From: Lu Baolu <baolu.lu@linux.intel.com>
To: Joerg Roedel <joro@8bytes.org>
Cc: YueHaibing <yuehaibing@huawei.com>,
Yanfei Xu <yanfei.xu@intel.com>,
Jacob Pan <jacob.jun.pan@linux.intel.com>,
iommu@lists.linux.dev, linux-kernel@vger.kernel.org
Subject: [PATCH 09/13] iommu: Prevent RESV_DIRECT devices from blocking domains
Date: Wed, 9 Aug 2023 20:48:02 +0800 [thread overview]
Message-ID: <20230809124806.45516-10-baolu.lu@linux.intel.com> (raw)
In-Reply-To: <20230809124806.45516-1-baolu.lu@linux.intel.com>
The IOMMU_RESV_DIRECT flag indicates that a memory region must be mapped
1:1 at all times. This means that the region must always be accessible to
the device, even if the device is attached to a blocking domain. This is
equal to saying that IOMMU_RESV_DIRECT flag prevents devices from being
attached to blocking domains.
This also implies that devices that implement RESV_DIRECT regions will be
prevented from being assigned to user space since taking the DMA ownership
immediately switches to a blocking domain.
The rule of preventing devices with the IOMMU_RESV_DIRECT regions from
being assigned to user space has existed in the Intel IOMMU driver for
a long time. Now, this rule is being lifted up to a general core rule,
as other architectures like AMD and ARM also have RMRR-like reserved
regions. This has been discussed in the community mailing list and refer
to below link for more details.
Other places using unmanaged domains for kernel DMA must follow the
iommu_get_resv_regions() and setup IOMMU_RESV_DIRECT - we do not restrict
them in the core code.
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Kevin Tian <kevin.tian@intel.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Link: https://lore.kernel.org/linux-iommu/BN9PR11MB5276E84229B5BD952D78E9598C639@BN9PR11MB5276.namprd11.prod.outlook.com
Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com>
Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Acked-by: Joerg Roedel <jroedel@suse.de>
Link: https://lore.kernel.org/r/20230724060352.113458-2-baolu.lu@linux.intel.com
---
include/linux/iommu.h | 2 ++
drivers/iommu/iommu.c | 37 +++++++++++++++++++++++++++----------
2 files changed, 29 insertions(+), 10 deletions(-)
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index 4cb584b08b81..9ed139bf111f 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -414,6 +414,7 @@ struct iommu_fault_param {
* @max_pasids: number of PASIDs this device can consume
* @attach_deferred: the dma domain attachment is deferred
* @pci_32bit_workaround: Limit DMA allocations to 32-bit IOVAs
+ * @require_direct: device requires IOMMU_RESV_DIRECT regions
*
* TODO: migrate other per device data pointers under iommu_dev_data, e.g.
* struct iommu_group *iommu_group;
@@ -428,6 +429,7 @@ struct dev_iommu {
u32 max_pasids;
u32 attach_deferred:1;
u32 pci_32bit_workaround:1;
+ u32 require_direct:1;
};
int iommu_device_register(struct iommu_device *iommu,
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index 738fee1a24f7..49e96a267a2b 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -1032,14 +1032,12 @@ static int iommu_create_device_direct_mappings(struct iommu_domain *domain,
unsigned long pg_size;
int ret = 0;
- if (!iommu_is_dma_domain(domain))
- return 0;
-
- BUG_ON(!domain->pgsize_bitmap);
-
- pg_size = 1UL << __ffs(domain->pgsize_bitmap);
+ pg_size = domain->pgsize_bitmap ? 1UL << __ffs(domain->pgsize_bitmap) : 0;
INIT_LIST_HEAD(&mappings);
+ if (WARN_ON_ONCE(iommu_is_dma_domain(domain) && !pg_size))
+ return -EINVAL;
+
iommu_get_resv_regions(dev, &mappings);
/* We need to consider overlapping regions for different devices */
@@ -1047,13 +1045,17 @@ static int iommu_create_device_direct_mappings(struct iommu_domain *domain,
dma_addr_t start, end, addr;
size_t map_size = 0;
+ if (entry->type == IOMMU_RESV_DIRECT)
+ dev->iommu->require_direct = 1;
+
+ if ((entry->type != IOMMU_RESV_DIRECT &&
+ entry->type != IOMMU_RESV_DIRECT_RELAXABLE) ||
+ !iommu_is_dma_domain(domain))
+ continue;
+
start = ALIGN(entry->start, pg_size);
end = ALIGN(entry->start + entry->length, pg_size);
- if (entry->type != IOMMU_RESV_DIRECT &&
- entry->type != IOMMU_RESV_DIRECT_RELAXABLE)
- continue;
-
for (addr = start; addr <= end; addr += pg_size) {
phys_addr_t phys_addr;
@@ -2182,6 +2184,21 @@ static int __iommu_device_set_domain(struct iommu_group *group,
{
int ret;
+ /*
+ * If the device requires IOMMU_RESV_DIRECT then we cannot allow
+ * the blocking domain to be attached as it does not contain the
+ * required 1:1 mapping. This test effectively excludes the device
+ * being used with iommu_group_claim_dma_owner() which will block
+ * vfio and iommufd as well.
+ */
+ if (dev->iommu->require_direct &&
+ (new_domain->type == IOMMU_DOMAIN_BLOCKED ||
+ new_domain == group->blocking_domain)) {
+ dev_warn(dev,
+ "Firmware has requested this device have a 1:1 IOMMU mapping, rejecting configuring the device without a 1:1 mapping. Contact your platform vendor.\n");
+ return -EINVAL;
+ }
+
if (dev->iommu->attach_deferred) {
if (new_domain == group->default_domain)
return 0;
--
2.34.1
next prev parent reply other threads:[~2023-08-09 12:51 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-09 12:47 [PATCH 00/13] [PULL REQUEST] Intel IOMMU updates for Linux v6.6 Lu Baolu
2023-08-09 12:47 ` [PATCH 01/13] iommu: Generalize PASID 0 for normal DMA w/o PASID Lu Baolu
2023-08-09 12:47 ` [PATCH 02/13] iommu: Move global PASID allocation from SVA to core Lu Baolu
2023-08-09 12:47 ` [PATCH 03/13] iommu/vt-d: Add domain_flush_pasid_iotlb() Lu Baolu
2023-08-09 12:47 ` [PATCH 04/13] iommu/vt-d: Remove pasid_mutex Lu Baolu
2023-08-09 12:47 ` [PATCH 05/13] iommu/vt-d: Make prq draining code generic Lu Baolu
2023-08-09 12:47 ` [PATCH 06/13] iommu/vt-d: Prepare for set_dev_pasid callback Lu Baolu
2023-08-09 12:48 ` [PATCH 07/13] iommu/vt-d: Add set_dev_pasid callback for dma domain Lu Baolu
2023-08-09 12:48 ` [PATCH 08/13] dmaengine/idxd: Re-enable kernel workqueue under DMA API Lu Baolu
2023-08-09 12:48 ` Lu Baolu [this message]
2023-08-09 12:48 ` [PATCH 10/13] iommu/vt-d: Remove rmrr check in domain attaching device path Lu Baolu
2023-08-09 12:48 ` [PATCH 11/13] iommu/vt-d: Fix to flush cache of PASID directory table Lu Baolu
2023-08-09 12:48 ` [PATCH 12/13] iommu/vt-d: Fix to convert mm pfn to dma pfn Lu Baolu
2023-08-09 12:48 ` [PATCH 13/13] iommu/vt-d: Remove unused extern declaration dmar_parse_dev_scope() Lu Baolu
2023-08-09 15:47 ` [PATCH 00/13] [PULL REQUEST] Intel IOMMU updates for Linux v6.6 Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230809124806.45516-10-baolu.lu@linux.intel.com \
--to=baolu.lu@linux.intel.com \
--cc=iommu@lists.linux.dev \
--cc=jacob.jun.pan@linux.intel.com \
--cc=joro@8bytes.org \
--cc=linux-kernel@vger.kernel.org \
--cc=yanfei.xu@intel.com \
--cc=yuehaibing@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox