From: Jason Gunthorpe <jgg@nvidia.com> To: iommu@lists.linux.dev, Joerg Roedel <joro@8bytes.org>, linux-arm-kernel@lists.infradead.org, Robin Murphy <robin.murphy@arm.com>, Will Deacon <will@kernel.org> Cc: Lu Baolu <baolu.lu@linux.intel.com>, Jean-Philippe Brucker <jean-philippe@linaro.org>, Joerg Roedel <jroedel@suse.de>, Moritz Fischer <mdf@kernel.org>, Moritz Fischer <moritzf@google.com>, Michael Shavit <mshavit@google.com>, Nicolin Chen <nicolinc@nvidia.com>, patches@lists.linux.dev, Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com>, Mostafa Saleh <smostafa@google.com>, Zhangfei Gao <zhangfei.gao@linaro.org> Subject: [PATCH v6 11/16] iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA Date: Mon, 26 Feb 2024 13:07:22 -0400 [thread overview] Message-ID: <11-v6-96275f25c39d+2d4-smmuv3_newapi_p1_jgg@nvidia.com> (raw) In-Reply-To: <0-v6-96275f25c39d+2d4-smmuv3_newapi_p1_jgg@nvidia.com> The SVA code only works if the RID domain is a S1 domain and has already installed the cdtable. Originally the check for this was in arm_smmu_sva_bind() but when the op was removed the test didn't get copied over to the new arm_smmu_sva_set_dev_pasid(). Without the test wrong usage usually will hit a WARN_ON() in arm_smmu_write_ctx_desc() due to a missing ctx table. However, the next patches wil change things so that an IDENTITY domain is not a struct arm_smmu_domain and this will get into memory corruption if the struct is wrongly casted. Fail in arm_smmu_sva_set_dev_pasid() if the STE does not have a S1, which is a proxy for the STE having a pointer to the CD table. Write it in a way that will be compatible with the next patches. Fixes: 386fa64fd52b ("arm-smmu-v3/sva: Add SVA domain support") Reported-by: Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com> Closes: https://lore.kernel.org/linux-iommu/2a828e481416405fb3a4cceb9e075a59@huawei.com/ Tested-by: Nicolin Chen <nicolinc@nvidia.com> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> --- drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c index 4a27fbdb2d8446..2610e82c0ecd0d 100644 --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c @@ -364,7 +364,13 @@ static int __arm_smmu_sva_bind(struct device *dev, ioasid_t pasid, struct arm_smmu_bond *bond; struct arm_smmu_master *master = dev_iommu_priv_get(dev); struct iommu_domain *domain = iommu_get_domain_for_dev(dev); - struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); + struct arm_smmu_domain *smmu_domain; + + if (!(domain->type & __IOMMU_DOMAIN_PAGING)) + return -ENODEV; + smmu_domain = to_smmu_domain(domain); + if (smmu_domain->stage != ARM_SMMU_DOMAIN_S1) + return -ENODEV; if (!master || !master->sva_enabled) return -ENODEV; -- 2.43.2
WARNING: multiple messages have this Message-ID (diff)
From: Jason Gunthorpe <jgg@nvidia.com> To: iommu@lists.linux.dev, Joerg Roedel <joro@8bytes.org>, linux-arm-kernel@lists.infradead.org, Robin Murphy <robin.murphy@arm.com>, Will Deacon <will@kernel.org> Cc: Lu Baolu <baolu.lu@linux.intel.com>, Jean-Philippe Brucker <jean-philippe@linaro.org>, Joerg Roedel <jroedel@suse.de>, Moritz Fischer <mdf@kernel.org>, Moritz Fischer <moritzf@google.com>, Michael Shavit <mshavit@google.com>, Nicolin Chen <nicolinc@nvidia.com>, patches@lists.linux.dev, Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com>, Mostafa Saleh <smostafa@google.com>, Zhangfei Gao <zhangfei.gao@linaro.org> Subject: [PATCH v6 11/16] iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA Date: Mon, 26 Feb 2024 13:07:22 -0400 [thread overview] Message-ID: <11-v6-96275f25c39d+2d4-smmuv3_newapi_p1_jgg@nvidia.com> (raw) In-Reply-To: <0-v6-96275f25c39d+2d4-smmuv3_newapi_p1_jgg@nvidia.com> The SVA code only works if the RID domain is a S1 domain and has already installed the cdtable. Originally the check for this was in arm_smmu_sva_bind() but when the op was removed the test didn't get copied over to the new arm_smmu_sva_set_dev_pasid(). Without the test wrong usage usually will hit a WARN_ON() in arm_smmu_write_ctx_desc() due to a missing ctx table. However, the next patches wil change things so that an IDENTITY domain is not a struct arm_smmu_domain and this will get into memory corruption if the struct is wrongly casted. Fail in arm_smmu_sva_set_dev_pasid() if the STE does not have a S1, which is a proxy for the STE having a pointer to the CD table. Write it in a way that will be compatible with the next patches. Fixes: 386fa64fd52b ("arm-smmu-v3/sva: Add SVA domain support") Reported-by: Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com> Closes: https://lore.kernel.org/linux-iommu/2a828e481416405fb3a4cceb9e075a59@huawei.com/ Tested-by: Nicolin Chen <nicolinc@nvidia.com> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> --- drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c index 4a27fbdb2d8446..2610e82c0ecd0d 100644 --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-sva.c @@ -364,7 +364,13 @@ static int __arm_smmu_sva_bind(struct device *dev, ioasid_t pasid, struct arm_smmu_bond *bond; struct arm_smmu_master *master = dev_iommu_priv_get(dev); struct iommu_domain *domain = iommu_get_domain_for_dev(dev); - struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); + struct arm_smmu_domain *smmu_domain; + + if (!(domain->type & __IOMMU_DOMAIN_PAGING)) + return -ENODEV; + smmu_domain = to_smmu_domain(domain); + if (smmu_domain->stage != ARM_SMMU_DOMAIN_S1) + return -ENODEV; if (!master || !master->sva_enabled) return -ENODEV; -- 2.43.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-02-26 17:07 UTC|newest] Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top 2024-02-26 17:07 [PATCH v6 00/16] Update SMMUv3 to the modern iommu API (part 1/3) Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 01/16] iommu/arm-smmu-v3: Make STE programming independent of the callers Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-27 12:47 ` Will Deacon 2024-02-27 12:47 ` Will Deacon 2024-02-29 14:07 ` Jason Gunthorpe 2024-02-29 14:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 02/16] iommu/arm-smmu-v3: Consolidate the STE generation for abort/bypass Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 03/16] iommu/arm-smmu-v3: Move the STE generation for S1 and S2 domains into functions Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 04/16] iommu/arm-smmu-v3: Build the whole STE in arm_smmu_make_s2_domain_ste() Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 05/16] iommu/arm-smmu-v3: Hold arm_smmu_asid_lock during all of attach_dev Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 06/16] iommu/arm-smmu-v3: Compute the STE only once for each master Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 07/16] iommu/arm-smmu-v3: Do not change the STE twice during arm_smmu_attach_dev() Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 08/16] iommu/arm-smmu-v3: Put writing the context descriptor in the right order Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 09/16] iommu/arm-smmu-v3: Pass smmu_domain to arm_enable/disable_ats() Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 10/16] iommu/arm-smmu-v3: Remove arm_smmu_master->domain Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe [this message] 2024-02-26 17:07 ` [PATCH v6 11/16] iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 12/16] iommu/arm-smmu-v3: Add a global static IDENTITY domain Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 13/16] iommu/arm-smmu-v3: Add a global static BLOCKED domain Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 14/16] iommu/arm-smmu-v3: Use the identity/blocked domain during release Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 15/16] iommu/arm-smmu-v3: Pass arm_smmu_domain and arm_smmu_device to finalize Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-26 17:07 ` [PATCH v6 16/16] iommu/arm-smmu-v3: Convert to domain_alloc_paging() Jason Gunthorpe 2024-02-26 17:07 ` Jason Gunthorpe 2024-02-29 16:34 ` [PATCH v6 00/16] Update SMMUv3 to the modern iommu API (part 1/3) Will Deacon 2024-02-29 16:34 ` Will Deacon 2024-02-29 20:23 ` Jason Gunthorpe 2024-02-29 20:23 ` Jason Gunthorpe 2024-02-29 20:47 ` Nicolin Chen 2024-02-29 20:47 ` Nicolin Chen 2024-03-01 8:01 ` Will Deacon 2024-03-01 8:01 ` Will Deacon
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=11-v6-96275f25c39d+2d4-smmuv3_newapi_p1_jgg@nvidia.com \ --to=jgg@nvidia.com \ --cc=baolu.lu@linux.intel.com \ --cc=iommu@lists.linux.dev \ --cc=jean-philippe@linaro.org \ --cc=joro@8bytes.org \ --cc=jroedel@suse.de \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=mdf@kernel.org \ --cc=moritzf@google.com \ --cc=mshavit@google.com \ --cc=nicolinc@nvidia.com \ --cc=patches@lists.linux.dev \ --cc=robin.murphy@arm.com \ --cc=shameerali.kolothum.thodi@huawei.com \ --cc=smostafa@google.com \ --cc=will@kernel.org \ --cc=zhangfei.gao@linaro.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.