RE: [PATCH 4/4] thunderbolt: Export IOMMU based DMA protection support to userspace
From: Mario.Limonciello
Date: Mon Nov 12 2018 - 11:23:01 EST
> -----Original Message-----
> From: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>
> Sent: Monday, November 12, 2018 10:06 AM
> To: iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx
> Cc: Joerg Roedel; David Woodhouse; Lu Baolu; Ashok Raj; Bjorn Helgaas; Rafael J.
> Wysocki; Jacob jun Pan; Andreas Noever; Michael Jamet; Yehezkel Bernat; Lukas
> Wunner; Christian Kellner; Limonciello, Mario; Anthony Wong; Mika Westerberg;
> linux-acpi@xxxxxxxxxxxxxxx; linux-pci@xxxxxxxxxxxxxxx; linux-
> kernel@xxxxxxxxxxxxxxx
> Subject: [PATCH 4/4] thunderbolt: Export IOMMU based DMA protection support
> to userspace
>
>
>
>
> Recent systems shipping with Windows 10 version 1803 or later may
> support a feature called Kernel DMA protection [1]. In practice this
> means that Thunderbolt connected devices are placed behind an IOMMU
> during the whole time it is connected (including during boot) making
> Thunderbolt security levels redundant. Some of these systems still have
> Thunderbolt security level set to "user" in order to support OS
> downgrade (the older version of the OS might not support IOMMU based DMA
> protection so connecting a device still relies on user approval then).
>
> Export this information to userspace by introducing a new sysfs
> attribute (iommu_dma_protection). Based on it userspace tools can make
> more accurate decision whether or not authorize the connected device.
>
> In addition update Thunderbolt documentation regarding IOMMU based DMA
> protection.
>
> [1] https://docs.microsoft.com/en-us/windows/security/information-
> protection/kernel-dma-protection-for-thunderbolt
>
> Signed-off-by: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>
> ---
> .../ABI/testing/sysfs-bus-thunderbolt | 9 ++++++++
> Documentation/admin-guide/thunderbolt.rst | 23 +++++++++++++++++++
> drivers/thunderbolt/domain.c | 17 ++++++++++++++
> 3 files changed, 49 insertions(+)
>
> diff --git a/Documentation/ABI/testing/sysfs-bus-thunderbolt
> b/Documentation/ABI/testing/sysfs-bus-thunderbolt
> index 151584a1f950..b21fba14689b 100644
> --- a/Documentation/ABI/testing/sysfs-bus-thunderbolt
> +++ b/Documentation/ABI/testing/sysfs-bus-thunderbolt
> @@ -21,6 +21,15 @@ Description: Holds a comma separated list of device
> unique_ids that
> If a device is authorized automatically during boot its
> boot attribute is set to 1.
>
> +What: /sys/bus/thunderbolt/devices/.../domainX/iommu_dma_protection
> +Date: Mar 2019
> +KernelVersion: 4.21
> +Contact: thunderbolt-software@xxxxxxxxxxxx
> +Description: This attribute tells whether the system uses IOMMU
> + for DMA protection. Value of 1 means IOMMU is used 0 means
> + it is not (DMA protection is solely based on Thunderbolt
> + security levels).
> +
> What: /sys/bus/thunderbolt/devices/.../domainX/security
> Date: Sep 2017
> KernelVersion: 4.13
> diff --git a/Documentation/admin-guide/thunderbolt.rst b/Documentation/admin-
> guide/thunderbolt.rst
> index 35fccba6a9a6..ccac2596a49f 100644
> --- a/Documentation/admin-guide/thunderbolt.rst
> +++ b/Documentation/admin-guide/thunderbolt.rst
> @@ -133,6 +133,29 @@ If the user still wants to connect the device they can
> either approve
> the device without a key or write a new key and write 1 to the
> ``authorized`` file to get the new key stored on the device NVM.
>
> +DMA protection utilizing IOMMU
> +------------------------------
> +Recent systems shipping with Windows 10 version 1803 or later may support a
> +feature called `Kernel DMA Protection for Thunderbolt 3`_. This means that
Keep in mind there will be systems that ship with Linux that enable this feature too ;)
It might be better to make it time frame and platform firmware oriented as it's
entirely possible for an OEM to have a field firmware upgrade that may enable this
functionality from the platform and allow an end user to upgrade to a sufficiently
protected kernel or Windows OS to take advantage of it.
> +Thunderbolt security is handled by an IOMMU so connected devices cannot
> +access memory regions outside of what is allocated for them by drivers.
> +When Linux is running on such system it automatically enables IOMMU if not
> +enabled by the user already. These systems can be identified by reading
> +``1`` from ``/sys/bus/thunderbolt/devices/domainX/iommu_dma_protection``
> +attribute.
> +
> +The driver does not do anything special in this case but because DMA
> +protection is handled by the IOMMU, security levels (if set) are
> +redundant. For this reason some systems ship with security level set to
> +``none``. Other systems have security level set to ``user`` in order to
> +support downgrade to older Windows, so users who want to automatically
> +authorize devices when IOMMU DMA protection is enabled can use the
> +following ``udev`` rule::
> +
> + ACTION=="add", SUBSYSTEM=="thunderbolt",
> ATTRS{iommu_dma_protection}=="1", ATTR{authorized}=="0",
> ATTR{authorized}="1"
> +
> +.. _Kernel DMA Protection for Thunderbolt 3: https://docs.microsoft.com/en-
> us/windows/security/information-protection/kernel-dma-protection-for-
> thunderbolt
> +
> Upgrading NVM on Thunderbolt device or host
> -------------------------------------------
> Since most of the functionality is handled in firmware running on a
> diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c
> index 93e562f18d40..7416bdbd8576 100644
> --- a/drivers/thunderbolt/domain.c
> +++ b/drivers/thunderbolt/domain.c
> @@ -7,7 +7,9 @@
> */
>
> #include <linux/device.h>
> +#include <linux/dmar.h>
> #include <linux/idr.h>
> +#include <linux/iommu.h>
> #include <linux/module.h>
> #include <linux/pm_runtime.h>
> #include <linux/slab.h>
> @@ -236,6 +238,20 @@ static ssize_t boot_acl_store(struct device *dev, struct
> device_attribute *attr,
> }
> static DEVICE_ATTR_RW(boot_acl);
>
> +static ssize_t iommu_dma_protection_show(struct device *dev,
> + struct device_attribute *attr,
> + char *buf)
> +{
> + /*
> + * Kernel DMA protection is a feature where Thunderbolt security is
> + * handled natively using IOMMU. It is enabled when IOMMU is
> + * enabled and ACPI DMAR table has DMAR_PLATFORM_OPT_IN set.
> + */
> + return sprintf(buf, "%d\n",
> + iommu_present(&pci_bus_type) && dmar_platform_optin());
> +}
> +static DEVICE_ATTR_RO(iommu_dma_protection);
> +
> static ssize_t security_show(struct device *dev, struct device_attribute *attr,
> char *buf)
> {
> @@ -251,6 +267,7 @@ static DEVICE_ATTR_RO(security);
>
> static struct attribute *domain_attrs[] = {
> &dev_attr_boot_acl.attr,
> + &dev_attr_iommu_dma_protection.attr,
> &dev_attr_security.attr,
> NULL,
> };
> --
> 2.19.1