lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <48EBEF53.9060904@linux.intel.com>
Date:	Tue, 07 Oct 2008 16:22:59 -0700
From:	Joseph Cihula <joseph.cihula@...ux.intel.com>
To:	linux-kernel@...r.kernel.org
CC:	shane.wang@...el.com, gang.wei@...el.com, arjan@...ux.intel.com,
	asit.k.mallick@...el.com, jun.nakajima@...el.com,
	chrisw@...s-sol.org, jbeulich@...ell.com, mingo@...e.hu,
	tytso@....edu, linux-kernel@...r.kernel.org,
	joseph.cihula@...el.com
Subject: [RFC][PATCH 2/3] TXT: Intel IOMMU PMR Disable

(re-posted with apologies for formatting and email addresses)

Disable Intel VT-d (IOMMU) Protected Memory Regions (PMRs) when DMA 
remapping is enabled.

Leaving the PMRs enabled may add more delay to the VT-d DMA request 
processing (as another lookup may be performed) but whether they are 
even used is not deterministic:
    DMA requests that are subject to address remapping, and accessing the
    protected memory regions may or may not be blocked by hardware. For
    such requests, software must not depend on hardware protection of the
    protected memory regions, and instead program the DMA-remapping
    page-tables to block DMA to protected memory regions.
    -- from the description field of the PMEN_REG register in the v1.2 
(May '08) VT-d spec.

Signed-off-by:  Shane Wang <shane.wang@...el.com>
Signed-off-by:  Joseph Cihula <joseph.cihula@...el.com>

---

diff -r 29cfdc52a076 drivers/pci/intel-iommu.c
--- a/drivers/pci/intel-iommu.c	Mon Oct 06 12:50:47 2008 -0700
+++ b/drivers/pci/intel-iommu.c	Mon Oct 06 15:54:59 2008 -0700
@@ -742,6 +742,22 @@ static void iommu_disable_protect_mem_re
 	spin_unlock_irqrestore(&iommu->register_lock, flags);
 }
 
+static void disable_pmr(struct intel_iommu *iommu)
+{
+	u32 data;
+
+	data = readl(iommu->reg + DMAR_PMEN_REG);
+	if (!(data & DMA_PMEN_PRS))
+		return;
+
+	data = data & ~DMA_PMEN_EPM;
+	writel(data, iommu->reg + DMAR_PMEN_REG);
+
+	IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
+		readl, !(data & DMA_PMEN_PRS), data);
+	return;
+}
+
 static int iommu_enable_translation(struct intel_iommu *iommu)
 {
 	u32 sts;
@@ -755,6 +771,7 @@ static int iommu_enable_translation(stru
 		readl, (sts & DMA_GSTS_TES), sts);
 
 	iommu->gcmd |= DMA_GCMD_TE;
+	disable_pmr(iommu);
 	spin_unlock_irqrestore(&iommu->register_lock, flags);
 	return 0;
 }
diff -r 29cfdc52a076 drivers/pci/intel-iommu.h
--- a/drivers/pci/intel-iommu.h	Mon Oct 06 12:50:47 2008 -0700
+++ b/drivers/pci/intel-iommu.h	Mon Oct 06 15:54:59 2008 -0700
@@ -158,6 +158,10 @@ static inline void dmar_writeq(void __io
 #define DMA_GSTS_FLS (((u32)1) << 29)
 #define DMA_GSTS_AFLS (((u32)1) << 28)
 #define DMA_GSTS_WBFS (((u32)1) << 27)
+
+/* PMEN_REG */
+#define DMA_PMEN_EPM (((u32)1) << 31)
+#define DMA_PMEN_PRS (((u32)1) << 0)
 
 /* CCMD_REG */
 #define DMA_CCMD_ICC (((u64)1) << 63)


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ