From patchwork Tue Aug 9 14:32:17 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Kiarie X-Patchwork-Id: 9271373 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 7709860754 for ; Tue, 9 Aug 2016 14:33:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 683F928375 for ; Tue, 9 Aug 2016 14:33:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 5B4FF283F2; Tue, 9 Aug 2016 14:33:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C523228375 for ; Tue, 9 Aug 2016 14:33:25 +0000 (UTC) Received: from localhost ([::1]:35939 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bX85s-0008Qs-Rz for patchwork-qemu-devel@patchwork.kernel.org; Tue, 09 Aug 2016 10:33:24 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:54648) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bX85D-0008Np-VM for qemu-devel@nongnu.org; Tue, 09 Aug 2016 10:32:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bX859-00069D-OC for qemu-devel@nongnu.org; Tue, 09 Aug 2016 10:32:42 -0400 Received: from mail-wm0-x241.google.com ([2a00:1450:400c:c09::241]:35286) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bX859-000699-EW for qemu-devel@nongnu.org; Tue, 09 Aug 2016 10:32:39 -0400 Received: by mail-wm0-x241.google.com with SMTP id i5so3490073wmg.2 for ; Tue, 09 Aug 2016 07:32:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ot2I74lSKGk0/l7ilklwmv8Xo17dBQtx8HFHbV/eza8=; b=qvJyMp/jO13QI/s4p+6uzMMiNq15lWXyhnVuVfgXHGdyMK0GpV7+h5WSCcPtWCH5BW 2sOMuQ+Yo1qqfxSG11EsRvM1bm96HOY/dkMxGXUjjcOBhmi0Da2dgrqzsvVDLmQ315oM yiJp0dN6zovz1wwCrymBUCa8VDdev8NmlzjpZEmaauZnp9KoM2NRpz9QV9f39ysMYb3y aZS6NqYh+IDze9YXJY8BbaLrIHFjJ3ou4eNKqJkoWwqVkKdO6metNlBHVuWdbSJqi7s8 0sf6ewos/BYcQNNrhKH8ngO4/8sd+vxVhvCWQOoCPJkQvLP3yWOn0M1Dsq3QASmmV1Pk XFtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ot2I74lSKGk0/l7ilklwmv8Xo17dBQtx8HFHbV/eza8=; b=YAx9zEUR5zuAL++IUtT1J+FJxpt7BYVFK6SnAIU5XBN9WOMUAFUfFpIG//+PiKTGCJ TeN3Bg9taxam4yq0M09dSzYi3Bwzn9upiltVg/Ry+m0PrZHipvv9zPhmLZvNt8UuTiab Sl/7wC//P7qQ0ZuvPCcOu9np5JvU6Msd39kyjRtj6V38AvGmGphLY9NpI1L7x+ecomoD NCye1qdrt//vTlPkcWi1WTxmraXV/W37S4l31MEZcLZFKoryM70ydnDKxzXfvlYonxiJ Tgm79cDz+DtBUBd28IEtsOfWFpSdP90Oa1RqBzrdaSR/R8tt0Rjaz/BWzgsMoQfaM1w9 /xlg== X-Gm-Message-State: AEkoouvSKEqcLXgtn4iFAeSsSQhQEoHtHDoWGnq9xwZ49jj9Zk/86x0fAU0liKfXl0UBRQ== X-Received: by 10.194.123.228 with SMTP id md4mr85046232wjb.91.1470753158502; Tue, 09 Aug 2016 07:32:38 -0700 (PDT) Received: from debian.flybox.orange ([154.123.18.5]) by smtp.googlemail.com with ESMTPSA id 17sm3649533wmf.6.2016.08.09.07.32.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 09 Aug 2016 07:32:38 -0700 (PDT) From: David Kiarie To: qemu-devel@nongnu.org Date: Tue, 9 Aug 2016 17:32:17 +0300 Message-Id: <1470753137-18354-3-git-send-email-davidkiarie4@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1470753137-18354-1-git-send-email-davidkiarie4@gmail.com> References: <1470753137-18354-1-git-send-email-davidkiarie4@gmail.com> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2a00:1450:400c:c09::241 Subject: [Qemu-devel] [RFC 2/2] hw/i386: enforce SID verification X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org, ehabkost@redhat.com, mst@redhat.com, jan.kiszka@siemens.com, valentine.sinitsyn@gmail.com, pbonzini@redhat.com, David Kiarie Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Platform device are now able to make interrupt request with explicit SIDs hence we can safely expect triggered AddressSpace ID to match the requesting ID Signed-off-by: David Kiarie --- hw/i386/intel_iommu.c | 82 +++++++++++++++++++++++++++------------------------ 1 file changed, 43 insertions(+), 39 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index 28c31a2..153ac4e 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -32,7 +32,7 @@ #include "hw/pci-host/q35.h" #include "sysemu/kvm.h" -/*#define DEBUG_INTEL_IOMMU*/ +#define DEBUG_INTEL_IOMMU #ifdef DEBUG_INTEL_IOMMU enum { DEBUG_GENERAL, DEBUG_CSR, DEBUG_INV, DEBUG_MMU, DEBUG_FLOG, @@ -2043,43 +2043,41 @@ static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index, return -VTD_FR_IR_IRTE_RSVD; } - if (sid != X86_IOMMU_SID_INVALID) { - /* Validate IRTE SID */ - source_id = le32_to_cpu(entry->irte.source_id); - switch (entry->irte.sid_vtype) { - case VTD_SVT_NONE: - VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); - break; - - case VTD_SVT_ALL: - mask = vtd_svt_mask[entry->irte.sid_q]; - if ((source_id & mask) != (sid & mask)) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index " - "%d failed (reqid 0x%04x sid 0x%04x)", index, - sid, source_id); - return -VTD_FR_IR_SID_ERR; - } - break; + /* Validate IRTE SID */ + source_id = le32_to_cpu(entry->irte.source_id); + switch (entry->irte.sid_vtype) { + case VTD_SVT_NONE: + VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); + break; - case VTD_SVT_BUS: - bus_max = source_id >> 8; - bus_min = source_id & 0xff; - bus = sid >> 8; - if (bus > bus_max || bus < bus_min) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " - "failed (bus %d outside %d-%d)", index, bus, - bus_min, bus_max); - return -VTD_FR_IR_SID_ERR; - } - break; + case VTD_SVT_ALL: + mask = vtd_svt_mask[entry->irte.sid_q]; + if ((source_id & mask) != (sid & mask)) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index " + "%d failed (reqid 0x%04x sid 0x%04x)", index, + sid, source_id); + return -VTD_FR_IR_SID_ERR; + } + break; - default: - VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " - "%d", entry->irte.sid_vtype, index); - /* Take this as verification failure. */ + case VTD_SVT_BUS: + bus_max = source_id >> 8; + bus_min = source_id & 0xff; + bus = sid >> 8; + if (bus > bus_max || bus < bus_min) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " + "failed (bus %d outside %d-%d)", index, bus, + bus_min, bus_max); return -VTD_FR_IR_SID_ERR; - break; } + break; + + default: + VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " + "%d", entry->irte.sid_vtype, index); + /* Take this as verification failure. */ + return -VTD_FR_IR_SID_ERR; + break; } return 0; @@ -2252,14 +2250,17 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr, { int ret = 0; MSIMessage from = {}, to = {}; - uint16_t sid = X86_IOMMU_SID_INVALID; + VTDAddressSpace *as = opaque; + uint16_t sid = pci_bus_num(as->bus) << 8 | as->devfn; from.address = (uint64_t) addr + VTD_INTERRUPT_ADDR_FIRST; from.data = (uint32_t) value; - if (!attrs.unspecified) { - /* We have explicit Source ID */ - sid = attrs.requester_id; + if (attrs.requester_id != sid) { + VTD_DPRINTF(GENERAL, "int remap request for sid 0x%04x" + " requester_id 0x%04x couldn't be verified", + sid, attrs.requester_id); + return MEMTX_ERROR; } ret = vtd_interrupt_remap_msi(opaque, &from, &to, sid); @@ -2325,7 +2326,7 @@ VTDAddressSpace *vtd_find_add_as(IntelIOMMUState *s, PCIBus *bus, int devfn) memory_region_init_iommu(&vtd_dev_as->iommu, OBJECT(s), &s->iommu_ops, "intel_iommu", UINT64_MAX); memory_region_init_io(&vtd_dev_as->iommu_ir, OBJECT(s), - &vtd_mem_ir_ops, s, "intel_iommu_ir", + &vtd_mem_ir_ops, vtd_dev_as, "intel_iommu_ir", VTD_INTERRUPT_ADDR_SIZE); memory_region_add_subregion(&vtd_dev_as->iommu, VTD_INTERRUPT_ADDR_FIRST, &vtd_dev_as->iommu_ir); @@ -2465,6 +2466,9 @@ static void vtd_realize(DeviceState *dev, Error **errp) vtd_init(s); sysbus_mmio_map(SYS_BUS_DEVICE(s), 0, Q35_HOST_BRIDGE_IOMMU_ADDR); pci_setup_iommu(bus, vtd_host_dma_iommu, dev); + /* IOMMU expected IOAPIC SID */ + x86_iommu->ioapic_bdf = Q35_PSEUDO_DEVFN_IOAPIC << 8 | + Q35_PSEUDO_DEVFN_IOAPIC; /* Pseudo address space under root PCI bus. */ pcms->ioapic_as = vtd_host_dma_iommu(bus, s, Q35_PSEUDO_DEVFN_IOAPIC);