Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp2863971pxb; Fri, 8 Oct 2021 17:40:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZoU1tUIMBfKldV3PBGl6m8lkvMcSsMAjNhvbOWuu2dJ7pCGWEAybJk4mOofHEhm32TVKn X-Received: by 2002:a63:2b03:: with SMTP id r3mr7399961pgr.188.1633740027375; Fri, 08 Oct 2021 17:40:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633740027; cv=none; d=google.com; s=arc-20160816; b=J1TeI3hu1zFwzJAV5i4AKJnCsV+UB9DO4dpRr2c3aRMF/gEsbmAh3ls9ugWkOim+KF rE352US1fiKfNLIf5hrVaeBm+bqTWjvlGdoSWWHimnNIU7tspmoCAg2WMxLe4P4hOwFK kVQEWBEpku3uRUo8C5RUHCY8uk73sG+Pfb2fPOUx/eAGyv8bR/SV9hYt2i53NSwi1QAG UpzurWdgP5qq3U3MViLi5D/as/xadse3z0wGt+cpGy2EavG6QOGedBmhbweYFuUEf6Oo InCyCBhfv7mTN2imfhnOA1+kCX79FFHo9iT+daULFl4q6tPva92nfNOifKCFDi52of+I nJHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=AydzRC6uUrbxf78reX3AcmjKdiGH089jVILkK5K03Tc=; b=kkpw9aDZ6VHlOuHUhCSXK0opAtUGkKhyA5qTtDqYqjXWDMuQl9KpS+yQk9EfYvCmdZ PAY86kaeXzPamAZfYcpV/oPRanNIgdjtpW21f3cemmyI7FhVED1FSw029YbWBuY4UlMV rhGRfZpa20AB2Q7r8T8198AodgsMuO1v27NH3CYbilgWSS1QVHS6LMMOh4GgHhYOecUg Oc+39NPyEmkvrDYZow/lzVJxdP9Kw26maPkaG908OCUKk8izDgiQWhtllF5PWtJYipl/ dmySF7M2+MlMv36AweLY4akv4mQOdufJZP6YolGozGHQV30XMmGwpWLeacK67HvLb/mp kNxA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b140si947472pfb.372.2021.10.08.17.40.13; Fri, 08 Oct 2021 17:40:27 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244138AbhJIAkj (ORCPT + 99 others); Fri, 8 Oct 2021 20:40:39 -0400 Received: from mga02.intel.com ([134.134.136.20]:5254 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244246AbhJIAkG (ORCPT ); Fri, 8 Oct 2021 20:40:06 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10131"; a="213756548" X-IronPort-AV: E=Sophos;i="5.85,358,1624345200"; d="scan'208";a="213756548" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2021 17:37:50 -0700 X-IronPort-AV: E=Sophos;i="5.85,358,1624345200"; d="scan'208";a="624905404" Received: from dmsojoza-mobl3.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.251.135.62]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Oct 2021 17:37:48 -0700 From: Kuppuswamy Sathyanarayanan To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , Bjorn Helgaas , Richard Henderson , Thomas Bogendoerfer , James E J Bottomley , Helge Deller , "David S . Miller" , Arnd Bergmann , Jonathan Corbet , "Michael S . Tsirkin" , Paolo Bonzini , David Hildenbrand , Andrea Arcangeli , Josh Poimboeuf Cc: Peter H Anvin , Dave Hansen , Tony Luck , Dan Williams , Andi Kleen , Kirill Shutemov , Sean Christopherson , Kuppuswamy Sathyanarayanan , Kuppuswamy Sathyanarayanan , x86@kernel.org, linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org, linux-alpha@vger.kernel.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, sparclinux@vger.kernel.org, linux-arch@vger.kernel.org, linux-doc@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: [PATCH v5 12/16] PCI: Add pci_iomap_host_shared(), pci_iomap_host_shared_range() Date: Fri, 8 Oct 2021 17:37:07 -0700 Message-Id: <20211009003711.1390019-13-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211009003711.1390019-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20211009003711.1390019-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andi Kleen For Confidential VM guests like TDX, the host is untrusted and hence the devices emulated by the host or any data coming from the host cannot be trusted. So the drivers that interact with the outside world have to be hardened by sharing memory with host on need basis with proper hardening fixes. For the PCI driver case, to share the memory with the host add pci_iomap_host_shared() and pci_iomap_host_shared_range() APIs. Signed-off-by: Andi Kleen Signed-off-by: Kuppuswamy Sathyanarayanan --- Changes since v4: * Replaced "_shared" with "_host_shared" in pci_iomap* APIs * Fixed commit log as per review comments. include/asm-generic/pci_iomap.h | 6 +++++ lib/pci_iomap.c | 47 +++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) diff --git a/include/asm-generic/pci_iomap.h b/include/asm-generic/pci_iomap.h index df636c6d8e6c..a4a83c8ab3cf 100644 --- a/include/asm-generic/pci_iomap.h +++ b/include/asm-generic/pci_iomap.h @@ -18,6 +18,12 @@ extern void __iomem *pci_iomap_range(struct pci_dev *dev, int bar, extern void __iomem *pci_iomap_wc_range(struct pci_dev *dev, int bar, unsigned long offset, unsigned long maxlen); +extern void __iomem *pci_iomap_host_shared(struct pci_dev *dev, int bar, + unsigned long max); +extern void __iomem *pci_iomap_host_shared_range(struct pci_dev *dev, int bar, + unsigned long offset, + unsigned long maxlen); + /* Create a virtual mapping cookie for a port on a given PCI device. * Do not call this directly, it exists to make it easier for architectures * to override */ diff --git a/lib/pci_iomap.c b/lib/pci_iomap.c index 57bd92f599ee..2816dc8715da 100644 --- a/lib/pci_iomap.c +++ b/lib/pci_iomap.c @@ -25,6 +25,11 @@ static void __iomem *map_ioremap_wc(phys_addr_t addr, size_t size) return ioremap_wc(addr, size); } +static void __iomem *map_ioremap_host_shared(phys_addr_t addr, size_t size) +{ + return ioremap_host_shared(addr, size); +} + static void __iomem *pci_iomap_range_map(struct pci_dev *dev, int bar, unsigned long offset, @@ -106,6 +111,48 @@ void __iomem *pci_iomap_wc_range(struct pci_dev *dev, } EXPORT_SYMBOL_GPL(pci_iomap_wc_range); +/** + * pci_iomap_host_shared_range - create a virtual shared mapping cookie + * for a PCI BAR + * @dev: PCI device that owns the BAR + * @bar: BAR number + * @offset: map memory at the given offset in BAR + * @maxlen: max length of the memory to map + * + * Remap a pci device's resources shared in a confidential guest. + * For more details see pci_iomap_range's documentation. + * + * @maxlen specifies the maximum length to map. To get access to + * the complete BAR from offset to the end, pass %0 here. + */ +void __iomem *pci_iomap_host_shared_range(struct pci_dev *dev, int bar, + unsigned long offset, + unsigned long maxlen) +{ + return pci_iomap_range_map(dev, bar, offset, maxlen, + map_ioremap_host_shared, true); +} +EXPORT_SYMBOL_GPL(pci_iomap_host_shared_range); + +/** + * pci_iomap_host_shared - create a virtual shared mapping cookie for a PCI BAR + * @dev: PCI device that owns the BAR + * @bar: BAR number + * @maxlen: length of the memory to map + * + * See pci_iomap for details. This function creates a shared mapping + * with the host for confidential hosts. + * + * @maxlen specifies the maximum length to map. To get access to the + * complete BAR without checking for its length first, pass %0 here. + */ +void __iomem *pci_iomap_host_shared(struct pci_dev *dev, int bar, + unsigned long maxlen) +{ + return pci_iomap_host_shared_range(dev, bar, 0, maxlen); +} +EXPORT_SYMBOL_GPL(pci_iomap_host_shared); + /** * pci_iomap - create a virtual mapping cookie for a PCI BAR * @dev: PCI device that owns the BAR -- 2.25.1