From: Sebastian Ott via iommu <iommu@lists.linux-foundation.org>
To: Joerg Roedel <joro@8bytes.org>, <iommu@lists.linux-foundation.org>
Cc: Benjamin Serebrin <serebrin@amazon.com>,
Filippo Sironi <sironi@amazon.de>,
Sebastian Ott <sebott@amazon.de>
Subject: [PATCH 3/3] iommu/amd: Actually enforce geometry aperture
Date: Fri, 5 Jun 2020 16:56:55 +0200 [thread overview]
Message-ID: <20200605145655.13639-4-sebott@amazon.de> (raw)
In-Reply-To: <20200605145655.13639-1-sebott@amazon.de>
Add a check to enforce that I/O virtual addresses picked by iommu API
users stay within the domains geometry aperture.
Signed-off-by: Sebastian Ott <sebott@amazon.de>
---
drivers/iommu/amd_iommu.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index d2e79e27778e..6485e2081706 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -2618,6 +2618,11 @@ static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
if (pgtable.mode == PAGE_MODE_NONE)
return -EINVAL;
+ if (dom->geometry.force_aperture &&
+ (iova < dom->geometry.aperture_start ||
+ iova + page_size - 1 > dom->geometry.aperture_end))
+ return -EINVAL;
+
if (iommu_prot & IOMMU_READ)
prot |= IOMMU_PROT_IR;
if (iommu_prot & IOMMU_WRITE)
--
2.17.1
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
next prev parent reply other threads:[~2020-06-05 18:00 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-05 14:56 [PATCH 0/3] iommu/amd: I/O VA address limits Sebastian Ott via iommu
2020-06-05 14:56 ` [PATCH 1/3] iommu/amd: Parse supported address sizes from IVRS Sebastian Ott via iommu
2020-06-05 14:56 ` [PATCH 2/3] iommu/amd: Restrict aperture for domains to conform with IVRS Sebastian Ott via iommu
2020-06-05 14:56 ` Sebastian Ott via iommu [this message]
2020-06-30 9:30 ` [PATCH 3/3] iommu/amd: Actually enforce geometry aperture Joerg Roedel
2020-06-30 22:46 ` [PATCH v2 0/3] iommu/amd: I/O VA address limits Sebastian Ott via iommu
2020-06-30 22:46 ` [PATCH v2 1/3] iommu/amd: Parse supported address sizes from IVRS Sebastian Ott via iommu
2020-06-30 22:46 ` [PATCH v2 2/3] iommu/amd: Restrict aperture for domains to conform with IVRS Sebastian Ott via iommu
2020-06-30 22:46 ` [PATCH v2 3/3] iommu/amd: Actually enforce geometry aperture Sebastian Ott via iommu
2020-07-10 12:31 ` [PATCH v2 0/3] iommu/amd: I/O VA address limits Joerg Roedel
2020-07-17 9:20 ` Sebastian Ott via iommu
2020-07-17 9:47 ` Robin Murphy
2020-07-17 13:22 ` Sironi, Filippo via iommu
2020-07-17 14:36 ` Robin Murphy
2020-07-17 15:15 ` Sironi, Filippo via iommu
2020-07-22 12:19 ` joro
2020-07-22 12:34 ` Sironi, Filippo via iommu
2020-07-22 14:00 ` joro
2020-06-24 16:09 ` [PATCH " Sebastian Ott via iommu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200605145655.13639-4-sebott@amazon.de \
--to=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=sebott@amazon.de \
--cc=serebrin@amazon.com \
--cc=sironi@amazon.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.