From patchwork Mon Sep 12 10:08:05 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Kiarie X-Patchwork-Id: 9326109 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id DF5AF6048B for ; Mon, 12 Sep 2016 10:18:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D069228CE9 for ; Mon, 12 Sep 2016 10:18:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C530F28CEB; Mon, 12 Sep 2016 10:18:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4923128CE9 for ; Mon, 12 Sep 2016 10:18:27 +0000 (UTC) Received: from localhost ([::1]:41469 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjOJm-00018a-G6 for patchwork-qemu-devel@patchwork.kernel.org; Mon, 12 Sep 2016 06:18:26 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51022) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjOBd-0002Wa-CV for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:10:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bjOBb-0004dl-2F for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:10:00 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:35960) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjOBa-0004Vr-Ot for qemu-devel@nongnu.org; Mon, 12 Sep 2016 06:09:58 -0400 Received: by mail-wm0-f67.google.com with SMTP id z194so512563wmd.3 for ; Mon, 12 Sep 2016 03:09:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=SfZJFoqmRBSauvm7UeG1Sr6tNLVp/d0ZNNd35eQ5Ch4=; b=Gfj6hAHNhCNMJvXy+ngDCvyZ2VX763fh9BXxHIlTPNzHVub3KC6+Y+5GS4MIFzbt9y avcOMdUfcutwXjU6IqslK5d+mEebzvFoD/Gj8L6TEWD9TOg6Oldq5sV8sr8RqvfWNGXt 49tw9diFuA/TumNWdE6cQ+phUY8tYIa2XPOZhdb4AzJy5Usvr68XU8uIjNGiJA3UvYD1 NIbtickMS7Tx8KI5ev3FX+HmiLxoA8oVvx2f69W3Dr+qN2uXM6kZPNeU3xm5KQOj7HP0 YuPvaYRGvGV649gu4B39aatOeL9EmiffMbFYmn+fmU0U/i8WtMNqoLKWlHktW9R2V7tf JQwQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=SfZJFoqmRBSauvm7UeG1Sr6tNLVp/d0ZNNd35eQ5Ch4=; b=Y1TTrQEFt49kzFYU4sj90NOV/IwakfZ1N4buBO2AOTSZY4FZxcA+65BehPa02qiroR yyxm1PnBBFgn70ucMw5cAqEKT+ZcdS6QbEoIeSTtAZ7tZaqn73KGdT0JhDj/8kJMd8Cr wRmF0CDTVx2o04j0nJfvxFDzubGh7pkMxOpM9Gtut0TpONine8PG3fPFOBcW1LLKZ81N yfd1twusOhqdjcwnwejEk16mSNgRdH16cmjdAWcrT2KKNUiwLvgsSbK9tItWZzotsG7v r0/trIsD709al0mV3BXRCrIOAFXuYMhbrRT8hRbdMpI4bdJzirjbVT9s+QFvsoAEpzl/ u7Bg== X-Gm-Message-State: AE9vXwOxQLyQqcbkXvdPIXFDa54kU4JugSOQ6eyes8lG7J+PfbXupoPjzfQnauyrN5GPjw== X-Received: by 10.194.68.8 with SMTP id r8mr10830288wjt.190.1473674917104; Mon, 12 Sep 2016 03:08:37 -0700 (PDT) Received: from debian.ameoba ([154.122.106.143]) by smtp.googlemail.com with ESMTPSA id gg10sm17153603wjd.4.2016.09.12.03.08.33 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 12 Sep 2016 03:08:36 -0700 (PDT) From: David Kiarie To: qemu-devel@nongnu.org Date: Mon, 12 Sep 2016 13:08:05 +0300 Message-Id: <1473674889-2727-3-git-send-email-davidkiarie4@gmail.com> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1473674889-2727-1-git-send-email-davidkiarie4@gmail.com> References: <1473674889-2727-1-git-send-email-davidkiarie4@gmail.com> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 74.125.82.67 Subject: [Qemu-devel] [v4 2/6] hw/i386: enforce SID verification X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ehabkost@redhat.com, rkrcmar@redhat.com, mst@redhat.com, peterx@redhat.com, alex.williamson@redhat.com, jan.kiszka@web.de, pbonzini@redhat.com, David Kiarie Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Platform devices are now able to make interrupt request with explicit SIDs hence we can safely expect triggered AddressSpace ID to match the requesting ID Signed-off-by: David Kiarie --- hw/i386/intel_iommu.c | 77 ++++++++++++++++++++++++++------------------------- 1 file changed, 39 insertions(+), 38 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index 496d836..e4bad6a 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -2043,43 +2043,41 @@ static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index, return -VTD_FR_IR_IRTE_RSVD; } - if (sid != X86_IOMMU_SID_INVALID) { - /* Validate IRTE SID */ - source_id = le32_to_cpu(entry->irte.source_id); - switch (entry->irte.sid_vtype) { - case VTD_SVT_NONE: - VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); - break; - - case VTD_SVT_ALL: - mask = vtd_svt_mask[entry->irte.sid_q]; - if ((source_id & mask) != (sid & mask)) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index " - "%d failed (reqid 0x%04x sid 0x%04x)", index, - sid, source_id); - return -VTD_FR_IR_SID_ERR; - } - break; + /* Validate IRTE SID */ + source_id = le32_to_cpu(entry->irte.source_id); + switch (entry->irte.sid_vtype) { + case VTD_SVT_NONE: + VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index); + break; - case VTD_SVT_BUS: - bus_max = source_id >> 8; - bus_min = source_id & 0xff; - bus = sid >> 8; - if (bus > bus_max || bus < bus_min) { - VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " - "failed (bus %d outside %d-%d)", index, bus, - bus_min, bus_max); - return -VTD_FR_IR_SID_ERR; - } - break; + case VTD_SVT_ALL: + mask = vtd_svt_mask[entry->irte.sid_q]; + if ((source_id & mask) != (sid & mask)) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index " + "%d failed (reqid 0x%04x sid 0x%04x)", index, + sid, source_id); + return -VTD_FR_IR_SID_ERR; + } + break; - default: - VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " - "%d", entry->irte.sid_vtype, index); - /* Take this as verification failure. */ + case VTD_SVT_BUS: + bus_max = source_id >> 8; + bus_min = source_id & 0xff; + bus = sid >> 8; + if (bus > bus_max || bus < bus_min) { + VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d " + "failed (bus %d outside %d-%d)", index, bus, + bus_min, bus_max); return -VTD_FR_IR_SID_ERR; - break; } + break; + + default: + VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index " + "%d", entry->irte.sid_vtype, index); + /* Take this as verification failure. */ + return -VTD_FR_IR_SID_ERR; + break; } return 0; @@ -2252,14 +2250,17 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr, { int ret = 0; MSIMessage from = {}, to = {}; - uint16_t sid = X86_IOMMU_SID_INVALID; + VTDAddressSpace *as = opaque; + uint16_t sid = PCI_BUILD_BDF(pci_bus_num(as->bus), as->devfn); from.address = (uint64_t) addr + VTD_INTERRUPT_ADDR_FIRST; from.data = (uint32_t) value; - if (!attrs.unspecified) { - /* We have explicit Source ID */ - sid = attrs.requester_id; + if (attrs.requester_id != sid) { + VTD_DPRINTF(GENERAL, "int remap request for sid 0x%04x" + " requester_id 0x%04x couldn't be verified", + sid, attrs.requester_id); + return MEMTX_ERROR; } ret = vtd_interrupt_remap_msi(opaque, &from, &to, sid); @@ -2325,7 +2326,7 @@ VTDAddressSpace *vtd_find_add_as(IntelIOMMUState *s, PCIBus *bus, int devfn) memory_region_init_iommu(&vtd_dev_as->iommu, OBJECT(s), &s->iommu_ops, "intel_iommu", UINT64_MAX); memory_region_init_io(&vtd_dev_as->iommu_ir, OBJECT(s), - &vtd_mem_ir_ops, s, "intel_iommu_ir", + &vtd_mem_ir_ops, vtd_dev_as, "intel_iommu_ir", VTD_INTERRUPT_ADDR_SIZE); memory_region_add_subregion(&vtd_dev_as->iommu, VTD_INTERRUPT_ADDR_FIRST, &vtd_dev_as->iommu_ir);