From: Mostafa Saleh To: iommu@lists.linux.dev, linux-kernel@vger.kernel.org Cc: robin.murphy@arm.com, m.szyprowski@samsung.com, will@kernel.org, maz@kernel.org, suzuki.poulose@arm.com, catalin.marinas@arm.com, jiri@resnulli.us, jgg@ziepe.ca, aneesh.kumar@kernel.org, Mostafa Saleh Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In case memory needs to be remapped on systems with force_dma_unencrypted(), where this memory is not allocated from a restricted-dma pool, this was currently ignored, while only setting the decrypted pgprot in the remapped alias. The memory still needs to be decrypted in that case. With memory decryption, don't allow highmem allocations, but that shouldn't be a problem on such modern systems. Reported-by: Catalin Marinas Fixes: f3c962226dbe ("dma-direct: clean up the remapping checks in dma_dire= ct_alloc") Signed-off-by: Mostafa Saleh --- kernel/dma/direct.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c index 1a402bb956d9..a4260689bcc8 100644 --- a/kernel/dma/direct.c +++ b/kernel/dma/direct.c @@ -203,6 +203,7 @@ static void *dma_direct_alloc_no_mapping(struct device = *dev, size_t size, void *dma_direct_alloc(struct device *dev, size_t size, dma_addr_t *dma_handle, gfp_t gfp, unsigned long attrs) { + bool allow_highmem =3D !force_dma_unencrypted(dev); bool remap =3D false, set_uncached =3D false; struct page *page; void *ret; @@ -251,7 +252,7 @@ void *dma_direct_alloc(struct device *dev, size_t size, return dma_direct_alloc_from_pool(dev, size, dma_handle, gfp); =20 /* we always manually zero the memory once we are done */ - page =3D __dma_direct_alloc_pages(dev, size, gfp & ~__GFP_ZERO, true); + page =3D __dma_direct_alloc_pages(dev, size, gfp & ~__GFP_ZERO, allow_hig= hmem); if (!page) return NULL; =20 @@ -265,6 +266,9 @@ void *dma_direct_alloc(struct device *dev, size_t size, set_uncached =3D false; } =20 + if (dma_set_decrypted(dev, page_address(page), size)) + goto out_leak_pages; + if (remap) { pgprot_t prot =3D dma_pgprot(dev, PAGE_KERNEL, attrs); =20 @@ -278,11 +282,9 @@ void *dma_direct_alloc(struct device *dev, size_t size, ret =3D dma_common_contiguous_remap(page, size, prot, __builtin_return_address(0)); if (!ret) - goto out_free_pages; + goto out_encrypt_pages; } else { ret =3D page_address(page); - if (dma_set_decrypted(dev, ret, size)) - goto out_leak_pages; } =20 memset(ret, 0, size); @@ -300,7 +302,6 @@ void *dma_direct_alloc(struct device *dev, size_t size, out_encrypt_pages: if (dma_set_encrypted(dev, page_address(page), size)) return NULL; -out_free_pages: __dma_direct_free_pages(dev, page, size); return NULL; out_leak_pages: @@ -339,7 +340,12 @@ void dma_direct_free(struct device *dev, size_t size, return; =20 if (is_vmalloc_addr(cpu_addr)) { + void *vaddr =3D page_address(dma_direct_to_page(dev, dma_addr)); + vunmap(cpu_addr); + + if (dma_set_encrypted(dev, vaddr, size)) + return; } else { if (IS_ENABLED(CONFIG_ARCH_HAS_DMA_CLEAR_UNCACHED)) arch_dma_clear_uncached(cpu_addr, size); --=20 2.53.0.1185.g05d4b7b318-goog