From: Jan Beulich Date: Fri, 15 Nov 2019 13:17:26 +0000 (+0100) Subject: AMD/IOMMU: restore DTE fields in amd_iommu_setup_domain_device() X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~1180 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f06d11d5a8339bb5a525069fdffdb45ca811d6f8;p=xen.git AMD/IOMMU: restore DTE fields in amd_iommu_setup_domain_device() Commit 1b00c16bdf ("AMD/IOMMU: pre-fill all DTEs right after table allocation") moved ourselves into a more secure default state, but didn't take sufficient care to also undo the effects when handing a previously disabled device back to a(nother) domain. Put the fields that may have been changed elsewhere back to their intended values (some fields amd_iommu_disable_domain_device() touches don't currently get written anywhere else, and hence don't need modifying here). Reported-by: Sander Eikelenboom Signed-off-by: Jan Beulich Tested-by: Igor Druzhinin Acked-by: Andrew Cooper Release-acked-by: Juergen Gross --- diff --git a/xen/drivers/passthrough/amd/pci_amd_iommu.c b/xen/drivers/passthrough/amd/pci_amd_iommu.c index b2046245d7..75a0f1b4ab 100644 --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c @@ -114,11 +114,21 @@ static void amd_iommu_setup_domain_device( if ( !dte->v || !dte->tv ) { + const struct ivrs_mappings *ivrs_dev; + /* bind DTE to domain page-tables */ amd_iommu_set_root_page_table( dte, page_to_maddr(hd->arch.root_table), domain->domain_id, hd->arch.paging_mode, valid); + /* Undo what amd_iommu_disable_domain_device() may have done. */ + ivrs_dev = &get_ivrs_mappings(iommu->seg)[req_id]; + if ( dte->it_root ) + dte->int_ctl = IOMMU_DEV_TABLE_INT_CONTROL_TRANSLATED; + dte->iv = iommu_intremap; + dte->ex = ivrs_dev->dte_allow_exclusion; + dte->sys_mgt = MASK_EXTR(ivrs_dev->device_flags, ACPI_IVHD_SYSTEM_MGMT); + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) dte->i = ats_enabled;