From patchwork Tue Feb 28 02:33:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Baolu Lu X-Patchwork-Id: 62235 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp2774355wrd; Mon, 27 Feb 2023 18:53:57 -0800 (PST) X-Google-Smtp-Source: AK7set+oQTMuUuIYLacHP08tbFnINPd5rUlYLaCHKBUXvojQyplmsg/vquKWqKLM+leJYEnCLwNg X-Received: by 2002:a17:906:80da:b0:8ae:11ca:81de with SMTP id a26-20020a17090680da00b008ae11ca81demr773653ejx.34.1677552837523; Mon, 27 Feb 2023 18:53:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677552837; cv=none; d=google.com; s=arc-20160816; b=bFkON+hfRmoSXEPnKkT0JfbvHhNoPpCz+yEq72ns2zEgN73dUZe9D6K3FnqwX60lHs p0mWXGJMI32KwARh2vhwgEqM6qbQgdCDNB5nhNBcPNgvPJSi0W5FrbNBa9c+zONrixc0 TQPTPEOql0iRoD/Jid3teEXoiER0AQYyZ79ITnGfAoGHF8UbJPyy+laDUuwC5QUqkB07 vQDDuPoHUIY1oXrt6L/P+m1ortSW06pYONZ5tpMXTwAJA3H2FG65cTguDI4yER/Im/dh CBLC644Kg/SHYwXNPp+omrK/fHBGWcJCIJroyLxi48FZ1yubY/rz5285MqeyNmFvIP/Q yNPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=fNlFi2f+ki3hEnV8bhIK+Xh8Jx9SsqBwwRSMO8vKruU=; b=mQpi50rqv4Xa+Saz7gYv3Ctoxcz2A+1meD94suswoBrPhTY3j2NqUOcCon8cWlU2F4 P/Ey9XA3o/JBSepi069NzlicCYf7Tan+JWhMUVbp/+kcORz0tKU0BclXt0dmcZOaclOh 3UjCryYJ7s2XJHCqPMeVlVhnucTE+yKrovLwcgzw6ptl7PBGCsp1tls5hEK8scuJRes0 EV9dWNJYxQqY6o/JaGIC3NolKi5B+D4TDrQEa5SU8dF6+7uKxwBzVACW/GTZzMMLRW6Q yF5RoU+G9TMn+72+pjy+h4DoR7Bo7nNRamSYqPX3xgs0fe9kD3TBLoDLbB5DZVoIVmf+ Dj5A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=T631mDim; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id sa23-20020a170906edb700b008d0d38769dcsi10418302ejb.324.2023.02.27.18.53.34; Mon, 27 Feb 2023 18:53:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=T631mDim; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229525AbjB1Cm1 (ORCPT + 99 others); Mon, 27 Feb 2023 21:42:27 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229471AbjB1CmZ (ORCPT ); Mon, 27 Feb 2023 21:42:25 -0500 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 89D7028D3E for ; Mon, 27 Feb 2023 18:42:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1677552141; x=1709088141; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=A0CRrdLyu+AkROlOaV6sxjn4YAoa5LBpAtnl3pAoGX8=; b=T631mDimijDQTmeZ0aRqjVg6B2lLQWh99jZtCugdALht7WpMLRuZ+vwn g3ubAJV2Ys8ZztbzlU3m2Gf/OnEaKOvBA7apMQZYnZG7xOCc1o+6Wpotu F7M22bP2sC2SKZEYFO1Sx+w0a3alpLzO7T1HSQyQF4fCRLaB+xP2YOb+c aQ8oDylzQVKgq40wpxQ9Lias3ENGrhnqZrWJttcFgNIdYhIbwYa/VvKid 2Y92YYzqFzjeaEuP2SvaTJgGc5Cog2mp93QGKhlg7AsqdqlvJLzAWnvJY QdOVCtdyz9msSTrrzpkruo5VOs6Hbrae0dmEpL1HsTH3s04byJFG9qHlh Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="322278097" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="322278097" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Feb 2023 18:42:20 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10634"; a="673963809" X-IronPort-AV: E=Sophos;i="5.98,220,1673942400"; d="scan'208";a="673963809" Received: from allen-box.sh.intel.com ([10.239.159.48]) by orsmga002.jf.intel.com with ESMTP; 27 Feb 2023 18:42:18 -0800 From: Lu Baolu To: iommu@lists.linux.dev Cc: Joerg Roedel , Will Deacon , Robin Murphy , Kevin Tian , Jason Gunthorpe , linux-kernel@vger.kernel.org, Lu Baolu Subject: [PATCH 1/1] iommu/vt-d: Add opt-in for ATS support on discrete devices Date: Tue, 28 Feb 2023 10:33:41 +0800 Message-Id: <20230228023341.973671-1-baolu.lu@linux.intel.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1759041644188360424?= X-GMAIL-MSGID: =?utf-8?q?1759041644188360424?= In normal processing of PCIe ATS requests, the IOMMU performs address translation and returns the device a physical memory address which will be stored in that device's IOTLB. The device may subsequently issue Translated DMA request containing physical memory address. The IOMMU only checks that the device was allowed to issue such requests and does not attempt to validate the physical address. The Intel IOMMU implementation only allows PCIe ATS on several SOC- integrated devices which are opt-in’ed through the ACPI tables to prevent any compromised device from accessing arbitrary physical memory. Add a kernel option intel_iommu=relax_ats to allow users to have an opt-in to allow turning on ATS at as wish, especially for CSP-owned vertical devices. In any case, risky devices are not allowed to use ATS. Signed-off-by: Lu Baolu --- Documentation/admin-guide/kernel-parameters.txt | 6 ++++++ drivers/iommu/intel/iommu.c | 7 +++++++ 2 files changed, 13 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 6221a1d057dd..490fae585f73 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2075,6 +2075,12 @@ Note that using this option lowers the security provided by tboot because it makes the system vulnerable to DMA attacks. + relax_ats + By default, the Intel IOMMU implementation only allows + ATS to be enabled on certain devices. The platform + advertises its allowed devices in ACPI tables like SATC + and ATSR. With this option, this ATS requirement is + relaxed so that discrete PCI devices can also use ATS. intel_idle.max_cstate= [KNL,HW,ACPI,X86] 0 disables intel_idle and fall back on acpi_idle. diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c index 7c2f4bd33582..4f6c6d8716bd 100644 --- a/drivers/iommu/intel/iommu.c +++ b/drivers/iommu/intel/iommu.c @@ -290,6 +290,7 @@ static int dmar_map_gfx = 1; static int intel_iommu_superpage = 1; static int iommu_identity_mapping; static int iommu_skip_te_disable; +static int iommu_relaxed_ats; #define IDENTMAP_GFX 2 #define IDENTMAP_AZALIA 4 @@ -349,6 +350,9 @@ static int __init intel_iommu_setup(char *str) } else if (!strncmp(str, "tboot_noforce", 13)) { pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n"); intel_iommu_tboot_noforce = 1; + } else if (!strncmp(str, "relax_ats", 9)) { + pr_info("ATS reqirement is relaxed\n"); + iommu_relaxed_ats = 1; } else { pr_notice("Unknown option - '%s'\n", str); } @@ -3557,6 +3561,9 @@ static int dmar_ats_supported(struct pci_dev *dev, struct intel_iommu *iommu) struct dmar_atsr_unit *atsru; struct dmar_satc_unit *satcu; + if (iommu_relaxed_ats && !dev->untrusted) + return 1; + dev = pci_physfn(dev); satcu = dmar_find_matched_satc_unit(dev); if (satcu)