From: Joerg Roedel <[email protected]>
When memory encryption is active the device is likely not in a direct
mapped domain. Forbid using IOMMUv2 functionality for now until finer
grained checks for this have been implemented.
Signed-off-by: Joerg Roedel <[email protected]>
---
drivers/iommu/amd/iommu_v2.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/drivers/iommu/amd/iommu_v2.c b/drivers/iommu/amd/iommu_v2.c
index c259108ab6dd..0d175aed1d92 100644
--- a/drivers/iommu/amd/iommu_v2.c
+++ b/drivers/iommu/amd/iommu_v2.c
@@ -737,6 +737,13 @@ int amd_iommu_init_device(struct pci_dev *pdev, int pasids)
might_sleep();
+ /*
+ * When memory encryption is active the device is likely not in a
+ * direct-mapped domain. Forbid using IOMMUv2 functionality for now.
+ */
+ if (mem_encrypt_active())
+ return -ENODEV;
+
if (!amd_iommu_v2_supported())
return -ENODEV;
--
2.28.0
[AMD Public Use]
+ Felix, Christian
> -----Original Message-----
> From: Joerg Roedel <[email protected]>
> Sent: Monday, August 24, 2020 6:54 AM
> To: [email protected]
> Cc: Joerg Roedel <[email protected]>; [email protected]; Lendacky, Thomas
> <[email protected]>; Suthikulpanit, Suravee
> <[email protected]>; Deucher, Alexander
> <[email protected]>; [email protected]
> Subject: [PATCH 2/2] iommu/amd: Do not use IOMMUv2 functionality when
> SME is active
>
> From: Joerg Roedel <[email protected]>
>
> When memory encryption is active the device is likely not in a direct mapped
> domain. Forbid using IOMMUv2 functionality for now until finer grained
> checks for this have been implemented.
>
> Signed-off-by: Joerg Roedel <[email protected]>
> ---
> drivers/iommu/amd/iommu_v2.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/drivers/iommu/amd/iommu_v2.c
> b/drivers/iommu/amd/iommu_v2.c index c259108ab6dd..0d175aed1d92
> 100644
> --- a/drivers/iommu/amd/iommu_v2.c
> +++ b/drivers/iommu/amd/iommu_v2.c
> @@ -737,6 +737,13 @@ int amd_iommu_init_device(struct pci_dev *pdev,
> int pasids)
>
> might_sleep();
>
> + /*
> + * When memory encryption is active the device is likely not in a
> + * direct-mapped domain. Forbid using IOMMUv2 functionality for
> now.
> + */
> + if (mem_encrypt_active())
> + return -ENODEV;
> +
> if (!amd_iommu_v2_supported())
> return -ENODEV;
>
> --
> 2.28.0