On Thu, Apr 24, 2025 at 05:49:20PM -0700, Tushar Dave wrote:
In the above topology, we setup ACS flags on DSP 0008:02:03.0 and 0008:02:00.0 to achieve desired p2p configuration for GPU and DMA-PF. Apparently, this creates multi-device group with GPU being only device with PASID support in that group. In this case, set_dev_pasid() ops invoked for each device within the group with pasid=1 and doesn't fail.
Hurm, it doesn't fail, but it corrupts memory in the driver :\
int arm_smmu_set_pasid(struct arm_smmu_master *master, struct arm_smmu_domain *smmu_domain, ioasid_t pasid, struct arm_smmu_cd *cd, struct iommu_domain *old) { struct iommu_domain *sid_domain = iommu_get_domain_for_dev(master->dev); struct arm_smmu_attach_state state = { .master = master, .ssid = pasid, .old_domain = old, }; struct arm_smmu_cd *cdptr; int ret;
/* The core code validates pasid */ ^^^^^^^^^^
Which is not true after this patch.
The core code may not call the driver's set_pasid() function with a PASID larger than that specific device's device->dev->iommu->max_pasids
Jason