redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity

iommu/vt-d: Avoid panic if iommu init fails in tboot system 

[ Upstream commit 4d213e76a3 ]

"intel_iommu=off" command line is used to disable iommu but iommu is force
enabled in a tboot system for security reason.

However for better performance on high speed network device, a new option
"intel_iommu=tboot_noforce" is introduced to disable the force on.

By default kernel should panic if iommu init fail in tboot for security
reason, but it's unnecessory if we use "intel_iommu=tboot_noforce,off".

Fix the code setting force_on and move intel_iommu_tboot_noforce
from tboot code to intel iommu code.

Fixes: 7304e8f28b ("iommu/vt-d: Correctly disable Intel IOMMU force on")
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@gmail.com>
Tested-by: Lukasz Hawrylko <lukasz.hawrylko@linux.intel.com>
Acked-by: Lu Baolu <baolu.lu@linux.intel.com>
Link: https://lore.kernel.org/r/20201110071908.3133-1-zhenzhong.duan@gmail.com
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
5.4-rM2-2.2.x-imx-squashed
Zhenzhong Duan 2020-11-10 15:19:08 +08:00 committed by Greg Kroah-Hartman
parent 964b02d50b
commit 58f1657c3a
3 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
arch/x86/kernel/tboot.c
View File

@ -512,9 +512,6 @@ int tboot_force_iommu(void)
if (!tboot_enabled()) if (!tboot_enabled())
return 0; return 0;
if (intel_iommu_tboot_noforce)
return 1;
if (no_iommu || swiotlb || dmar_disabled) if (no_iommu || swiotlb || dmar_disabled)
pr_warning("Forcing Intel-IOMMU to enabled\n"); pr_warning("Forcing Intel-IOMMU to enabled\n");

5
drivers/iommu/intel-iommu.c
View File

@ -179,7 +179,7 @@ static int rwbf_quirk;
* (used when kernel is launched w/ TXT) * (used when kernel is launched w/ TXT)
*/ */
static int force_on = 0; static int force_on = 0;
int intel_iommu_tboot_noforce; static int intel_iommu_tboot_noforce;
static int no_platform_optin; static int no_platform_optin;
#define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry)) #define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry))
@ -4927,7 +4927,8 @@ int __init intel_iommu_init(void)
* Intel IOMMU is required for a TXT/tboot launch or platform * Intel IOMMU is required for a TXT/tboot launch or platform
* opt in, so enforce that. * opt in, so enforce that.
*/ */
force_on = tboot_force_iommu() || platform_optin_force_iommu(); force_on = (!intel_iommu_tboot_noforce && tboot_force_iommu()) ||
platform_optin_force_iommu();
if (iommu_init_mempool()) { if (iommu_init_mempool()) {
if (force_on) if (force_on)

1
include/linux/intel-iommu.h
View File

@ -706,7 +706,6 @@ extern int iommu_calculate_agaw(struct intel_iommu *iommu);
extern int iommu_calculate_max_sagaw(struct intel_iommu *iommu); extern int iommu_calculate_max_sagaw(struct intel_iommu *iommu);
extern int dmar_disabled; extern int dmar_disabled;
extern int intel_iommu_enabled; extern int intel_iommu_enabled;
extern int intel_iommu_tboot_noforce;
extern int intel_iommu_gfx_mapped; extern int intel_iommu_gfx_mapped;
#else #else
static inline int iommu_calculate_agaw(struct intel_iommu *iommu) static inline int iommu_calculate_agaw(struct intel_iommu *iommu)