diff mbox series

[v2,1/3] dma: Fix encryption bit clearing for dma_to_phys

Message ID 20250219220751.1276854-2-suzuki.poulose@arm.com (mailing list archive)
State New
Headers show
Series arm64: realm: Fix DMA address for devices | expand

Commit Message

Suzuki K Poulose Feb. 19, 2025, 10:07 p.m. UTC 
phys_to_dma() sets the encryption bit on the translated DMA address. But
dma_to_phys() clears the encryption bit after it has been translated back
to the physical address, which could fail if the device uses DMA ranges.

Hopefully, AMD SME doesn't use it. Anyways, let us fix it, before cleanup
the infrastructure for supporting other architectures.

Reported-by: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
Link: https://lkml.kernel.org/r/yq5amsen9stc.fsf@kernel.org
Cc: Will Deacon <will@kernel.org>
Cc: Jean-Philippe Brucker <jean-philippe@linaro.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Steven Price <steven.price@arm.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
---
 include/linux/dma-direct.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Robin Murphy Feb. 25, 2025, 11:25 a.m. UTC | #1 
On 2025-02-19 10:07 pm, Suzuki K Poulose wrote:
> phys_to_dma() sets the encryption bit on the translated DMA address. But
> dma_to_phys() clears the encryption bit after it has been translated back
> to the physical address, which could fail if the device uses DMA ranges.
> 
> Hopefully, AMD SME doesn't use it.

...by which you mean we don't think any AMD systems are using the ACPI 
_DMA method to constrain physical DMA ranges, otherwise SME with 
dma-direct would presumably already be broken by this lookup going wrong.

> Anyways, let us fix it, before cleanup
> the infrastructure for supporting other architectures.

Reviewed-by: Robin Murphy <robin.murphy@arm.com>

> Reported-by: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
> Link: https://lkml.kernel.org/r/yq5amsen9stc.fsf@kernel.org
> Cc: Will Deacon <will@kernel.org>
> Cc: Jean-Philippe Brucker <jean-philippe@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Robin Murphy <robin.murphy@arm.com>
> Cc: Steven Price <steven.price@arm.com>
> Cc: Christoph Hellwig <hch@lst.de>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> ---
>   include/linux/dma-direct.h | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
> index d7e30d4f7503..d20ecc24cb0f 100644
> --- a/include/linux/dma-direct.h
> +++ b/include/linux/dma-direct.h
> @@ -101,12 +101,13 @@ static inline phys_addr_t dma_to_phys(struct device *dev, dma_addr_t dma_addr)
>   {
>   	phys_addr_t paddr;
>   
> +	dma_addr = __sme_clr(dma_addr);
>   	if (dev->dma_range_map)
>   		paddr = translate_dma_to_phys(dev, dma_addr);
>   	else
>   		paddr = dma_addr;
>   
> -	return __sme_clr(paddr);
> +	return paddr;
>   }
>   #endif /* !CONFIG_ARCH_HAS_PHYS_TO_DMA */
>
Suzuki K Poulose Feb. 25, 2025, 2:04 p.m. UTC | #2 
On 25/02/2025 11:25, Robin Murphy wrote:
> On 2025-02-19 10:07 pm, Suzuki K Poulose wrote:
>> phys_to_dma() sets the encryption bit on the translated DMA address. But
>> dma_to_phys() clears the encryption bit after it has been translated back
>> to the physical address, which could fail if the device uses DMA ranges.
>>
>> Hopefully, AMD SME doesn't use it.
> 
> ...by which you mean we don't think any AMD systems are using the ACPI 
> _DMA method to constrain physical DMA ranges, otherwise SME with dma- 
> direct would presumably already be broken by this lookup going wrong.

Yep, that AMD systems aren't using DMA ranges.


> 
>> Anyways, let us fix it, before cleanup
>> the infrastructure for supporting other architectures.
> 
> Reviewed-by: Robin Murphy <robin.murphy@arm.com>

Thanks

Suzuki

> 
>> Reported-by: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
>> Link: https://lkml.kernel.org/r/yq5amsen9stc.fsf@kernel.org
>> Cc: Will Deacon <will@kernel.org>
>> Cc: Jean-Philippe Brucker <jean-philippe@linaro.org>
>> Cc: Catalin Marinas <catalin.marinas@arm.com>
>> Cc: Robin Murphy <robin.murphy@arm.com>
>> Cc: Steven Price <steven.price@arm.com>
>> Cc: Christoph Hellwig <hch@lst.de>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
>> ---
>>   include/linux/dma-direct.h | 3 ++-
>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
>> index d7e30d4f7503..d20ecc24cb0f 100644
>> --- a/include/linux/dma-direct.h
>> +++ b/include/linux/dma-direct.h
>> @@ -101,12 +101,13 @@ static inline phys_addr_t dma_to_phys(struct 
>> device *dev, dma_addr_t dma_addr)
>>   {
>>       phys_addr_t paddr;
>> +    dma_addr = __sme_clr(dma_addr);
>>       if (dev->dma_range_map)
>>           paddr = translate_dma_to_phys(dev, dma_addr);
>>       else
>>           paddr = dma_addr;
>> -    return __sme_clr(paddr);
>> +    return paddr;
>>   }
>>   #endif /* !CONFIG_ARCH_HAS_PHYS_TO_DMA */
>
Tom Lendacky Feb. 25, 2025, 3:26 p.m. UTC | #3 
On 2/19/25 16:07, Suzuki K Poulose wrote:
> phys_to_dma() sets the encryption bit on the translated DMA address. But
> dma_to_phys() clears the encryption bit after it has been translated back
> to the physical address, which could fail if the device uses DMA ranges.
> 
> Hopefully, AMD SME doesn't use it. Anyways, let us fix it, before cleanup
> the infrastructure for supporting other architectures.

I'm not aware of anything using DMA ranges on SME capable hardware. And
as you stated, this would have failed if there was.

Acked-by: Tom Lendacky <thomas.lendacky@amd.com>

> 
> Reported-by: Aneesh Kumar K.V <aneesh.kumar@kernel.org>
> Link: https://lkml.kernel.org/r/yq5amsen9stc.fsf@kernel.org
> Cc: Will Deacon <will@kernel.org>
> Cc: Jean-Philippe Brucker <jean-philippe@linaro.org>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Robin Murphy <robin.murphy@arm.com>
> Cc: Steven Price <steven.price@arm.com>
> Cc: Christoph Hellwig <hch@lst.de>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
> ---
>  include/linux/dma-direct.h | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
> index d7e30d4f7503..d20ecc24cb0f 100644
> --- a/include/linux/dma-direct.h
> +++ b/include/linux/dma-direct.h
> @@ -101,12 +101,13 @@ static inline phys_addr_t dma_to_phys(struct device *dev, dma_addr_t dma_addr)
>  {
>  	phys_addr_t paddr;
>  
> +	dma_addr = __sme_clr(dma_addr);
>  	if (dev->dma_range_map)
>  		paddr = translate_dma_to_phys(dev, dma_addr);
>  	else
>  		paddr = dma_addr;
>  
> -	return __sme_clr(paddr);
> +	return paddr;
>  }
>  #endif /* !CONFIG_ARCH_HAS_PHYS_TO_DMA */
>
diff mbox series

Patch

diff --git a/include/linux/dma-direct.h b/include/linux/dma-direct.h
index d7e30d4f7503..d20ecc24cb0f 100644
--- a/include/linux/dma-direct.h
+++ b/include/linux/dma-direct.h
@@ -101,12 +101,13 @@  static inline phys_addr_t dma_to_phys(struct device *dev, dma_addr_t dma_addr)
 {
 	phys_addr_t paddr;
 
+	dma_addr = __sme_clr(dma_addr);
 	if (dev->dma_range_map)
 		paddr = translate_dma_to_phys(dev, dma_addr);
 	else
 		paddr = dma_addr;
 
-	return __sme_clr(paddr);
+	return paddr;
 }
 #endif /* !CONFIG_ARCH_HAS_PHYS_TO_DMA */