On 6/18/21 2:32 PM, Robin Murphy wrote:
> On 2021-06-18 17:12, Ross Philipson wrote:
>> The IOMMU should always be set to default translated type after
>> the PMRs are disabled to protect the MLE from DMA.
>>
>> Signed-off-by: Ross Philipson <ross.philipson@xxxxxxxxxx>
>> ---
>> drivers/iommu/intel/iommu.c | 5 +++++
>> drivers/iommu/iommu.c | 6 +++++-
>> 2 files changed, 10 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
>> index be35284..4f0256d 100644
>> --- a/drivers/iommu/intel/iommu.c
>> +++ b/drivers/iommu/intel/iommu.c
>> @@ -41,6 +41,7 @@
>> #include <linux/dma-direct.h>
>> #include <linux/crash_dump.h>
>> #include <linux/numa.h>
>> +#include <linux/slaunch.h>
>> #include <asm/irq_remapping.h>
>> #include <asm/cacheflush.h>
>> #include <asm/iommu.h>
>> @@ -2877,6 +2878,10 @@ static bool device_is_rmrr_locked(struct device
>> *dev)
>> */
>> static int device_def_domain_type(struct device *dev)
>> {
>> + /* Do not allow identity domain when Secure Launch is configured */
>> + if (slaunch_get_flags() & SL_FLAG_ACTIVE)
>> + return IOMMU_DOMAIN_DMA;
>
> Is this specific to Intel? It seems like it could easily be done
> commonly like the check for untrusted external devices.
It is currently Intel only but that will change. I will look into what
you suggest.
>
>> +
>> if (dev_is_pci(dev)) {
>> struct pci_dev *pdev = to_pci_dev(dev);
>> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
>> index 808ab70d..d49b7dd 100644
>> --- a/drivers/iommu/iommu.c
>> +++ b/drivers/iommu/iommu.c
>> @@ -23,6 +23,7 @@
>> #include <linux/property.h>
>> #include <linux/fsl/mc.h>
>> #include <linux/module.h>
>> +#include <linux/slaunch.h>
>> #include <trace/events/iommu.h>
>> static struct kset *iommu_group_kset;
>> @@ -2761,7 +2762,10 @@ void iommu_set_default_passthrough(bool cmd_line)
>> {
>> if (cmd_line)
>> iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
>> - iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
>> +
>> + /* Do not allow identity domain when Secure Launch is configured */
>> + if (!(slaunch_get_flags() & SL_FLAG_ACTIVE))
>> + iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
>
> Quietly ignoring the setting and possibly leaving iommu_def_domain_type
> uninitialised (note that 0 is not actually a usable type) doesn't seem
> great. AFAICS this probably warrants similar treatment to the
Ok so I guess it would be better to set it to IOMMU_DOMAIN_DMA event
though passthrough was requested. Or perhaps something more is needed here?
> mem_encrypt_active() case - there doesn't seem a great deal of value in
> trying to save users from themselves if they care about measured boot
> yet explicitly pass options which may compromise measured boot. If you
> really want to go down that route there's at least the sysfs interface
> you'd need to nobble as well, not to mention the various ways of
> completely disabling IOMMUs...
Doing a secure launch with the kernel is not a general purpose user use
case. A lot of work is done to secure the environment. Allowing
passthrough mode would leave the secure launch kernel exposed to DMA. I
think what we are trying to do here is what we intend though there may
be a better way or perhaps it is incomplete as you suggest.
>
> It might be reasonable to make IOMMU_DEFAULT_PASSTHROUGH depend on
> !SECURE_LAUNCH for clarity though.
This came from a specific request to not make disabling IOMMU modes
build time dependent. This is because a secure launch enabled kernel can
also be booted as a general purpose kernel in cases where this is desired.
Thank you,
Ross
>
> Robin.
>
>> }
>> void iommu_set_default_translated(bool cmd_line)
>>
