Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2054412pxa; Mon, 24 Aug 2020 03:57:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxv0yCS9rEwNxSczmbQAgMX/qe9vDSruaCSSSgsdKv4pvRFRwiqMZGGFWwqUpyeizh+DjdY X-Received: by 2002:a17:906:7c46:: with SMTP id g6mr4838184ejp.178.1598266675986; Mon, 24 Aug 2020 03:57:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598266675; cv=none; d=google.com; s=arc-20160816; b=IXzXGoGZWlE2aAjPLFw9cwLZzOP8MvxsX74GMo6PdOnN9DFCZ14BkWMJ8PTwL4G0Zo RKLg74JFy1bH0EeHBs6UwH2u0G/e6P2AH5n0JO6NHYe5x1ywV/9CSxpfjWYfWh/7Tm8A kcQ8lNBC/8qkUv39zN8mxMRrHC1MBnWgzmtxQlHC/+JpUTVrUAPWPxcL7Sv/a4M8Y++C QebuLV8dBnb7AuUltIoxbpBObcS3CKwz6sdWjydvDSKrlnFeP7W6CrJP5m1Z+7kp3+bX hrvkZ+8IwVpJKy5p875ioboRvBrdqE2uQCtSY8NLqEZ0wGp/XUvRyZSiSmdpcIxQe+Op XKVQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=70NuckjoXktZGADxb0GQtO0uujkYY6AGomrsR22CWZo=; b=vXSlMQXZ0lqas5tHSASn2xaY9tjWMpRed1H/0GuDuVArFCsc4sin4Ob+nsWNzhkMLo ZTl6JO6DOcqLnVNvnUHP4n5MVrV4PEzIAItgpHkCi/m6vrQ/sZyFYESia1YpEiGp0wGa qe7YlqKeWfrU5FEFuVVVSw1FcvWl9DUZh4vexo+4ByCsJyCQPTHB5fsJz7XqFOr9hjtK rUIA3nyWhtL/uAFXwJVVYLgEb3avAi+EnzfQqculb1KepLDraLDVPIsjinvt+oephF9e nQMzQjb2JQIQMrMvmxJ/3MXenwnOSnWBQ7d7rKLv8SR83ko6PMzyanjLS3QtkBivSv0N dFhw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o9si6870616ejr.637.2020.08.24.03.57.32; Mon, 24 Aug 2020 03:57:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=8bytes.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726854AbgHXKyU (ORCPT + 99 others); Mon, 24 Aug 2020 06:54:20 -0400 Received: from 8bytes.org ([81.169.241.247]:39242 "EHLO theia.8bytes.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726632AbgHXKyS (ORCPT ); Mon, 24 Aug 2020 06:54:18 -0400 Received: from cap.home.8bytes.org (p4ff2bb8d.dip0.t-ipconnect.de [79.242.187.141]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by theia.8bytes.org (Postfix) with ESMTPSA id AD0D436B; Mon, 24 Aug 2020 12:54:17 +0200 (CEST) From: Joerg Roedel To: iommu@lists.linux-foundation.org Cc: Joerg Roedel , jroedel@suse.de, Tom Lendacky , Suravee Suthikulpanit , Alexander.Deucher@amd.com, linux-kernel@vger.kernel.org Subject: [PATCH 2/2] iommu/amd: Do not use IOMMUv2 functionality when SME is active Date: Mon, 24 Aug 2020 12:54:15 +0200 Message-Id: <20200824105415.21000-3-joro@8bytes.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200824105415.21000-1-joro@8bytes.org> References: <20200824105415.21000-1-joro@8bytes.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg Roedel When memory encryption is active the device is likely not in a direct mapped domain. Forbid using IOMMUv2 functionality for now until finer grained checks for this have been implemented. Signed-off-by: Joerg Roedel --- drivers/iommu/amd/iommu_v2.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/iommu/amd/iommu_v2.c b/drivers/iommu/amd/iommu_v2.c index c259108ab6dd..0d175aed1d92 100644 --- a/drivers/iommu/amd/iommu_v2.c +++ b/drivers/iommu/amd/iommu_v2.c @@ -737,6 +737,13 @@ int amd_iommu_init_device(struct pci_dev *pdev, int pasids) might_sleep(); + /* + * When memory encryption is active the device is likely not in a + * direct-mapped domain. Forbid using IOMMUv2 functionality for now. + */ + if (mem_encrypt_active()) + return -ENODEV; + if (!amd_iommu_v2_supported()) return -ENODEV; -- 2.28.0