VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist

commit 95feb3160eef0caa6018e175a5560b816aee8e79 upstream.

Due to an erratum with the SPR_DSA and SPR_IAX devices, it is not secure to assign
these devices to virtual machines. Add the PCI IDs of these devices to the VFIO
denylist to ensure that this is handled appropriately by the VFIO subsystem.

The SPR_DSA and SPR_IAX devices are on-SOC devices for the Sapphire Rapids
(and related) family of products that perform data movement and compression.

Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/dma/idxd/registers.h b/drivers/dma/idxd/registers.h
index 7b54a3939ea135613f652535433582755220c4cb..cfbcd1adb1d1c2eebbf8101911673d438ba58c02 100644 (file)
--- a/drivers/dma/idxd/registers.h
+++ b/drivers/dma/idxd/registers.h
@@ -6,9 +6,6 @@
 #include <uapi/linux/idxd.h>
 
 /* PCI Config */
-#define PCI_DEVICE_ID_INTEL_DSA_SPR0   0x0b25
-#define PCI_DEVICE_ID_INTEL_IAX_SPR0   0x0cfe
-
 #define DEVICE_VERSION_1               0x100
 #define DEVICE_VERSION_2               0x200
 

diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
index cb5b7f865d5856f803bcb54a0342980c97a5127e..e727941f589de5316667ebe451745f5b4b9e6e75 100644 (file)
--- a/drivers/vfio/pci/vfio_pci.c
+++ b/drivers/vfio/pci/vfio_pci.c
@@ -71,6 +71,8 @@ static bool vfio_pci_dev_in_denylist(struct pci_dev *pdev)
                case PCI_DEVICE_ID_INTEL_QAT_C62X_VF:
                case PCI_DEVICE_ID_INTEL_QAT_DH895XCC:
                case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF:
+               case PCI_DEVICE_ID_INTEL_DSA_SPR0:
+               case PCI_DEVICE_ID_INTEL_IAX_SPR0:
                        return true;
                default:
                        return false;

diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h
index a6c66ea80194c276393c487f552c4d5a23d5d80b..0a85ff5c8db3c0e729ea8cc9aaae346bc37df854 100644 (file)
--- a/include/linux/pci_ids.h
+++ b/include/linux/pci_ids.h
@@ -2683,8 +2683,10 @@
 #define PCI_DEVICE_ID_INTEL_I960       0x0960
 #define PCI_DEVICE_ID_INTEL_I960RM     0x0962
 #define PCI_DEVICE_ID_INTEL_HDA_HSW_0  0x0a0c
+#define PCI_DEVICE_ID_INTEL_DSA_SPR0   0x0b25
 #define PCI_DEVICE_ID_INTEL_HDA_HSW_2  0x0c0c
 #define PCI_DEVICE_ID_INTEL_CENTERTON_ILB      0x0c60
+#define PCI_DEVICE_ID_INTEL_IAX_SPR0   0x0cfe
 #define PCI_DEVICE_ID_INTEL_HDA_HSW_3  0x0d0c
 #define PCI_DEVICE_ID_INTEL_HDA_BYT    0x0f04
 #define PCI_DEVICE_ID_INTEL_SST_BYT    0x0f28