From patchwork Fri May 15 10:43:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 11551105 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 475A5739 for ; Fri, 15 May 2020 10:48:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 31C7F2074D for ; Fri, 15 May 2020 10:48:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="d8QewLSv" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728139AbgEOKsb (ORCPT ); Fri, 15 May 2020 06:48:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56328 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728129AbgEOKsb (ORCPT ); Fri, 15 May 2020 06:48:31 -0400 Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7B25C061A0C for ; Fri, 15 May 2020 03:48:30 -0700 (PDT) Received: by mail-wm1-x344.google.com with SMTP id z72so2141969wmc.2 for ; Fri, 15 May 2020 03:48:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MESJTjk++c2lj6OjtUD3TbcX3ekoiLAlqLoQdQYenvk=; b=d8QewLSvnJpTn6f8rKB+iC7zL5g4c4zD4gf9Y5c58fo+EWwMkk3YHySYd9hhSQj+R5 FtRM7iGqWUoDtBI3d64vkhP3ewTf0dPfnHlNzG1spLfWpiC6bh53mz+VswdP4TIl6iK/ IAy+POK20EjpGebSxDJFa8vAl12orzLTbfozqcFuR8eQDkbwT0Jw4Yjn4tVR+qDkqyh7 F2xJxcunlRjjcDBXrBsRGayTerKPqgLZn9JGXj0rsSf/599MitB9ROn5P6u02Jw3P7DY klaJCMzuR+677XbhASvrvRdqWHRaKKiH9YxoXbqAtFlvxCeNXzudfnXqKjWk659I3pc4 KUlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MESJTjk++c2lj6OjtUD3TbcX3ekoiLAlqLoQdQYenvk=; b=gFvPzW1wf/EFz2hRO3vNMUMgrpmvVJkOuFC2KMJNt/qpC1JXILeskdyKHDSCbBVTZP spoUi9VRtvhW05p+yBy7E7EYJUKuYZDnUUYtfVXbu/EO//mBuWdLWs/uY5BHexrOVnCz x+X98iAxiAuSqN24ekZjOmeqHqvGY0dTTxBsrwCxa1g6DSU3C9JFRhPVIcPFX1NR5Pcg e3Feh/lRwt8uN2ijVUkf8UyOrmQCekrOiNAUaRVhyvi4YvTURxUkBJF3y+9ezu6k725H sv26t7vG8tqstggIs3pqhm9UGD85fFQBdzh8qPFp1lg7eL3+7XmXsLitOKcZbMa1wS8m OqEQ== X-Gm-Message-State: AOAM532vvK2mGVqP6vZdWY6GkWS8u5kGLt/0el1tiF275ifJXV77XqD8 hWQEx9rWxRcBK+5c+MphaiDHfjeuwb0= X-Google-Smtp-Source: ABdhPJxoIQKh0Dl64xNJbAfP1xeyXsKEMQXWWN7NWj2VTSJfKf04HR+XDlR3TmJZkICfK6ATTtGKnA== X-Received: by 2002:a05:600c:2219:: with SMTP id z25mr3356941wml.128.1589539709090; Fri, 15 May 2020 03:48:29 -0700 (PDT) Received: from localhost.localdomain ([2001:171b:226e:c200:c43b:ef78:d083:b355]) by smtp.gmail.com with ESMTPSA id h27sm3510392wrc.46.2020.05.15.03.48.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 May 2020 03:48:28 -0700 (PDT) From: Jean-Philippe Brucker To: linux-pci@vger.kernel.org, linux-arm-kernel@lists.infradead.org, iommu@lists.linux-foundation.org, joro@8bytes.org, bhelgaas@google.com Cc: will@kernel.org, robin.murphy@arm.com, dwmw2@infradead.org, baolu.lu@linux.intel.com, ashok.raj@intel.com, alex.williamson@redhat.com, Jean-Philippe Brucker Subject: [PATCH 1/4] PCI/ATS: Only enable ATS for trusted devices Date: Fri, 15 May 2020 12:43:59 +0200 Message-Id: <20200515104359.1178606-2-jean-philippe@linaro.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200515104359.1178606-1-jean-philippe@linaro.org> References: <20200515104359.1178606-1-jean-philippe@linaro.org> MIME-Version: 1.0 Sender: linux-pci-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pci@vger.kernel.org Add pci_ats_supported(), which checks whether a device has an ATS capability, and whether it is trusted. A device is untrusted if it is plugged into an external-facing port such as Thunderbolt and could be spoof an existing device to exploit weaknesses in the IOMMU configuration. PCIe ATS is one such weaknesses since it allows endpoints to cache IOMMU translations and emit transactions with 'Translated' Address Type (10b) that partially bypass the IOMMU translation. The SMMUv3 and VT-d IOMMU drivers already disallow ATS and transactions with 'Translated' Address Type for untrusted devices. Add the check to pci_enable_ats() to let other drivers (AMD IOMMU for now) benefit from it. By checking ats_cap, the pci_ats_supported() helper also returns whether ATS was globally disabled with pci=noats, and could later include more things, for example whether the whole PCIe hierarchy down to the endpoint supports ATS. Signed-off-by: Jean-Philippe Brucker Reviewed-by: Joerg Roedel Acked-by: Bjorn Helgaas --- include/linux/pci-ats.h | 3 +++ drivers/pci/ats.c | 18 +++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/include/linux/pci-ats.h b/include/linux/pci-ats.h index d08f0869f1213e..f75c307f346de9 100644 --- a/include/linux/pci-ats.h +++ b/include/linux/pci-ats.h @@ -6,11 +6,14 @@ #ifdef CONFIG_PCI_ATS /* Address Translation Service */ +bool pci_ats_supported(struct pci_dev *dev); int pci_enable_ats(struct pci_dev *dev, int ps); void pci_disable_ats(struct pci_dev *dev); int pci_ats_queue_depth(struct pci_dev *dev); int pci_ats_page_aligned(struct pci_dev *dev); #else /* CONFIG_PCI_ATS */ +static inline bool pci_ats_supported(struct pci_dev *d) +{ return false; } static inline int pci_enable_ats(struct pci_dev *d, int ps) { return -ENODEV; } static inline void pci_disable_ats(struct pci_dev *d) { } diff --git a/drivers/pci/ats.c b/drivers/pci/ats.c index 390e92f2d8d1fc..15fa0c37fd8e44 100644 --- a/drivers/pci/ats.c +++ b/drivers/pci/ats.c @@ -30,6 +30,22 @@ void pci_ats_init(struct pci_dev *dev) dev->ats_cap = pos; } +/** + * pci_ats_supported - check if the device can use ATS + * @dev: the PCI device + * + * Returns true if the device supports ATS and is allowed to use it, false + * otherwise. + */ +bool pci_ats_supported(struct pci_dev *dev) +{ + if (!dev->ats_cap) + return false; + + return !dev->untrusted; +} +EXPORT_SYMBOL_GPL(pci_ats_supported); + /** * pci_enable_ats - enable the ATS capability * @dev: the PCI device @@ -42,7 +58,7 @@ int pci_enable_ats(struct pci_dev *dev, int ps) u16 ctrl; struct pci_dev *pdev; - if (!dev->ats_cap) + if (!pci_ats_supported(dev)) return -EINVAL; if (WARN_ON(dev->ats_enabled)) From patchwork Fri May 15 10:44:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 11551107 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 58450739 for ; Fri, 15 May 2020 10:48:34 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 42B2520759 for ; Fri, 15 May 2020 10:48:34 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="P6/7hIE4" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728144AbgEOKsd (ORCPT ); Fri, 15 May 2020 06:48:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728129AbgEOKsd (ORCPT ); Fri, 15 May 2020 06:48:33 -0400 Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A9556C061A0C for ; Fri, 15 May 2020 03:48:32 -0700 (PDT) Received: by mail-wm1-x343.google.com with SMTP id k12so1835947wmj.3 for ; Fri, 15 May 2020 03:48:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=guIyIxw2Cj+e2cp6UNPEu5aERqphnHRHK0daLjNZEtg=; b=P6/7hIE4DwjSbFHn0gUenOd7tQIjElNY44np4Xp3owXyeiZ5/eDrsF2jXhN1HFtXI9 mzI4y6p5DgU2UcrYdlCXB96VGS31EbpJJbdZ9F86VezeEZeC0/al4dI1yjpzsPObxXFq bH1rMvZMRi2LIS/5qWwon90KoCmlhOIT8yk6ptHFuyroaHqPfVbNWqX4o+QJrImdJg1K yVQAnTXoaK5haWRQFRYea+uFgN4n5RLlto9awJagAWmH0iE5BZWxjLgcRKzajZy0eLZ/ 94povR05970KSOg2HzI7zF8fn1cxzEnzDPqenijZflhH7uWaKOz7YHkN5wHpu/4kyjB0 AxGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=guIyIxw2Cj+e2cp6UNPEu5aERqphnHRHK0daLjNZEtg=; b=Y7x74rfzZXorIHmwj9OH1scnpdBpUz6HSXJhV8X+CuhAb4VMyZVmtbfDiV0un0Yaqy B+ly+j5DZP8o12ViFRGOT1Zodc+hIctAOZQ2QOuSjdLR/CVQg7iLHzN7su8wOZInbUmN U9H2n4vRb0lJfW+3Ac6PBQgAgZf7e90yVSqWwWkgfQCUCRDmACvsVrWPNlsOVFl3wmaQ yCguTwcZWePCKljfNXItRN49+AnFptvQF8jm0xkQAzeoGFR37/TGwB8HU/i6KIW3OVOs icCe0x55qx7O+Q2gVDNiVVwT6ttmQebm7suosqxxO9yw71HX0q0MtiLyqUXbahGNrhX2 i6Qw== X-Gm-Message-State: AOAM531tPpye0+sB0ai4bBnw63pUsZIPX/GW+XSRUIrskeUoFRYqiIn5 9TrpIYnVqToc4h6QcY7elK2XyDXA/wU= X-Google-Smtp-Source: ABdhPJwOoccKW1cdQKZVyETbXOshCl3JLZVuvoDXSwsZotxA+Esgngps5B0KVjlnEG+HNrZiI1lhug== X-Received: by 2002:a1c:1d12:: with SMTP id d18mr3248638wmd.109.1589539711093; Fri, 15 May 2020 03:48:31 -0700 (PDT) Received: from localhost.localdomain ([2001:171b:226e:c200:c43b:ef78:d083:b355]) by smtp.gmail.com with ESMTPSA id h27sm3510392wrc.46.2020.05.15.03.48.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 May 2020 03:48:30 -0700 (PDT) From: Jean-Philippe Brucker To: linux-pci@vger.kernel.org, linux-arm-kernel@lists.infradead.org, iommu@lists.linux-foundation.org, joro@8bytes.org, bhelgaas@google.com Cc: will@kernel.org, robin.murphy@arm.com, dwmw2@infradead.org, baolu.lu@linux.intel.com, ashok.raj@intel.com, alex.williamson@redhat.com, Jean-Philippe Brucker Subject: [PATCH 2/4] iommu/amd: Use pci_ats_supported() Date: Fri, 15 May 2020 12:44:00 +0200 Message-Id: <20200515104359.1178606-3-jean-philippe@linaro.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200515104359.1178606-1-jean-philippe@linaro.org> References: <20200515104359.1178606-1-jean-philippe@linaro.org> MIME-Version: 1.0 Sender: linux-pci-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pci@vger.kernel.org The pci_ats_supported() function checks if a device supports ATS and is allowed to use it. In addition to checking that the device has an ATS capability and that the global pci=noats is not set (pci_ats_disabled()), it also checks if a device is untrusted. A device is untrusted if it is plugged into an external-facing port such as Thunderbolt and could be spoofing an existing device to exploit weaknesses in the IOMMU configuration. By calling pci_ats_supported() we keep DTE[I]=0 for untrusted devices and abort transactions with Pretranslated Addresses. Signed-off-by: Jean-Philippe Brucker Reviewed-by: Joerg Roedel --- drivers/iommu/amd_iommu.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c index 1dc3718560d0e8..8b7a9e811d33a6 100644 --- a/drivers/iommu/amd_iommu.c +++ b/drivers/iommu/amd_iommu.c @@ -313,16 +313,15 @@ static struct iommu_group *acpihid_device_group(struct device *dev) static bool pci_iommuv2_capable(struct pci_dev *pdev) { static const int caps[] = { - PCI_EXT_CAP_ID_ATS, PCI_EXT_CAP_ID_PRI, PCI_EXT_CAP_ID_PASID, }; int i, pos; - if (pci_ats_disabled()) + if (!pci_ats_supported(pdev)) return false; - for (i = 0; i < 3; ++i) { + for (i = 0; i < 2; ++i) { pos = pci_find_ext_capability(pdev, caps[i]); if (pos == 0) return false; @@ -3150,11 +3149,8 @@ int amd_iommu_device_info(struct pci_dev *pdev, memset(info, 0, sizeof(*info)); - if (!pci_ats_disabled()) { - pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_ATS); - if (pos) - info->flags |= AMD_IOMMU_DEVICE_FLAG_ATS_SUP; - } + if (pci_ats_supported(pdev)) + info->flags |= AMD_IOMMU_DEVICE_FLAG_ATS_SUP; pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI); if (pos) From patchwork Fri May 15 10:44:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 11551109 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id C8745912 for ; Fri, 15 May 2020 10:48:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B26BC20758 for ; Fri, 15 May 2020 10:48:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="dkOgLaKZ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728163AbgEOKsf (ORCPT ); Fri, 15 May 2020 06:48:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56338 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728129AbgEOKse (ORCPT ); Fri, 15 May 2020 06:48:34 -0400 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 59E69C061A0C for ; Fri, 15 May 2020 03:48:34 -0700 (PDT) Received: by mail-wm1-x341.google.com with SMTP id g12so2135876wmh.3 for ; Fri, 15 May 2020 03:48:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=a6JIJM0/qnszNf/C3W1cfcENgwZD3tV9sE5r5AxKEdg=; b=dkOgLaKZgNbakPSRP7Xg1d2JPezWp8Wzc1IN+YzL2ukDlFUygw/oa6EQT8M2XqlTCz ITuN9QV0ywXV4ofR0kNh80z4tPGwVKsquc97eBK0CNEg2BYVNSMTj1o2Yb6UmqWBZjlr emzsm96xD2Kux4hLaBarRZQBAp3yJfXZIivFaOPGiHJuYf54/TcIl8cjoir+CegBn4h5 AUVDdqHMF39wOISbc3FOzNe14afan4JQcxWpHPjxTLLpCXVr5MCCJeKyux6V/PE1Vq06 Yw2WLEGTT679r7+OHD3vu1UOAOa/JxgOgbnXPMPb4TRcdsa2DVkMDiz0+9UOx0d5UhRT +32A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=a6JIJM0/qnszNf/C3W1cfcENgwZD3tV9sE5r5AxKEdg=; b=rp+aDNRvVu9OQkhSumPt7tGyRR8J7UJbyq1PdI/q4h4Z3GzdkU4k4UXwXejMnrUzsZ 1piq5w1F3fBY59zOO1PHW6sev7vYsrprDJgz0CfyV1w5gpY3ArrQaZcyn1PCWT4mz9Uf 5TsVK2ixNZV9E2OQK+7s4YlFg8218PYUQeQ94v3AzLRrc4EtwO18RBfdGY0j0V2zYGQp pkZ9OFArxsv+VPiWaFLAM38+9m41xOQs7RHdFMCVX5BfPUKnUv4MION728CRzcwKKOXS 0D0S8oA2E09V+oSjUJPsbZaAivyoJ1gyQGsfsOqPaU6Vj5+ELp43q23WV09Iu9CLchAd PGGA== X-Gm-Message-State: AOAM531SFLApNq6nMq3fimsz6zYPAAKYvdqDVvSBn1qXLcs8QYnRFcMb Nncs9PSVOsEeNMuDrRAKJx30kJ+5xUE= X-Google-Smtp-Source: ABdhPJzAXq9W8ciuEA3yi7eG0GjsyM8zeMTSGluCiWiblbXlc1dMrCYhmrkIsv/zARo7bX3QPoZVEA== X-Received: by 2002:a7b:c205:: with SMTP id x5mr3518890wmi.135.1589539712724; Fri, 15 May 2020 03:48:32 -0700 (PDT) Received: from localhost.localdomain ([2001:171b:226e:c200:c43b:ef78:d083:b355]) by smtp.gmail.com with ESMTPSA id h27sm3510392wrc.46.2020.05.15.03.48.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 May 2020 03:48:32 -0700 (PDT) From: Jean-Philippe Brucker To: linux-pci@vger.kernel.org, linux-arm-kernel@lists.infradead.org, iommu@lists.linux-foundation.org, joro@8bytes.org, bhelgaas@google.com Cc: will@kernel.org, robin.murphy@arm.com, dwmw2@infradead.org, baolu.lu@linux.intel.com, ashok.raj@intel.com, alex.williamson@redhat.com, Jean-Philippe Brucker Subject: [PATCH 3/4] iommu/arm-smmu-v3: Use pci_ats_supported() Date: Fri, 15 May 2020 12:44:01 +0200 Message-Id: <20200515104359.1178606-4-jean-philippe@linaro.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200515104359.1178606-1-jean-philippe@linaro.org> References: <20200515104359.1178606-1-jean-philippe@linaro.org> MIME-Version: 1.0 Sender: linux-pci-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pci@vger.kernel.org The new pci_ats_supported() function checks if a device supports ATS and is allowed to use it. Signed-off-by: Jean-Philippe Brucker --- I dropped the Ack because I slightly changed the patch to keep the fwspec check, since last version: https://lore.kernel.org/linux-iommu/20200311124506.208376-8-jean-philippe@linaro.org/ --- drivers/iommu/arm-smmu-v3.c | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/drivers/iommu/arm-smmu-v3.c b/drivers/iommu/arm-smmu-v3.c index 82508730feb7a1..39b935e86ab203 100644 --- a/drivers/iommu/arm-smmu-v3.c +++ b/drivers/iommu/arm-smmu-v3.c @@ -2652,26 +2652,16 @@ static void arm_smmu_install_ste_for_dev(struct arm_smmu_master *master) } } -#ifdef CONFIG_PCI_ATS static bool arm_smmu_ats_supported(struct arm_smmu_master *master) { - struct pci_dev *pdev; + struct device *dev = master->dev; struct arm_smmu_device *smmu = master->smmu; - struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(master->dev); - - if (!(smmu->features & ARM_SMMU_FEAT_ATS) || !dev_is_pci(master->dev) || - !(fwspec->flags & IOMMU_FWSPEC_PCI_RC_ATS) || pci_ats_disabled()) - return false; + struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev); - pdev = to_pci_dev(master->dev); - return !pdev->untrusted && pdev->ats_cap; + return (smmu->features & ARM_SMMU_FEAT_ATS) && + !(fwspec->flags & IOMMU_FWSPEC_PCI_RC_ATS) && + dev_is_pci(dev) && pci_ats_supported(to_pci_dev(dev)); } -#else -static bool arm_smmu_ats_supported(struct arm_smmu_master *master) -{ - return false; -} -#endif static void arm_smmu_enable_ats(struct arm_smmu_master *master) { From patchwork Fri May 15 10:44:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jean-Philippe Brucker X-Patchwork-Id: 11551111 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 71BAB912 for ; Fri, 15 May 2020 10:48:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5145320759 for ; Fri, 15 May 2020 10:48:37 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="PXoZE6nG" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728190AbgEOKsg (ORCPT ); Fri, 15 May 2020 06:48:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56344 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728181AbgEOKsg (ORCPT ); Fri, 15 May 2020 06:48:36 -0400 Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C23EDC061A0C for ; Fri, 15 May 2020 03:48:35 -0700 (PDT) Received: by mail-wm1-x343.google.com with SMTP id g12so2135975wmh.3 for ; Fri, 15 May 2020 03:48:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MQtP8fzJz2WKoMPMUWscfluDC7EhkHyxwXwDt+F/8Xo=; b=PXoZE6nGzWzeAjrZVC4Q8qDDJTcc+HjmAowWP2rxhAIl1x1saIXWkTrkuPyrwa3NHP yrSv8e2Hjy2yjlQ/runzqAADNByuuHASzKQn8JA/1UhZgEWKA+p+jj27buLk3nW/ROpD BPr61cO2ih0JqRMJtrloloi8lbgPItEok935Uw5/8hRNcmgMeRL6CftHv+yKS3l+s4WU iESxSPLqBjOeOA1KNZ7Y8/xjV9pWdJuANUQ8ZqvPc6wo+18lh8W3H7PofN1Gy/QF9Qth 9hzcKT3MJdHAOaU/4IZQhzr/TKH/vkQjAFAtWKUVxBt4zMkvFJDnNIrBHa8WoNQEbB+/ SUHA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MQtP8fzJz2WKoMPMUWscfluDC7EhkHyxwXwDt+F/8Xo=; b=ZBJ/imMPOWYF4qKmFi5xMFPOs9pw4DAQI82WR992zlft0WgTRnUykvvyESqQRgiAyM EizO00weJZJlgGefCQhzATpKF37VB8siec88gISPWryqQvQSFMrRURsrcU1K+QaYP6og OPdsZr44T2467BLOOIQasfXNfpjn1vgfXX4HbgGucVw33jsA0rpFUxLNzSt28m5QXpbr ZNYdnXuw94ObfiAqAXkiLVGOeeE5jSJtyhUEtBg8eilV5dSqWYY7V6RG5yIhxRh07TYr 8/b1U88YYanEl/2hDD4wBakMcAvs0gOfEEUVmamiamFl/QL97WmwLng+qdUT5qmQ4SDc 0sxw== X-Gm-Message-State: AOAM530FgJ44jOnoBdJyvzac1dbt/w/sNeuBhUaYKiD9+jd71U23vX0/ CDdC6EzGDzLYaj53X5uNicd/AyzGZ14= X-Google-Smtp-Source: ABdhPJxehzJSSp1pQ/plR94V1b9IyYmarD9UuBiSu3T4yL++xWMNQCc3xOjcNEKwI82yKNouA7z5hw== X-Received: by 2002:a1c:7e4f:: with SMTP id z76mr3410526wmc.177.1589539714209; Fri, 15 May 2020 03:48:34 -0700 (PDT) Received: from localhost.localdomain ([2001:171b:226e:c200:c43b:ef78:d083:b355]) by smtp.gmail.com with ESMTPSA id h27sm3510392wrc.46.2020.05.15.03.48.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 15 May 2020 03:48:33 -0700 (PDT) From: Jean-Philippe Brucker To: linux-pci@vger.kernel.org, linux-arm-kernel@lists.infradead.org, iommu@lists.linux-foundation.org, joro@8bytes.org, bhelgaas@google.com Cc: will@kernel.org, robin.murphy@arm.com, dwmw2@infradead.org, baolu.lu@linux.intel.com, ashok.raj@intel.com, alex.williamson@redhat.com, Jean-Philippe Brucker Subject: [PATCH 4/4] iommu/vt-d: Use pci_ats_supported() Date: Fri, 15 May 2020 12:44:02 +0200 Message-Id: <20200515104359.1178606-5-jean-philippe@linaro.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200515104359.1178606-1-jean-philippe@linaro.org> References: <20200515104359.1178606-1-jean-philippe@linaro.org> MIME-Version: 1.0 Sender: linux-pci-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-pci@vger.kernel.org The pci_ats_supported() helper checks if a device supports ATS and is allowed to use it. By checking the ATS capability it also integrates the pci_ats_disabled() check from pci_ats_init(). Simplify the vt-d checks. Acked-by: Lu Baolu Signed-off-by: Jean-Philippe Brucker --- drivers/iommu/intel-iommu.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c index 0182cff2c7ac75..ed21ce6d123810 100644 --- a/drivers/iommu/intel-iommu.c +++ b/drivers/iommu/intel-iommu.c @@ -1454,8 +1454,7 @@ static void iommu_enable_dev_iotlb(struct device_domain_info *info) !pci_reset_pri(pdev) && !pci_enable_pri(pdev, 32)) info->pri_enabled = 1; #endif - if (!pdev->untrusted && info->ats_supported && - pci_ats_page_aligned(pdev) && + if (info->ats_supported && pci_ats_page_aligned(pdev) && !pci_enable_ats(pdev, VTD_PAGE_SHIFT)) { info->ats_enabled = 1; domain_update_iotlb(info->domain); @@ -2611,10 +2610,8 @@ static struct dmar_domain *dmar_insert_one_dev_info(struct intel_iommu *iommu, if (dev && dev_is_pci(dev)) { struct pci_dev *pdev = to_pci_dev(info->dev); - if (!pdev->untrusted && - !pci_ats_disabled() && - ecap_dev_iotlb_support(iommu->ecap) && - pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_ATS) && + if (ecap_dev_iotlb_support(iommu->ecap) && + pci_ats_supported(pdev) && dmar_find_matched_atsr_unit(pdev)) info->ats_supported = 1;