On 5/15/26 9:55 AM, Shameer Kolothum Thodi wrote:
>
>> -----Original Message-----
>> From: Nathan Chen <[email protected]>
>> Sent: 14 May 2026 21:07
>> To: Shameer Kolothum Thodi <[email protected]>; qemu-
>> [email protected]; [email protected]
>> Cc: Eric Auger <[email protected]>; Peter Maydell
>> <[email protected]>; Philippe Mathieu-Daudé <[email protected]>;
>> Zhao Liu <[email protected]>; Matt Ochs <[email protected]>; Nicolin
>> Chen <[email protected]>
>> Subject: Re: [PATCH v3 2/7] hw/arm/smmuv3-accel: Implement "auto" value
>> for "ats"
> [...]
>
>>>> object_class_property_set_description(klass, "oas",
>>>> "Specify Output Address Size (for accel=on). Supported values "
>>>> "are 44 or 48 bits. Defaults to 44 bits. oas=auto is not "
>>> In smmuv3.c we have;
>>>
>>> case SMMU_CMD_ATC_INV:
>>> {
>>> SMMUDevice *sdev = smmu_find_sdev(bs, CMD_SID(&cmd));
>>>
>>> if (!sdev || !s->ats) {
>>> trace_smmuv3_unhandled_cmd(type);
>>> break;
>>> }
>>>
>>> if (!smmuv3_accel_issue_inv_cmd(s, &cmd, sdev, errp)) {
>>> cmd_error = SMMU_CERROR_ILL;
>>> break;
>>> }
>>> break;
>>> }
>>>
>>> The above !s->ats will be true for AUTO case, right? I think
>>> we should change the above check with smmuv3_ats_enabled().
>>>
>>> Also, since we modified the ats to OnOffAuto in the previous
>>> series, I am not sure the above should be a fix patch or not.
>> I see, I will use smmuv3_ats_enabled() here to account for the AUTO
>> case. I am not sure if it should have the Fixes tag either but let's see
>> if we can get any guidance on that point.
> The default ats with previous series is ON_OFF_AUTO_OFF(=2). So even
> if ats is not visible to guest, a malicious guest issuing ats may end up
> getting forwarded to host. So, I think we should fix it.
good catch. Effectively you may add a preamble commit fixing this in
this series with the corresponding Fixes tag. Even can be Stable to
apply on previous 11.0. version
Eric
>
> Thanks,
> Shameer
>
>
>
