| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Feb 2021 12:56:43 -0800
From: Megha Dey <megha.dey@...el.com>
To: tglx@...utronix.de
Cc: linux-kernel@...r.kernel.org, dave.jiang@...el.com,
ashok.raj@...el.com, kevin.tian@...el.com, dwmw@...zon.co.uk,
x86@...nel.org, tony.luck@...el.com, dan.j.williams@...el.com,
megha.dey@...el.com, jgg@...lanox.com, kvm@...r.kernel.org,
iommu@...ts.linux-foundation.org, alex.williamson@...hat.com,
bhelgaas@...gle.com, maz@...nel.org, linux-pci@...r.kernel.org,
baolu.lu@...ux.intel.com, ravi.v.shankar@...el.com
Subject: [PATCH 10/12] iommu: Add capability IOMMU_CAP_VIOMMU_HINT
From: Lu Baolu <baolu.lu@...ux.intel.com>
Some IOMMU specification defines some kind of hint mechanism, through
which BIOS can imply that OS runs in a virtualized environment. For
example, the caching mode defined in VT-d spec and NpCache capability
defined in the AMD IOMMU specification. This hint could also be used
outside of the IOMMU subsystem, where it could be used with other known
means (CPUID, smbios) to sense whether Linux is running in a virtualized
environment. Add a capability bit so that it could be used there.
Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com>
Signed-off-by: Megha Dey <megha.dey@...el.com>
---
drivers/iommu/amd/iommu.c | 2 ++
drivers/iommu/intel/iommu.c | 20 ++++++++++++++++++++
drivers/iommu/virtio-iommu.c | 9 +++++++++
include/linux/iommu.h | 2 ++
4 files changed, 33 insertions(+)
diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index f0adbc4..a851f37 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -2646,6 +2646,8 @@ static bool amd_iommu_capable(enum iommu_cap cap)
return (irq_remapping_enabled == 1);
case IOMMU_CAP_NOEXEC:
return false;
+ case IOMMU_CAP_VIOMMU_HINT:
+ return amd_iommu_np_cache;
default:
break;
}
diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index 06b00b5..905d6aa 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -5094,12 +5094,32 @@ static inline bool nested_mode_support(void)
return ret;
}
+static inline bool caching_mode_supported(void)
+{
+ struct dmar_drhd_unit *drhd;
+ struct intel_iommu *iommu;
+ bool ret = false;
+
+ rcu_read_lock();
+ for_each_active_iommu(iommu, drhd) {
+ if (cap_caching_mode(iommu->cap)) {
+ ret = true;
+ break;
+ }
+ }
+ rcu_read_unlock();
+
+ return ret;
+}
+
static bool intel_iommu_capable(enum iommu_cap cap)
{
if (cap == IOMMU_CAP_CACHE_COHERENCY)
return domain_update_iommu_snooping(NULL) == 1;
if (cap == IOMMU_CAP_INTR_REMAP)
return irq_remapping_enabled == 1;
+ if (cap == IOMMU_CAP_VIOMMU_HINT)
+ return caching_mode_supported();
return false;
}
diff --git a/drivers/iommu/virtio-iommu.c b/drivers/iommu/virtio-iommu.c
index 2bfdd57..e4941ca 100644
--- a/drivers/iommu/virtio-iommu.c
+++ b/drivers/iommu/virtio-iommu.c
@@ -931,7 +931,16 @@ static int viommu_of_xlate(struct device *dev, struct of_phandle_args *args)
return iommu_fwspec_add_ids(dev, args->args, 1);
}
+static bool viommu_capable(enum iommu_cap cap)
+{
+ if (cap == IOMMU_CAP_VIOMMU_HINT)
+ return true;
+
+ return false;
+}
+
static struct iommu_ops viommu_ops = {
+ .capable = viommu_capable,
.domain_alloc = viommu_domain_alloc,
.domain_free = viommu_domain_free,
.attach_dev = viommu_attach_dev,
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index b3f0e20..5e62bcc 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -94,6 +94,8 @@ enum iommu_cap {
transactions */
IOMMU_CAP_INTR_REMAP, /* IOMMU supports interrupt isolation */
IOMMU_CAP_NOEXEC, /* IOMMU_NOEXEC flag */
+ IOMMU_CAP_VIOMMU_HINT, /* IOMMU can detect a hit for running in
+ VM */
};
/*
--
2.7.4
Powered by blists - more mailing lists