[PATCH v7 7/8] iommu/vt-d: Add nested domain allocation
From: Yi Liu
Date: Tue Oct 24 2023 - 11:27:25 EST
From: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
This adds the support for IOMMU_HWPT_DATA_VTD_S1 type. And 'nested_parent'
is added to mark the nested parent domain to sanitize the input parent domain.
Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
Signed-off-by: Yi Liu <yi.l.liu@xxxxxxxxx>
---
drivers/iommu/intel/iommu.c | 67 +++++++++++++++++++++++++------------
drivers/iommu/intel/iommu.h | 1 +
2 files changed, 46 insertions(+), 22 deletions(-)
diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 292baa64188b..85366862fb5e 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -4077,46 +4077,69 @@ intel_iommu_domain_alloc_user(struct device *dev, u32 flags,
struct iommu_domain *parent,
const struct iommu_user_data *user_data)
{
- struct iommu_domain *domain;
struct intel_iommu *iommu;
bool dirty_tracking;
+ bool nested_parent;
if (flags &
(~(IOMMU_HWPT_ALLOC_NEST_PARENT | IOMMU_HWPT_ALLOC_DIRTY_TRACKING)))
return ERR_PTR(-EOPNOTSUPP);
- if (parent || user_data)
- return ERR_PTR(-EOPNOTSUPP);
-
iommu = device_to_iommu(dev, NULL, NULL);
if (!iommu)
return ERR_PTR(-ENODEV);
- if ((flags & IOMMU_HWPT_ALLOC_NEST_PARENT) && !nested_supported(iommu))
- return ERR_PTR(-EOPNOTSUPP);
-
+ nested_parent = flags & IOMMU_HWPT_ALLOC_NEST_PARENT;
dirty_tracking = (flags & IOMMU_HWPT_ALLOC_DIRTY_TRACKING);
- if (dirty_tracking && !ssads_supported(iommu))
- return ERR_PTR(-EOPNOTSUPP);
- /*
- * domain_alloc_user op needs to fully initialize a domain
- * before return, so uses iommu_domain_alloc() here for
- * simple.
- */
- domain = iommu_domain_alloc(dev->bus);
- if (!domain)
- domain = ERR_PTR(-ENOMEM);
+ if (!user_data) { /* Must be PAGING domain */
+ struct iommu_domain *domain;
- if (!IS_ERR(domain) && dirty_tracking) {
- if (to_dmar_domain(domain)->use_first_level) {
- iommu_domain_free(domain);
+ if (nested_parent && !nested_supported(iommu))
return ERR_PTR(-EOPNOTSUPP);
+ if (dirty_tracking && !ssads_supported(iommu))
+ return ERR_PTR(-EOPNOTSUPP);
+ if (parent)
+ return ERR_PTR(-EINVAL);
+
+ /*
+ * domain_alloc_user op needs to fully initialize a domain
+ * before return, so uses iommu_domain_alloc() here for
+ * simple.
+ */
+ domain = iommu_domain_alloc(dev->bus);
+ if (!domain)
+ return ERR_PTR(-ENOMEM);
+
+ if (nested_parent)
+ to_dmar_domain(domain)->nested_parent = true;
+
+ if (dirty_tracking) {
+ if (to_dmar_domain(domain)->use_first_level) {
+ iommu_domain_free(domain);
+ return ERR_PTR(-EOPNOTSUPP);
+ }
+ domain->dirty_ops = &intel_dirty_ops;
}
- domain->dirty_ops = &intel_dirty_ops;
+
+ return domain;
}
- return domain;
+ /* Must be nested domain */
+ if (user_data->type != IOMMU_HWPT_DATA_VTD_S1)
+ return ERR_PTR(-EOPNOTSUPP);
+ if (!nested_supported(iommu))
+ return ERR_PTR(-EOPNOTSUPP);
+ if (!parent || parent->ops != intel_iommu_ops.default_domain_ops)
+ return ERR_PTR(-EINVAL);
+ if (!to_dmar_domain(parent)->nested_parent)
+ return ERR_PTR(-EINVAL);
+ if (nested_parent)
+ return ERR_PTR(-EINVAL);
+ if (dirty_tracking)
+ return ERR_PTR(-EINVAL);
+
+ return intel_nested_domain_alloc(parent, user_data);
}
static void intel_iommu_domain_free(struct iommu_domain *domain)
diff --git a/drivers/iommu/intel/iommu.h b/drivers/iommu/intel/iommu.h
index d5aaaedf2094..65e660eb1f47 100644
--- a/drivers/iommu/intel/iommu.h
+++ b/drivers/iommu/intel/iommu.h
@@ -601,6 +601,7 @@ struct dmar_domain {
* level.
*/
u8 dirty_tracking:1; /* Dirty tracking is enabled */
+ u8 nested_parent:1; /* Has other domains nested on it */
spinlock_t lock; /* Protect device tracking lists */
struct list_head devices; /* all devices' list */
--
2.34.1