From: CLEMENT MATHIEU--DRIF <clement.mathieu--drif@eviden.com>
To: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Cc: "jasowang@redhat.com" <jasowang@redhat.com>,
"zhenzhong.duan@intel.com" <zhenzhong.duan@intel.com>,
"kevin.tian@intel.com" <kevin.tian@intel.com>,
"yi.l.liu@intel.com" <yi.l.liu@intel.com>,
"joao.m.martins@oracle.com" <joao.m.martins@oracle.com>,
"peterx@redhat.com" <peterx@redhat.com>,
CLEMENT MATHIEU--DRIF <clement.mathieu--drif@eviden.com>
Subject: [PATCH ats_vtd v2 03/25] intel_iommu: check if the input address is canonical
Date: Wed, 15 May 2024 07:14:14 +0000 [thread overview]
Message-ID: <20240515071057.33990-4-clement.mathieu--drif@eviden.com> (raw)
In-Reply-To: <20240515071057.33990-1-clement.mathieu--drif@eviden.com>
First stage translation must fail if the address to translate is
not canonical.
Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
---
hw/i386/intel_iommu.c | 21 +++++++++++++++++++++
hw/i386/intel_iommu_internal.h | 2 ++
2 files changed, 23 insertions(+)
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 80cdf37870..0ecf00f37a 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -1912,6 +1912,7 @@ static const bool vtd_qualified_faults[] = {
[VTD_FR_PASID_ENTRY_P] = true,
[VTD_FR_PASID_TABLE_ENTRY_INV] = true,
[VTD_FR_SM_INTERRUPT_ADDR] = true,
+ [VTD_FR_FS_NON_CANONICAL] = true,
[VTD_FR_MAX] = false,
};
@@ -2023,6 +2024,20 @@ static inline uint64_t vtd_get_flpte_addr(uint64_t flpte, uint8_t aw)
return flpte & VTD_FL_PT_BASE_ADDR_MASK(aw);
}
+/* Return true if IOVA is canonical, otherwise false. */
+static bool vtd_iova_fl_check_canonical(IntelIOMMUState *s, uint64_t iova,
+ VTDContextEntry *ce, uint32_t pasid)
+{
+ uint64_t iova_limit = vtd_iova_limit(s, ce, s->aw_bits, pasid);
+ uint64_t upper_bits_mask = ~(iova_limit - 1);
+ uint64_t upper_bits = iova & upper_bits_mask;
+ bool msb = ((iova & (iova_limit >> 1)) != 0);
+ return !(
+ (!msb && (upper_bits != 0)) ||
+ (msb && (upper_bits != upper_bits_mask))
+ );
+}
+
/*
* Given the @iova, get relevant @flptep. @flpte_level will be the last level
* of the translation, can be used for deciding the size of large page.
@@ -2038,6 +2053,12 @@ static int vtd_iova_to_flpte(IntelIOMMUState *s, VTDContextEntry *ce,
uint32_t offset;
uint64_t flpte;
+ if (!vtd_iova_fl_check_canonical(s, iova, ce, pasid)) {
+ error_report_once("%s: detected non canonical IOVA (iova=0x%" PRIx64 ","
+ "pasid=0x%" PRIx32 ")", __func__, iova, pasid);
+ return -VTD_FR_FS_NON_CANONICAL;
+ }
+
while (true) {
offset = vtd_iova_fl_level_offset(iova, level);
flpte = vtd_get_flpte(addr, offset);
diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index 901691afb9..e9448291a4 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -324,6 +324,8 @@ typedef enum VTDFaultReason {
VTD_FR_PASID_ENTRY_P = 0x59, /* The Present(P) field of pasidt-entry is 0 */
VTD_FR_PASID_TABLE_ENTRY_INV = 0x5b, /*Invalid PASID table entry */
+ VTD_FR_FS_NON_CANONICAL = 0x80, /* SNG.1 : Address for FS not canonical.*/
+
/* Output address in the interrupt address range for scalable mode */
VTD_FR_SM_INTERRUPT_ADDR = 0x87,
VTD_FR_MAX, /* Guard */
--
2.44.0
next prev parent reply other threads:[~2024-05-15 7:18 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 7:14 [PATCH ats_vtd v2 00/25] ATS support for VT-d CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 01/25] intel_iommu: fix FRCD construction macro CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` CLEMENT MATHIEU--DRIF [this message]
2024-05-15 7:14 ` [PATCH ats_vtd v2 02/25] intel_iommu: make types match CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 07/25] intel_iommu: do not consider wait_desc as an invalid descriptor CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 06/25] intel_iommu: extract device IOTLB invalidation logic CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 04/25] intel_iommu: set accessed and dirty bits during first stage translation CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 05/25] intel_iommu: return page walk level even when the translation fails CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 10/25] pcie: helper functions to check if PASID and ATS are enabled CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 09/25] pcie: add helper to declare PASID capability for a pcie device CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 12/25] intel_iommu: add an internal API to find an address space with PASID CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 11/25] intel_iommu: declare supported PASID size CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 08/25] memory: add permissions in IOMMUAccessFlags CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 16/25] pci: add a pci-level initialization function for iommu notifiers CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 15/25] pci: add IOMMU operations to get address spaces and memory regions with PASID CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 14/25] pci: cache the bus mastering status in the device CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 13/25] intel_iommu: add support for PASID-based device IOTLB invalidation CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 18/25] intel_iommu: implement the get_memory_region_pasid iommu operation CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 17/25] intel_iommu: implement the get_address_space_pasid " CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 19/25] memory: Allow to store the PASID in IOMMUTLBEntry CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 20/25] intel_iommu: fill the PASID field when creating an instance of IOMMUTLBEntry CLEMENT MATHIEU--DRIF
2024-05-17 10:40 ` Duan, Zhenzhong
2024-05-17 11:11 ` CLEMENT MATHIEU--DRIF
2024-05-21 3:11 ` Duan, Zhenzhong
2024-05-21 5:09 ` CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 21/25] atc: generic ATC that can be used by PCIe devices that support SVM CLEMENT MATHIEU--DRIF
2024-05-17 10:44 ` Duan, Zhenzhong
2024-05-17 11:12 ` CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 22/25] memory: add an API for ATS support CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 23/25] pci: add a pci-level API for ATS CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 24/25] intel_iommu: set the address mask even when a translation fails CLEMENT MATHIEU--DRIF
2024-05-15 7:14 ` [PATCH ats_vtd v2 25/25] intel_iommu: add support for ATS CLEMENT MATHIEU--DRIF
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240515071057.33990-4-clement.mathieu--drif@eviden.com \
--to=clement.mathieu--drif@eviden.com \
--cc=jasowang@redhat.com \
--cc=joao.m.martins@oracle.com \
--cc=kevin.tian@intel.com \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=yi.l.liu@intel.com \
--cc=zhenzhong.duan@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).