From: Jon Derrick <jonathan.derrick@intel.com>
To: <linux-pci@vger.kernel.org>, <iommu@lists.linux-foundation.org>
Cc: Bjorn Helgaas <helgaas@kernel.org>,
David Woodhouse <dwmw2@infradead.org>,
Keith Busch <keith.busch@intel.com>,
Scott Bauer <scott.bauer@intel.com>,
David Fugate <david.fugate@intel.com>,
<linux-kernel@vger.kernel.org>,
Jon Derrick <jonathan.derrick@intel.com>
Subject: [PATCH 3/3] iommu: prevent VMD child devices from being remapping targets
Date: Mon, 7 Aug 2017 13:57:13 -0600 [thread overview]
Message-ID: <20170807195713.10963-3-jonathan.derrick@intel.com> (raw)
In-Reply-To: <20170807195713.10963-1-jonathan.derrick@intel.com>
VMD child devices must use the VMD endpoint's ID as the DMA source.
Because of this, there needs to be a way to link the parent VMD
endpoint's DMAR domain to the VMD child devices' DMAR domain such that
attaching and detaching child devices modify the endpoint's DMAR mapping
and prevents early detaching.
This is outside the scope of VMD, so disable binding child devices to
prevent unforeseen issues. This functionality may be implemented in the
future.
This patch prevents VMD child devices from returning an IOMMU, which
prevents it from exposing iommu_group sysfs directories and subsequent
binding by userspace-access drivers such as VFIO.
Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
---
drivers/iommu/intel-iommu.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index 687f18f..651a6cd 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -905,6 +905,11 @@ static struct intel_iommu *device_to_iommu(struct device *dev, u8 *bus, u8 *devf
* the PF instead to find the IOMMU. */
pf_pdev = pci_physfn(pdev);
dev = &pf_pdev->dev;
+
+ /* VMD child devices currently cannot be handled individually */
+ if (pci_bus_is_vmd(pdev->bus))
+ return NULL;
+
segment = pci_domain_nr(pdev->bus);
} else if (has_acpi_companion(dev))
dev = &ACPI_COMPANION(dev)->dev;
--
2.9.4
next prev parent reply other threads:[~2017-08-07 19:57 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-07 19:57 [PATCH 1/3] MAINTAINERS: Add Jonathan Derrick as VMD maintainer Jon Derrick
2017-08-07 19:57 ` [PATCH 2/3] pci: Generalize is_vmd behavior Jon Derrick
2017-08-11 17:03 ` Bjorn Helgaas
2017-08-09 17:02 ` Jon Derrick
2017-08-07 19:57 ` Jon Derrick [this message]
2017-08-11 17:17 ` [PATCH 3/3] iommu: prevent VMD child devices from being remapping targets Bjorn Helgaas
2017-08-11 18:25 ` Robin Murphy
2017-08-09 17:13 ` Jon Derrick
2017-08-11 17:20 ` [PATCH 1/3] MAINTAINERS: Add Jonathan Derrick as VMD maintainer Bjorn Helgaas
2017-08-11 18:23 ` Keith Busch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170807195713.10963-3-jonathan.derrick@intel.com \
--to=jonathan.derrick@intel.com \
--cc=david.fugate@intel.com \
--cc=dwmw2@infradead.org \
--cc=helgaas@kernel.org \
--cc=iommu@lists.linux-foundation.org \
--cc=keith.busch@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=scott.bauer@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).