[PATCH 2/2] iommu/amd: Do not use IOMMUv2 functionality when SME is active
From: Joerg Roedel
Date: Mon Aug 24 2020 - 06:54:27 EST
From: Joerg Roedel <jroedel@xxxxxxx>
When memory encryption is active the device is likely not in a direct
mapped domain. Forbid using IOMMUv2 functionality for now until finer
grained checks for this have been implemented.
Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
---
drivers/iommu/amd/iommu_v2.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/drivers/iommu/amd/iommu_v2.c b/drivers/iommu/amd/iommu_v2.c
index c259108ab6dd..0d175aed1d92 100644
--- a/drivers/iommu/amd/iommu_v2.c
+++ b/drivers/iommu/amd/iommu_v2.c
@@ -737,6 +737,13 @@ int amd_iommu_init_device(struct pci_dev *pdev, int pasids)
might_sleep();
+ /*
+ * When memory encryption is active the device is likely not in a
+ * direct-mapped domain. Forbid using IOMMUv2 functionality for now.
+ */
+ if (mem_encrypt_active())
+ return -ENODEV;
+
if (!amd_iommu_v2_supported())
return -ENODEV;
--
2.28.0