Commit 9087c375 authored by Tom Lendacky's avatar Tom Lendacky Committed by Christoph Hellwig
Browse files

dma-direct: Force unencrypted DMA under SME for certain DMA masks 



If a device doesn't support DMA to a physical address that includes the
encryption bit (currently bit 47, so 48-bit DMA), then the DMA must
occur to unencrypted memory. SWIOTLB is used to satisfy that requirement
if an IOMMU is not active (enabled or configured in passthrough mode).

However, commit fafadcd1 ("swiotlb: don't dip into swiotlb pool for
coherent allocations") modified the coherent allocation support in
SWIOTLB to use the DMA direct coherent allocation support. When an IOMMU
is not active, this resulted in dma_alloc_coherent() failing for devices
that didn't support DMA addresses that included the encryption bit.

Addressing this requires changes to the force_dma_unencrypted() function
in kernel/dma/direct.c. Since the function is now non-trivial and
SME/SEV specific, update the DMA direct support to add an arch override
for the force_dma_unencrypted() function. The arch override is selected
when CONFIG_AMD_MEM_ENCRYPT is set. The arch override function resides in
the arch/x86/mm/mem_encrypt.c file and forces unencrypted DMA when either
SEV is active or SME is active and the device does not support DMA to
physical addresses that include the encryption bit.

Fixes: fafadcd1 ("swiotlb: don't dip into swiotlb pool for coherent allocations")
Suggested-by: default avatarChristoph Hellwig <hch@lst.de>
Signed-off-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
Acked-by: default avatarThomas Gleixner <tglx@linutronix.de>
[hch: moved the force_dma_unencrypted declaration to dma-mapping.h,
      fold the s390 fix from Halil Pasic]
Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
parent 9637d517

arch/s390/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -189,6 +189,7 @@ config S390 
	select VIRT_CPU_ACCOUNTING

	select ARCH_HAS_SCALED_CPUTIME

	select HAVE_NMI

	select ARCH_HAS_FORCE_DMA_UNENCRYPTED

	select SWIOTLB

	select GENERIC_ALLOCATOR

arch/s390/mm/init.c

+6 −1
Original line number Diff line number Diff line
@@ -30,7 +30,7 @@ 
#include <linux/export.h>

#include <linux/cma.h>

#include <linux/gfp.h>

#include <linux/dma-mapping.h>

#include <linux/dma-direct.h>

#include <asm/processor.h>

#include <linux/uaccess.h>

#include <asm/pgtable.h>
@@ -161,6 +161,11 @@ bool sev_active(void) 
	return is_prot_virt_guest();

}



bool force_dma_unencrypted(struct device *dev)

{

	return sev_active();

}



/* protected virtualization */

static void pv_init(void)

{

arch/x86/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -1528,6 +1528,7 @@ config AMD_MEM_ENCRYPT 
	depends on X86_64 && CPU_SUP_AMD

	select DYNAMIC_PHYSICAL_MASK

	select ARCH_USE_MEMREMAP_PROT

	select ARCH_HAS_FORCE_DMA_UNENCRYPTED

	---help---

	  Say yes to enable support for the encryption of system memory.

	  This requires an AMD processor that supports Secure Memory

arch/x86/mm/mem_encrypt.c

+30 −0
Original line number Diff line number Diff line
@@ -15,6 +15,10 @@ 
#include <linux/dma-direct.h>

#include <linux/swiotlb.h>

#include <linux/mem_encrypt.h>

#include <linux/device.h>

#include <linux/kernel.h>

#include <linux/bitops.h>

#include <linux/dma-mapping.h>



#include <asm/tlbflush.h>

#include <asm/fixmap.h>
@@ -348,6 +352,32 @@ bool sev_active(void) 
}

EXPORT_SYMBOL(sev_active);



/* Override for DMA direct allocation check - ARCH_HAS_FORCE_DMA_UNENCRYPTED */

bool force_dma_unencrypted(struct device *dev)

{

	/*

	 * For SEV, all DMA must be to unencrypted addresses.

	 */

	if (sev_active())

		return true;



	/*

	 * For SME, all DMA must be to unencrypted addresses if the

	 * device does not support DMA to addresses that include the

	 * encryption mask.

	 */

	if (sme_active()) {

		u64 dma_enc_mask = DMA_BIT_MASK(__ffs64(sme_me_mask));

		u64 dma_dev_mask = min_not_zero(dev->coherent_dma_mask,

						dev->bus_dma_mask);



		if (dma_dev_mask <= dma_enc_mask)

			return true;

	}



	return false;

}



/* Architecture __weak replacement functions */

void __init mem_encrypt_free_decrypted_mem(void)

{

include/linux/dma-direct.h

+9 −0
Original line number Diff line number Diff line
@@ -32,6 +32,15 @@ static inline bool dma_capable(struct device *dev, dma_addr_t addr, size_t size) 
}

#endif /* !CONFIG_ARCH_HAS_PHYS_TO_DMA */



#ifdef CONFIG_ARCH_HAS_FORCE_DMA_UNENCRYPTED

bool force_dma_unencrypted(struct device *dev);

#else

static inline bool force_dma_unencrypted(struct device *dev)

{

	return false;

}

#endif /* CONFIG_ARCH_HAS_FORCE_DMA_UNENCRYPTED */



/*

 * If memory encryption is supported, phys_to_dma will set the memory encryption

 * bit in the DMA address, and dma_to_phys will clear it.  The raw __phys_to_dma

CRA Git | Maintained and supported by SUSTech CRA and CCSE