On Fri, Jan 09, 2026 at 12:43:32AM +0000, David Matlack wrote:
On 2026-01-08 08:36 PM, Jason Gunthorpe wrote:
On Thu, Jan 08, 2026 at 09:29:29PM +0000, David Matlack wrote:
On 2026-01-08 02:33 PM, Jason Gunthorpe wrote:
On Thu, Jan 08, 2026 at 10:24:19AM -0800, David Matlack wrote:
> Oh, I was thinking about a compatability only flow only in the type 1 > emulation that internally magically converts a VMA to a dmabuf, but I > haven't written anything.. It is a bit tricky and the type 1 emulation > has not been as popular as I expected??
In part because of this gap, I'd guess. Thanks,
Lack of huge mappings in the IOMMU when using VFIO_TYPE1_IOMMU is another gap I'm aware of. vfio_dma_mapping_test.vfio_type1_iommu_anonymous_hugetlb_1gb.dma_map_unmap fails when IOMMUFD_VFIO_CONTAINER is enabled.
What is this? I'm not aware of it..
It's one of the test cases within tools/testing/selftests/vfio/vfio_dma_mapping_test.c.
Here's the output when running with CONFIG_IOMMUFD_VFIO_CONTAINER=y:
# RUN vfio_dma_mapping_test.vfio_type1_iommu_anonymous_hugetlb_1gb.dma_map_unmap ... Mapped HVA 0x7f0480000000 (size 0x40000000) at IOVA 0x0 Searching for IOVA 0x0 in /sys/kernel/debug/iommu/intel/0000:6a:01.0/domain_translation_struct Found IOMMU mappings for IOVA 0x0: PGD: 0x0000000203475027 P4D: 0x0000000203476027 PUD: 0x0000000203477027 PMD: 0x00000001e7562027 PTE: 0x00000041c0000067 # tools/testing/selftests/vfio/vfio_dma_mapping_test.c:188:dma_map_unmap:Expected 0 (0) == mapping.pte (282394099815) # dma_map_unmap: Test terminated by assertion # FAIL vfio_dma_mapping_test.vfio_type1_iommu_anonymous_hugetlb_1gb.dma_map_unmap
I can't think of any reason this would fail, I think your tests have found a real bug?? Can you check into it, what kernel call fails and where does the kernel code come from?
Oh I thought it was by design. This code in iommufd_vfio_set_iommu():
/* * The difference between TYPE1 and TYPE1v2 is the ability to unmap in * the middle of mapped ranges. This is complicated by huge page support * which creates single large IOPTEs that cannot be split by the iommu * driver. TYPE1 is very old at this point and likely nothing uses it, * however it is simple enough to emulate by simply disabling the * problematic large IOPTEs. Then we can safely unmap within any range. */ if (type == VFIO_TYPE1_IOMMU) rc = iopt_disable_large_pages(&ioas->iopt);
git-blame says some guy named Jason Gunthorpe wrote it :P
Er, maybe I mis understood the output then?
This is not a "failure" though, the map succeeded and gave a small page mapping.
This is not reflecting a bug in iommufd but a bug in the TYPE1 support in VFIO itself because it definitely cannot maintain the required unmap anywhere semantic if it mapped in a 1G huge page like this.
Basically, if you are mapping with TYPE1 mode then this should be triggered:
if (!strcmp(variant->iommu_mode, "iommufd_compat_type1")) mapping_size = SZ_4K;
And VFIO should be the one to fail, not iommufd.
If you really want to test TYPE1 you need to test what makes it unique, which is that you can map any VMA and then unmap any slice of it. Including within what should otherwise be a 1G page.
But I doubt anyone cares enough to fix this, so just exclude VFIO_TYPE1_IOMMU from this test?
Jason