From: Lu Baolu <baolu.lu@linux.intel.com>
To: David Woodhouse <dwmw2@infradead.org>, Joerg Roedel <joro@8bytes.org>
Cc: ashok.raj@intel.com, sanjay.k.kumar@intel.com,
jacob.jun.pan@intel.com, kevin.tian@intel.com,
yi.l.liu@intel.com, yi.y.sun@intel.com,
iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org,
Lu Baolu <baolu.lu@linux.intel.com>,
Jacob Pan <jacob.jun.pan@linux.intel.com>
Subject: [PATCH 5/9] iommu/vt-d: Per domain pasid table interfaces
Date: Tue, 17 Apr 2018 11:03:18 +0800 [thread overview]
Message-ID: <1523934202-21669-6-git-send-email-baolu.lu@linux.intel.com> (raw)
In-Reply-To: <1523934202-21669-1-git-send-email-baolu.lu@linux.intel.com>
This patch adds the interfaces for per domain pasid table
management. Currently we allocate one pasid table for all
devices under the scope of an IOMMU. It's insecure in the
cases where multiple devices under one single IOMMU unit
support PASID feature. With per domain pasid table, we can
achieve finer protection and isolation granularity.
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Jacob Pan <jacob.jun.pan@linux.intel.com>
Cc: Kevin Tian <kevin.tian@intel.com>
Cc: Liu Yi L <yi.l.liu@intel.com>
Suggested-by: Ashok Raj <ashok.raj@intel.com>
Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com>
---
drivers/iommu/intel-pasid.c | 75 +++++++++++++++++++++++++++++++++++++++++++++
drivers/iommu/intel-pasid.h | 4 +++
include/linux/intel-iommu.h | 5 +++
3 files changed, 84 insertions(+)
diff --git a/drivers/iommu/intel-pasid.c b/drivers/iommu/intel-pasid.c
index 0690f39..b8691a6 100644
--- a/drivers/iommu/intel-pasid.c
+++ b/drivers/iommu/intel-pasid.c
@@ -13,6 +13,7 @@
#include <linux/intel-iommu.h>
#include <linux/iommu.h>
#include <linux/memory.h>
+#include <linux/pci.h>
#include <linux/spinlock.h>
#include "intel-pasid.h"
@@ -58,3 +59,77 @@ void *intel_pasid_lookup_id(int pasid)
return p;
}
+
+/*
+ * Interfaces for per domain pasid table management:
+ */
+int intel_pasid_alloc_table(struct device *dev, size_t entry_size,
+ size_t entry_count)
+{
+ struct device_domain_info *info;
+ struct dmar_domain *domain;
+ struct page *pages;
+ int order;
+
+ info = dev->archdata.iommu;
+ if (WARN_ON(!info || !dev_is_pci(dev) ||
+ !info->pasid_supported ||
+ !info->domain))
+ return -EINVAL;
+
+ domain = info->domain;
+
+ if (entry_count > intel_pasid_max_id)
+ entry_count = intel_pasid_max_id;
+
+ order = get_order(entry_size * entry_count);
+ pages = alloc_pages_node(domain->nid, GFP_KERNEL | __GFP_ZERO, order);
+ if (!pages)
+ return -ENOMEM;
+
+ spin_lock(&pasid_lock);
+ if (domain->pasid_table) {
+ __free_pages(pages, order);
+ } else {
+ domain->pasid_table = page_address(pages);
+ domain->order = order;
+ domain->max_pasid = entry_count;
+ }
+ domain->pasid_users++;
+ spin_unlock(&pasid_lock);
+
+ return 0;
+}
+
+void intel_pasid_free_table(struct device *dev)
+{
+ struct dmar_domain *domain;
+
+ domain = get_valid_domain_for_dev(dev);
+ if (!domain || !dev_is_pci(dev))
+ return;
+
+ spin_lock(&pasid_lock);
+ if (domain->pasid_table) {
+ domain->pasid_users--;
+ if (!domain->pasid_users) {
+ free_pages((unsigned long)domain->pasid_table,
+ domain->order);
+ domain->pasid_table = NULL;
+ domain->order = 0;
+ domain->max_pasid = 0;
+ }
+ }
+ spin_unlock(&pasid_lock);
+}
+
+void *intel_pasid_get_table(struct device *dev)
+{
+ struct dmar_domain *domain;
+
+ domain = get_valid_domain_for_dev(dev);
+ if (!domain)
+ return NULL;
+
+ return domain->pasid_table;
+}
diff --git a/drivers/iommu/intel-pasid.h b/drivers/iommu/intel-pasid.h
index 0c36af0..a90c60b 100644
--- a/drivers/iommu/intel-pasid.h
+++ b/drivers/iommu/intel-pasid.h
@@ -26,5 +26,9 @@ extern u32 intel_pasid_max_id;
int intel_pasid_alloc_id(void *ptr, int start, int end, gfp_t gfp);
void intel_pasid_free_id(int pasid);
void *intel_pasid_lookup_id(int pasid);
+int intel_pasid_alloc_table(struct device *dev, size_t entry_size,
+ size_t entry_count);
+void intel_pasid_free_table(struct device *dev);
+void *intel_pasid_get_table(struct device *dev);
#endif /* __INTEL_PASID_H */
diff --git a/include/linux/intel-iommu.h b/include/linux/intel-iommu.h
index a4463f0..bee7a3f 100644
--- a/include/linux/intel-iommu.h
+++ b/include/linux/intel-iommu.h
@@ -424,6 +424,11 @@ struct dmar_domain {
*/
u64 max_addr; /* maximum mapped address */
+ void *pasid_table; /* pointer of pasid table */
+ unsigned int pasid_users; /* User number of pasid table */
+ int order; /* the page order of tables */
+ int max_pasid; /* max pasid */
+
struct iommu_domain domain; /*
* generic domain data structure for
* iommu core
--
2.7.4
next prev parent reply other threads:[~2018-04-17 3:12 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-17 3:03 [PATCH 0/9] iommu/vt-d: Improve PASID id and table management Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-04-17 3:03 ` [PATCH 1/9] iommu/vt-d: Global PASID name space Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-05-01 9:21 ` Liu, Yi L
2018-05-01 9:21 ` Liu, Yi L
2018-04-17 3:03 ` [PATCH 2/9] iommu/vt-d: Decouple idr bond pointer from svm Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-05-01 9:21 ` Liu, Yi L
2018-04-17 3:03 ` [PATCH 3/9] iommu/vt-d: Use global PASID for SVM usage Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-05-01 9:21 ` Liu, Yi L
2018-05-01 9:21 ` Liu, Yi L
2018-04-17 3:03 ` [PATCH 4/9] iommu/vt-d: Move device_domain_info to header Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-05-01 9:21 ` Liu, Yi L
2018-05-01 9:21 ` Liu, Yi L
2018-04-17 3:03 ` Lu Baolu [this message]
2018-05-01 9:22 ` [PATCH 5/9] iommu/vt-d: Per domain pasid table interfaces Liu, Yi L
2018-05-01 9:22 ` Liu, Yi L
2018-05-02 3:08 ` Lu Baolu
2018-05-02 3:08 ` Lu Baolu
2018-04-17 3:03 ` [PATCH 6/9] iommu/vt-d: Allocate and free pasid table Lu Baolu
2018-05-01 9:22 ` Liu, Yi L
2018-05-01 9:22 ` Liu, Yi L
2018-05-02 3:09 ` Lu Baolu
2018-05-02 3:09 ` Lu Baolu
2018-04-17 3:03 ` [PATCH 7/9] iommu/vt-d: Calculate PTS value Lu Baolu
2018-04-17 3:03 ` Lu Baolu
2018-05-01 9:22 ` Liu, Yi L
2018-05-01 9:22 ` Liu, Yi L
2018-04-17 3:03 ` [PATCH 8/9] iommu/vt-d: Use per-domain pasid table Lu Baolu
2018-05-01 9:23 ` Liu, Yi L
2018-05-01 9:23 ` Liu, Yi L
2018-05-02 4:38 ` Lu Baolu
2018-05-02 4:38 ` Lu Baolu
2018-04-17 3:03 ` [PATCH 9/9] iommu/vt-d: Clean up PASID talbe management for SVM Lu Baolu
2018-05-01 9:24 ` Liu, Yi L
2018-05-01 9:24 ` Liu, Yi L
2018-05-02 4:43 ` Lu Baolu
2018-05-02 4:43 ` Lu Baolu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1523934202-21669-6-git-send-email-baolu.lu@linux.intel.com \
--to=baolu.lu@linux.intel.com \
--cc=ashok.raj@intel.com \
--cc=dwmw2@infradead.org \
--cc=iommu@lists.linux-foundation.org \
--cc=jacob.jun.pan@intel.com \
--cc=jacob.jun.pan@linux.intel.com \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sanjay.k.kumar@intel.com \
--cc=yi.l.liu@intel.com \
--cc=yi.y.sun@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.