amd: Actually enforce geometry aperture

Sebastian Ott via iommu Fri, 05 Jun 2020 11:00:54 -0700

Add a check to enforce that I/O virtual addresses picked by iommu API
users stay within the domains geometry aperture.


Signed-off-by: Sebastian Ott <seb...@amazon.de>
---
 drivers/iommu/amd_iommu.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index d2e79e27778e..6485e2081706 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -2618,6 +2618,11 @@ static int amd_iommu_map(struct iommu_domain *dom, 
unsigned long iova,
        if (pgtable.mode == PAGE_MODE_NONE)
                return -EINVAL;
 
+       if (dom->geometry.force_aperture &&
+           (iova < dom->geometry.aperture_start ||
+            iova + page_size - 1 > dom->geometry.aperture_end))
+               return -EINVAL;
+
        if (iommu_prot & IOMMU_READ)
                prot |= IOMMU_PROT_IR;
        if (iommu_prot & IOMMU_WRITE)
-- 
2.17.1




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879



_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

[PATCH 3/3] iommu/amd: Actually enforce geometry aperture

Reply via email to