RE: [PATCH 2/2] iommu/amd: Do not use IOMMUv2 functionality when SME is active

From: Deucher, Alexander
Date: Wed Aug 26 2020 - 10:21:38 EST


[AMD Public Use]

+ Felix, Christian

> -----Original Message-----
> From: Joerg Roedel <joro@xxxxxxxxxx>
> Sent: Monday, August 24, 2020 6:54 AM
> To: iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx
> Cc: Joerg Roedel <joro@xxxxxxxxxx>; jroedel@xxxxxxx; Lendacky, Thomas
> <Thomas.Lendacky@xxxxxxx>; Suthikulpanit, Suravee
> <Suravee.Suthikulpanit@xxxxxxx>; Deucher, Alexander
> <Alexander.Deucher@xxxxxxx>; linux-kernel@xxxxxxxxxxxxxxx
> Subject: [PATCH 2/2] iommu/amd: Do not use IOMMUv2 functionality when
> SME is active
>
> From: Joerg Roedel <jroedel@xxxxxxx>
>
> When memory encryption is active the device is likely not in a direct mapped
> domain. Forbid using IOMMUv2 functionality for now until finer grained
> checks for this have been implemented.
>
> Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
> ---
> drivers/iommu/amd/iommu_v2.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/drivers/iommu/amd/iommu_v2.c
> b/drivers/iommu/amd/iommu_v2.c index c259108ab6dd..0d175aed1d92
> 100644
> --- a/drivers/iommu/amd/iommu_v2.c
> +++ b/drivers/iommu/amd/iommu_v2.c
> @@ -737,6 +737,13 @@ int amd_iommu_init_device(struct pci_dev *pdev,
> int pasids)
>
> might_sleep();
>
> + /*
> + * When memory encryption is active the device is likely not in a
> + * direct-mapped domain. Forbid using IOMMUv2 functionality for
> now.
> + */
> + if (mem_encrypt_active())
> + return -ENODEV;
> +
> if (!amd_iommu_v2_supported())
> return -ENODEV;
>
> --
> 2.28.0