[PATCH v10 10/12] iommu/amd: Allocate memory below 4G for dev table if translation pre-enabled

iommu.lists.linux-foundation.org archive mirror
 help / color / mirror / Atom feed

From: Baoquan He <bhe@redhat.com>
To: jroedel@suse.de
Cc: iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org,
	Baoquan He <bhe@redhat.com>
Subject: [PATCH v10 10/12] iommu/amd: Allocate memory below 4G for dev table if translation pre-enabled
Date: Wed,  9 Aug 2017 16:33:42 +0800	[thread overview]
Message-ID: <1502267624-7066-11-git-send-email-bhe@redhat.com> (raw)
In-Reply-To: <1502267624-7066-1-git-send-email-bhe@redhat.com>

AMD pointed out it's unsafe to update the device-table while iommu
is enabled. It turns out that device-table pointer update is split
up into two 32bit writes in the IOMMU hardware. So updating it while
the IOMMU is enabled could have some nasty side effects.

The safe way to work around this is to always allocate the device-table
below 4G, including the old device-table in normal kernel and the
device-table used for copying the content of the old device-table in kdump
kernel. Meanwhile we need check if the address of old device-table is
above 4G because it might has been touched accidentally in corrupted
1st kernel.

Signed-off-by: Baoquan He <bhe@redhat.com>
---
v9->v10:
  The judgement of the address of old_devtb_phys should be '>= 0x100000000ULL'.

 drivers/iommu/amd_iommu_init.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/drivers/iommu/amd_iommu_init.c b/drivers/iommu/amd_iommu_init.c
index d08ad74b0928..c348732f27d7 100644
--- a/drivers/iommu/amd_iommu_init.c
+++ b/drivers/iommu/amd_iommu_init.c
@@ -885,11 +885,15 @@ static bool copy_device_table(void)
 	}
 
 	old_devtb_phys = entry & PAGE_MASK;
+	if (old_devtb_phys >= 0x100000000ULL) {
+		pr_err("The address of old device table is above 4G, not trustworthy!/n");
+		return false;
+	}
 	old_devtb = memremap(old_devtb_phys, dev_table_size, MEMREMAP_WB);
 	if (!old_devtb)
 		return false;
 
-	gfp_flag = GFP_KERNEL | __GFP_ZERO;
+	gfp_flag = GFP_KERNEL | __GFP_ZERO | GFP_DMA32;
 	old_dev_tbl_cpy = (void *)__get_free_pages(gfp_flag,
 				get_order(dev_table_size));
 	if (old_dev_tbl_cpy == NULL) {
@@ -2432,7 +2436,8 @@ static int __init early_amd_iommu_init(void)
 
 	/* Device table - directly used by all IOMMUs */
 	ret = -ENOMEM;
-	amd_iommu_dev_table = (void *)__get_free_pages(GFP_KERNEL | __GFP_ZERO,
+	amd_iommu_dev_table = (void *)__get_free_pages(
+				      GFP_KERNEL | __GFP_ZERO | GFP_DMA32,
 				      get_order(dev_table_size));
 	if (amd_iommu_dev_table == NULL)
 		goto out;
-- 
2.5.5

next prev parent reply	other threads:[~2017-08-09  8:33 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-09  8:33 [PATCH v10 00/12] Fix the on-flight DMA issue on system with amd iommu Baoquan He
2017-08-09  8:33 ` [PATCH v10 01/12] iommu/amd: Detect pre enabled translation Baoquan He
     [not found] ` <1502267624-7066-1-git-send-email-bhe-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-08-09  8:33   ` [PATCH v10 02/12] iommu/amd: add several helper functions Baoquan He
2017-08-09  8:33   ` [PATCH v10 04/12] iommu/amd: Define bit fields for DTE particularly Baoquan He
2017-08-09  8:33   ` [PATCH v10 08/12] iommu: Add is_attach_deferred call-back to iommu-ops Baoquan He
2017-08-15 16:18   ` [PATCH v10 00/12] Fix the on-flight DMA issue on system with amd iommu Joerg Roedel
     [not found]     ` <20170815161810.GI2853-l3A5Bk7waGM@public.gmane.org>
2017-08-16  1:31       ` Baoquan He
2017-08-09  8:33 ` [PATCH v10 03/12] Revert "iommu/amd: Suppress IO_PAGE_FAULTs in kdump kernel" Baoquan He
2017-08-09  8:33 ` [PATCH v10 05/12] iommu/amd: Add function copy_dev_tables() Baoquan He
2017-08-09  8:33 ` [PATCH v10 06/12] iommu/amd: copy old trans table from old kernel Baoquan He
2017-08-09  8:33 ` [PATCH v10 07/12] iommu/amd: Do sanity check for address translation and irq remap of old dev table entry Baoquan He
2017-08-09  8:33 ` [PATCH v10 09/12] iommu/amd: Use is_attach_deferred call-back Baoquan He
2017-08-09  8:33 ` Baoquan He [this message]
2017-08-09  8:33 ` [PATCH v10 11/12] iommu/amd: Don't copy GCR3 table root pointer Baoquan He
2017-08-09  8:33 ` [PATCH v10 12/12] iommu/amd: Disable iommu only if amd_iommu=off is specified Baoquan He

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:d08ad74b092 dfblob:c348732f27d )
 OR (
bs:"[PATCH v10 10/12] iommu/amd: Allocate memory below 4G for dev table if translation pre-enabled" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1502267624-7066-11-git-send-email-bhe@redhat.com \
    --to=bhe@redhat.com \
    --cc=iommu@lists.linux-foundation.org \
    --cc=jroedel@suse.de \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).