Re: [PATCH] dma-direct: Clear pages before coherent remap
From: Leon Romanovsky
Date: Mon May 18 2026 - 07:37:32 EST
On Sat, May 16, 2026 at 09:29:55PM -0700, Rosen Penev wrote:
> Clear pages through their page mapping before creating a coherent
> remap for dma-direct allocations. Some architectures implement the
> coherent remap as uncached memory, where the generic memset() path may
> use cache-only zeroing instructions that are not valid for the returned
> CPU mapping.
>
> Keep the existing memset() for non-remapped allocations, but avoid
> normal memset() on the remapped coherent allocation path.
>
> Assisted-by: Codex:GPT-5.5
> Signed-off-by: Rosen Penev <rosenp@xxxxxxxxx>
> ---
> kernel/dma/direct.c | 20 ++++++++++++++++++--
> 1 file changed, 18 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
> index 583c5922bca2..76f7bf43bd28 100644
> --- a/kernel/dma/direct.c
> +++ b/kernel/dma/direct.c
> @@ -8,6 +8,7 @@
> #include <linux/export.h>
> #include <linux/mm.h>
> #include <linux/dma-map-ops.h>
> +#include <linux/highmem.h>
> #include <linux/scatterlist.h>
> #include <linux/pfn.h>
> #include <linux/vmalloc.h>
> @@ -104,6 +105,15 @@ static void __dma_direct_free_pages(struct device *dev, struct page *page,
> dma_free_contiguous(dev, page, size);
> }
>
> +static void dma_direct_zero_pages(struct page *page, size_t size)
> +{
> + unsigned long count = PAGE_ALIGN(size) >> PAGE_SHIFT;
> + unsigned long i;
> +
> + for (i = 0; i < count; i++)
> + clear_highpage(page + i);
> +}
> +
> static struct page *dma_direct_alloc_swiotlb(struct device *dev, size_t size)
> {
> struct page *page = swiotlb_alloc(dev, size);
> @@ -268,6 +278,13 @@ void *dma_direct_alloc(struct device *dev, size_t size,
> if (remap) {
> pgprot_t prot = dma_pgprot(dev, PAGE_KERNEL, attrs);
>
> + /*
> + * Zero via the page mapping before creating a potentially
> + * uncached remap. Some architectures cannot safely run normal
> + * memset on uncached memory.
> + */
I can't say whether this description is accurate, but if it is, I'd expect
all memset callers on such architectures to be affected, not only the remap
path. If this holds, we will need a safe memset() implementation.
Thanks