All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
	Peter Xu <peterx@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>,
	Richard Henderson <rth@twiddle.net>,
	Eduardo Habkost <ehabkost@redhat.com>
Subject: [Qemu-devel] [PULL v2 28/55] intel_iommu: add SID validation for IR
Date: Tue, 19 Jul 2016 20:53:06 +0300	[thread overview]
Message-ID: <20160719175306.GA324@redhat.com> (raw)
In-Reply-To: <1468950176-31959-1-git-send-email-mst@redhat.com>

From: Peter Xu <peterx@redhat.com>

This patch enables SID validation. Invalid interrupts will be dropped.

Signed-off-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
 include/hw/i386/intel_iommu.h | 17 +++++++++++
 hw/i386/intel_iommu.c         | 69 ++++++++++++++++++++++++++++++++++++-------
 2 files changed, 75 insertions(+), 11 deletions(-)

diff --git a/include/hw/i386/intel_iommu.h b/include/hw/i386/intel_iommu.h
index 745b4e7..2eba7ed 100644
--- a/include/hw/i386/intel_iommu.h
+++ b/include/hw/i386/intel_iommu.h
@@ -102,6 +102,23 @@ struct VTDIOTLBEntry {
     bool write_flags;
 };
 
+/* VT-d Source-ID Qualifier types */
+enum {
+    VTD_SQ_FULL = 0x00,     /* Full SID verification */
+    VTD_SQ_IGN_3 = 0x01,    /* Ignore bit 3 */
+    VTD_SQ_IGN_2_3 = 0x02,  /* Ignore bits 2 & 3 */
+    VTD_SQ_IGN_1_3 = 0x03,  /* Ignore bits 1-3 */
+    VTD_SQ_MAX,
+};
+
+/* VT-d Source Validation Types */
+enum {
+    VTD_SVT_NONE = 0x00,    /* No validation */
+    VTD_SVT_ALL = 0x01,     /* Do full validation */
+    VTD_SVT_BUS = 0x02,     /* Validate bus range */
+    VTD_SVT_MAX,
+};
+
 /* Interrupt Remapping Table Entry Definition */
 union VTD_IRTE {
     struct {
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index e96be71..d7d30a7 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -2008,9 +2008,13 @@ static Property vtd_properties[] = {
 
 /* Read IRTE entry with specific index */
 static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index,
-                        VTD_IRTE *entry)
+                        VTD_IRTE *entry, uint16_t sid)
 {
+    static const uint16_t vtd_svt_mask[VTD_SQ_MAX] = \
+        {0xffff, 0xfffb, 0xfff9, 0xfff8};
     dma_addr_t addr = 0x00;
+    uint16_t mask, source_id;
+    uint8_t bus, bus_max, bus_min;
 
     addr = iommu->intr_root + index * sizeof(*entry);
     if (dma_memory_read(&address_space_memory, addr, entry,
@@ -2037,23 +2041,58 @@ static int vtd_irte_get(IntelIOMMUState *iommu, uint16_t index,
         return -VTD_FR_IR_IRTE_RSVD;
     }
 
-    /*
-     * TODO: Check Source-ID corresponds to SVT (Source Validation
-     * Type) bits
-     */
+    if (sid != X86_IOMMU_SID_INVALID) {
+        /* Validate IRTE SID */
+        source_id = le32_to_cpu(entry->source_id);
+        switch (entry->sid_vtype) {
+        case VTD_SVT_NONE:
+            VTD_DPRINTF(IR, "No SID validation for IRTE index %d", index);
+            break;
+
+        case VTD_SVT_ALL:
+            mask = vtd_svt_mask[entry->sid_q];
+            if ((source_id & mask) != (sid & mask)) {
+                VTD_DPRINTF(GENERAL, "SID validation for IRTE index "
+                            "%d failed (reqid 0x%04x sid 0x%04x)", index,
+                            sid, source_id);
+                return -VTD_FR_IR_SID_ERR;
+            }
+            break;
+
+        case VTD_SVT_BUS:
+            bus_max = source_id >> 8;
+            bus_min = source_id & 0xff;
+            bus = sid >> 8;
+            if (bus > bus_max || bus < bus_min) {
+                VTD_DPRINTF(GENERAL, "SID validation for IRTE index %d "
+                            "failed (bus %d outside %d-%d)", index, bus,
+                            bus_min, bus_max);
+                return -VTD_FR_IR_SID_ERR;
+            }
+            break;
+
+        default:
+            VTD_DPRINTF(GENERAL, "Invalid SVT bits (0x%x) in IRTE index "
+                        "%d", entry->sid_vtype, index);
+            /* Take this as verification failure. */
+            return -VTD_FR_IR_SID_ERR;
+            break;
+        }
+    }
 
     return 0;
 }
 
 /* Fetch IRQ information of specific IR index */
-static int vtd_remap_irq_get(IntelIOMMUState *iommu, uint16_t index, VTDIrq *irq)
+static int vtd_remap_irq_get(IntelIOMMUState *iommu, uint16_t index,
+                             VTDIrq *irq, uint16_t sid)
 {
     VTD_IRTE irte;
     int ret = 0;
 
     bzero(&irte, sizeof(irte));
 
-    ret = vtd_irte_get(iommu, index, &irte);
+    ret = vtd_irte_get(iommu, index, &irte, sid);
     if (ret) {
         return ret;
     }
@@ -2105,7 +2144,8 @@ static void vtd_generate_msi_message(VTDIrq *irq, MSIMessage *msg_out)
 /* Interrupt remapping for MSI/MSI-X entry */
 static int vtd_interrupt_remap_msi(IntelIOMMUState *iommu,
                                    MSIMessage *origin,
-                                   MSIMessage *translated)
+                                   MSIMessage *translated,
+                                   uint16_t sid)
 {
     int ret = 0;
     VTD_IR_MSIAddress addr;
@@ -2148,7 +2188,7 @@ static int vtd_interrupt_remap_msi(IntelIOMMUState *iommu,
         index += origin->data & VTD_IR_MSI_DATA_SUBHANDLE;
     }
 
-    ret = vtd_remap_irq_get(iommu, index, &irq);
+    ret = vtd_remap_irq_get(iommu, index, &irq, sid);
     if (ret) {
         return ret;
     }
@@ -2195,7 +2235,8 @@ do_not_translate:
 static int vtd_int_remap(X86IOMMUState *iommu, MSIMessage *src,
                          MSIMessage *dst, uint16_t sid)
 {
-    return vtd_interrupt_remap_msi(INTEL_IOMMU_DEVICE(iommu), src, dst);
+    return vtd_interrupt_remap_msi(INTEL_IOMMU_DEVICE(iommu),
+                                   src, dst, sid);
 }
 
 static MemTxResult vtd_mem_ir_read(void *opaque, hwaddr addr,
@@ -2211,11 +2252,17 @@ static MemTxResult vtd_mem_ir_write(void *opaque, hwaddr addr,
 {
     int ret = 0;
     MSIMessage from = {0}, to = {0};
+    uint16_t sid = X86_IOMMU_SID_INVALID;
 
     from.address = (uint64_t) addr + VTD_INTERRUPT_ADDR_FIRST;
     from.data = (uint32_t) value;
 
-    ret = vtd_interrupt_remap_msi(opaque, &from, &to);
+    if (!attrs.unspecified) {
+        /* We have explicit Source ID */
+        sid = attrs.requester_id;
+    }
+
+    ret = vtd_interrupt_remap_msi(opaque, &from, &to, sid);
     if (ret) {
         /* TODO: report error */
         VTD_DPRINTF(GENERAL, "int remap fail for addr 0x%"PRIx64
-- 
MST

  parent reply	other threads:[~2016-07-19 17:53 UTC|newest]

Thread overview: 65+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-07-19 22:29 [Qemu-devel] [PULL v2 00/55] pc, pci, virtio: new features, cleanups, fixes Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 01/55] nvdimm: fix memory leak in error code path Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 02/55] tests/prom-env-test: increase the test timeout Michael S. Tsirkin
2016-07-20  0:10   ` David Gibson
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 03/55] hw/alpha: fix PCI bus initialization Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 04/55] hw/mips: " Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 05/55] hw/apb: " Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 06/55] hw/grackle: " Michael S. Tsirkin
2016-07-19 17:50 ` [Qemu-devel] [PULL v2 07/55] hw/prep: realize the PCI root bus as part of the prep init Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 08/55] hw/versatile: realize the PCI root bus as part of the versatile init Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 09/55] x86-iommu: introduce parent class Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 10/55] intel_iommu: rename VTD_PCI_DEVFN_MAX to x86-iommu Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 11/55] x86-iommu: provide x86_iommu_get_default Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 12/55] x86-iommu: introduce "intremap" property Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 13/55] acpi: enable INTR for DMAR report structure Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 14/55] intel_iommu: allow queued invalidation for IR Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 15/55] intel_iommu: set IR bit for ECAP register Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 16/55] acpi: add DMAR scope definition for root IOAPIC Michael S. Tsirkin
2016-07-19 17:51 ` [Qemu-devel] [PULL v2 17/55] intel_iommu: define interrupt remap table addr register Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 18/55] intel_iommu: handle interrupt remap enable Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 19/55] intel_iommu: define several structs for IOMMU IR Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 20/55] intel_iommu: add IR translation faults defines Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 21/55] intel_iommu: Add support for PCI MSI remap Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 22/55] q35: ioapic: add support for emulated IOAPIC IR Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 23/55] ioapic: introduce ioapic_entry_parse() helper Michael S. Tsirkin
2016-07-19 17:52 ` [PULL v2 24/55] intel_iommu: add support for split irqchip Michael S. Tsirkin
2016-07-19 17:52   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 25/55] x86-iommu: introduce IEC notifiers Michael S. Tsirkin
2016-07-19 17:52 ` [Qemu-devel] [PULL v2 26/55] ioapic: register IOMMU IEC notifier for ioapic Michael S. Tsirkin
2016-07-19 17:53 ` [Qemu-devel] [PULL v2 27/55] intel_iommu: Add support for Extended Interrupt Mode Michael S. Tsirkin
2016-07-19 17:53 ` Michael S. Tsirkin [this message]
2016-07-19 17:53 ` [PULL v2 29/55] kvm-irqchip: simplify kvm_irqchip_add_msi_route Michael S. Tsirkin
2016-07-19 17:53   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:53 ` [PULL v2 30/55] kvm-irqchip: i386: add hook for add/remove virq Michael S. Tsirkin
2016-07-19 17:53   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:53 ` [PULL v2 31/55] kvm-irqchip: x86: add msi route notify fn Michael S. Tsirkin
2016-07-19 17:53   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:53 ` [PULL v2 32/55] kvm-irqchip: do explicit commit when update irq Michael S. Tsirkin
2016-07-19 17:53   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:53 ` [Qemu-devel] [PULL v2 33/55] intel_iommu: support all masks in interrupt entry cache invalidation Michael S. Tsirkin
2016-07-19 17:53 ` [PULL v2 34/55] kvm-all: add trace events for kvm irqchip ops Michael S. Tsirkin
2016-07-19 17:53   ` [Qemu-devel] " Michael S. Tsirkin
2016-07-19 17:53 ` [Qemu-devel] [PULL v2 35/55] intel_iommu: disallow kernel-irqchip=on with IR Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 36/55] virtio: Add typedef for handle_output Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 37/55] virtio: Introduce virtio_add_queue_aio Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 38/55] virtio-blk: Call virtio_add_queue_aio Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 39/55] virtio-scsi: " Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 40/55] Revert "mirror: Workaround for unexpected iohandler events during completion" Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 41/55] virtio-scsi: Replace HandleOutput typedef Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 42/55] virtio-net: Remove old migration version support Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 43/55] virtio-serial: " Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 44/55] virtio: Migration helper function and macro Michael S. Tsirkin
2016-07-19 17:54 ` [Qemu-devel] [PULL v2 45/55] virtio-scsi: Wrap in vmstate Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 46/55] virtio-blk: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 47/55] virtio-rng: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 48/55] virtio-balloon: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 49/55] virtio-net: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 50/55] virtio-serial: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 51/55] 9pfs: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 52/55] virtio-input: " Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 53/55] virtio-gpu: Use migrate_add_blocker for virgl migration blocking Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 54/55] virtio-gpu: Wrap in vmstate Michael S. Tsirkin
2016-07-19 17:55 ` [Qemu-devel] [PULL v2 55/55] virtio: Update migration docs Michael S. Tsirkin
2016-07-20 16:01 ` [Qemu-devel] [PULL v2 00/55] pc, pci, virtio: new features, cleanups, fixes Peter Maydell
2016-07-21  6:39   ` Peter Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160719175306.GA324@redhat.com \
    --to=mst@redhat.com \
    --cc=ehabkost@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=peterx@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.