From patchwork Wed Nov 13 13:50:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Beulich X-Patchwork-Id: 11241941 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4F2E016B1 for ; Wed, 13 Nov 2019 13:51:10 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3381F222BD for ; Wed, 13 Nov 2019 13:51:10 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3381F222BD Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=suse.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iUt1s-0002O0-Or; Wed, 13 Nov 2019 13:49:52 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iUt1s-0002Nv-Bc for xen-devel@lists.xenproject.org; Wed, 13 Nov 2019 13:49:52 +0000 X-Inumbo-ID: 7647839c-061c-11ea-b678-bc764e2007e4 Received: from mx1.suse.de (unknown [195.135.220.15]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 7647839c-061c-11ea-b678-bc764e2007e4; Wed, 13 Nov 2019 13:49:50 +0000 (UTC) X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 91D51B109; Wed, 13 Nov 2019 13:49:49 +0000 (UTC) To: "xen-devel@lists.xenproject.org" From: Jan Beulich Message-ID: Date: Wed, 13 Nov 2019 14:50:05 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 Content-Language: en-US Subject: [Xen-devel] [PATCH] AMD/IOMMU: restore DTE fields in amd_iommu_setup_domain_device() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Juergen Gross , Andrew Cooper Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" Commit 1b00c16bdf ("AMD/IOMMU: pre-fill all DTEs right after table allocation") moved ourselves into a more secure default state, but didn't take sufficient care to also undo the effects when handing a previously disabled device back to a(nother) domain. Put the fields that may have been changed elsewhere back to their intended values (some fields amd_iommu_disable_domain_device() touches don't currently get written anywhere else, and hence don't need modifying here). Reported-by: Sander Eikelenboom Signed-off-by: Jan Beulich Tested-by: Igor Druzhinin Acked-by: Andrew Cooper --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c @@ -114,11 +114,21 @@ static void amd_iommu_setup_domain_devic if ( !dte->v || !dte->tv ) { + const struct ivrs_mappings *ivrs_dev; + /* bind DTE to domain page-tables */ amd_iommu_set_root_page_table( dte, page_to_maddr(hd->arch.root_table), domain->domain_id, hd->arch.paging_mode, valid); + /* Undo what amd_iommu_disable_domain_device() may have done. */ + ivrs_dev = &get_ivrs_mappings(iommu->seg)[req_id]; + if ( dte->it_root ) + dte->int_ctl = IOMMU_DEV_TABLE_INT_CONTROL_TRANSLATED; + dte->iv = iommu_intremap; + dte->ex = ivrs_dev->dte_allow_exclusion; + dte->sys_mgt = MASK_EXTR(ivrs_dev->device_flags, ACPI_IVHD_SYSTEM_MGMT); + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) dte->i = ats_enabled;