From patchwork Wed Mar  4 16:07:52 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Baptiste Reynal <b.reynal@virtualopensystems.com>
X-Patchwork-Id: 5937511
Return-Path: <kvm-owner@kernel.org>
X-Original-To: patchwork-kvm@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 8B912BF440
	for <patchwork-kvm@patchwork.kernel.org>;
	Wed,  4 Mar 2015 16:09:45 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 9DFA6202AE
	for <patchwork-kvm@patchwork.kernel.org>;
	Wed,  4 Mar 2015 16:09:41 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id BD65120272
	for <patchwork-kvm@patchwork.kernel.org>;
	Wed,  4 Mar 2015 16:09:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932159AbbCDQJh (ORCPT
	<rfc822;patchwork-kvm@patchwork.kernel.org>);
	Wed, 4 Mar 2015 11:09:37 -0500
Received: from mail-wi0-f172.google.com ([209.85.212.172]:38961 "EHLO
	mail-wi0-f172.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1759015AbbCDQIn (ORCPT <rfc822; kvm@vger.kernel.org>);
	Wed, 4 Mar 2015 11:08:43 -0500
Received: by widex7 with SMTP id ex7so31961273wid.4
	for <kvm@vger.kernel.org>; Wed, 04 Mar 2015 08:08:42 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=N9WDWdJcXN0Rr0V5hAimqaaBoYpRYQg60O5TcWkp/7Y=;
	b=fDyv1t7xEEzA+CYhEHLiaHAnkQ3+V0s8nlHnIMd78HJuGMjwIwzYGUi0MDz8sTMRNu
	R35Bfdmpv2Rmi0VjncAeP7c8Z3imtCSUoOk0R7jvVJFKTQKfEGmATaDd2y1I7WpTLXly
	ejyooqpKbRKQvCYb1BBggRIcoQkwEvvNubUlB1/LESltUNnWUlgJePCwzXkNDnQyPG4u
	2aGyId8x+OI4+QDF+gpS9ZKvgXZDtcwQeIUL03xrWKiQHPTbXh/29vpuvvo4L/TJaMY9
	jjzSYFLMfG+I4bCdSlM47fV6hjQoM6stcFOB6mQcvHfasWfwY4d1siEYvWjl4E65Mv+5
	2bEg==
X-Gm-Message-State: 
 ALoCoQlIro/8+ANu1/UytTIPKU1nxD6RTAvYCi/IepyXs58vJtkAXnL9M/M5Guh9Zntpyjqc4X/e
X-Received: by 10.194.63.206 with SMTP id i14mr9399562wjs.107.1425485319163;
	Wed, 04 Mar 2015 08:08:39 -0800 (PST)
Received: from localhost (LPuteaux-656-1-278-113.w80-15.abo.wanadoo.fr.
	[80.15.154.113]) by mx.google.com with ESMTPSA id
	ev7sm6541951wjb.47.2015.03.04.08.08.38
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 04 Mar 2015 08:08:38 -0800 (PST)
From: Baptiste Reynal <b.reynal@virtualopensystems.com>
To: iommu@lists.linux-foundation.org, kvmarm@lists.cs.columbia.edu
Cc: eric.auger@linaro.org, alex.williamson@redhat.com,
	tech@virtualopensystems.com,
	Antonios Motakis <a.motakis@virtualopensystems.com>,
	Baptiste Reynal <b.reynal@virtualopensystems.com>,
	kvm@vger.kernel.org (open list:VFIO DRIVER),
	linux-api@vger.kernel.org (open list:ABI/API),
	linux-kernel@vger.kernel.org (open list)
Subject: [PATCH v5 2/4] vfio: introduce the VFIO_DMA_MAP_FLAG_NOEXEC flag
Date: Wed,  4 Mar 2015 17:07:52 +0100
Message-Id: <1425485274-5709-3-git-send-email-b.reynal@virtualopensystems.com>
X-Mailer: git-send-email 2.3.1
In-Reply-To: 
 <1425485274-5709-1-git-send-email-b.reynal@virtualopensystems.com>
References: <1425485274-5709-1-git-send-email-b.reynal@virtualopensystems.com>
Sender: kvm-owner@vger.kernel.org
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Antonios Motakis <a.motakis@virtualopensystems.com>

We introduce the VFIO_DMA_MAP_FLAG_NOEXEC flag to the VFIO dma map call,
and expose its availability via the capability VFIO_DMA_NOEXEC_IOMMU.
This way the user can control whether the XN flag will be set on the
requested mappings. The IOMMU_NOEXEC flag needs to be available for all
the IOMMUs of the container used.

Signed-off-by: Antonios Motakis <a.motakis@virtualopensystems.com>
Signed-off-by: Baptiste Reynal <b.reynal@virtualopensystems.com>
---
 include/uapi/linux/vfio.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
index 5fb3d46..30801a7 100644
--- a/include/uapi/linux/vfio.h
+++ b/include/uapi/linux/vfio.h
@@ -31,6 +31,7 @@ enum vfio_iommu_cap {
 					   (ex. PCIe NoSnoop stripping) */
 	VFIO_EEH = 5,			/* Check if EEH is supported */
 	VFIO_TYPE1_NESTING_IOMMU = 6,	/* Two-stage IOMMU, implies v2  */
+	VFIO_DMA_NOEXEC_IOMMU = 7,
 };
 
 
@@ -397,12 +398,17 @@ struct vfio_iommu_type1_info {
  *
  * Map process virtual addresses to IO virtual addresses using the
  * provided struct vfio_dma_map. Caller sets argsz. READ &/ WRITE required.
+ *
+ * To use the VFIO_DMA_MAP_FLAG_NOEXEC flag, the container must support the
+ * VFIO_DMA_NOEXEC_IOMMU capability. If mappings are created using this flag,
+ * any groups subsequently added to the container must support this capability.
  */
 struct vfio_iommu_type1_dma_map {
 	__u32	argsz;
 	__u32	flags;
 #define VFIO_DMA_MAP_FLAG_READ (1 << 0)		/* readable from device */
 #define VFIO_DMA_MAP_FLAG_WRITE (1 << 1)	/* writable from device */
+#define VFIO_DMA_MAP_FLAG_NOEXEC (1 << 2)	/* not executable from device */
 	__u64	vaddr;				/* Process virtual address */
 	__u64	iova;				/* IO virtual address */
 	__u64	size;				/* Size of mapping (bytes) */