From patchwork Sat Dec 2 09:26:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yan Zhao X-Patchwork-Id: 172779 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp1675782vqy; Sat, 2 Dec 2023 01:55:09 -0800 (PST) X-Google-Smtp-Source: AGHT+IHCryIJ59DPjY5E5X88GkudgkTmjzIhC0J2AevQ0RYaKQLHctTR7d5Yhayt5JywRPC5uOeg X-Received: by 2002:a05:6a00:23d6:b0:6ce:2731:a07d with SMTP id g22-20020a056a0023d600b006ce2731a07dmr1124895pfc.44.1701510909264; Sat, 02 Dec 2023 01:55:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1701510909; cv=none; d=google.com; s=arc-20160816; b=szFxw75TdpaIR+qSuQjGRhAXBQxZq2qq3IAE6Kfo/OLngum4Eb63Is2C7uPlxKXi7C XRtlFfcNJG2gxz3P2rxUMmu3Wbbn5JmIxmkNRLDNrcP9TqEl1/hVCxgtM/pEHUFuNzWW cQhmv/25RjBNCG6NWZ42lq5b/11pEbTGOPOwm1AENm5B7gyLlHs2RDTGo4s4ywLuhMMg HMIt2O931rEme5pdAft+D08BTDPPW+FQOdSzxPdYiphgxhXM/PW9DduXCAVWwyU1gWoD e8nSACGOL7JKHFJQVWzCiAVoHmYfYRaOS6NXHB0qj7nvuj0s2rAtR+An50PxKkDoyfN7 BJcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from:dkim-signature; bh=EG4h1I/ECpq5Eowipx26ui/2Y4uYI6X3hLUS6eOoi3E=; fh=+WI4m5k3dRLR+dR3neThuZkNBTzIm/a8HgtddERL9fA=; b=KWNzw3K59UuTAdicRwwy//q8qHfRyIXg6zsgPMyr7wld+63U8QO/ylx2hNkrSJ5ifP p610L3TDK736twF1UvtwrED6PbmQUh2elXvCBDeYLwnW9iaxuXtiotRyeYAYK/aQEl2q Pnd2vklqqrEK/CqMcDxb/bXEZ5Kb7UTl9NBn6IZFRHDs6hYtcUPWzZEHekkrsx/UYlGe as9pOV4E3PnXiiPOs0wGbPOC+k2fGcFCmls+bGSpSH3w0zrO3c8Atg2z09wsltkSVyIC 5Z4jgxpvvVaYs91yTdtaU3dA+YTh3yL3qcc2//oioHkelZ2Q3bmqTWzxFkNQwIv+3nvI 2QYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GpvP4aUk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id x6-20020aa784c6000000b006cd9be7fc74si80005pfn.355.2023.12.02.01.55.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 02 Dec 2023 01:55:09 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=GpvP4aUk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 51E5D8075010; Sat, 2 Dec 2023 01:55:04 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232398AbjLBJyz (ORCPT + 99 others); Sat, 2 Dec 2023 04:54:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54054 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232253AbjLBJyy (ORCPT ); Sat, 2 Dec 2023 04:54:54 -0500 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AA98CC; Sat, 2 Dec 2023 01:55:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1701510901; x=1733046901; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=qum6bCO8m1UvZ+EuWUSsWmgfywLvc9j17rJU1lVG7vc=; b=GpvP4aUkodMLkK1ZQa9oV57K5vnj9XouXDzVO88zrBYZmeFNyEiViWle 8ipuBfa4HMy7sAhQEsJzA9Ll1SUB95xxj7I+BlcTZR3kEHHbc3C47T544 ZmI4MaqS/GimDRi9JRi5T1moEgsBZ8OndUm78AcL+dFaw5sR1TVt+Fj3A fTg9Ulp22qN6AjvNBBD6rAFOqoFZoCXG36o89v/gNcqQmL+ILc0so4+mp CdEL5jQBzBC2J/e9NNoNJeZOsvMxteQTv1tMcUHS9cjI0R7QPhMDL0dSU f0B2L9x82rKuUOIyTZJfbYyQU3EdLrYG+GtlrrPbGqVrOcOtkvo9u23B/ Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10911"; a="393322186" X-IronPort-AV: E=Sophos;i="6.04,245,1695711600"; d="scan'208";a="393322186" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Dec 2023 01:55:00 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10911"; a="804336985" X-IronPort-AV: E=Sophos;i="6.04,245,1695711600"; d="scan'208";a="804336985" Received: from yzhao56-desk.sh.intel.com ([10.239.159.62]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Dec 2023 01:54:56 -0800 From: Yan Zhao To: iommu@lists.linux.dev, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: alex.williamson@redhat.com, jgg@nvidia.com, pbonzini@redhat.com, seanjc@google.com, joro@8bytes.org, will@kernel.org, robin.murphy@arm.com, kevin.tian@intel.com, baolu.lu@linux.intel.com, dwmw2@infradead.org, yi.l.liu@intel.com, Yan Zhao Subject: [RFC PATCH 21/42] iommu/vt-d: Check reserved bits for IOMMU_DOMAIN_KVM domain Date: Sat, 2 Dec 2023 17:26:02 +0800 Message-Id: <20231202092602.14704-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20231202091211.13376-1-yan.y.zhao@intel.com> References: <20231202091211.13376-1-yan.y.zhao@intel.com> X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Sat, 02 Dec 2023 01:55:04 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1784163502860159959 X-GMAIL-MSGID: 1784163502860159959 Compatibility check between IOMMU driver and KVM. rsvd_bits_mask is provided by KVM to guarantee that the set bits are must-be-zero bits in PTEs. Intel vt-d driver can check it to see if all must-be-zero bits required by IOMMU side are included. In this RFC, only bit 11 is checked for simplicity and demo purpose. Signed-off-by: Yan Zhao --- drivers/iommu/intel/kvm.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/drivers/iommu/intel/kvm.c b/drivers/iommu/intel/kvm.c index 1ce334785430b..998d6daaf7ea1 100644 --- a/drivers/iommu/intel/kvm.c +++ b/drivers/iommu/intel/kvm.c @@ -32,6 +32,18 @@ static bool is_iommu_cap_compatible_to_kvm_domain(struct dmar_domain *domain, return true; } +static int check_tdp_reserved_bits(const struct kvm_exported_tdp_meta_vmx *tdp) +{ + int i; + + for (i = PT64_ROOT_MAX_LEVEL; --i >= 0;) { + if (!(tdp->rsvd_bits_mask[0][i] & BIT(11)) || + !(tdp->rsvd_bits_mask[1][i] & BIT(11))) + return -EFAULT; + } + return 0; +} + int prepare_kvm_domain_attach(struct dmar_domain *domain, struct intel_iommu *iommu) { if (is_iommu_cap_compatible_to_kvm_domain(domain, iommu)) @@ -90,6 +102,11 @@ intel_iommu_domain_alloc_kvm(struct device *dev, u32 flags, const void *data) return ERR_PTR(-EOPNOTSUPP); } + if (check_tdp_reserved_bits(tdp)) { + pr_err("Reserved bits incompatible between KVM and IOMMU\n"); + return ERR_PTR(-EOPNOTSUPP); + } + dmar_domain = alloc_domain(IOMMU_DOMAIN_KVM); if (!dmar_domain) return ERR_PTR(-ENOMEM);