| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e21c6ead-2bcb-422b-a1b9-eb9dd63b7dc7@ti.com>
Date: Tue, 15 Jul 2025 14:45:48 +0530
From: Siddharth Vadapalli <s-vadapalli@...com>
To: Jan Kiszka <jan.kiszka@...mens.com>
CC: Siddharth Vadapalli <s-vadapalli@...com>, <huaqian.li@...mens.com>,
<helgaas@...nel.org>, <baocheng.su@...mens.com>, <bhelgaas@...gle.com>,
<conor+dt@...nel.org>, <devicetree@...r.kernel.org>,
<diogo.ivo@...mens.com>, <kristo@...nel.org>, <krzk+dt@...nel.org>,
<kw@...ux.com>, <linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, <linux-pci@...r.kernel.org>,
<lpieralisi@...nel.org>, <nm@...com>, <robh@...nel.org>,
<ssantosh@...nel.org>, <vigneshr@...com>
Subject: Re: [PATCH v8 4/7] PCI: keystone: Add support for PVU-based DMA
isolation on AM654
On Tue, Jul 15, 2025 at 10:55:19AM +0200, Jan Kiszka wrote:
Hello Jan,
> On 25.04.25 18:48, Siddharth Vadapalli wrote:
> > On Tue, Apr 22, 2025 at 02:14:03PM +0800, huaqian.li@...mens.com wrote:
> >> From: Jan Kiszka <jan.kiszka@...mens.com>
> >>
> >> The AM654 lacks an IOMMU, thus does not support isolating DMA requests
> >> from untrusted PCI devices to selected memory regions this way. Use
> >> static PVU-based protection instead. The PVU, when enabled, will only
> >> accept DMA requests that address previously configured regions.
> >>
> >> Use the availability of a restricted-dma-pool memory region as trigger
> >> and register it as valid DMA target with the PVU. In addition, enable
> >> the mapping of requester IDs to VirtIDs in the PCI RC. Use only a single
> >> VirtID so far, catching all devices. This may be extended later on.
> >>
> >> Signed-off-by: Jan Kiszka <jan.kiszka@...mens.com>
> >> Acked-by: Bjorn Helgaas <bhelgaas@...gle.com>
> >> Signed-off-by: Li Hua Qian <huaqian.li@...mens.com>
> >> ---
> >> drivers/pci/controller/dwc/pci-keystone.c | 106 ++++++++++++++++++++++
> >> 1 file changed, 106 insertions(+)
> >>
> >> diff --git a/drivers/pci/controller/dwc/pci-keystone.c b/drivers/pci/controller/dwc/pci-keystone.c
> >> index 76a37368ae4f..ea2d8768e333 100644
> >> --- a/drivers/pci/controller/dwc/pci-keystone.c
> >> +++ b/drivers/pci/controller/dwc/pci-keystone.c
> >> @@ -19,6 +19,7 @@
> >> #include <linux/mfd/syscon.h>
> >> #include <linux/msi.h>
> >> #include <linux/of.h>
> >> +#include <linux/of_address.h>
> >> #include <linux/of_irq.h>
> >> #include <linux/of_pci.h>
> >> #include <linux/phy/phy.h>
> >> @@ -26,6 +27,7 @@
> >> #include <linux/regmap.h>
> >> #include <linux/resource.h>
> >> #include <linux/signal.h>
> >> +#include <linux/ti-pvu.h>
> >>
> >> #include "../../pci.h"
> >> #include "pcie-designware.h"
> >> @@ -111,6 +113,16 @@
> >>
> >> #define PCI_DEVICE_ID_TI_AM654X 0xb00c
> >>
> >> +#define KS_PCI_VIRTID 0
> >> +
> >> +#define PCIE_VMAP_xP_CTRL 0x0
> >> +#define PCIE_VMAP_xP_REQID 0x4
> >> +#define PCIE_VMAP_xP_VIRTID 0x8
> >> +
> >> +#define PCIE_VMAP_xP_CTRL_EN BIT(0)
> >> +
> >> +#define PCIE_VMAP_xP_VIRTID_VID_MASK 0xfff
> >> +
> >> struct ks_pcie_of_data {
> >> enum dw_pcie_device_mode mode;
> >> const struct dw_pcie_host_ops *host_ops;
> >> @@ -1137,6 +1149,94 @@ static const struct of_device_id ks_pcie_of_match[] = {
> >> { },
> >> };
> >>
> >> +static int ks_init_vmap(struct platform_device *pdev, const char *vmap_name)
> >> +{
> >> + struct resource *res;
> >> + void __iomem *base;
> >> + u32 val;
> >> +
> >> + if (!IS_ENABLED(CONFIG_TI_PVU))
> >> + return 0;
> >> +
> >> + res = platform_get_resource_byname(pdev, IORESOURCE_MEM, vmap_name);
> >> + base = devm_pci_remap_cfg_resource(&pdev->dev, res);
> >> + if (IS_ERR(base))
> >> + return PTR_ERR(base);
> >> +
> >> + writel(0, base + PCIE_VMAP_xP_REQID);
> >> +
> >> + val = readl(base + PCIE_VMAP_xP_VIRTID);
> >> + val &= ~PCIE_VMAP_xP_VIRTID_VID_MASK;
> >> + val |= KS_PCI_VIRTID;
> >
> > While it has been stated that we are going to start off with a single
> > VirtID for now and extend it later on, is there an example for how it may
> > be extended? The only option I see is that of associating one VirtID for
> > Low-Priority (LP) traffic and another for High-Priority (HP) traffic, in
> > which case, it might be better to define them upfront and use them like:
> > #define KS_PCI_LP_VIRTID 0
> > #define KS_PCI_HP_VIRTID 1
>
> Sorry for the late reply, was just reminded of this question:
>
> When trying to design anything beyond the current use case, I would be
> struggling right now with the how, simply because we would have no user
> of extended APIs around to make sure that the result would be useful.
> Can you envision such use cases? If not, I would rather suggest to
> postpone any attempts to broaden the API until we have such users.
I understand that it might not be possible to extend it (or at-least it
doesn't seem to be straightforward), in which case, we could state the
same in commit message. I had asked for an example of extending it
because the commit message states:
....Use only a single VirtID so far, catching all devices.
This may be extended later on.
without explaining how it could be extended later on. To be precise, my
question was aimed at whether or not the current implementation allows
it to be extended in the future (maintaining backward compatibility). If
that's not yet known, it might be better to state that in the commit
message, or omit the portion which states that it may be extended later on.
-----8<---rest of the email has been trimmed-----8<---------------------
Regards,
Siddharth.
Powered by blists - more mailing lists