[RFC PATCH 2/2] dma-direct: Fix dma_direct_{alloc, free}() for Hyperv-V IVMs

Wed, 06 Jul 2022 17:17:43 -0700 

In Hyper-V AMD SEV-SNP Isolated VMs, the virtual address returned by
dma_direct_alloc() must map above dma_unencrypted_base because the
memory is shared with the hardware device and must not be encrypted.

Modify dma_direct_alloc() to do the necessary remapping.  In
dma_direct_free(), use the (unmodified) DMA address to derive the
original virtual address and re-encrypt the pages.

Suggested-by: Michael Kelley <mikel...@microsoft.com>
Co-developed-by: Dexuan Cui <de...@microsoft.com>
Signed-off-by: Dexuan Cui <de...@microsoft.com>
Signed-off-by: Andrea Parri (Microsoft) <parri.and...@gmail.com>
---
 kernel/dma/direct.c | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
index 06b2b901e37a3..c4ce277687a49 100644
--- a/kernel/dma/direct.c
+++ b/kernel/dma/direct.c
@@ -13,6 +13,7 @@
 #include <linux/vmalloc.h>
 #include <linux/set_memory.h>
 #include <linux/slab.h>
+#include <linux/io.h> /* for memremap() */
 #include "direct.h"
 
 /*
@@ -305,6 +306,21 @@ void *dma_direct_alloc(struct device *dev, size_t size,
                ret = page_address(page);
                if (dma_set_decrypted(dev, ret, size))
                        goto out_free_pages;
+#ifdef CONFIG_HAS_IOMEM
+               /*
+                * Remap the pages in the unencrypted physical address space
+                * when dma_unencrypted_base is set (e.g., for Hyper-V AMD
+                * SEV-SNP isolated guests).
+                */
+               if (dma_unencrypted_base) {
+                       phys_addr_t ret_pa = virt_to_phys(ret);
+
+                       ret_pa += dma_unencrypted_base;
+                       ret = memremap(ret_pa, size, MEMREMAP_WB);
+                       if (!ret)
+                               goto out_encrypt_pages;
+               }
+#endif
        }
 
        memset(ret, 0, size);
@@ -360,11 +376,23 @@ void dma_direct_free(struct device *dev, size_t size,
            dma_free_from_pool(dev, cpu_addr, PAGE_ALIGN(size)))
                return;
 
-       if (is_vmalloc_addr(cpu_addr)) {
+       /*
+        * If dma_unencrypted_base is set, the virtual address returned by
+        * dma_direct_alloc() is in the vmalloc address range.
+        */
+       if (!dma_unencrypted_base && is_vmalloc_addr(cpu_addr)) {
                vunmap(cpu_addr);
        } else {
                if (IS_ENABLED(CONFIG_ARCH_HAS_DMA_CLEAR_UNCACHED))
                        arch_dma_clear_uncached(cpu_addr, size);
+#ifdef CONFIG_HAS_IOMEM
+               if (dma_unencrypted_base) {
+                       memunmap(cpu_addr);
+                       /* re-encrypt the pages using the original address */
+                       cpu_addr = page_address(pfn_to_page(PHYS_PFN(
+                                       dma_to_phys(dev, dma_addr))));
+               }
+#endif
                if (dma_set_encrypted(dev, cpu_addr, size))
                        return;
        }
-- 
2.25.1

_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu

Reply via email to