On 3/10/26 14:57, CLEMENT MATHIEU--DRIF wrote:
Avoid unintentionally flagging the entry as a shadow stack entry.
hmmm. not quite get shadow stack...
In the current implementation, the dirty bit is always set in the pte. Hence, an ATS device requesting an RW translation for a copy-on-write page is likely to trigger a PRI request for a region that has just been marked as dirty by the IOMMU. However, CPUs that support shadow stacks give special meaning to PTEs reporting W=0 and D=1. Setting these values can cause PRI requests to complete successfully without granting the expected write permission, which leads the device to enter an infinite loop of ATS/PRI requests.
appreciate a clearer explanation here.
Fixes: 65c4f0999991 ("intel_iommu: Set accessed and dirty bits during stage-1 translation") Signed-off-by: Clement Mathieu--Drif <[email protected]> --- hw/i386/intel_iommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index d24ba989bf..56146aafc1 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -2066,7 +2066,7 @@ static int vtd_iova_to_fspte(IntelIOMMUState *s, VTDContextEntry *ce, return -VTD_FR_FS_PAGING_ENTRY_RSVD; }- if (vtd_is_last_pte(fspte, *fspte_level) && is_write) {+ if (vtd_is_last_pte(fspte, *fspte_level) && *writes && is_write) { flag_ad |= VTD_FS_D; }
the change looks reasonable.
