On Sat, Nov 21, 2020 at 09:56:17PM +0800, Lu Baolu wrote:
> So that the vendor iommu drivers are no more required to provide the
> def_domain_type callback to always isolate the untrusted devices.
>
> Link:
> https://lore.kernel.org/linux-iommu/[email protected]/
> Cc: Shameerali Kolothum Thodi <[email protected]>
> Signed-off-by: Lu Baolu <[email protected]>
> ---
> drivers/iommu/intel/iommu.c | 7 -------
> drivers/iommu/iommu.c | 21 ++++++++++++++-------
> 2 files changed, 14 insertions(+), 14 deletions(-)
>
> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> index af3abd285214..6711f78141a4 100644
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -2916,13 +2916,6 @@ static int device_def_domain_type(struct device *dev)
> if (dev_is_pci(dev)) {
> struct pci_dev *pdev = to_pci_dev(dev);
>
> - /*
> - * Prevent any device marked as untrusted from getting
> - * placed into the statically identity mapping domain.
> - */
> - if (pdev->untrusted)
> - return IOMMU_DOMAIN_DMA;
> -
> if ((iommu_identity_mapping & IDENTMAP_AZALIA) &&
> IS_AZALIA(pdev))
> return IOMMU_DOMAIN_IDENTITY;
>
> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> index 88b0c9192d8c..3256784c0358 100644
> --- a/drivers/iommu/iommu.c
> +++ b/drivers/iommu/iommu.c
> @@ -1457,13 +1457,23 @@ struct iommu_group *fsl_mc_device_group(struct device
> *dev)
> }
> EXPORT_SYMBOL_GPL(fsl_mc_device_group);
>
> -static int iommu_get_def_domain_type(struct device *dev)
> +/* Get the mandatary def_domain type for device. Otherwise, return 0. */
> +static int iommu_get_mandatory_def_domain_type(struct device *dev)
> {
> const struct iommu_ops *ops = dev->bus->iommu_ops;
> - unsigned int type = 0;
> +
> + if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted)
> + return IOMMU_DOMAIN_DMA;
>
> if (ops->def_domain_type)
> - type = ops->def_domain_type(dev);
> + return ops->def_domain_type(dev);
> +
> + return 0;
> +}
> +
> +static int iommu_get_def_domain_type(struct device *dev)
> +{
> + int type = iommu_get_mandatory_def_domain_type(dev);
>
> return (type == 0) ? iommu_def_domain_type : type;
> }
> @@ -1645,13 +1655,10 @@ struct __group_domain_type {
>
> static int probe_get_default_domain_type(struct device *dev, void *data)
> {
> - const struct iommu_ops *ops = dev->bus->iommu_ops;
> struct __group_domain_type *gtype = data;
> unsigned int type = 0;
>
> - if (ops->def_domain_type)
> - type = ops->def_domain_type(dev);
> -
> + type = iommu_get_mandatory_def_domain_type(dev);
afaict, this code is only called from probe_alloc_default_domain(), which
has:
/* Ask for default domain requirements of all devices in the group */
__iommu_group_for_each_dev(group, >ype,
probe_get_default_domain_type);
if (!gtype.type)
gtype.type = iommu_def_domain_type;
so is there actually a need to introduce the new
iommu_get_mandatory_def_domain_type() function, given that a type of 0
always ends up resolving to the default domain type?
Will
