From patchwork Mon Aug 15 16:32:42 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Kiarie X-Patchwork-Id: 9281547 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4C1CF600CB for ; Mon, 15 Aug 2016 16:38:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3C7FE28C98 for ; Mon, 15 Aug 2016 16:38:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 310A828DE5; Mon, 15 Aug 2016 16:38:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 83F9A28C98 for ; Mon, 15 Aug 2016 16:38:04 +0000 (UTC) Received: from localhost ([::1]:37974 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bZKtn-0005Tf-3P for patchwork-qemu-devel@patchwork.kernel.org; Mon, 15 Aug 2016 12:38:03 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34179) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bZKpH-0002Dr-IV for qemu-devel@nongnu.org; Mon, 15 Aug 2016 12:33:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bZKp7-0007ue-Gt for qemu-devel@nongnu.org; Mon, 15 Aug 2016 12:33:22 -0400 Received: from mail-wm0-x244.google.com ([2a00:1450:400c:c09::244]:34303) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bZKp7-0007uY-6M for qemu-devel@nongnu.org; Mon, 15 Aug 2016 12:33:13 -0400 Received: by mail-wm0-x244.google.com with SMTP id q128so11977333wma.1 for ; Mon, 15 Aug 2016 09:33:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/fHzBIyzt5UzemghIk33gl0+oF99AS1ehmnLbgd5FIw=; b=rcTvYNEW4+8yIvBSUySQuy8W7rKKeOkaW95O5fXFcBAtyjKeP0jhxzUjdsANEu2tNt XsGzr3FBsciDriaYkwM+s2+l/M9fsSEHerw5UEuOZyGPFKw0ICXrZrBeh+Okve+ooA8j j57P+SNRR6wTCXnezGnwJ/1ZPZIpDso34A9JjpzPjXXzMVgF+kQImZUzjuoRwd4gb+bv A4uoB5CZyP3lR4+bk51w9v8SbMIKCyd1bp+l+cNYKoAKN0PFkDTFh4KOaz/ZBZC8enVN ToS5tNwSkb0ff8Zcfzh75iTEMvOzxIOWE6Q8qA5Z7uRiDt5Cr4TRWCZNiw5HPgOQrAiW skaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=/fHzBIyzt5UzemghIk33gl0+oF99AS1ehmnLbgd5FIw=; b=jorFN8aR0pIcYKdIZdVNyxecxJ0pG+OxjaxeYblfOshF59QE1ld7pGqFd/n6iwQotZ i6oUc+RKsIqGLC+j+bWvrjR2Kpkkv032bVdJopsyiHSy6y2y9AcZs5IlABZf1wcyUcgr 22Ch9M5HhqpK4L/eWkj3HqeBDVc2r4Cs2YmhHGG8hainlivkH4UoQzLTCgRlQem1pie6 gWRTfalpQrQ2/ZcvAFDtoip7XeUgQw15samis3wdxj2iF+P6Px2bZNFEwesxewWF8pk9 088pRzzEXQwYXP/PFfXntY1Xr9Wj67wynqvB8k0I7n4UXtMaP7b4wdOkTcDYCTjpRfQU Jn7A== X-Gm-Message-State: AEkoouurehO0L8SPEgCif6dJ7B/b5X930GzJ9XXxJB3WhAbroqcL+je5Tj4W8hnCm008Aw== X-Received: by 10.194.178.102 with SMTP id cx6mr31682237wjc.58.1471278792495; Mon, 15 Aug 2016 09:33:12 -0700 (PDT) Received: from debian.flybox.orange ([154.122.75.147]) by smtp.googlemail.com with ESMTPSA id bc10sm22277885wjc.32.2016.08.15.09.33.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 15 Aug 2016 09:33:11 -0700 (PDT) From: David Kiarie To: qemu-devel@nongnu.org Date: Mon, 15 Aug 2016 19:32:42 +0300 Message-Id: <1471278766-25277-3-git-send-email-davidkiarie4@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1471278766-25277-1-git-send-email-davidkiarie4@gmail.com> References: <1471278766-25277-1-git-send-email-davidkiarie4@gmail.com> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2a00:1450:400c:c09::244 Subject: [Qemu-devel] [V2 2/6] hw/i386: enforce SID verification X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: rkrcmar@redhat.com, mst@redhat.com, peterx@redhat.com, valentine.sinitsyn@gmail.com, jan.kiszka@web.de, pbonzini@redhat.com, David Kiarie Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Platform device are now able to make interrupt request with explicit SIDs hence we can safely expect triggered AddressSpace ID to match the requesting ID Signed-off-by: David Kiarie --- hw/i386/intel_iommu.c | 77 ++++++++++++++++++++++++++------------------------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index 496d836..e4bad6a 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -2043,43 +2043,41 @@ static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index, return -VTD_FR_IR_IRTE_RSVD; } - if (sid != X86_IOMMU_SID_INVALID) { - /* Validate IRTE SID */ - source_id = le32_to_cpu(entry->irte.source_id); - switch (entry->irte.sid_vtype) { - case VTD_SVT_NONE: - VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); - break; - - case VTD_SVT_ALL: - mask = vtd_svt_mask[entry->irte.sid_q]; - if ((source_id & mask) != (sid & mask)) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index " - "%d failed (reqid 0x%04x sid 0x%04x)", index, - sid, source_id); - return -VTD_FR_IR_SID_ERR; - } - break; + /* Validate IRTE SID */ + source_id = le32_to_cpu(entry->irte.source_id); + switch (entry->irte.sid_vtype) { + case VTD_SVT_NONE: + VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); + break; - case VTD_SVT_BUS: - bus_max = source_id >> 8; - bus_min = source_id & 0xff; - bus = sid >> 8; - if (bus > bus_max || bus < bus_min) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " - "failed (bus %d outside %d-%d)", index, bus, - bus_min, bus_max); - return -VTD_FR_IR_SID_ERR; - } - break; + case VTD_SVT_ALL: + mask = vtd_svt_mask[entry->irte.sid_q]; + if ((source_id & mask) != (sid & mask)) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index " + "%d failed (reqid 0x%04x sid 0x%04x)", index, + sid, source_id); + return -VTD_FR_IR_SID_ERR; + } + break; - default: - VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " - "%d", entry->irte.sid_vtype, index); - /* Take this as verification failure. */ + case VTD_SVT_BUS: + bus_max = source_id >> 8; + bus_min = source_id & 0xff; + bus = sid >> 8; + if (bus > bus_max || bus < bus_min) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " + "failed (bus %d outside %d-%d)", index, bus, + bus_min, bus_max); return -VTD_FR_IR_SID_ERR; - break; } + break; + + default: + VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " + "%d", entry->irte.sid_vtype, index); + /* Take this as verification failure. */ + return -VTD_FR_IR_SID_ERR; + break; } return 0; @@ -2252,14 +2250,17 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr, { int ret = 0; MSIMessage from = {}, to = {}; - uint16_t sid = X86_IOMMU_SID_INVALID; + VTDAddressSpace *as = opaque; + uint16_t sid = PCI_BUILD_BDF(pci_bus_num(as->bus), as->devfn); from.address = (uint64_t) addr + VTD_INTERRUPT_ADDR_FIRST; from.data = (uint32_t) value; - if (!attrs.unspecified) { - /* We have explicit Source ID */ - sid = attrs.requester_id; + if (attrs.requester_id != sid) { + VTD_DPRINTF(GENERAL, "int remap request for sid 0x%04x" + " requester_id 0x%04x couldn't be verified", + sid, attrs.requester_id); + return MEMTX_ERROR; } ret = vtd_interrupt_remap_msi(opaque, &from, &to, sid); @@ -2325,7 +2326,7 @@ VTDAddressSpace *vtd_find_add_as(IntelIOMMUState *s, PCIBus *bus, int devfn) memory_region_init_iommu(&vtd_dev_as->iommu, OBJECT(s), &s->iommu_ops, "intel_iommu", UINT64_MAX); memory_region_init_io(&vtd_dev_as->iommu_ir, OBJECT(s), - &vtd_mem_ir_ops, s, "intel_iommu_ir", + &vtd_mem_ir_ops, vtd_dev_as, "intel_iommu_ir", VTD_INTERRUPT_ADDR_SIZE); memory_region_add_subregion(&vtd_dev_as->iommu, VTD_INTERRUPT_ADDR_FIRST, &vtd_dev_as->iommu_ir);