From: Greg Kroah-Hartman Date: Mon, 17 May 2021 10:00:45 +0000 (+0200) Subject: 5.10-stable patches X-Git-Tag: v5.4.120~47 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fd7a1bd3379850bf79c012887dac20db22acd8ee;p=thirdparty%2Fkernel%2Fstable-queue.git 5.10-stable patches added patches: iommu-vt-d-preset-access-dirty-bits-for-iova-over-fl.patch iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries.patch revert-iommu-vt-d-preset-access-dirty-bits-for-iova.patch revert-iommu-vt-d-remove-wo-permissions-on-second-level.patch --- diff --git a/queue-5.10/iommu-vt-d-preset-access-dirty-bits-for-iova-over-fl.patch b/queue-5.10/iommu-vt-d-preset-access-dirty-bits-for-iova-over-fl.patch new file mode 100644 index 00000000000..436dc999037 --- /dev/null +++ b/queue-5.10/iommu-vt-d-preset-access-dirty-bits-for-iova-over-fl.patch @@ -0,0 +1,70 @@ +From a8ce9ebbecdfda3322bbcece6b3b25888217f8e3 Mon Sep 17 00:00:00 2001 +From: Lu Baolu +Date: Fri, 15 Jan 2021 08:42:02 +0800 +Subject: iommu/vt-d: Preset Access/Dirty bits for IOVA over FL + +From: Lu Baolu + +commit a8ce9ebbecdfda3322bbcece6b3b25888217f8e3 upstream. + +The Access/Dirty bits in the first level page table entry will be set +whenever a page table entry was used for address translation or write +permission was successfully translated. This is always true when using +the first-level page table for kernel IOVA. Instead of wasting hardware +cycles to update the certain bits, it's better to set them up at the +beginning. + +Suggested-by: Ashok Raj +Signed-off-by: Lu Baolu +Link: https://lore.kernel.org/r/20210115004202.953965-1-baolu.lu@linux.intel.com +Signed-off-by: Joerg Roedel +Signed-off-by: Greg Kroah-Hartman +--- + drivers/iommu/intel/iommu.c | 14 ++++++++++++-- + include/linux/intel-iommu.h | 2 ++ + 2 files changed, 14 insertions(+), 2 deletions(-) + +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -1028,8 +1028,11 @@ static struct dma_pte *pfn_to_dma_pte(st + + domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE); + pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE; +- if (domain_use_first_level(domain)) ++ if (domain_use_first_level(domain)) { + pteval |= DMA_FL_PTE_XD | DMA_FL_PTE_US; ++ if (domain->domain.type == IOMMU_DOMAIN_DMA) ++ pteval |= DMA_FL_PTE_ACCESS; ++ } + if (cmpxchg64(&pte->val, 0ULL, pteval)) + /* Someone else set it while we were thinking; use theirs. */ + free_pgtable_page(tmp_page); +@@ -2359,9 +2362,16 @@ static int __domain_mapping(struct dmar_ + return -EINVAL; + + attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP); +- if (domain_use_first_level(domain)) ++ if (domain_use_first_level(domain)) { + attr |= DMA_FL_PTE_PRESENT | DMA_FL_PTE_XD | DMA_FL_PTE_US; + ++ if (domain->domain.type == IOMMU_DOMAIN_DMA) { ++ attr |= DMA_FL_PTE_ACCESS; ++ if (prot & DMA_PTE_WRITE) ++ attr |= DMA_FL_PTE_DIRTY; ++ } ++ } ++ + if (!sg) { + sg_res = nr_pages; + pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | attr; +--- a/include/linux/intel-iommu.h ++++ b/include/linux/intel-iommu.h +@@ -42,6 +42,8 @@ + + #define DMA_FL_PTE_PRESENT BIT_ULL(0) + #define DMA_FL_PTE_US BIT_ULL(2) ++#define DMA_FL_PTE_ACCESS BIT_ULL(5) ++#define DMA_FL_PTE_DIRTY BIT_ULL(6) + #define DMA_FL_PTE_XD BIT_ULL(63) + + #define ADDR_WIDTH_5LEVEL (57) diff --git a/queue-5.10/iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries.patch b/queue-5.10/iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries.patch new file mode 100644 index 00000000000..0ebdef1b6dd --- /dev/null +++ b/queue-5.10/iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries.patch @@ -0,0 +1,41 @@ +From eea53c5816889ee8b64544fa2e9311a81184ff9c Mon Sep 17 00:00:00 2001 +From: Lu Baolu +Date: Sat, 20 Mar 2021 10:54:12 +0800 +Subject: iommu/vt-d: Remove WO permissions on second-level paging entries + +From: Lu Baolu + +commit eea53c5816889ee8b64544fa2e9311a81184ff9c upstream. + +When the first level page table is used for IOVA translation, it only +supports Read-Only and Read-Write permissions. The Write-Only permission +is not supported as the PRESENT bit (implying Read permission) should +always set. When using second level, we still give separate permissions +that allows WriteOnly which seems inconsistent and awkward. We want to +have consistent behavior. After moving to 1st level, we don't want things +to work sometimes, and break if we use 2nd level for the same mappings. +Hence remove this configuration. + +Suggested-by: Ashok Raj +Fixes: b802d070a52a1 ("iommu/vt-d: Use iova over first level") +Signed-off-by: Lu Baolu +Link: https://lore.kernel.org/r/20210320025415.641201-3-baolu.lu@linux.intel.com +Signed-off-by: Joerg Roedel +Signed-off-by: Greg Kroah-Hartman +--- + drivers/iommu/intel/iommu.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -2362,8 +2362,9 @@ static int __domain_mapping(struct dmar_ + return -EINVAL; + + attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP); ++ attr |= DMA_FL_PTE_PRESENT; + if (domain_use_first_level(domain)) { +- attr |= DMA_FL_PTE_PRESENT | DMA_FL_PTE_XD | DMA_FL_PTE_US; ++ attr |= DMA_FL_PTE_XD | DMA_FL_PTE_US; + + if (domain->domain.type == IOMMU_DOMAIN_DMA) { + attr |= DMA_FL_PTE_ACCESS; diff --git a/queue-5.10/revert-iommu-vt-d-preset-access-dirty-bits-for-iova.patch b/queue-5.10/revert-iommu-vt-d-preset-access-dirty-bits-for-iova.patch new file mode 100644 index 00000000000..18f1923ad21 --- /dev/null +++ b/queue-5.10/revert-iommu-vt-d-preset-access-dirty-bits-for-iova.patch @@ -0,0 +1,72 @@ +From 8952a89a415093d1a79140b5c59df2f6b5760966 Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman +Date: Mon, 17 May 2021 11:54:48 +0200 +Subject: [PATCH 2/2] Revert "iommu/vt-d: Preset Access/Dirty bits for IOVA + over FL" + +This reverts commit 416fa531c8160151090206a51b829b9218b804d9 which is +commit a8ce9ebbecdfda3322bbcece6b3b25888217f8e3 upstream as it was +backported incorrectly and is causing problems for some systems. + +Reported-by: Wolfgang Müller +Reported-by: Charles Wright +Reported-by: Christoph Biedl +Cc: Ashok Raj +Cc: Lu Baolu +Cc: Joerg Roedel +Cc: Sasha Levin +Signed-off-by: Greg Kroah-Hartman +--- + drivers/iommu/intel/iommu.c | 17 +++++------------ + include/linux/intel-iommu.h | 2 -- + 2 files changed, 5 insertions(+), 14 deletions(-) + +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -1028,11 +1028,8 @@ static struct dma_pte *pfn_to_dma_pte(st + + domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE); + pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE; +- if (domain_use_first_level(domain)) { ++ if (domain_use_first_level(domain)) + pteval |= DMA_FL_PTE_XD | DMA_FL_PTE_US; +- if (domain->domain.type == IOMMU_DOMAIN_DMA) +- pteval |= DMA_FL_PTE_ACCESS; +- } + if (cmpxchg64(&pte->val, 0ULL, pteval)) + /* Someone else set it while we were thinking; use theirs. */ + free_pgtable_page(tmp_page); +@@ -2362,18 +2359,14 @@ static int __domain_mapping(struct dmar_ + return -EINVAL; + + attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP); +- if (domain_use_first_level(domain)) { ++ if (domain_use_first_level(domain)) + attr |= DMA_FL_PTE_PRESENT | DMA_FL_PTE_XD | DMA_FL_PTE_US; + +- if (domain->domain.type == IOMMU_DOMAIN_DMA) { +- attr |= DMA_FL_PTE_ACCESS; +- if (prot & DMA_PTE_WRITE) +- attr |= DMA_FL_PTE_DIRTY; +- } ++ if (!sg) { ++ sg_res = nr_pages; ++ pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | attr; + } + +- pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | attr; +- + while (nr_pages > 0) { + uint64_t tmp; + +--- a/include/linux/intel-iommu.h ++++ b/include/linux/intel-iommu.h +@@ -42,8 +42,6 @@ + + #define DMA_FL_PTE_PRESENT BIT_ULL(0) + #define DMA_FL_PTE_US BIT_ULL(2) +-#define DMA_FL_PTE_ACCESS BIT_ULL(5) +-#define DMA_FL_PTE_DIRTY BIT_ULL(6) + #define DMA_FL_PTE_XD BIT_ULL(63) + + #define ADDR_WIDTH_5LEVEL (57) diff --git a/queue-5.10/revert-iommu-vt-d-remove-wo-permissions-on-second-level.patch b/queue-5.10/revert-iommu-vt-d-remove-wo-permissions-on-second-level.patch new file mode 100644 index 00000000000..898464e6d13 --- /dev/null +++ b/queue-5.10/revert-iommu-vt-d-remove-wo-permissions-on-second-level.patch @@ -0,0 +1,35 @@ +From 54014096d90f00b130313c362d5756a797c0e9d3 Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman +Date: Mon, 17 May 2021 11:54:37 +0200 +Subject: [PATCH 1/2] Revert "iommu/vt-d: Remove WO permissions on second-level + paging entries" + +This reverts commit c848416cc05afc1589edba04fe00b85c2f797ee3 which is +eea53c5816889ee8b64544fa2e9311a81184ff9c upstream. + +Another iommu patch was backported incorrectly, causing problems, so +drop this as well for the moment. + +Reported-by: Wolfgang Müller +Cc: Ashok Raj +Cc: Lu Baolu +Cc: Joerg Roedel +Cc: Sasha Levin +Signed-off-by: Greg Kroah-Hartman +--- + drivers/iommu/intel/iommu.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- a/drivers/iommu/intel/iommu.c ++++ b/drivers/iommu/intel/iommu.c +@@ -2362,9 +2362,8 @@ static int __domain_mapping(struct dmar_ + return -EINVAL; + + attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP); +- attr |= DMA_FL_PTE_PRESENT; + if (domain_use_first_level(domain)) { +- attr |= DMA_FL_PTE_XD | DMA_FL_PTE_US; ++ attr |= DMA_FL_PTE_PRESENT | DMA_FL_PTE_XD | DMA_FL_PTE_US; + + if (domain->domain.type == IOMMU_DOMAIN_DMA) { + attr |= DMA_FL_PTE_ACCESS; diff --git a/queue-5.10/series b/queue-5.10/series index 7bbe75634e2..ad63dac676a 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -258,3 +258,7 @@ kvm-x86-move-rdpid-emulation-intercept-to-its-own-enum.patch kvm-nvmx-always-make-an-attempt-to-map-evmcs-after-migration.patch kvm-vmx-do-not-advertise-rdpid-if-enable_rdtscp-control-is-unsupported.patch kvm-vmx-disable-preemption-when-probing-user-return-msrs.patch +revert-iommu-vt-d-remove-wo-permissions-on-second-level.patch +revert-iommu-vt-d-preset-access-dirty-bits-for-iova.patch +iommu-vt-d-preset-access-dirty-bits-for-iova-over-fl.patch +iommu-vt-d-remove-wo-permissions-on-second-level-paging-entries.patch