>From 1fa08800c94f7ad6720b7e6fe26a65ed3d6ce715 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Brucker Date: Wed, 18 Mar 2020 11:59:19 +0100 Subject: [PATCH] iommu/virtio: Reject IOMMU page granule larger than PAGE_SIZE We don't currently support IOMMUs with a page granule larger than the system page size. Currently the IOVA allocator has a BUG_ON() in this case, and VFIO has a WARN_ON(). It might be possible to remove these obstacles if necessary. If the host uses 64kB pages and the guest uses 4kB, then a device driver calling alloc_page() followed by dma_map_page() will create a 64kB mapping for a 4kB physical page, allowing the endpoint to access the neighbouring 60kB of memory. This problem could be worked around with bounce buffers. For the moment, rather than triggering the IOVA BUG_ON() on mismatched page sizes, abort the virtio-iommu probe with an error message. Reported-by: Bharat Bhushan Signed-off-by: Jean-Philippe Brucker --- drivers/iommu/virtio-iommu.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/drivers/iommu/virtio-iommu.c b/drivers/iommu/virtio-iommu.c index 6d4e3c2a2ddb..80d5d8f621ab 100644 --- a/drivers/iommu/virtio-iommu.c +++ b/drivers/iommu/virtio-iommu.c @@ -998,6 +998,7 @@ static int viommu_probe(struct virtio_device *vdev) struct device *parent_dev = vdev->dev.parent; struct viommu_dev *viommu = NULL; struct device *dev = &vdev->dev; + unsigned long viommu_page_size; u64 input_start = 0; u64 input_end = -1UL; int ret; @@ -1028,6 +1029,14 @@ static int viommu_probe(struct virtio_device *vdev) goto err_free_vqs; } + viommu_page_size = 1UL << __ffs(viommu->pgsize_bitmap); + if (viommu_page_size > PAGE_SIZE) { + dev_err(dev, "granule 0x%lx larger than system page size 0x%lx\n", + viommu_page_size, PAGE_SIZE); + ret = -EINVAL; + goto err_free_vqs; + } + viommu->map_flags = VIRTIO_IOMMU_MAP_F_READ | VIRTIO_IOMMU_MAP_F_WRITE; viommu->last_domain = ~0U; -- 2.25.1