From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51022) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjOBd-0002Wa-CV for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:10:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bjOBb-0004dl-2F for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:10:00 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:35960) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjOBa-0004Vr-Ot for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:09:58 -0400 Received: by mail-wm0-f67.google.com with SMTP id z194so512563wmd.3 for ; Mon, 12 Sep 2016 03:09:37 -0700 (PDT) From: David Kiarie Date: Mon, 12 Sep 2016 13:08:05 +0300 Message-Id: <1473674889-2727-3-git-send-email-davidkiarie4@gmail.com> In-Reply-To: <1473674889-2727-1-git-send-email-davidkiarie4@gmail.com> References: <1473674889-2727-1-git-send-email-davidkiarie4@gmail.com> Subject: [Qemu-devel] [v4 2/6] hw/i386: enforce SID verification List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: jan.kiszka@web.de, mst@redhat.com, rkrcmar@redhat.com, peterx@redhat.com, ehabkost@redhat.com, pbonzini@redhat.com, alex.williamson@redhat.com, David Kiarie Platform devices are now able to make interrupt request with explicit SIDs hence we can safely expect triggered AddressSpace ID to match the requesting ID Signed-off-by: David Kiarie --- hw/i386/intel_iommu.c | 77 ++++++++++++++++++++++++++------------------------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index 496d836..e4bad6a 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -2043,43 +2043,41 @@ static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index, return -VTD_FR_IR_IRTE_RSVD; } - if (sid != X86_IOMMU_SID_INVALID) { - /* Validate IRTE SID */ - source_id = le32_to_cpu(entry->irte.source_id); - switch (entry->irte.sid_vtype) { - case VTD_SVT_NONE: - VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); - break; - - case VTD_SVT_ALL: - mask = vtd_svt_mask[entry->irte.sid_q]; - if ((source_id & mask) != (sid & mask)) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index " - "%d failed (reqid 0x%04x sid 0x%04x)", index, - sid, source_id); - return -VTD_FR_IR_SID_ERR; - } - break; + /* Validate IRTE SID */ + source_id = le32_to_cpu(entry->irte.source_id); + switch (entry->irte.sid_vtype) { + case VTD_SVT_NONE: + VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); + break; - case VTD_SVT_BUS: - bus_max = source_id >> 8; - bus_min = source_id & 0xff; - bus = sid >> 8; - if (bus > bus_max || bus < bus_min) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " - "failed (bus %d outside %d-%d)", index, bus, - bus_min, bus_max); - return -VTD_FR_IR_SID_ERR; - } - break; + case VTD_SVT_ALL: + mask = vtd_svt_mask[entry->irte.sid_q]; + if ((source_id & mask) != (sid & mask)) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index " + "%d failed (reqid 0x%04x sid 0x%04x)", index, + sid, source_id); + return -VTD_FR_IR_SID_ERR; + } + break; - default: - VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " - "%d", entry->irte.sid_vtype, index); - /* Take this as verification failure. */ + case VTD_SVT_BUS: + bus_max = source_id >> 8; + bus_min = source_id & 0xff; + bus = sid >> 8; + if (bus > bus_max || bus < bus_min) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " + "failed (bus %d outside %d-%d)", index, bus, + bus_min, bus_max); return -VTD_FR_IR_SID_ERR; - break; } + break; + + default: + VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " + "%d", entry->irte.sid_vtype, index); + /* Take this as verification failure. */ + return -VTD_FR_IR_SID_ERR; + break; } return 0; @@ -2252,14 +2250,17 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr, { int ret = 0; MSIMessage from = {}, to = {}; - uint16_t sid = X86_IOMMU_SID_INVALID; + VTDAddressSpace *as = opaque; + uint16_t sid = PCI_BUILD_BDF(pci_bus_num(as->bus), as->devfn); from.address = (uint64_t) addr + VTD_INTERRUPT_ADDR_FIRST; from.data = (uint32_t) value; - if (!attrs.unspecified) { - /* We have explicit Source ID */ - sid = attrs.requester_id; + if (attrs.requester_id != sid) { + VTD_DPRINTF(GENERAL, "int remap request for sid 0x%04x" + " requester_id 0x%04x couldn't be verified", + sid, attrs.requester_id); + return MEMTX_ERROR; } ret = vtd_interrupt_remap_msi(opaque, &from, &to, sid); @@ -2325,7 +2326,7 @@ VTDAddressSpace *vtd_find_add_as(IntelIOMMUState *s, PCIBus *bus, int devfn) memory_region_init_iommu(&vtd_dev_as->iommu, OBJECT(s), &s->iommu_ops, "intel_iommu", UINT64_MAX); memory_region_init_io(&vtd_dev_as->iommu_ir, OBJECT(s), - &vtd_mem_ir_ops, s, "intel_iommu_ir", + &vtd_mem_ir_ops, vtd_dev_as, "intel_iommu_ir", VTD_INTERRUPT_ADDR_SIZE); memory_region_add_subregion(&vtd_dev_as->iommu, VTD_INTERRUPT_ADDR_FIRST, &vtd_dev_as->iommu_ir); -- 2.1.4