Commit bb0f6153 authored Mar 02, 2021 by Jacob Pan Committed by Joerg Roedel Mar 18, 2021

iommu/vt-d: Enable write protect propagation from guest

Write protect bit, when set, inhibits supervisor writes to the read-only
pages. In guest supervisor shared virtual addressing (SVA), write-protect
should be honored upon guest bind supervisor PASID request.

This patch extends the VT-d portion of the IOMMU UAPI to include WP bit.
WPE bit of the supervisor PASID entry will be set to match CPU CR0.WP bit.

Signed-off-by: Sanjay Kumar <sanjay.k.kumar@intel.com>
Signed-off-by: Jacob Pan <jacob.jun.pan@linux.intel.com>
Acked-by: Lu Baolu <baolu.lu@linux.intel.com>
Link: https://lore.kernel.org/r/1614680040-1989-3-git-send-email-jacob.jun.pan@linux.intel.com

Signed-off-by: Joerg Roedel <jroedel@suse.de>

parent f68c7f53

drivers/iommu/intel/pasid.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -732,6 +732,9 @@ intel_pasid_setup_bind_data(struct intel_iommu iommu, struct pasid_entry pte,
		return -EINVAL;
		}
		pasid_set_sre(pte);
		/* Enable write protect WP if guest requested */
		if (pasid_data->flags & IOMMU_SVA_VTD_GPASID_WPE)
		pasid_set_wpe(pte);
		}

		if (pasid_data->flags & IOMMU_SVA_VTD_GPASID_EAFE) {

include/uapi/linux/iommu.h

+2 −1

Original line number	Diff line number	Diff line
		@@ -288,7 +288,8 @@ struct iommu_gpasid_bind_data_vtd {
		#define IOMMU_SVA_VTD_GPASID_PWT (1 << 3) /* page-level write through */
		#define IOMMU_SVA_VTD_GPASID_EMTE (1 << 4) /* extended mem type enable */
		#define IOMMU_SVA_VTD_GPASID_CD (1 << 5) /* PASID-level cache disable */
		#define IOMMU_SVA_VTD_GPASID_LAST (1 << 6)
		#define IOMMU_SVA_VTD_GPASID_WPE (1 << 6) /* Write protect enable */
		#define IOMMU_SVA_VTD_GPASID_LAST (1 << 7)
		__u64 flags;
		__u32 pat;
		__u32 emt;