This legacy module knob has become uAPI, when set on the vfio_iommu_type1 it disables some security protections in the iommu drivers. Move the storage for this knob to vfio_main.c so that iommufd can access it too. The may need enhancing as we learn more about how necessary allow_unsafe_interrupts is in the current state of the world. If vfio container is disabled then this option will not be available to the user. Tested-by: Nicolin Chen <nicolinc@xxxxxxxxxx> Tested-by: Yi Liu <yi.l.liu@xxxxxxxxx> Tested-by: Lixiao Yang <lixiao.yang@xxxxxxxxx> Tested-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxx> Tested-by: Yu He <yu.he@xxxxxxxxx> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxx> --- drivers/vfio/vfio.h | 2 ++ drivers/vfio/vfio_iommu_type1.c | 5 ++--- drivers/vfio/vfio_main.c | 3 +++ 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/vfio/vfio.h b/drivers/vfio/vfio.h index f95f4925b83bbd..54e5a8e0834ccb 100644 --- a/drivers/vfio/vfio.h +++ b/drivers/vfio/vfio.h @@ -130,4 +130,6 @@ extern bool vfio_noiommu __read_mostly; enum { vfio_noiommu = false }; #endif +extern bool vfio_allow_unsafe_interrupts; + #endif diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c index 23c24fe98c00d4..186e33a006d314 100644 --- a/drivers/vfio/vfio_iommu_type1.c +++ b/drivers/vfio/vfio_iommu_type1.c @@ -44,9 +44,8 @@ #define DRIVER_AUTHOR "Alex Williamson <alex.williamson@xxxxxxxxxx>" #define DRIVER_DESC "Type1 IOMMU driver for VFIO" -static bool allow_unsafe_interrupts; module_param_named(allow_unsafe_interrupts, - allow_unsafe_interrupts, bool, S_IRUGO | S_IWUSR); + vfio_allow_unsafe_interrupts, bool, S_IRUGO | S_IWUSR); MODULE_PARM_DESC(allow_unsafe_interrupts, "Enable VFIO IOMMU support for on platforms without interrupt remapping support."); @@ -2282,7 +2281,7 @@ static int vfio_iommu_type1_attach_group(void *iommu_data, iommu_group_for_each_dev(iommu_group, (void *)IOMMU_CAP_INTR_REMAP, vfio_iommu_device_capable); - if (!allow_unsafe_interrupts && !msi_remap) { + if (!vfio_allow_unsafe_interrupts && !msi_remap) { pr_warn("%s: No interrupt remapping support. Use the module param \"allow_unsafe_interrupts\" to enable VFIO IOMMU support on this platform\n", __func__); ret = -EPERM; diff --git a/drivers/vfio/vfio_main.c b/drivers/vfio/vfio_main.c index 8c2dcb481ae10b..e1fec1db6a3c93 100644 --- a/drivers/vfio/vfio_main.c +++ b/drivers/vfio/vfio_main.c @@ -51,6 +51,9 @@ static struct vfio { struct ida device_ida; } vfio; +bool vfio_allow_unsafe_interrupts; +EXPORT_SYMBOL_GPL(vfio_allow_unsafe_interrupts); + static DEFINE_XARRAY(vfio_device_set_xa); static const struct file_operations vfio_group_fops; -- 2.38.1