[RESEND PATCH] iommu/intel: Exclude devices using RMRRs from IOMMU API domains

From: Alex Williamson
Date: Thu Jun 12 2014 - 12:35:57 EST

Next message: Georgi Djakov: "[PATCH v1] clk: qcom: Add APQ8084 Multimedia Clock Controller (MMCC) support"
Previous message: Tejun Heo: "[PATCH 04/12] percpu: move accessors from include/linux/percpu.h to percpu-defs.h"
Next in thread: David Woodhouse: "Re: [RESEND PATCH] iommu/intel: Exclude devices using RMRRs from IOMMU API domains"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The user of the IOMMU API domain expects to have full control of
the IOVA space for the domain. RMRRs are fundamentally incompatible
with that idea. We can neither map the RMRR into the IOMMU API
domain, nor can we guarantee that the device won't continue DMA with
the area described by the RMRR as part of the new domain. Therefore
we must prevent such devices from being used by the IOMMU API.

Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx>
---

I didn't see any actionable items from the last posting of this, so
re-posting unchanged.

drivers/iommu/intel-iommu.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)

diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index c4f11c0..41db805 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -4171,6 +4171,21 @@ static int intel_iommu_attach_device(struct iommu_domain *domain,
int addr_width;
u8 bus, devfn;

+ /*
+ * With IOMMU API domains we don't have the freedom to insert RMRR
+ * entries into the domain mapping, the IOMMU API user expects full
+ * control of the IOVA space of the device. We also have no ability
+ * to shutdown whatever back channel operations occur through the
+ * RMRR. Therefore our only option is to prevent devices making use
+ * of RMRRs from being used by the IOMMU API. As usual we exempt
+ * USB devices since their RMRR support is largely historical.
+ */
+ if (device_has_rmrr(dev) && (!dev_is_pci(dev) ||
+ (to_pci_dev(dev)->class >> 8) != PCI_CLASS_SERIAL_USB)) {
+ dev_warn(dev, "Device is ineligible for IOMMU domain attach due to platform RMRR requirement. Contact your platform vendor.\n");
+ return -EPERM;
+ }
+
/* normally dev is not mapped */
if (unlikely(domain_context_mapped(dev))) {
struct dmar_domain *old_domain;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Georgi Djakov: "[PATCH v1] clk: qcom: Add APQ8084 Multimedia Clock Controller (MMCC) support"
Previous message: Tejun Heo: "[PATCH 04/12] percpu: move accessors from include/linux/percpu.h to percpu-defs.h"
Next in thread: David Woodhouse: "Re: [RESEND PATCH] iommu/intel: Exclude devices using RMRRs from IOMMU API domains"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]