Re: [PATCH v4 06/10] iommu/arm-smmu-v3: Introduce INV_TYPE_S2_VMID_VSMMU

[Jason Gunthorpe]

On Thu, Mar 19, 2026 at 12:51:52PM -0700, Nicolin Chen wrote:
> @@ -655,6 +655,7 @@ struct arm_smmu_cmdq_batch {
>  enum arm_smmu_inv_type {
>  	INV_TYPE_S1_ASID,
>  	INV_TYPE_S2_VMID,
> +	INV_TYPE_S2_VMID_VSMMU,
>  	INV_TYPE_S2_VMID_S1_CLEAR,
>  	INV_TYPE_ATS,
>  	INV_TYPE_ATS_FULL,

> @@ -3246,7 +3248,10 @@ int arm_smmu_find_iotlb_tag(struct iommu_domain *domain,
>  		tag->type = INV_TYPE_S1_ASID;
>  		break;
>  	case ARM_SMMU_DOMAIN_S2:
> -		tag->type = INV_TYPE_S2_VMID;
> +		if (to_vsmmu(domain))
> +			tag->type = INV_TYPE_S2_VMID_VSMMU;
> +		else
> +			tag->type = INV_TYPE_S2_VMID;
>  		break;

This shouldn't search, the vmid always comes from the vsmmu struct.

arm_smmu_alloc_iotlb_tag() fixes it after, but the call in
arm_smmu_attach_prepare_invs() should also only be using the
vsmmu->vmid so this is a bug.

Just set tag->id here and return. Move the tag->smmu up so that is
safe.

> @@ -3357,7 +3369,7 @@ arm_smmu_master_build_invs(struct arm_smmu_master *master, bool ats_enabled,
>  		return NULL;
>  
>  	/* All the nested S1 ASIDs have to be flushed when S2 parent changes */
> -	if (nesting) {
> +	if (tag->type == INV_TYPE_S2_VMID_VSMMU) {
>  		if (!arm_smmu_master_build_inv(master,
>  					       INV_TYPE_S2_VMID_S1_CLEAR,
>  					       tag->id, IOMMU_NO_PASID, 0))

I think this function should not mix nesting and type at the same
time..

If INV_TYPE_S2_VMID_VSMMU means the tag is used as a nesting child
then that should also drive the atc decision:

	if (!arm_smmu_master_build_inv(
			    master, nesting ? INV_TYPE_ATS_FULL : INV_TYPE_ATS,
			    master->streams[i].id, ssid, 0))

Because it is exactly the same reasoning for the IOTLB full
invalidation.

This is the only place reading domain->nest_parent so we can get rid
of it too, instead it effectively becomes driven by tag which derives
the S2_VMID from domain->type == IOMMU_DOMAIN_NESTED

Jason