[PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch

[PATCH v2 00/12] x86: Trenchboot secure dynamic launch Linux kernel support · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 08/12] kexec: Secure Launch kexec SEXIT support · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 11/12] tpm: Allow locality 2 to be set when initializing the TPM for Secure Launch · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 06/12] x86: Secure Launch kernel late boot stub · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 09/12] reboot: Secure Launch SEXIT support on reboot paths · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Ross Philipson <hidden> · 2021-06-18
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Robin Murphy <robin.murphy@arm.com> · 2021-06-18
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Ross Philipson <hidden> · 2021-06-21
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Andy Lutomirski <luto@kernel.org> · 2021-06-21
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Ross Philipson <hidden> · 2021-06-30
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Daniel P. Smith <hidden> · 2021-08-04
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Robin Murphy <robin.murphy@arm.com> · 2021-06-22
Re: [PATCH v2 12/12] iommu: Do not allow IOMMU passthrough with Secure Launch · Ross Philipson <hidden> · 2021-06-30
[PATCH v2 04/12] x86: Add early SHA support for Secure Launch early measurements · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 10/12] x86: Secure Launch late initcall platform module · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 05/12] x86: Secure Launch kernel early boot stub · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 03/12] x86: Secure Launch main header file · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 02/12] x86: Secure Launch Kconfig · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 01/12] x86/boot: Place kernel_info at a fixed offset · Ross Philipson <hidden> · 2021-06-18
[PATCH v2 07/12] x86: Secure Launch SMP bringup support · Ross Philipson <hidden> · 2021-06-18

STALE1772d

Revisions (15)

2020-09-24 v1 [diff vs current]
2021-06-18 v2 current
2021-08-09 v3 [diff vs current]
2021-08-27 v4 [diff vs current]
2022-02-18 v5 [diff vs current]
2023-05-04 v6 [diff vs current]
2023-11-10 v7 [diff vs current]
2024-02-14 v8 [diff vs current]
2024-05-31 v9 [diff vs current]
2024-08-26 v10 [diff vs current]
2024-09-13 v11 [diff vs current]
2024-12-19 v12 [diff vs current]
2025-03-28 v13 [diff vs current]
2025-04-10 v13 [diff vs current]
2025-04-21 v14 [diff vs current]

From: Ross Philipson <hidden>
Date: 2021-06-18 16:07:34
Also in: linux-doc, linux-iommu, lkml
Subsystem: intel iommu (vt-d), iommu subsystem, the rest · Maintainers: David Woodhouse, Lu Baolu, Joerg Roedel, Will Deacon, Linus Torvalds

The IOMMU should always be set to default translated type after
the PMRs are disabled to protect the MLE from DMA.

Signed-off-by: Ross Philipson <redacted>
---
 drivers/iommu/intel/iommu.c | 5 +++++
 drivers/iommu/iommu.c       | 6 +++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index be35284..4f0256d 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c

@@ -41,6 +41,7 @@
 #include <linux/dma-direct.h>
 #include <linux/crash_dump.h>
 #include <linux/numa.h>
+#include <linux/slaunch.h>
 #include <asm/irq_remapping.h>
 #include <asm/cacheflush.h>
 #include <asm/iommu.h>

@@ -2877,6 +2878,10 @@ static bool device_is_rmrr_locked(struct device *dev)
  */
 static int device_def_domain_type(struct device *dev)
 {
+	/* Do not allow identity domain when Secure Launch is configured */
+	if (slaunch_get_flags() & SL_FLAG_ACTIVE)
+		return IOMMU_DOMAIN_DMA;
+
 	if (dev_is_pci(dev)) {
 		struct pci_dev *pdev = to_pci_dev(dev);

diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index 808ab70d..d49b7dd 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c

@@ -23,6 +23,7 @@
 #include <linux/property.h>
 #include <linux/fsl/mc.h>
 #include <linux/module.h>
+#include <linux/slaunch.h>
 #include <trace/events/iommu.h>
 
 static struct kset *iommu_group_kset;

@@ -2761,7 +2762,10 @@ void iommu_set_default_passthrough(bool cmd_line)
 {
 	if (cmd_line)
 		iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
-	iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
+
+	/* Do not allow identity domain when Secure Launch is configured */
+	if (!(slaunch_get_flags() & SL_FLAG_ACTIVE))
+		iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
 }
 
 void iommu_set_default_translated(bool cmd_line)

-- 
1.8.3.1

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help