| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170807072548.3023-4-aik@ozlabs.ru>
Date: Mon, 7 Aug 2017 17:25:46 +1000
From: Alexey Kardashevskiy <aik@...abs.ru>
To: linuxppc-dev@...ts.ozlabs.org
Cc: Alexey Kardashevskiy <aik@...abs.ru>,
David Gibson <david@...son.dropbear.id.au>,
kvm-ppc@...r.kernel.org, kvm@...r.kernel.org,
Yongji Xie <elohimes@...il.com>,
Eric Auger <eric.auger@...hat.com>,
Kyle Mahlkuch <Kyle.Mahlkuch@....com>,
Alex Williamson <alex.williamson@...hat.com>,
Jike Song <jike.song@...el.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Robin Murphy <robin.murphy@....com>,
Joerg Roedel <joro@...tes.org>,
Arvind Yadav <arvind.yadav.cs@...il.com>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
David Woodhouse <dwmw2@...radead.org>,
Kirti Wankhede <kwankhede@...dia.com>,
Mauricio Faria de Oliveira <mauricfo@...ux.vnet.ibm.com>,
Neo Jia <cjia@...dia.com>, Paul Mackerras <paulus@...ba.org>,
Vlad Tsyrklevich <vlad@...rklevich.net>,
iommu@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: [RFC PATCH v5 3/5] iommu/intel/amd: Set IOMMU_GROUP_CAP_ISOLATE_MSIX if IRQ remapping is enabled
This sets IOMMU_GROUP_CAP_ISOLATE_MSIX to a group if IRQ remapping
is enabled. For Intel, this checks disable_sourceid_checking in addition;
AMD ignores the "nosid" kernel parameters.
Here is some background on how the isolation works:
On Intel VT-d [1], there is an Interrupt Remapping Table, one entry per
interrupt, has a source-id (i.e. BDFN) of allowed device.
On AMD IOMMU [2], there is a Device Table, each entry is indexed by
DevideID which is BDFN.
[1] 9.10 Interrupt Remapping Table Entry (IRTE) for Remapped Interrupts
https://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/vt-directed-io-spec.pdf
[2] "2.2 Data Structures" and "2.2.5 Interrupt Remapping Tables"
https://support.amd.com/TechDocs/48882_IOMMU.pdf
Signed-off-by: Alexey Kardashevskiy <aik@...abs.ru>
---
drivers/iommu/amd_iommu.c | 3 +++
drivers/iommu/intel-iommu.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 688e77576e5a..d55fcbf3267e 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -470,6 +470,9 @@ static void init_iommu_group(struct device *dev)
if (IS_ERR(group))
return;
+ if (irq_remapping_enabled)
+ iommu_group_set_caps(group, 0, IOMMU_GROUP_CAP_ISOLATE_MSIX);
+
iommu_group_put(group);
}
diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index b7e670a7c243..3896c2d44bfa 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -5233,6 +5233,9 @@ static int intel_iommu_add_device(struct device *dev)
if (IS_ERR(group))
return PTR_ERR(group);
+ if (irq_remapping_enabled && !disable_sourceid_checking)
+ iommu_group_set_caps(group, 0, IOMMU_GROUP_CAP_ISOLATE_MSIX);
+
iommu_group_put(group);
return 0;
}
--
2.11.0
Powered by blists - more mailing lists