| Message ID | 2-v2-10ad79761833+40588-secure_msi_jgg@nvidia.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Remove IOMMU_CAP_INTR_REMAP | expand |
On Mon, Dec 12, 2022 at 02:45:56PM -0400, Jason Gunthorpe wrote: > +/** > + * iommu_group_has_isolated_msi() - Compute msi_device_has_isolated_msi() > + * for a group > + * @group: Group to query > + * > + * IOMMU groups should not have differing values of > + * msi_device_has_isolated_msi() for devices in a group. However nothing > + * directly prevents this, so ensure mistakes don't result in isolation failures > + * by checking that all the devices are the same. > + */ > +bool iommu_group_has_isolated_msi(struct iommu_group *group) > +{ > + struct group_device *group_dev; > + bool ret = true; > + > + mutex_lock(&group->mutex); > + list_for_each_entry(group_dev, &group->devices, list) > + ret &= msi_device_has_isolated_msi(group_dev->dev) || > + device_iommu_capable(group_dev->dev, > + IOMMU_CAP_INTR_REMAP); > + mutex_unlock(&group->mutex); I thought I had let this sit long enough for 0-day to check it, but nope, it needs a: @@ -30,6 +30,7 @@ #include <linux/cc_platform.h> #include <trace/events/iommu.h> #include <linux/sched/mm.h> +#include <linux/msi.h> #include "dma-iommu.h" For some configs Jason
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index d69ebba81bebd8..adb3f655bf5709 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -1881,6 +1881,31 @@ bool device_iommu_capable(struct device *dev, enum iommu_cap cap) } EXPORT_SYMBOL_GPL(device_iommu_capable); +/** + * iommu_group_has_isolated_msi() - Compute msi_device_has_isolated_msi() + * for a group + * @group: Group to query + * + * IOMMU groups should not have differing values of + * msi_device_has_isolated_msi() for devices in a group. However nothing + * directly prevents this, so ensure mistakes don't result in isolation failures + * by checking that all the devices are the same. + */ +bool iommu_group_has_isolated_msi(struct iommu_group *group) +{ + struct group_device *group_dev; + bool ret = true; + + mutex_lock(&group->mutex); + list_for_each_entry(group_dev, &group->devices, list) + ret &= msi_device_has_isolated_msi(group_dev->dev) || + device_iommu_capable(group_dev->dev, + IOMMU_CAP_INTR_REMAP); + mutex_unlock(&group->mutex); + return ret; +} +EXPORT_SYMBOL_GPL(iommu_group_has_isolated_msi); + /** * iommu_set_fault_handler() - set a fault handler for an iommu domain * @domain: iommu domain diff --git a/include/linux/iommu.h b/include/linux/iommu.h index 1690c334e51631..1753e819a63250 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -455,6 +455,7 @@ static inline const struct iommu_ops *dev_iommu_ops(struct device *dev) extern int bus_iommu_probe(struct bus_type *bus); extern bool iommu_present(struct bus_type *bus); extern bool device_iommu_capable(struct device *dev, enum iommu_cap cap); +extern bool iommu_group_has_isolated_msi(struct iommu_group *group); extern struct iommu_domain *iommu_domain_alloc(struct bus_type *bus); extern struct iommu_group *iommu_group_get_by_id(int id); extern void iommu_domain_free(struct iommu_domain *domain);
Compute the isolated_msi over all the devices in the IOMMU group because iommufd and vfio both need to know that the entire group is isolated before granting access to it. Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> --- drivers/iommu/iommu.c | 25 +++++++++++++++++++++++++ include/linux/iommu.h | 1 + 2 files changed, 26 insertions(+)