On Wed, Jul 01, 2020 at 12:03:00PM +0100, Giovanni Cabiddu wrote: > The current generation of Intel® QuickAssist Technology devices > are not designed to run in an untrusted environment because of the > following issues reported in the release notes in > https://01.org/intel-quickassist-technology: It would be nice if this link were directly clickable, e.g., if there were no trailing ":" or something. And it would be even better if it went to a specific doc that described these issues. I assume these are errata, and it's not easy to figure out which doc mentions them. > QATE-39220 - GEN - Intel® QAT API submissions with bad addresses that > trigger DMA to invalid or unmapped addresses can cause a > platform hang > QATE-7495 - GEN - An incorrectly formatted request to Intel® QAT can > hang the entire Intel® QAT Endpoint > > This patch adds the following QAT devices to the blocklist: DH895XCC, > C3XXX and C62X. > > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@xxxxxxxxx> > --- > drivers/vfio/pci/vfio_pci.c | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c > index ea5904ca6cbf..dcac5408c764 100644 > --- a/drivers/vfio/pci/vfio_pci.c > +++ b/drivers/vfio/pci/vfio_pci.c > @@ -75,6 +75,21 @@ static inline bool vfio_vga_disabled(void) > > static bool vfio_pci_dev_in_blocklist(struct pci_dev *pdev) > { > + switch (pdev->vendor) { > + case PCI_VENDOR_ID_INTEL: > + switch (pdev->device) { > + case PCI_DEVICE_ID_INTEL_QAT_C3XXX: > + case PCI_DEVICE_ID_INTEL_QAT_C3XXX_VF: > + case PCI_DEVICE_ID_INTEL_QAT_C62X: > + case PCI_DEVICE_ID_INTEL_QAT_C62X_VF: > + case PCI_DEVICE_ID_INTEL_QAT_DH895XCC: > + case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF: > + return true; > + default: > + return false; > + } > + } > + > return false; > } > > -- > 2.26.2 >
