| Message ID | 20220325184609.4059963-2-rajatja@google.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Bjorn Helgaas |
| Headers | show |
| Series | [v5,1/2] PCI: ACPI: Support Microsoft's "DmaProperty" | expand |
On Fri, Mar 25, 2022 at 7:46 PM Rajat Jain <rajatja@google.com> wrote: > > Rename the field to make it more clear, that the device can execute DMA > attacks on the system, and thus the system may need protection from > such attacks from this device. > > No functional change intended. > > Signed-off-by: Rajat Jain <rajatja@google.com> > Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com> Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com> > --- > v5: Use "untrusted_dma" as property name, based on feedback. > Reorder the patches in the series. > v4: Initial version, created based on comments on other patch > > drivers/iommu/dma-iommu.c | 6 +++--- > drivers/iommu/intel/iommu.c | 2 +- > drivers/iommu/iommu.c | 2 +- > drivers/pci/ats.c | 2 +- > drivers/pci/pci-acpi.c | 2 +- > drivers/pci/pci.c | 2 +- > drivers/pci/probe.c | 8 ++++---- > drivers/pci/quirks.c | 2 +- > include/linux/pci.h | 5 +++-- > 9 files changed, 16 insertions(+), 15 deletions(-) > > diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c > index d85d54f2b549..7cbe300fe907 100644 > --- a/drivers/iommu/dma-iommu.c > +++ b/drivers/iommu/dma-iommu.c > @@ -497,14 +497,14 @@ static int iova_reserve_iommu_regions(struct device *dev, > return ret; > } > > -static bool dev_is_untrusted(struct device *dev) > +static bool dev_has_untrusted_dma(struct device *dev) > { > - return dev_is_pci(dev) && to_pci_dev(dev)->untrusted; > + return dev_is_pci(dev) && to_pci_dev(dev)->untrusted_dma; > } > > static bool dev_use_swiotlb(struct device *dev) > { > - return IS_ENABLED(CONFIG_SWIOTLB) && dev_is_untrusted(dev); > + return IS_ENABLED(CONFIG_SWIOTLB) && dev_has_untrusted_dma(dev); > } > > /** > diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c > index 92fea3fbbb11..9246b7c9ab46 100644 > --- a/drivers/iommu/intel/iommu.c > +++ b/drivers/iommu/intel/iommu.c > @@ -5570,7 +5570,7 @@ intel_iommu_enable_nesting(struct iommu_domain *domain) > */ > static bool risky_device(struct pci_dev *pdev) > { > - if (pdev->untrusted) { > + if (pdev->untrusted_dma) { > pci_info(pdev, > "Skipping IOMMU quirk for dev [%04X:%04X] on untrusted PCI link\n", > pdev->vendor, pdev->device); > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c > index 8b86406b7162..79fb66af2e68 100644 > --- a/drivers/iommu/iommu.c > +++ b/drivers/iommu/iommu.c > @@ -1522,7 +1522,7 @@ static int iommu_get_def_domain_type(struct device *dev) > { > const struct iommu_ops *ops = dev->bus->iommu_ops; > > - if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted) > + if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted_dma) > return IOMMU_DOMAIN_DMA; > > if (ops->def_domain_type) > diff --git a/drivers/pci/ats.c b/drivers/pci/ats.c > index c967ad6e2626..477c16ba9341 100644 > --- a/drivers/pci/ats.c > +++ b/drivers/pci/ats.c > @@ -42,7 +42,7 @@ bool pci_ats_supported(struct pci_dev *dev) > if (!dev->ats_cap) > return false; > > - return (dev->untrusted == 0); > + return (dev->untrusted_dma == 0); > } > EXPORT_SYMBOL_GPL(pci_ats_supported); > > diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c > index 378e05096c52..1d5a284c3661 100644 > --- a/drivers/pci/pci-acpi.c > +++ b/drivers/pci/pci-acpi.c > @@ -1362,7 +1362,7 @@ static void pci_acpi_check_for_dma_protection(struct pci_dev *dev) > return; > > if (val) > - dev->untrusted = 1; > + dev->untrusted_dma = 1; > } > > void pci_acpi_setup(struct device *dev, struct acpi_device *adev) > diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c > index 9ecce435fb3f..1fb0eb8646c8 100644 > --- a/drivers/pci/pci.c > +++ b/drivers/pci/pci.c > @@ -958,7 +958,7 @@ static void pci_std_enable_acs(struct pci_dev *dev) > ctrl |= (cap & PCI_ACS_UF); > > /* Enable Translation Blocking for external devices and noats */ > - if (pci_ats_disabled() || dev->external_facing || dev->untrusted) > + if (pci_ats_disabled() || dev->external_facing || dev->untrusted_dma) > ctrl |= (cap & PCI_ACS_TB); > > pci_write_config_word(dev, pos + PCI_ACS_CTRL, ctrl); > diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c > index 17a969942d37..d2a9b26fcede 100644 > --- a/drivers/pci/probe.c > +++ b/drivers/pci/probe.c > @@ -1587,7 +1587,7 @@ static void set_pcie_thunderbolt(struct pci_dev *dev) > dev->is_thunderbolt = 1; > } > > -static void set_pcie_untrusted(struct pci_dev *dev) > +static void pci_set_untrusted_dma(struct pci_dev *dev) > { > struct pci_dev *parent; > > @@ -1596,8 +1596,8 @@ static void set_pcie_untrusted(struct pci_dev *dev) > * untrusted as well. > */ > parent = pci_upstream_bridge(dev); > - if (parent && (parent->untrusted || parent->external_facing)) > - dev->untrusted = true; > + if (parent && (parent->untrusted_dma || parent->external_facing)) > + dev->untrusted_dma = true; > } > > static void pci_set_removable(struct pci_dev *dev) > @@ -1862,7 +1862,7 @@ int pci_setup_device(struct pci_dev *dev) > /* Need to have dev->cfg_size ready */ > set_pcie_thunderbolt(dev); > > - set_pcie_untrusted(dev); > + pci_set_untrusted_dma(dev); > > /* "Unknown power state" */ > dev->current_state = PCI_UNKNOWN; > diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c > index 5f46fed01e6c..7ca3c2cdfb20 100644 > --- a/drivers/pci/quirks.c > +++ b/drivers/pci/quirks.c > @@ -5134,7 +5134,7 @@ static int pci_quirk_enable_intel_spt_pch_acs(struct pci_dev *dev) > ctrl |= (cap & PCI_ACS_CR); > ctrl |= (cap & PCI_ACS_UF); > > - if (pci_ats_disabled() || dev->external_facing || dev->untrusted) > + if (pci_ats_disabled() || dev->external_facing || dev->untrusted_dma) > ctrl |= (cap & PCI_ACS_TB); > > pci_write_config_dword(dev, pos + INTEL_SPT_ACS_CTRL, ctrl); > diff --git a/include/linux/pci.h b/include/linux/pci.h > index 678fecdf6b81..b7c5fede0b93 100644 > --- a/include/linux/pci.h > +++ b/include/linux/pci.h > @@ -444,13 +444,14 @@ struct pci_dev { > unsigned int shpc_managed:1; /* SHPC owned by shpchp */ > unsigned int is_thunderbolt:1; /* Thunderbolt controller */ > /* > - * Devices marked being untrusted are the ones that can potentially > + * Devices marked with untrusted_dma are the ones that can potentially > * execute DMA attacks and similar. They are typically connected > * through external ports such as Thunderbolt but not limited to > * that. When an IOMMU is enabled they should be getting full > * mappings to make sure they cannot access arbitrary memory. > */ > - unsigned int untrusted:1; > + unsigned int untrusted_dma:1; > + > /* > * Info from the platform, e.g., ACPI or device tree, may mark a > * device as "external-facing". An external-facing device is > -- > 2.35.1.1021.g381101b075-goog >
diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c index d85d54f2b549..7cbe300fe907 100644 --- a/drivers/iommu/dma-iommu.c +++ b/drivers/iommu/dma-iommu.c @@ -497,14 +497,14 @@ static int iova_reserve_iommu_regions(struct device *dev, return ret; } -static bool dev_is_untrusted(struct device *dev) +static bool dev_has_untrusted_dma(struct device *dev) { - return dev_is_pci(dev) && to_pci_dev(dev)->untrusted; + return dev_is_pci(dev) && to_pci_dev(dev)->untrusted_dma; } static bool dev_use_swiotlb(struct device *dev) { - return IS_ENABLED(CONFIG_SWIOTLB) && dev_is_untrusted(dev); + return IS_ENABLED(CONFIG_SWIOTLB) && dev_has_untrusted_dma(dev); } /** diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c index 92fea3fbbb11..9246b7c9ab46 100644 --- a/drivers/iommu/intel/iommu.c +++ b/drivers/iommu/intel/iommu.c @@ -5570,7 +5570,7 @@ intel_iommu_enable_nesting(struct iommu_domain *domain) */ static bool risky_device(struct pci_dev *pdev) { - if (pdev->untrusted) { + if (pdev->untrusted_dma) { pci_info(pdev, "Skipping IOMMU quirk for dev [%04X:%04X] on untrusted PCI link\n", pdev->vendor, pdev->device); diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 8b86406b7162..79fb66af2e68 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -1522,7 +1522,7 @@ static int iommu_get_def_domain_type(struct device *dev) { const struct iommu_ops *ops = dev->bus->iommu_ops; - if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted) + if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted_dma) return IOMMU_DOMAIN_DMA; if (ops->def_domain_type) diff --git a/drivers/pci/ats.c b/drivers/pci/ats.c index c967ad6e2626..477c16ba9341 100644 --- a/drivers/pci/ats.c +++ b/drivers/pci/ats.c @@ -42,7 +42,7 @@ bool pci_ats_supported(struct pci_dev *dev) if (!dev->ats_cap) return false; - return (dev->untrusted == 0); + return (dev->untrusted_dma == 0); } EXPORT_SYMBOL_GPL(pci_ats_supported); diff --git a/drivers/pci/pci-acpi.c b/drivers/pci/pci-acpi.c index 378e05096c52..1d5a284c3661 100644 --- a/drivers/pci/pci-acpi.c +++ b/drivers/pci/pci-acpi.c @@ -1362,7 +1362,7 @@ static void pci_acpi_check_for_dma_protection(struct pci_dev *dev) return; if (val) - dev->untrusted = 1; + dev->untrusted_dma = 1; } void pci_acpi_setup(struct device *dev, struct acpi_device *adev) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index 9ecce435fb3f..1fb0eb8646c8 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -958,7 +958,7 @@ static void pci_std_enable_acs(struct pci_dev *dev) ctrl |= (cap & PCI_ACS_UF); /* Enable Translation Blocking for external devices and noats */ - if (pci_ats_disabled() || dev->external_facing || dev->untrusted) + if (pci_ats_disabled() || dev->external_facing || dev->untrusted_dma) ctrl |= (cap & PCI_ACS_TB); pci_write_config_word(dev, pos + PCI_ACS_CTRL, ctrl); diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 17a969942d37..d2a9b26fcede 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1587,7 +1587,7 @@ static void set_pcie_thunderbolt(struct pci_dev *dev) dev->is_thunderbolt = 1; } -static void set_pcie_untrusted(struct pci_dev *dev) +static void pci_set_untrusted_dma(struct pci_dev *dev) { struct pci_dev *parent; @@ -1596,8 +1596,8 @@ static void set_pcie_untrusted(struct pci_dev *dev) * untrusted as well. */ parent = pci_upstream_bridge(dev); - if (parent && (parent->untrusted || parent->external_facing)) - dev->untrusted = true; + if (parent && (parent->untrusted_dma || parent->external_facing)) + dev->untrusted_dma = true; } static void pci_set_removable(struct pci_dev *dev) @@ -1862,7 +1862,7 @@ int pci_setup_device(struct pci_dev *dev) /* Need to have dev->cfg_size ready */ set_pcie_thunderbolt(dev); - set_pcie_untrusted(dev); + pci_set_untrusted_dma(dev); /* "Unknown power state" */ dev->current_state = PCI_UNKNOWN; diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c index 5f46fed01e6c..7ca3c2cdfb20 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c @@ -5134,7 +5134,7 @@ static int pci_quirk_enable_intel_spt_pch_acs(struct pci_dev *dev) ctrl |= (cap & PCI_ACS_CR); ctrl |= (cap & PCI_ACS_UF); - if (pci_ats_disabled() || dev->external_facing || dev->untrusted) + if (pci_ats_disabled() || dev->external_facing || dev->untrusted_dma) ctrl |= (cap & PCI_ACS_TB); pci_write_config_dword(dev, pos + INTEL_SPT_ACS_CTRL, ctrl); diff --git a/include/linux/pci.h b/include/linux/pci.h index 678fecdf6b81..b7c5fede0b93 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -444,13 +444,14 @@ struct pci_dev { unsigned int shpc_managed:1; /* SHPC owned by shpchp */ unsigned int is_thunderbolt:1; /* Thunderbolt controller */ /* - * Devices marked being untrusted are the ones that can potentially + * Devices marked with untrusted_dma are the ones that can potentially * execute DMA attacks and similar. They are typically connected * through external ports such as Thunderbolt but not limited to * that. When an IOMMU is enabled they should be getting full * mappings to make sure they cannot access arbitrary memory. */ - unsigned int untrusted:1; + unsigned int untrusted_dma:1; + /* * Info from the platform, e.g., ACPI or device tree, may mark a * device as "external-facing". An external-facing device is