Commit 52137674 authored by Jean-Philippe Brucker's avatar Jean-Philippe Brucker Committed by Joerg Roedel

PCI/ATS: Only enable ATS for trusted devices

Add pci_ats_supported(), which checks whether a device has an ATS
capability, and whether it is trusted.  A device is untrusted if it is
plugged into an external-facing port such as Thunderbolt and could be
spoofing an existing device to exploit weaknesses in the IOMMU
configuration.  PCIe ATS is one such weaknesses since it allows
endpoints to cache IOMMU translations and emit transactions with
'Translated' Address Type (10b) that partially bypass the IOMMU
translation.

The SMMUv3 and VT-d IOMMU drivers already disallow ATS and transactions
with 'Translated' Address Type for untrusted devices.  Add the check to
pci_enable_ats() to let other drivers (AMD IOMMU for now) benefit from
it.

By checking ats_cap, the pci_ats_supported() helper also returns whether
ATS was globally disabled with pci=noats, and could later include more
things, for example whether the whole PCIe hierarchy down to the
endpoint supports ATS.
Signed-off-by: default avatarJean-Philippe Brucker <jean-philippe@linaro.org>
Reviewed-by: default avatarJoerg Roedel <jroedel@suse.de>
Acked-by: default avatarBjorn Helgaas <bhelgaas@google.com>
Link: https://lore.kernel.org/r/20200520152201.3309416-2-jean-philippe@linaro.orgSigned-off-by: default avatarJoerg Roedel <jroedel@suse.de>
parent 79659190
...@@ -30,6 +30,22 @@ void pci_ats_init(struct pci_dev *dev) ...@@ -30,6 +30,22 @@ void pci_ats_init(struct pci_dev *dev)
dev->ats_cap = pos; dev->ats_cap = pos;
} }
/**
* pci_ats_supported - check if the device can use ATS
* @dev: the PCI device
*
* Returns true if the device supports ATS and is allowed to use it, false
* otherwise.
*/
bool pci_ats_supported(struct pci_dev *dev)
{
if (!dev->ats_cap)
return false;
return (dev->untrusted == 0);
}
EXPORT_SYMBOL_GPL(pci_ats_supported);
/** /**
* pci_enable_ats - enable the ATS capability * pci_enable_ats - enable the ATS capability
* @dev: the PCI device * @dev: the PCI device
...@@ -42,7 +58,7 @@ int pci_enable_ats(struct pci_dev *dev, int ps) ...@@ -42,7 +58,7 @@ int pci_enable_ats(struct pci_dev *dev, int ps)
u16 ctrl; u16 ctrl;
struct pci_dev *pdev; struct pci_dev *pdev;
if (!dev->ats_cap) if (!pci_ats_supported(dev))
return -EINVAL; return -EINVAL;
if (WARN_ON(dev->ats_enabled)) if (WARN_ON(dev->ats_enabled))
......
...@@ -6,11 +6,14 @@ ...@@ -6,11 +6,14 @@
#ifdef CONFIG_PCI_ATS #ifdef CONFIG_PCI_ATS
/* Address Translation Service */ /* Address Translation Service */
bool pci_ats_supported(struct pci_dev *dev);
int pci_enable_ats(struct pci_dev *dev, int ps); int pci_enable_ats(struct pci_dev *dev, int ps);
void pci_disable_ats(struct pci_dev *dev); void pci_disable_ats(struct pci_dev *dev);
int pci_ats_queue_depth(struct pci_dev *dev); int pci_ats_queue_depth(struct pci_dev *dev);
int pci_ats_page_aligned(struct pci_dev *dev); int pci_ats_page_aligned(struct pci_dev *dev);
#else /* CONFIG_PCI_ATS */ #else /* CONFIG_PCI_ATS */
static inline bool pci_ats_supported(struct pci_dev *d)
{ return false; }
static inline int pci_enable_ats(struct pci_dev *d, int ps) static inline int pci_enable_ats(struct pci_dev *d, int ps)
{ return -ENODEV; } { return -ENODEV; }
static inline void pci_disable_ats(struct pci_dev *d) { } static inline void pci_disable_ats(struct pci_dev *d) { }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment