lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <D936D925018D154694D8A362EEB0892005AC105E@orsmsx416.amr.corp.intel.com>
Date:	Tue, 7 Oct 2008 13:34:52 -0700
From:	"Cihula, Joseph" <joseph.cihula@...el.com>
To:	<linux-kernel@...r.kernel.org>
Cc:	"Wang, Shane" <shane.wang@...el.com>,
	"Wei, Gang" <gang.wei@...el.com>,
	"Van De Ven, Arjan" <arjan.van.de.ven@...el.com>,
	"Mallick, Asit K" <asit.k.mallick@...el.com>,
	"Nakajima, Jun" <jun.nakajima@...el.com>,
	"Chris Wright" <chrisw@...hat.com>,
	"Jan Beulich" <jbeulich@...ell.com>, <mingo@...e.hu>,
	<tytso@....edu>
Subject: [RFC][PATCH 2/3] TXT: Intel IOMMU PMR Disable

Disable Intel VT-d (IOMMU) Protected Memory Regions (PMRs) when DMA
remapping is enabled.

Leaving the PMRs enabled may add more delay to the VT-d DMA request
processing (as another lookup may be performed) but whether they are
even used is not deterministic:
	DMA requests that are subject to address remapping, and
accessing the
	protected memory regions may or may not be blocked by hardware.
For
	such requests, software must not depend on hardware protection
of the
	protected memory regions, and instead program the DMA-remapping
	page-tables to block DMA to protected memory regions.
	-- from the description field of the PMEN_REG register in the
v1.2 (May '08) VT-d spec.

Signed-off-by:  Shane Wang <shane.wang@...el.com>
Signed-off-by:  Joseph Cihula <joseph.cihula@...el.com>

diff -r 29cfdc52a076 drivers/pci/intel-iommu.c
--- a/drivers/pci/intel-iommu.c Mon Oct 06 12:50:47 2008 -0700
+++ b/drivers/pci/intel-iommu.c Mon Oct 06 15:54:59 2008 -0700
@@ -742,6 +742,22 @@ static void iommu_disable_protect_mem_re
        spin_unlock_irqrestore(&iommu->register_lock, flags);
 }

+static void disable_pmr(struct intel_iommu *iommu)
+{
+       u32 data;
+
+       data = readl(iommu->reg + DMAR_PMEN_REG);
+       if (!(data & DMA_PMEN_PRS))
+               return;
+
+       data = data & ~DMA_PMEN_EPM;
+       writel(data, iommu->reg + DMAR_PMEN_REG);
+
+       IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
+               readl, !(data & DMA_PMEN_PRS), data);
+       return;
+}
+
 static int iommu_enable_translation(struct intel_iommu *iommu)
 {
        u32 sts;
@@ -755,6 +771,7 @@ static int iommu_enable_translation(stru
                readl, (sts & DMA_GSTS_TES), sts);

        iommu->gcmd |= DMA_GCMD_TE;
+       disable_pmr(iommu);
        spin_unlock_irqrestore(&iommu->register_lock, flags);
        return 0;
 }
diff -r 29cfdc52a076 drivers/pci/intel-iommu.h
--- a/drivers/pci/intel-iommu.h Mon Oct 06 12:50:47 2008 -0700
+++ b/drivers/pci/intel-iommu.h Mon Oct 06 15:54:59 2008 -0700
@@ -158,6 +158,10 @@ static inline void dmar_writeq(void __io
 #define DMA_GSTS_FLS (((u32)1) << 29)
 #define DMA_GSTS_AFLS (((u32)1) << 28)
 #define DMA_GSTS_WBFS (((u32)1) << 27)
+
+/* PMEN_REG */
+#define DMA_PMEN_EPM (((u32)1) << 31)
+#define DMA_PMEN_PRS (((u32)1) << 0)

 /* CCMD_REG */
 #define DMA_CCMD_ICC (((u64)1) << 63)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ