> -----Original Message-----
> From: Nathan Chen <[email protected]>
> Sent: 14 May 2026 21:07
> To: Shameer Kolothum Thodi <[email protected]>; qemu-
> [email protected]; [email protected]
> Cc: Eric Auger <[email protected]>; Peter Maydell
> <[email protected]>; Philippe Mathieu-Daudé <[email protected]>;
> Zhao Liu <[email protected]>; Matt Ochs <[email protected]>; Nicolin
> Chen <[email protected]>
> Subject: Re: [PATCH v3 2/7] hw/arm/smmuv3-accel: Implement "auto" value
> for "ats"
[...]
> >> object_class_property_set_description(klass, "oas",
> >> "Specify Output Address Size (for accel=on). Supported values "
> >> "are 44 or 48 bits. Defaults to 44 bits. oas=auto is not "
> > In smmuv3.c we have;
> >
> > case SMMU_CMD_ATC_INV:
> > {
> > SMMUDevice *sdev = smmu_find_sdev(bs, CMD_SID(&cmd));
> >
> > if (!sdev || !s->ats) {
> > trace_smmuv3_unhandled_cmd(type);
> > break;
> > }
> >
> > if (!smmuv3_accel_issue_inv_cmd(s, &cmd, sdev, errp)) {
> > cmd_error = SMMU_CERROR_ILL;
> > break;
> > }
> > break;
> > }
> >
> > The above !s->ats will be true for AUTO case, right? I think
> > we should change the above check with smmuv3_ats_enabled().
> >
> > Also, since we modified the ats to OnOffAuto in the previous
> > series, I am not sure the above should be a fix patch or not.
> I see, I will use smmuv3_ats_enabled() here to account for the AUTO
> case. I am not sure if it should have the Fixes tag either but let's see
> if we can get any guidance on that point.
The default ats with previous series is ON_OFF_AUTO_OFF(=2). So even
if ats is not visible to guest, a malicious guest issuing ats may end up
getting forwarded to host. So, I think we should fix it.
Thanks,
Shameer
