[RFC PATCH 5/5] iommu/arm-smmu-v3: Add Context Descriptor display to debugfs

Nicolin Chen nicolinc at nvidia.com
Fri Mar 13 14:04:10 PDT 2026 

On Fri, Mar 13, 2026 at 06:43:51PM +0800, Qinxin Xia wrote:
>   * Directory Structure:
>   * /sys/kernel/debug/iommu/arm_smmu_v3/
>   * └── smmu0/
> @@ -35,6 +42,8 @@
>   *     └── stream_table
>   *	   └── 0000:01:00.0:0/                    # PCI device with Stream ID 0
>   *             ├── ste                           # Stream Table Entry
> + *             └── context_descriptors/
> + *                 └── all                       # All Context Descriptors

I wonder if we should do per-RID/PASID v.s. all. Otherwise, cd_dir
seems unnecessary, as it could be a file instead?

> +/**
> + * smmu_debug_dump_cd() - Dump Context Descriptor details to seq_file
> + * @seq: seq_file to write to
> + * @dev: device associated with the CD
> + * @ssid: Substream ID
> + */
> +static void smmu_debug_dump_cd(struct seq_file *seq, struct device *dev, u32 ssid)
> +{
> +	struct arm_smmu_master *master = dev_iommu_priv_get(dev);
> +	struct arm_smmu_cd *cd;
> +	u64 data;
> +	int i;
> +
> +	if (!master) {
> +		seq_puts(seq, "No master data\n");
> +		return;
> +	}
> +
> +	cd = arm_smmu_get_cd_ptr(master, ssid);
> +	if (!cd) {
> +		seq_printf(seq, "CD not available for SSID %u\n", ssid);
> +		return;
> +	}

master->cd_table can be free-ed. We could hit UAF in a race. This
very likely needs arm_smmu_asid_lock.

> +	seq_printf(seq, "CD for Substream ID %u:\n", ssid);
> +
> +	/* CD 0 */
> +	data = le64_to_cpu(cd->data[0]);
> +	seq_printf(seq, "  Valid: %s\n", data & CTXDESC_CD_0_V ? "Yes" : "No");
> +	seq_printf(seq, "  T0SZ: 0x%llx\n", data & CTXDESC_CD_0_TCR_T0SZ);
> +	seq_printf(seq, "  EPD0: %s\n", data & CTXDESC_CD_0_TCR_EPD0 ? "Yes" : "No");
> +	seq_printf(seq, "  EPD1: %s\n", data & CTXDESC_CD_0_TCR_EPD1 ? "Yes" : "No");

All these are unnecessary if V=0? Maybe the per-SSID output should
depend on V=1 at all. Same might apply to STE.

> +/* All CDs debugfs file operations */
> +static int smmu_debugfs_all_cds_show(struct seq_file *seq, void *v)
> +{
> +	struct device *dev = seq->private;
> +
> +	smmu_debug_dump_all_cds(seq, dev);
> +	return 0;

Just unwrap the smmu_debug_dump_all_cds().

Nicolin

More information about the linux-arm-kernel mailing list