From patchwork Mon Aug 26 17:56:04 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 13778316
Return-Path: 
 <linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A52C3C5472D
	for <linux-arm-kernel@archiver.kernel.org>;
 Mon, 26 Aug 2024 17:58:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help
	:List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Transfer-Encoding:
	Content-Type:MIME-Version:Message-ID:Date:Subject:Cc:To:From:Reply-To:
	Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
	Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner;
	bh=gZKpTRJ8W7SkkE1KwvlOBmtitx/bdQNDzMKnknjtNFQ=; b=wBOHoy3vSaK89jjFVU+TOaHHUw
	KV5waIjUD64Wvz0cp4f9QGNmYW9WZk88UEJROYLj7TmCktG2bvelBbnRwOM+WdoaVETNL+fjpT4aW
	J1mWkWp8EuiscRnP2/jGznIIuuEeu8rEjuuV05/w5gfoXjOYaBIk/X6LHKG6YVu1wjmJ+XViy+fSq
	og+lHXez2XtCLq/m/ENnUEzGa7K8weLYcxc/YI4Cw3HS+00AHpKTJE4QqSUgs47AdCKVGQpjrUV2i
	xdMs8KgDQpUknKk85aXHwF/O0V49qXK2MSnotsvemSat2s/taAs1TtAKHkFipoZYIGzjYvClyXokR
	GwNuxMmA==;
Received: from localhost ([::1] helo=bombadil.infradead.org)
	by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sidyT-00000008Iq4-3dL2;
	Mon, 26 Aug 2024 17:57:53 +0000
Received: from mta-64-225.siemens.flowmailer.net ([185.136.64.225])
	by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux))
	id 1sidwu-00000008IQ2-0GS0
	for linux-arm-kernel@lists.infradead.org;
	Mon, 26 Aug 2024 17:56:18 +0000
Received: by mta-64-225.siemens.flowmailer.net with ESMTPSA id
 20240826175611526a27e9d98241bcd4
        for <linux-arm-kernel@lists.infradead.org>;
        Mon, 26 Aug 2024 19:56:11 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc;
 bh=gZKpTRJ8W7SkkE1KwvlOBmtitx/bdQNDzMKnknjtNFQ=;
 b=Mod5xaa8Cia6HwMpy2GXsGPsK2qr7oe8ld/H93MPnR3wf5oVYdFI7Dg/K6Z6ay5SZjK8ET
 Vdhflt8cOFXMOq0a//W6FTeODpVftQypgAd3JjSfE1cGmHgsgIA8CQ8/hxqM44gI6zzPPU8F
 KjBoKSKSNU9Wp83dbl9zD7rh1rs1YdwuGP5pUlh+VUsdkAkjDCUqDXxDhHNtPJhi2FwAN/TK
 4KMJVn9d9seJQCeQU1v1H6dtgnWXS8cVNXMpNpY8EAvOoMGl13IIpbPCdnVkvsZF8PL4xfiS
 gsR1+sBZgZZjKi7lWBuN46x9mtJO6drCaoP4AljNPhGiw+xd/w00OOAA==;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: Nishanth Menon <nm@ti.com>,
	Santosh Shilimkar <ssantosh@kernel.org>,
	Vignesh Raghavendra <vigneshr@ti.com>,
	Rob Herring <robh+dt@kernel.org>,
	Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
	Conor Dooley <conor+dt@kernel.org>
Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
 devicetree@vger.kernel.org, Siddharth Vadapalli <s-vadapalli@ti.com>,
 Bao Cheng Su <baocheng.su@siemens.com>, Hua Qian Li <huaqian.li@siemens.com>,
 Diogo Ivo <diogo.ivo@siemens.com>, Bjorn Helgaas <bhelgaas@google.com>,
	=?utf-8?q?Krzysztof_Wilczy=C5=84ski?= <kw@linux.com>,
 linux-pci@vger.kernel.org, Lorenzo Pieralisi <lpieralisi@kernel.org>
Subject: [PATCH 0/5] soc: ti: Add and use PVU on K3-AM65 for DMA isolation
Date: Mon, 26 Aug 2024 19:56:04 +0200
Message-ID: <cover.1724694969.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 
X-CRM114-CacheID: sfid-20240826_105616_695302_2C2C3476 
X-CRM114-Status: GOOD (  14.43  )
X-BeenThere: linux-arm-kernel@lists.infradead.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: <linux-arm-kernel.lists.infradead.org>
List-Unsubscribe: 
 <http://lists.infradead.org/mailman/options/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-arm-kernel/>
List-Post: <mailto:linux-arm-kernel@lists.infradead.org>
List-Help: <mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>
List-Subscribe: 
 <http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,
 <mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>
Sender: "linux-arm-kernel" <linux-arm-kernel-bounces@lists.infradead.org>
Errors-To: 
 linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org

Only few of the K3 SoCs have an IOMMU and, thus, can isolate the system
against DMA-based attacks of external PCI devices. The AM65 is without
an IOMMU, but it comes with something close to it: the Peripheral
Virtualization Unit (PVU).

The PVU was originally designed to establish static compartments via a
hypervisor, isolate those DMA-wise against each other and the host and
even allow remapping of guest-physical addresses. But it only provides
a static translation region, not page-granular mappings. Thus, it cannot
be handled transparently like an IOMMU.

Now, to use the PVU for the purpose of isolated PCI devices from the
Linux host, this series takes a different approach. It defines a
restricted-dma-pool for the PCI host, using swiotlb to map all DMA
buffers from a static memory carve-out. And to enforce that the devices
actually follow this, a special PVU soc driver is introduced. The driver
permits access to the GIC ITS and otherwise waits for other drivers that
detect devices with constrained DMA to register pools with the PVU.

For the AM65, the first (and possibly only) driver where this is
introduced is the pci-keystone host controller. Finally, this series
configures the IOT2050 devices (all have MiniPCIe or M.2 extension
slots) to make use of this protection scheme.

Due to the cross-cutting nature of these changes, multiple subsystems
are affected. However, I wanted to present the whole thing in one series
to allow everyone to review with the complete picture in hands. If
preferred, I can also split the series up, of course.

Jan

CC: Bjorn Helgaas <bhelgaas@google.com>
CC: "Krzysztof Wilczyński" <kw@linux.com>
CC: linux-pci@vger.kernel.org
CC: Lorenzo Pieralisi <lpieralisi@kernel.org>

Jan Kiszka (5):
  dt-bindings: soc: ti: Add AM65 peripheral virtualization unit
  soc: ti: Add IOMPU-like PVU driver
  arm64: dts: ti: k3-am65-main: Add VMAP registers to PCI root complexes
  PCI: keystone: Add supported for PVU-based DMA isolation on AM654
  arm64: dts: ti: iot2050: Enforce DMA isolation for devices behind PCI
    RC

 .../bindings/soc/ti/ti,am654-pvu.yaml         |  48 ++
 .../boot/dts/ti/k3-am65-iot2050-common.dtsi   |  32 ++
 arch/arm64/boot/dts/ti/k3-am65-main.dtsi      |  18 +-
 drivers/pci/controller/dwc/pci-keystone.c     | 101 ++++
 drivers/soc/ti/Kconfig                        |   4 +
 drivers/soc/ti/Makefile                       |   1 +
 drivers/soc/ti/ti-pvu.c                       | 487 ++++++++++++++++++
 include/linux/ti-pvu.h                        |  11 +
 8 files changed, 698 insertions(+), 4 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/soc/ti/ti,am654-pvu.yaml
 create mode 100644 drivers/soc/ti/ti-pvu.c
 create mode 100644 include/linux/ti-pvu.h