From nobody Wed Jun 17 07:20:41 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C56CD36B055; Mon, 27 Apr 2026 06:10:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270229; cv=none; b=MiDpYqFHvIhU3tnMhwKNYsEMA4a28j9uMNs8bqbqxzb6vySq0VyZAKWQU6zv7wKcEVmGzd+uq8lYzYMFVppSKzjvu5NmjuxXksJhTJJC1XycU8hrmjNF216mlrv/PDS7NFSYlTYpJ0faRmnCs+nBbJDKdv2n33HmQ7VtsCHwMp4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270229; c=relaxed/simple; bh=GsMrvT95jqJoIf80EiOGB0kNyW9tUTunjzDRSq0VmnI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rpGjC22kRUr8Ton3Es808mjEIlbcvoNPew3vHwQlwgGAMGorFxNRy9FKt8Ec6u2AKA5j5/9QRK2UfjmenJx7WStpvfQ2Pdk2cyvEEMtT6F39XH5nOEvxxXhZJn/vwz4rWKkuRJh/ZMs0B3M2TatkRegiQUmq5Z7A/6Hyi+lxJlg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=V4AsL3KQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="V4AsL3KQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 89A10C19425; Mon, 27 Apr 2026 06:10:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1777270229; bh=GsMrvT95jqJoIf80EiOGB0kNyW9tUTunjzDRSq0VmnI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=V4AsL3KQjIIL0ZcbgO+6JHT/kIO/SzhWYeXIgqhVnwmt1BtjDD6vzmgIMYptXg3hg S/0gVOsOihZV8hw4JFYCr6qEYhesUyiLBCofJcP3QBZRAYyHoe1xJ+KU1y3ZmgsZUh ha052FTqdtNgjrSTNsbJGzaOi9bGEbCAtfb8tDiKZOahgweRteN4G1gNfDxt47yXYw SVde2t775SlHYkcZfnkYADOETwJTJoG3xNiXTs75XN6yP8yKcfrjglruZ2Xcue/eCX +SlM3wLnTlsPAMVcrjo0O5tTpcAV21hJetgSutMNHtc1HqL7uSIMc3JHoOzvHjpE4O 0u5foroeQyxdw== From: "Aneesh Kumar K.V (Arm)" To: iommu@lists.linux.dev, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: "Aneesh Kumar K.V (Arm)" , Alexey Kardashevskiy , Bjorn Helgaas , Dan Williams , Jason Gunthorpe , Joerg Roedel , Jonathan Cameron , Kevin Tian , Nicolin Chen , Samuel Ortiz , Steven Price , Suzuki K Poulose , Will Deacon , Xu Yilun , Shameer Kolothum , Jason Gunthorpe Subject: [PATCH v4 1/4] iommufd/device: Associate a kvm pointer to iommufd_device Date: Mon, 27 Apr 2026 11:40:02 +0530 Message-ID: <20260427061005.901854-2-aneesh.kumar@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260427061005.901854-1-aneesh.kumar@kernel.org> References: <20260427061005.901854-1-aneesh.kumar@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Shameer Kolothum Add a struct kvm * to iommufd_device_bind() fn and associate it with idev if bind is successful. Signed-off-by: Shameer Kolothum Reviewed-by: Jason Gunthorpe [nicolinc: fix build error in iommufd_test_mock_domain()] Signed-off-by: Nicolin Chen Signed-off-by: Aneesh Kumar K.V (Arm) Reviewed-by: Lu Baolu --- drivers/iommu/iommufd/device.c | 5 ++++- drivers/iommu/iommufd/iommufd_private.h | 2 ++ drivers/iommu/iommufd/selftest.c | 2 +- drivers/vfio/iommufd.c | 2 +- include/linux/iommufd.h | 4 +++- 5 files changed, 11 insertions(+), 4 deletions(-) diff --git a/drivers/iommu/iommufd/device.c b/drivers/iommu/iommufd/device.c index 344d620cdecc..453fbceb9219 100644 --- a/drivers/iommu/iommufd/device.c +++ b/drivers/iommu/iommufd/device.c @@ -203,6 +203,7 @@ void iommufd_device_destroy(struct iommufd_object *obj) * iommufd_device_bind - Bind a physical device to an iommu fd * @ictx: iommufd file descriptor * @dev: Pointer to a physical device struct + * @kvm: Pointer to struct kvm if device belongs to a KVM VM * @id: Output ID number to return to userspace for this device * * A successful bind establishes an ownership over the device and returns @@ -216,7 +217,8 @@ void iommufd_device_destroy(struct iommufd_object *obj) * The caller must undo this with iommufd_device_unbind() */ struct iommufd_device *iommufd_device_bind(struct iommufd_ctx *ictx, - struct device *dev, u32 *id) + struct device *dev, struct kvm *kvm, + u32 *id) { struct iommufd_device *idev; struct iommufd_group *igroup; @@ -266,6 +268,7 @@ struct iommufd_device *iommufd_device_bind(struct iommu= fd_ctx *ictx, if (!iommufd_selftest_is_mock_dev(dev)) iommufd_ctx_get(ictx); idev->dev =3D dev; + idev->kvm =3D kvm; idev->enforce_cache_coherency =3D device_iommu_capable(dev, IOMMU_CAP_ENFORCE_CACHE_COHERENCY); /* The calling driver is a user until iommufd_device_unbind() */ diff --git a/drivers/iommu/iommufd/iommufd_private.h b/drivers/iommu/iommuf= d/iommufd_private.h index 6ac1965199e9..c48a568c6cbb 100644 --- a/drivers/iommu/iommufd/iommufd_private.h +++ b/drivers/iommu/iommufd/iommufd_private.h @@ -488,6 +488,8 @@ struct iommufd_device { struct list_head group_item; /* always the physical device */ struct device *dev; + /* ..and kvm if available */ + struct kvm *kvm; bool enforce_cache_coherency; struct iommufd_vdevice *vdev; bool destroying; diff --git a/drivers/iommu/iommufd/selftest.c b/drivers/iommu/iommufd/selft= est.c index 7823142097d4..76a2f83f430c 100644 --- a/drivers/iommu/iommufd/selftest.c +++ b/drivers/iommu/iommufd/selftest.c @@ -1100,7 +1100,7 @@ static int iommufd_test_mock_domain(struct iommufd_uc= md *ucmd, goto out_sobj; } =20 - idev =3D iommufd_device_bind(ucmd->ictx, &sobj->idev.mock_dev->dev, + idev =3D iommufd_device_bind(ucmd->ictx, &sobj->idev.mock_dev->dev, NULL, &idev_id); if (IS_ERR(idev)) { rc =3D PTR_ERR(idev); diff --git a/drivers/vfio/iommufd.c b/drivers/vfio/iommufd.c index a38d262c6028..c1c58194fd3a 100644 --- a/drivers/vfio/iommufd.c +++ b/drivers/vfio/iommufd.c @@ -119,7 +119,7 @@ int vfio_iommufd_physical_bind(struct vfio_device *vdev, { struct iommufd_device *idev; =20 - idev =3D iommufd_device_bind(ictx, vdev->dev, out_device_id); + idev =3D iommufd_device_bind(ictx, vdev->dev, vdev->kvm, out_device_id); if (IS_ERR(idev)) return PTR_ERR(idev); vdev->iommufd_device =3D idev; diff --git a/include/linux/iommufd.h b/include/linux/iommufd.h index 6e7efe83bc5d..5cdcb8d2f305 100644 --- a/include/linux/iommufd.h +++ b/include/linux/iommufd.h @@ -24,6 +24,7 @@ struct iommufd_ctx; struct iommufd_device; struct iommufd_viommu_ops; struct page; +struct kvm; =20 enum iommufd_object_type { IOMMUFD_OBJ_NONE, @@ -59,7 +60,8 @@ struct iommufd_object { }; =20 struct iommufd_device *iommufd_device_bind(struct iommufd_ctx *ictx, - struct device *dev, u32 *id); + struct device *dev, struct kvm *kvm, + u32 *id); void iommufd_device_unbind(struct iommufd_device *idev); =20 int iommufd_device_attach(struct iommufd_device *idev, ioasid_t pasid, --=20 2.43.0 From nobody Wed Jun 17 07:20:41 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 71D4B36CDE2; Mon, 27 Apr 2026 06:10:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270235; cv=none; b=au5bk1DzBJIw1ibC6GeY0lut5jn9LrpAi/61WYijJXIrAmRqvoFTG6CWhEVXesx36qbD84OQgIAk9G30SuFaBOvIlK8S59YTwGVJxkLqqT7qpowMKx8gCTr/WmuxBiLYbyhp31yP2BnNTZUkSk4uhtM+ACiTBwudxFIRWLpMUzM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270235; c=relaxed/simple; bh=g5BKfRIkdnJuuvmrgGsKTQkhK8uuSZmj9EM3h0yB6q4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=r8aSwE2vH5hfP9TW6LR+nGkUuH9TMpIw8W9mzhs5Jbc5snvuj+oZ7Uh90G417j9Wp6rUnflw/DtKybOtyayI6b9X6AExa/jHJEoviayRz57OHNC3Jc5PoHk0w3S2OAdG5gnCv5VKkAXJDozkEVHarNKj3c3J7/vwaTPwWQAsKDc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=OKP5Fr9J; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="OKP5Fr9J" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 458ECC2BCB8; Mon, 27 Apr 2026 06:10:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1777270235; bh=g5BKfRIkdnJuuvmrgGsKTQkhK8uuSZmj9EM3h0yB6q4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OKP5Fr9J/rmiRmuDtkx+L4oWbtQ3uTyJySNOza5GnL6Py3TPtsPeN1FZ49xJ7q9nu XAZS/OC556nkM1EADIRLicbmurrRTLrLFnyXW3CqWNC8NL5SQ2kZPtZM3xtooIJthh zpRy+Lti1NC9BoWyFBLylld+RUVHcTEzLqECaqbROp4h/Tsd847YRZ4mQWSOGtnkVH u6GDRwAW1w3EdD1Cwx9yOFabkdlp9zX72TwOdxa2VB2wCGi+5lisJDfIp/Mh9QgMqe LAJoxxOLSx1HR11kzhlWc/HzBjtvyOq9Xy8yenqqd3TBMGRdfhvwDztQYE62/Q5uT6 3C79S7tJiyZQg== From: "Aneesh Kumar K.V (Arm)" To: iommu@lists.linux.dev, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: "Aneesh Kumar K.V (Arm)" , Alexey Kardashevskiy , Bjorn Helgaas , Dan Williams , Jason Gunthorpe , Joerg Roedel , Jonathan Cameron , Kevin Tian , Nicolin Chen , Samuel Ortiz , Steven Price , Suzuki K Poulose , Will Deacon , Xu Yilun , Shameer Kolothum Subject: [PATCH v4 2/4] iommufd/viommu: Associate a kvm pointer to iommufd_viommu Date: Mon, 27 Apr 2026 11:40:03 +0530 Message-ID: <20260427061005.901854-3-aneesh.kumar@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260427061005.901854-1-aneesh.kumar@kernel.org> References: <20260427061005.901854-1-aneesh.kumar@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Nicolin Chen For TSM use case, vIOMMU will need to get access to KVM to make different TSM calls. Associate the kvm pointer to the vIOMMU and take kvm's refcount. Based on an original patch by Shameer Kolothum [nicolinc: hold kvm's users_count] Signed-off-by: Nicolin Chen Signed-off-by: Aneesh Kumar K.V (Arm) --- drivers/iommu/iommufd/viommu.c | 20 +++++++++++++++++--- include/linux/iommu.h | 1 + include/linux/iommufd.h | 1 + 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/drivers/iommu/iommufd/viommu.c b/drivers/iommu/iommufd/viommu.c index 4081deda9b33..1e023d1cf8d5 100644 --- a/drivers/iommu/iommufd/viommu.c +++ b/drivers/iommu/iommufd/viommu.c @@ -1,6 +1,7 @@ // SPDX-License-Identifier: GPL-2.0-only /* Copyright (c) 2024, NVIDIA CORPORATION & AFFILIATES */ +#include #include "iommufd_private.h" =20 void iommufd_viommu_destroy(struct iommufd_object *obj) @@ -11,6 +12,8 @@ void iommufd_viommu_destroy(struct iommufd_object *obj) if (viommu->ops && viommu->ops->destroy) viommu->ops->destroy(viommu); refcount_dec(&viommu->hwpt->common.obj.users); + if (viommu->kvm) + kvm_put_kvm(viommu->kvm); xa_destroy(&viommu->vdevs); } =20 @@ -68,14 +71,22 @@ int iommufd_viommu_alloc_ioctl(struct iommufd_ucmd *ucm= d) goto out_put_hwpt; } =20 + if (idev->kvm && !kvm_get_kvm_safe(idev->kvm)) { + rc =3D -ENOENT; + goto out_put_hwpt; + } + viommu =3D (struct iommufd_viommu *)_iommufd_object_alloc_ucmd( ucmd, viommu_size, IOMMUFD_OBJ_VIOMMU); if (IS_ERR(viommu)) { rc =3D PTR_ERR(viommu); - goto out_put_hwpt; + goto out_put_kvm; } =20 xa_init(&viommu->vdevs); + viommu->kvm =3D idev->kvm; + if (viommu->kvm) + kvm_get_kvm(viommu->kvm); viommu->type =3D cmd->type; viommu->ictx =3D ucmd->ictx; viommu->hwpt =3D hwpt_paging; @@ -92,17 +103,20 @@ int iommufd_viommu_alloc_ioctl(struct iommufd_ucmd *uc= md) rc =3D ops->viommu_init(viommu, hwpt_paging->common.domain, user_data.len ? &user_data : NULL); if (rc) - goto out_put_hwpt; + goto out_put_kvm; =20 /* It is a driver bug that viommu->ops isn't filled */ if (WARN_ON_ONCE(!viommu->ops)) { rc =3D -EOPNOTSUPP; - goto out_put_hwpt; + goto out_put_kvm; } =20 cmd->out_viommu_id =3D viommu->obj.id; rc =3D iommufd_ucmd_respond(ucmd, sizeof(*cmd)); =20 +out_put_kvm: + if (idev->kvm) + kvm_put_kvm(idev->kvm); out_put_hwpt: iommufd_put_object(ucmd->ictx, &hwpt_paging->common.obj); out_put_idev: diff --git a/include/linux/iommu.h b/include/linux/iommu.h index 555597b54083..300281dae01d 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -46,6 +46,7 @@ struct iommu_dma_msi_cookie; struct iommu_fault_param; struct iommufd_ctx; struct iommufd_viommu; +struct kvm; struct msi_desc; struct msi_msg; =20 diff --git a/include/linux/iommufd.h b/include/linux/iommufd.h index 5cdcb8d2f305..8e0505a9bd0c 100644 --- a/include/linux/iommufd.h +++ b/include/linux/iommufd.h @@ -103,6 +103,7 @@ struct iommufd_viommu { struct iommufd_ctx *ictx; struct iommu_device *iommu_dev; struct iommufd_hwpt_paging *hwpt; + struct kvm *kvm; =20 const struct iommufd_viommu_ops *ops; =20 --=20 2.43.0 From nobody Wed Jun 17 07:20:41 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F235636CDE2; Mon, 27 Apr 2026 06:10:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270241; cv=none; b=a263+EJfwAvIk8tpVGKx0pGqmKPCltYJqMqgASoFf5ZaafDPGRnOnKL7nJAgHPHVBGQ04/7ma8fv67411blFo+vVuPemmABHWtHtdqFcPrOBgVdUsIWZmK8f8lh/TTpKyXGJA7aWSnB/I+6DTz/Krkud4IFxHFr5EMK6zYZ5+9s= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270241; c=relaxed/simple; bh=/TuP7k7o4mfug5ma2TZl6voJcTWtYtrqwVFMu0KcjPo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=J2TxB78SOd5IgnE3CXoXEROl/HeS6A64SOK1FW1YaHBPRAuWKyT7hpuaU7wcRRkrJh2Nj8XHjQQ/eDOv1luAIbnXtdGSCaSs03mXkMwQO5NZbK52Br9g+WDHrY7GyNNGDh++Sty+t9OJjtYBnwMmbK23JC2QKXg5iI/8ytCkbJ4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Cru5fxg5; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Cru5fxg5" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B6F1CC2BCB4; Mon, 27 Apr 2026 06:10:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1777270240; bh=/TuP7k7o4mfug5ma2TZl6voJcTWtYtrqwVFMu0KcjPo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Cru5fxg5A5+8Qe+N0bMb4AhYDoJIqS05eiOnc4tjZdbpaWXR17euDTNK3S1orpNqI HJOTLkOVVkzVnooLY1B9N94PARDySyfDewQZFNJCyPv9mBYCoYoKz0uiGgHKCsr6Y0 3Z9wqtNIwjxsspRZT6mvnJcjx7aNNjrnwPw3LMwj8q1fx0LBxcBEKf/x3qttd0zt5r Ie/j/9d8wbx1ndY07lSmsD0+q7n6wgds7gsJhJKedtBViQN5nE7V+AP2TIBNlFF3IU GK0dRvoiJFNVg8Aorx1ataAwSZt/nhdqo0qa5jLyCNWjYvyKakA1Pk00aQbhCprOlL WoB9LRcRVIAnw== From: "Aneesh Kumar K.V (Arm)" To: iommu@lists.linux.dev, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: "Aneesh Kumar K.V (Arm)" , Alexey Kardashevskiy , Bjorn Helgaas , Dan Williams , Jason Gunthorpe , Joerg Roedel , Jonathan Cameron , Kevin Tian , Nicolin Chen , Samuel Ortiz , Steven Price , Suzuki K Poulose , Will Deacon , Xu Yilun , Shameer Kolothum Subject: [PATCH v4 3/4] iommufd/tsm: add vdevice TSM bind/unbind ioctl Date: Mon, 27 Apr 2026 11:40:04 +0530 Message-ID: <20260427061005.901854-4-aneesh.kumar@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260427061005.901854-1-aneesh.kumar@kernel.org> References: <20260427061005.901854-1-aneesh.kumar@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Introduce IOMMU_VDEVICE_TSM_OP to allow userspace to issue TSM bind/unbind operations for an iommufd vdevice. The new ioctl: - looks up the vdevice object from vdevice_id - resolves the associated KVM VM from the vIOMMU KVM file reference - dispatches bind/unbind via tsm_bind()/tsm_unbind() Also add common TSM helpers in tsm-core and wire vdevice teardown to unbind the device from TSM state. This provides iommufd plumbing to bind a TDI to a confidential guest through the TSM layer. Signed-off-by: Aneesh Kumar K.V (Arm) --- drivers/iommu/iommufd/Makefile | 2 + drivers/iommu/iommufd/iommufd_private.h | 8 ++++ drivers/iommu/iommufd/main.c | 3 ++ drivers/iommu/iommufd/tsm.c | 60 +++++++++++++++++++++++++ drivers/iommu/iommufd/viommu.c | 4 ++ drivers/virt/coco/tsm-core.c | 19 ++++++++ include/linux/tsm.h | 17 +++++++ include/uapi/linux/iommufd.h | 26 +++++++++++ 8 files changed, 139 insertions(+) create mode 100644 drivers/iommu/iommufd/tsm.c diff --git a/drivers/iommu/iommufd/Makefile b/drivers/iommu/iommufd/Makefile index 71d692c9a8f4..431089089ee9 100644 --- a/drivers/iommu/iommufd/Makefile +++ b/drivers/iommu/iommufd/Makefile @@ -10,6 +10,8 @@ iommufd-y :=3D \ vfio_compat.o \ viommu.o =20 +iommufd-$(CONFIG_TSM) +=3D tsm.o + iommufd-$(CONFIG_IOMMUFD_TEST) +=3D selftest.o =20 obj-$(CONFIG_IOMMUFD) +=3D iommufd.o diff --git a/drivers/iommu/iommufd/iommufd_private.h b/drivers/iommu/iommuf= d/iommufd_private.h index c48a568c6cbb..14d2d6d1beec 100644 --- a/drivers/iommu/iommufd/iommufd_private.h +++ b/drivers/iommu/iommufd/iommufd_private.h @@ -699,6 +699,14 @@ void iommufd_vdevice_destroy(struct iommufd_object *ob= j); void iommufd_vdevice_abort(struct iommufd_object *obj); int iommufd_hw_queue_alloc_ioctl(struct iommufd_ucmd *ucmd); void iommufd_hw_queue_destroy(struct iommufd_object *obj); +#ifdef CONFIG_TSM +int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *ucmd); +#else +static inline int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *ucmd) +{ + return -EOPNOTSUPP; +} +#endif =20 static inline struct iommufd_vdevice * iommufd_get_vdevice(struct iommufd_ctx *ictx, u32 id) diff --git a/drivers/iommu/iommufd/main.c b/drivers/iommu/iommufd/main.c index 8c6d43601afb..d73e6b391c6f 100644 --- a/drivers/iommu/iommufd/main.c +++ b/drivers/iommu/iommufd/main.c @@ -432,6 +432,7 @@ union ucmd_buffer { struct iommu_veventq_alloc veventq; struct iommu_vfio_ioas vfio_ioas; struct iommu_viommu_alloc viommu; + struct iommu_vdevice_tsm_op tsm_op; #ifdef CONFIG_IOMMUFD_TEST struct iommu_test_cmd test; #endif @@ -493,6 +494,8 @@ static const struct iommufd_ioctl_op iommufd_ioctl_ops[= ] =3D { __reserved), IOCTL_OP(IOMMU_VIOMMU_ALLOC, iommufd_viommu_alloc_ioctl, struct iommu_viommu_alloc, out_viommu_id), + IOCTL_OP(IOMMU_VDEVICE_TSM_OP, iommufd_vdevice_tsm_op_ioctl, + struct iommu_vdevice_tsm_op, vdevice_id), #ifdef CONFIG_IOMMUFD_TEST IOCTL_OP(IOMMU_TEST_CMD, iommufd_test, struct iommu_test_cmd, last), #endif diff --git a/drivers/iommu/iommufd/tsm.c b/drivers/iommu/iommufd/tsm.c new file mode 100644 index 000000000000..4e5fa7849342 --- /dev/null +++ b/drivers/iommu/iommufd/tsm.c @@ -0,0 +1,60 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (C) 2026 ARM Ltd. + */ + +#include +#include "iommufd_private.h" + +/** + * iommufd_vdevice_tsm_op_ioctl - Handle vdevice TSM operations + * @ucmd: user command data for IOMMU_VDEVICE_TSM_OP + * + * Currently only supports TSM bind/unbind operations + * Resolve @iommu_vdevice_tsm_op::vdevice_id to a vdevice and dispatch the + * requested bind/unbind operation through the TSM core. + * + * Return: 0 on success, or a negative error code on failure. + */ +int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *ucmd) +{ + int rc; + struct kvm *kvm; + struct iommufd_vdevice *vdev; + struct iommu_vdevice_tsm_op *cmd =3D ucmd->cmd; + + if (cmd->flags) + return -EOPNOTSUPP; + + vdev =3D iommufd_get_vdevice(ucmd->ictx, cmd->vdevice_id); + if (IS_ERR(vdev)) + return PTR_ERR(vdev); + + kvm =3D vdev->viommu->kvm; + if (!kvm) { + rc =3D -ENODEV; + goto out_put_vdev; + } + + /* tsm layer will take care of parallel calls to tsm_bind/unbind */ + switch (cmd->type) { + case IOMMU_VDEVICE_TSM_BIND: + rc =3D tsm_bind(vdev->idev->dev, kvm, vdev->virt_id); + break; + case IOMMU_VDEVICE_TSM_UNBIND: + rc =3D tsm_unbind(vdev->idev->dev); + break; + default: + rc =3D -EINVAL; + goto out_put_vdev; + } + + if (rc) + goto out_put_vdev; + + rc =3D iommufd_ucmd_respond(ucmd, sizeof(*cmd)); + +out_put_vdev: + iommufd_put_object(ucmd->ictx, &vdev->obj); + return rc; +} diff --git a/drivers/iommu/iommufd/viommu.c b/drivers/iommu/iommufd/viommu.c index 1e023d1cf8d5..ec9054d3ec92 100644 --- a/drivers/iommu/iommufd/viommu.c +++ b/drivers/iommu/iommufd/viommu.c @@ -3,6 +3,8 @@ */ #include #include "iommufd_private.h" +#include +#include =20 void iommufd_viommu_destroy(struct iommufd_object *obj) { @@ -133,6 +135,8 @@ void iommufd_vdevice_abort(struct iommufd_object *obj) =20 lockdep_assert_held(&idev->igroup->lock); =20 + tsm_unbind(idev->dev); + if (vdev->destroy) vdev->destroy(vdev); /* xa_cmpxchg is okay to fail if alloc failed xa_cmpxchg previously */ diff --git a/drivers/virt/coco/tsm-core.c b/drivers/virt/coco/tsm-core.c index ae3617abd2ac..f0e35fc38776 100644 --- a/drivers/virt/coco/tsm-core.c +++ b/drivers/virt/coco/tsm-core.c @@ -240,6 +240,25 @@ void tsm_ide_stream_unregister(struct pci_ide *ide) } EXPORT_SYMBOL_GPL(tsm_ide_stream_unregister); =20 +int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id) +{ + if (!dev_is_pci(dev)) + return -EINVAL; + + return pci_tsm_bind(to_pci_dev(dev), kvm, tdi_id); +} +EXPORT_SYMBOL_GPL(tsm_bind); + +int tsm_unbind(struct device *dev) +{ + if (!dev_is_pci(dev)) + return -EINVAL; + + pci_tsm_unbind(to_pci_dev(dev)); + return 0; +} +EXPORT_SYMBOL_GPL(tsm_unbind); + static void tsm_release(struct device *dev) { struct tsm_dev *tsm_dev =3D container_of(dev, typeof(*tsm_dev), dev); diff --git a/include/linux/tsm.h b/include/linux/tsm.h index 7f72a154b6b2..85eb1717bddd 100644 --- a/include/linux/tsm.h +++ b/include/linux/tsm.h @@ -126,4 +126,21 @@ struct tsm_dev *find_tsm_dev(int id); struct pci_ide; int tsm_ide_stream_register(struct pci_ide *ide); void tsm_ide_stream_unregister(struct pci_ide *ide); + +struct kvm; +#ifdef CONFIG_TSM +int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id); +int tsm_unbind(struct device *dev); +#else +static inline int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id) +{ + return -EINVAL; +} + +static inline int tsm_unbind(struct device *dev) +{ + return 0; +} +#endif + #endif /* __TSM_H */ diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h index 1dafbc552d37..aabdfd86504c 100644 --- a/include/uapi/linux/iommufd.h +++ b/include/uapi/linux/iommufd.h @@ -57,6 +57,7 @@ enum { IOMMUFD_CMD_IOAS_CHANGE_PROCESS =3D 0x92, IOMMUFD_CMD_VEVENTQ_ALLOC =3D 0x93, IOMMUFD_CMD_HW_QUEUE_ALLOC =3D 0x94, + IOMMUFD_CMD_VDEVICE_TSM_OP =3D 0x95, }; =20 /** @@ -1134,6 +1135,31 @@ struct iommu_vdevice_alloc { }; #define IOMMU_VDEVICE_ALLOC _IO(IOMMUFD_TYPE, IOMMUFD_CMD_VDEVICE_ALLOC) =20 +/** + * enum iommu_vdevice_tsm_op_type - operation type for struct iommu_vdevic= e_tsm_op + * @IOMMU_VDEVICE_TSM_BIND: Bind a vDevice to TSM + * @IOMMU_VDEVICE_TSM_UNBIND: Unbind a vDevice from TSM + */ +enum iommu_vdevice_tsm_op_type { + IOMMU_VDEVICE_TSM_BIND =3D 0x1, + IOMMU_VDEVICE_TSM_UNBIND, +}; + +/** + * struct iommu_vdevice_tsm_op - ioctl(IOMMU_VDEVICE_TSM_OP) + * @size: sizeof(struct iommu_vdevice_tsm_op) + * @type: Type of TSM operation. Must be defined in enum iommu_vdevice_tsm= _op_type + * @flags: Must be 0 + * @vdevice_id: Object handle for the vDevice. Returned from IOMMU_VDEVICE= _ALLOC + */ +struct iommu_vdevice_tsm_op { + __u32 size; + __u32 type; + __u32 flags; + __u32 vdevice_id; +}; +#define IOMMU_VDEVICE_TSM_OP _IO(IOMMUFD_TYPE, IOMMUFD_CMD_VDEVICE_TSM_OP) + /** * struct iommu_ioas_change_process - ioctl(VFIO_IOAS_CHANGE_PROCESS) * @size: sizeof(struct iommu_ioas_change_process) --=20 2.43.0 From nobody Wed Jun 17 07:20:41 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3917F34A78E; Mon, 27 Apr 2026 06:10:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270246; cv=none; b=rjKQmHWv02YG7Ba6aurmebdLYdWVhPD2no/ICGRTlXQdmbx43uw2buFKNsTtZ2JsZu5zYC1j4arAnplawTvYmEUz87dEXFhu356k2EDBCOvm+YuQ/lHectPxv4gnZmk0R0ufkXYREARJn2q/fqab3o4EmIOZV9COmkgtv+Fib9A= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777270246; c=relaxed/simple; bh=Hp5HnxbAmMw5Nb5MF/pQEylDTfu3UENs902wE1b9ieg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JhgUH14XD8T2BOFS/rJSwbbZvZHgu1GkNp9VVq39FmnZUdUBAuTeY6g82oifcOi7pbI9ujWnESwnralQ/CGJ9vXfbAhdZMeivcruvoTsKJTCNUh5z5tyvuAgb0VIEbStXYbRUbDHyeo5vFzPhtysg8HwtAhelwavTCul0BUoW0c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Y2oiRlvd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Y2oiRlvd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 35C89C19425; Mon, 27 Apr 2026 06:10:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1777270246; bh=Hp5HnxbAmMw5Nb5MF/pQEylDTfu3UENs902wE1b9ieg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Y2oiRlvdX9SeGxLcLSwhdaY7MXULvVB0fN/nMGhYByyd32cc5McT4at5Bc+qtyyVq yapkkOF+7UCfYIw9dZ+OwtLDmhQ+bQUx2pRA7Mw8/cahNFOARRwVq5XnJMTcyM2aMh YhbZhrJMq3CNPCAiHzszsjhD4qu4fmo9m+OiiDNT6eG/keSlS+sHeDiqXkYA+WCYWX XTmlLKKWEOQOv45Jw7hQikuyGfuAVp/XVLxN9C3qr/rkvgCOIkM06CBzRhXimpzQZA GHTgco/LI0/73r8zJYYZRydU2G7fXr6WscpnmlEktuQXYPhS0IbWSu2umfJlXKcULR zSvt7h993dYtA== From: "Aneesh Kumar K.V (Arm)" To: iommu@lists.linux.dev, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: "Aneesh Kumar K.V (Arm)" , Alexey Kardashevskiy , Bjorn Helgaas , Dan Williams , Jason Gunthorpe , Joerg Roedel , Jonathan Cameron , Kevin Tian , Nicolin Chen , Samuel Ortiz , Steven Price , Suzuki K Poulose , Will Deacon , Xu Yilun , Shameer Kolothum Subject: [PATCH v4 4/4] iommufd/vdevice: add TSM guest request ioctl Date: Mon, 27 Apr 2026 11:40:05 +0530 Message-ID: <20260427061005.901854-5-aneesh.kumar@kernel.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260427061005.901854-1-aneesh.kumar@kernel.org> References: <20260427061005.901854-1-aneesh.kumar@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add IOMMU_VDEVICE_TSM_GUEST_REQUEST for issuing TSM guest request/response transactions against an iommufd vdevice. The ioctl takes a vdevice_id plus request/response user buffers and length fields, and forwards the request through tsm_guest_req() to the PCI TSM backend. This provides the host-side passthrough path used by CoCo guests for TSM device attestation and acceptance flows after the device has been bound to TSM. Also add the supporting tsm_guest_req() helper and associated TSM core interface definitions. Based on changes from: Alexey Kardashevskiy Signed-off-by: Aneesh Kumar K.V (Arm) --- drivers/iommu/iommufd/iommufd_private.h | 7 ++++ drivers/iommu/iommufd/main.c | 3 ++ drivers/iommu/iommufd/tsm.c | 49 +++++++++++++++++++++++++ drivers/virt/coco/tsm-core.c | 11 ++++++ include/linux/tsm.h | 25 +++++++++++++ include/uapi/linux/iommufd.h | 41 +++++++++++++++++++++ 6 files changed, 136 insertions(+) diff --git a/drivers/iommu/iommufd/iommufd_private.h b/drivers/iommu/iommuf= d/iommufd_private.h index 14d2d6d1beec..8a27b946adef 100644 --- a/drivers/iommu/iommufd/iommufd_private.h +++ b/drivers/iommu/iommufd/iommufd_private.h @@ -701,11 +701,18 @@ int iommufd_hw_queue_alloc_ioctl(struct iommufd_ucmd = *ucmd); void iommufd_hw_queue_destroy(struct iommufd_object *obj); #ifdef CONFIG_TSM int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *ucmd); +int iommufd_vdevice_tsm_guest_request_ioctl(struct iommufd_ucmd *ucmd); #else static inline int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *ucmd) { return -EOPNOTSUPP; } + +static inline int +iommufd_vdevice_tsm_guest_request_ioctl(struct iommufd_ucmd *ucmd) +{ + return -EOPNOTSUPP; +} #endif =20 static inline struct iommufd_vdevice * diff --git a/drivers/iommu/iommufd/main.c b/drivers/iommu/iommufd/main.c index d73e6b391c6f..7f4bbdd0bda5 100644 --- a/drivers/iommu/iommufd/main.c +++ b/drivers/iommu/iommufd/main.c @@ -433,6 +433,7 @@ union ucmd_buffer { struct iommu_vfio_ioas vfio_ioas; struct iommu_viommu_alloc viommu; struct iommu_vdevice_tsm_op tsm_op; + struct iommu_vdevice_tsm_guest_request gr; #ifdef CONFIG_IOMMUFD_TEST struct iommu_test_cmd test; #endif @@ -496,6 +497,8 @@ static const struct iommufd_ioctl_op iommufd_ioctl_ops[= ] =3D { struct iommu_viommu_alloc, out_viommu_id), IOCTL_OP(IOMMU_VDEVICE_TSM_OP, iommufd_vdevice_tsm_op_ioctl, struct iommu_vdevice_tsm_op, vdevice_id), + IOCTL_OP(IOMMU_VDEVICE_TSM_GUEST_REQUEST, iommufd_vdevice_tsm_guest_reque= st_ioctl, + struct iommu_vdevice_tsm_guest_request, resp_uptr), #ifdef CONFIG_IOMMUFD_TEST IOCTL_OP(IOMMU_TEST_CMD, iommufd_test, struct iommu_test_cmd, last), #endif diff --git a/drivers/iommu/iommufd/tsm.c b/drivers/iommu/iommufd/tsm.c index 4e5fa7849342..2458bc27628d 100644 --- a/drivers/iommu/iommufd/tsm.c +++ b/drivers/iommu/iommufd/tsm.c @@ -58,3 +58,52 @@ int iommufd_vdevice_tsm_op_ioctl(struct iommufd_ucmd *uc= md) iommufd_put_object(ucmd->ictx, &vdev->obj); return rc; } + +/** + * iommufd_vdevice_tsm_guest_request_ioctl - Forward guest TSM requests + * @ucmd: user command data for IOMMU_VDEVICE_TSM_GUEST_REQUEST + * + * Resolve @iommu_vdevice_tsm_guest_request::vdevice_id to a vdevice and p= ass + * the request/response buffers to the TSM core. + * + * Return: + * -errno on error. + * positive residue if response/request bytes were left unconsumed. + * if response buffer is provided, residue indicates the number of bytes + * not used in response buffer + * if there is no response buffer, residue indicates the number of bytes + * not consumed in req buffer + * 0 otherwise. + */ +int iommufd_vdevice_tsm_guest_request_ioctl(struct iommufd_ucmd *ucmd) +{ + int rc; + struct iommufd_vdevice *vdev; + struct iommu_vdevice_tsm_guest_request *cmd =3D ucmd->cmd; + struct tsm_guest_req_info info =3D { + .scope =3D cmd->scope, + .req =3D { + .user =3D u64_to_user_ptr(cmd->req_uptr), + .is_kernel =3D false, + }, + .req_len =3D cmd->req_len, + .resp =3D { + .user =3D u64_to_user_ptr(cmd->resp_uptr), + .is_kernel =3D false, + }, + .resp_len =3D cmd->resp_len, + }; + + if (cmd->__reserved) + return -EOPNOTSUPP; + + vdev =3D iommufd_get_vdevice(ucmd->ictx, cmd->vdevice_id); + if (IS_ERR(vdev)) + return PTR_ERR(vdev); + + rc =3D tsm_guest_req(vdev->idev->dev, &info); + + /* No inline response, hence we don't need to copy the response */ + iommufd_put_object(ucmd->ictx, &vdev->obj); + return rc; +} diff --git a/drivers/virt/coco/tsm-core.c b/drivers/virt/coco/tsm-core.c index f0e35fc38776..6c46f5ef139c 100644 --- a/drivers/virt/coco/tsm-core.c +++ b/drivers/virt/coco/tsm-core.c @@ -259,6 +259,17 @@ int tsm_unbind(struct device *dev) } EXPORT_SYMBOL_GPL(tsm_unbind); =20 +ssize_t tsm_guest_req(struct device *dev, struct tsm_guest_req_info *info) +{ + if (!dev_is_pci(dev)) + return -EINVAL; + + return pci_tsm_guest_req(to_pci_dev(dev), info->scope, info->req, + info->req_len, info->resp, info->resp_len, + NULL); +} +EXPORT_SYMBOL_GPL(tsm_guest_req); + static void tsm_release(struct device *dev) { struct tsm_dev *tsm_dev =3D container_of(dev, typeof(*tsm_dev), dev); diff --git a/include/linux/tsm.h b/include/linux/tsm.h index 85eb1717bddd..938da0324408 100644 --- a/include/linux/tsm.h +++ b/include/linux/tsm.h @@ -6,6 +6,7 @@ #include #include #include +#include =20 #define TSM_REPORT_INBLOB_MAX 64 #define TSM_REPORT_OUTBLOB_MAX SZ_16M @@ -131,6 +132,23 @@ struct kvm; #ifdef CONFIG_TSM int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id); int tsm_unbind(struct device *dev); + +/** + * struct tsm_guest_req_info - parameter for tsm_guest_req() + * @scope: scope for tsm guest request + * @req: request data buffer filled by guest + * @req_len: the size of @req filled by guest + * @resp: response data buffer filled by host + * @resp_len: the size of @resp buffer filled by guest + */ +struct tsm_guest_req_info { + u32 scope; + sockptr_t req; + size_t req_len; + sockptr_t resp; + size_t resp_len; +}; +ssize_t tsm_guest_req(struct device *dev, struct tsm_guest_req_info *info); #else static inline int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id) { @@ -141,6 +159,13 @@ static inline int tsm_unbind(struct device *dev) { return 0; } + +struct tsm_guest_req_info; +static inline ssize_t tsm_guest_req(struct device *dev, + struct tsm_guest_req_info *info) +{ + return -EINVAL; +} #endif =20 #endif /* __TSM_H */ diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h index aabdfd86504c..47213663c0c1 100644 --- a/include/uapi/linux/iommufd.h +++ b/include/uapi/linux/iommufd.h @@ -58,6 +58,7 @@ enum { IOMMUFD_CMD_VEVENTQ_ALLOC =3D 0x93, IOMMUFD_CMD_HW_QUEUE_ALLOC =3D 0x94, IOMMUFD_CMD_VDEVICE_TSM_OP =3D 0x95, + IOMMUFD_CMD_VDEVICE_TSM_GUEST_REQUEST =3D 0x96, }; =20 /** @@ -1364,4 +1365,44 @@ struct iommu_hw_queue_alloc { __aligned_u64 length; }; #define IOMMU_HW_QUEUE_ALLOC _IO(IOMMUFD_TYPE, IOMMUFD_CMD_HW_QUEUE_ALLOC) + +/** + * struct iommu_vdevice_tsm_guest_request - ioctl(IOMMU_VDEVICE_TSM_GUEST_= REQUEST) + * @size: sizeof(struct iommu_vdevice_tsm_guest_request) + * @vdevice_id: vDevice ID the guest request is for + * @scope: Bus-specific scope classification for the guest request + * @req_len: Size in bytes of the input payload at @req_uptr + * @resp_len: Size in bytes of the output buffer at @resp_uptr + * @__reserved: Must be 0 + * @req_uptr: Userspace pointer to the guest-provided request payload + * @resp_uptr: Userspace pointer to the guest response buffer + * + * Forward a guest request to the TSM bound vDevice. This is intended for + * guest TSM/TDISP message transport where the host kernel only marshals + * bytes between userspace and the TSM implementation. + * + * The meaning and valid values of @scope are defined by the TSM backend f= or + * the device bus type. + * + * For PCI devices, @scope follows enum pci_tsm_req_scope. Requests outside + * the allowed PCI scope for this path are rejected. + * + * The request payload is read from @req_uptr/@req_len. If a response is + * expected, userspace provides @resp_uptr/@resp_len as writable storage f= or + * response bytes returned by the TSM path. + * + * The ioctl is only suitable for commands and results that the host kernel + * has no use, the host is only facilitating guest to TSM communication. + */ +struct iommu_vdevice_tsm_guest_request { + __u32 size; + __u32 vdevice_id; + __u32 scope; + __u32 req_len; + __u32 resp_len; + __u32 __reserved; + __aligned_u64 req_uptr; + __aligned_u64 resp_uptr; +}; +#define IOMMU_VDEVICE_TSM_GUEST_REQUEST _IO(IOMMUFD_TYPE, IOMMUFD_CMD_VDEV= ICE_TSM_GUEST_REQUEST) #endif --=20 2.43.0