Re: [PATCH v6 16/20] dma: swiotlb: free dynamic pools from process context

[PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 01/20] s390: Expose protected virtualization through cc_platform_has() · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 01/20] s390: Expose protected virtualization through cc_platform_has() · JAEHOON KIM <hidden> · 2026-06-06
Re: [PATCH v6 01/20] s390: Expose protected virtualization through cc_platform_has() · Catalin Marinas <catalin.marinas@arm.com> · 2026-06-09
[PATCH v6 02/20] dma-direct: swiotlb: handle swiotlb alloc/free outside __dma_direct_alloc_pages · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 02/20] dma-direct: swiotlb: handle swiotlb alloc/free outside __dma_direct_alloc_pages · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · Petr Tesarik <hidden> · 2026-06-09
Re: [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · Alexey Kardashevskiy <hidden> · 2026-06-17
Re: [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-17
Re: [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-17
Re: [PATCH v6 03/20] dma-direct: use DMA_ATTR_CC_SHARED in alloc/free paths · Alexey Kardashevskiy <hidden> · 2026-06-18
[PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Petr Tesarik <hidden> · 2026-06-09
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-09
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-10
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-10
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-11
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-11
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-11
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-11
Re: [PATCH v6 04/20] dma-pool: track decrypted atomic pools and select them via attrs · Petr Tesarik <hidden> · 2026-06-11
[PATCH v6 05/20] dma: swiotlb: pass mapping attributes by reference · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 05/20] dma: swiotlb: pass mapping attributes by reference · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 06/20] dma: swiotlb: track pool encryption state and honor DMA_ATTR_CC_SHARED · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 06/20] dma: swiotlb: track pool encryption state and honor DMA_ATTR_CC_SHARED · Petr Tesarik <hidden> · 2026-06-09
Re: [PATCH v6 06/20] dma: swiotlb: track pool encryption state and honor DMA_ATTR_CC_SHARED · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-10
[PATCH v6 07/20] dma-mapping: make dma_pgprot() honor DMA_ATTR_CC_SHARED · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 08/20] dma-direct: pass attrs to dma_capable() for DMA_ATTR_CC_SHARED checks · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 08/20] dma-direct: pass attrs to dma_capable() for DMA_ATTR_CC_SHARED checks · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 09/20] dma-direct: make dma_direct_map_phys() honor DMA_ATTR_CC_SHARED · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 10/20] dma-direct: set decrypted flag for remapped DMA allocations · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 11/20] dma-direct: select DMA address encoding from DMA_ATTR_CC_SHARED · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 12/20] dma-pool: fix page leak in atomic_pool_expand() cleanup · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 13/20] dma-direct: rename ret to cpu_addr in alloc helpers · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 13/20] dma-direct: rename ret to cpu_addr in alloc helpers · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 14/20] dma-direct: return struct page from dma_direct_alloc_from_pool() · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 14/20] dma-direct: return struct page from dma_direct_alloc_from_pool() · Petr Tesarik <hidden> · 2026-06-09
Re: [PATCH v6 14/20] dma-direct: return struct page from dma_direct_alloc_from_pool() · Catalin Marinas <catalin.marinas@arm.com> · 2026-06-09
Re: [PATCH v6 14/20] dma-direct: return struct page from dma_direct_alloc_from_pool() · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-09
[PATCH v6 15/20] iommu/dma: Check atomic pool allocation result directly · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 15/20] iommu/dma: Check atomic pool allocation result directly · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 16/20] dma: swiotlb: free dynamic pools from process context · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 16/20] dma: swiotlb: free dynamic pools from process context · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 17/20] dma: swiotlb: handle set_memory_decrypted() failures · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 17/20] dma: swiotlb: handle set_memory_decrypted() failures · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 18/20] dma: free atomic pool pages by physical address · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
[PATCH v6 19/20] swiotlb: Preserve allocation virtual address for dynamic pools · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 19/20] swiotlb: Preserve allocation virtual address for dynamic pools · Petr Tesarik <hidden> · 2026-06-09
[PATCH v6 20/20] swiotlb: remove unused SWIOTLB_FORCE flag · "Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> · 2026-06-04
Re: [PATCH v6 20/20] swiotlb: remove unused SWIOTLB_FORCE flag · Petr Tesarik <hidden> · 2026-06-09
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Catalin Marinas <catalin.marinas@arm.com> · 2026-06-09
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-09
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Alexey Kardashevskiy <hidden> · 2026-06-18
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-18
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-18
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Alexey Kardashevskiy <hidden> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Alexey Kardashevskiy <hidden> · 2026-06-22
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Jason Gunthorpe <jgg@ziepe.ca> · 2026-06-19
Re: [PATCH v6 00/20] dma-mapping: Use DMA_ATTR_CC_SHARED through direct, pool and swiotlb paths · Aneesh Kumar K.V <aneesh.kumar@kernel.org> · 2026-06-11

From: Petr Tesarik <hidden>
Date: 2026-06-09 13:25:41
Also in: linux-arm-kernel, linux-coco, linux-iommu, linux-s390, lkml

On Thu,  4 Jun 2026 14:09:55 +0530
"Aneesh Kumar K.V (Arm)" [off-list ref] wrote:

swiotlb_dyn_free() is used after removing a dynamic swiotlb pool from
RCU-protected lists. It can call swiotlb_free_tlb(), which may need to
restore the encryption state of an unencrypted pool with
set_memory_encrypted() before freeing the pages.

RCU callbacks run in atomic context, but set_memory_encrypted() is not
guaranteed to be atomic-safe on all architectures. For example, page
attribute updates may allocate page tables or take sleeping locks.

Good catch!

Use queue_rcu_work() for dynamic pool freeing instead. This keeps the RCU
grace period before freeing a published pool, while running the actual pool
teardown from workqueue context. Use the same helper for the transient-pool
error path, since that path may also be reached from atomic DMA mapping
context.

Strictly speaking, it's not necessary, because this is in the error
path just after allocating a transient pool. There are only two
possible scenarios:

a. The transient buffer was allocated from a sleeping context, and then
   it's also OK to decrypt memory.

b. The transient buffer was allocated in atomic context, but then it was
   allocated from a coherent pool and it is returned to that pool
   rather than decrypted.

However, it's also fine to queue an RCU work. The logic is definitely
cleaner and easier to maintain.

Tested-by: Michael Kelley <redacted>
Tested-by: Mostafa Saleh <smostafa@google.com>
Signed-off-by: Aneesh Kumar K.V (Arm) <aneesh.kumar@kernel.org>

Reviewed-by: Petr Tesarik <redacted>

Petr T

quoted hunk ↗ jump to hunk

---
 include/linux/swiotlb.h |  4 ++--
 kernel/dma/swiotlb.c    | 19 +++++++++++--------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/include/linux/swiotlb.h b/include/linux/swiotlb.h
index 4dcbf3931be1..526f82e9da45 100644
--- a/include/linux/swiotlb.h
+++ b/include/linux/swiotlb.h

@@ -64,7 +64,7 @@ extern void __init swiotlb_update_mem_attributes(void);
  * @areas:	Array of memory area descriptors.
  * @slots:	Array of slot descriptors.
  * @node:	Member of the IO TLB memory pool list.
- * @rcu:	RCU head for swiotlb_dyn_free().
+ * @dyn_free:	RCU work item used to free the pool from process context.
  * @transient:  %true if transient memory pool.
  */
 struct io_tlb_pool {

@@ -79,7 +79,7 @@ struct io_tlb_pool {
 	struct io_tlb_slot *slots;
 #ifdef CONFIG_SWIOTLB_DYNAMIC
 	struct list_head node;
-	struct rcu_head rcu;
+	struct rcu_work dyn_free;
 	bool transient;
 	bool unencrypted;
 #endif

diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index f4e8b241a1c4..4c56f64602ea 100644
--- a/kernel/dma/swiotlb.c
+++ b/kernel/dma/swiotlb.c

@@ -774,13 +774,10 @@ static void swiotlb_dyn_alloc(struct work_struct *work)
 	add_mem_pool(mem, pool);
 }
 
-/**
- * swiotlb_dyn_free() - RCU callback to free a memory pool
- * @rcu:	RCU head in the corresponding struct io_tlb_pool.
- */
-static void swiotlb_dyn_free(struct rcu_head *rcu)
+static void swiotlb_dyn_free_work(struct work_struct *work)
 {
-	struct io_tlb_pool *pool = container_of(rcu, struct io_tlb_pool, rcu);
+	struct io_tlb_pool *pool =
+		container_of(to_rcu_work(work), struct io_tlb_pool, dyn_free);
 	size_t slots_size = array_size(sizeof(*pool->slots), pool->nslabs);
 	size_t tlb_size = pool->end - pool->start;

@@ -789,6 +786,12 @@ static void swiotlb_dyn_free(struct rcu_head *rcu)
 	kfree(pool);
 }
 
+static void swiotlb_schedule_dyn_free(struct io_tlb_pool *pool)
+{
+	INIT_RCU_WORK(&pool->dyn_free, swiotlb_dyn_free_work);
+	queue_rcu_work(system_wq, &pool->dyn_free);
+}
+
 /**
  * __swiotlb_find_pool() - find the IO TLB pool for a physical address
  * @dev:        Device which has mapped the DMA buffer.

@@ -835,7 +838,7 @@ static void swiotlb_del_pool(struct device *dev, struct io_tlb_pool *pool)
 	list_del_rcu(&pool->node);
 	spin_unlock_irqrestore(&dev->dma_io_tlb_lock, flags);
 
-	call_rcu(&pool->rcu, swiotlb_dyn_free);
+	swiotlb_schedule_dyn_free(pool);
 }
 
 #endif	/* CONFIG_SWIOTLB_DYNAMIC */

@@ -1276,7 +1279,7 @@ static int swiotlb_find_slots(struct device *dev, phys_addr_t orig_addr,
 	index = swiotlb_search_pool_area(dev, pool, 0, orig_addr, tbl_dma_addr,
 					 alloc_size, alloc_align_mask);
 	if (index < 0) {
-		swiotlb_dyn_free(&pool->rcu);
+		swiotlb_schedule_dyn_free(pool);
 		return -1;
 	}

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help