lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230110143137.54517-5-suravee.suthikulpanit@amd.com>
Date:   Tue, 10 Jan 2023 08:31:37 -0600
From:   Suravee Suthikulpanit <suravee.suthikulpanit@....com>
To:     <linux-kernel@...r.kernel.org>, <iommu@...ts.linux.dev>
CC:     <joro@...tes.org>, <robin.murphy@....com>, <ashish.kalra@....com>,
        <thomas.lendacky@....com>, <vasant.hegde@....com>,
        <jon.grimm@....com>,
        Suravee Suthikulpanit <suravee.suthikulpanit@....com>
Subject: [PATCH 4/4] iommu/amd: Force SNP-enabled VFIO domain to 4K page size

SNP only supports 2M and 4K page sizes. Other page sizes requires
page smashing to supported sizes. For SNP-enabled guests
with pass-through devices (via VFIO), it also requires RMP and IOMMU
page sizes to match.

To simplify the support, for SNP-enabled guest, SNP will smash guest pages
to 4K page size only, and IOMMU driver will setup the IOMMU v1 page table
for the VFIO domain of the guest to match the 4K page size.

Co-developed-by: Vasant Hegde <vasant.hegde@....com>
Signed-off-by: Vasant Hegde <vasant.hegde@....com>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
---
 drivers/iommu/amd/amd_iommu_types.h |  2 ++
 drivers/iommu/amd/iommu.c           | 28 ++++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/drivers/iommu/amd/amd_iommu_types.h b/drivers/iommu/amd/amd_iommu_types.h
index ad124959a26a..5249ac18ce6e 100644
--- a/drivers/iommu/amd/amd_iommu_types.h
+++ b/drivers/iommu/amd/amd_iommu_types.h
@@ -279,6 +279,7 @@
 #define AMD_IOMMU_PGSIZES	((~0xFFFUL) & ~(2ULL << 38))
 /* 4K, 2MB, 1G page sizes are supported */
 #define AMD_IOMMU_PGSIZES_V2	(PAGE_SIZE | (1ULL << 21) | (1ULL << 30))
+#define AMD_IOMMU_PGSIZES_4K	(PAGE_SIZE)
 
 /* Bit value definition for dte irq remapping fields*/
 #define DTE_IRQ_PHYS_ADDR_MASK	(((1ULL << 45)-1) << 6)
@@ -440,6 +441,7 @@
 #define PD_IOMMUV2_MASK		(1UL << 3) /* domain has gcr3 table */
 #define PD_GIOV_MASK		(1UL << 4) /* domain enable GIOV support */
 #define PD_VFIO_MASK		(1UL << 5) /* domain enable VFIO support */
+#define PD_SNP_MASK		(1UL << 6) /* domain enable SNP support */
 
 extern bool amd_iommu_dump;
 #define DUMP_printk(format, arg...)				\
diff --git a/drivers/iommu/amd/iommu.c b/drivers/iommu/amd/iommu.c
index a03723930f70..9a1b010a7d00 100644
--- a/drivers/iommu/amd/iommu.c
+++ b/drivers/iommu/amd/iommu.c
@@ -2422,6 +2422,33 @@ static bool amd_iommu_enforce_cache_coherency(struct iommu_domain *domain)
 	return true;
 }
 
+static void amd_iommu_set_kvm(struct iommu_domain *domain, struct kvm *kvm)
+{
+	struct protection_domain *pdom = to_pdomain(domain);
+
+	if (!amd_iommu_snp_en || !amd_iommu_svm_ops ||
+	    !pdom || !(pdom->flags & PD_VFIO_MASK))
+		return;
+
+	/*
+	 * The parameter kvm can be NULL when calling from kvm_vfio_group_del()
+	 * and kvm_vfio_destroy().
+	 */
+	if (!kvm ||
+	    !amd_iommu_svm_ops->is_snp_guest ||
+	    !amd_iommu_svm_ops->is_snp_guest(kvm))
+		return;
+
+	/*
+	 * VFIO Domain for SNP guest requires IOMMU and RMP page-size to match,
+	 * which can only support 4K and 2M. Currently, only support 4K
+	 * IOMMU page-size.
+	 */
+	pdom->flags |= PD_SNP_MASK;
+	pdom->domain.pgsize_bitmap = AMD_IOMMU_PGSIZES_4K;
+	pr_debug("%s: Force domain %u page size to 4K.\n", __func__, pdom->id);
+}
+
 const struct iommu_ops amd_iommu_ops = {
 	.capable = amd_iommu_capable,
 	.domain_alloc = amd_iommu_domain_alloc,
@@ -2444,6 +2471,7 @@ const struct iommu_ops amd_iommu_ops = {
 		.iotlb_sync	= amd_iommu_iotlb_sync,
 		.free		= amd_iommu_domain_free,
 		.enforce_cache_coherency = amd_iommu_enforce_cache_coherency,
+		.set_kvm	= amd_iommu_set_kvm,
 	}
 };
 
-- 
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ