mbox series

[0/5,B-OEM] iommu: add kernel dma protection

Message ID 20190315050418.7788-1-aaron.ma@canonical.com
Headers show
Series iommu: add kernel dma protection | expand

Message

Aaron Ma March 15, 2019, 5:04 a.m. UTC
BugLink: https://bugs.launchpad.net/bugs/1820153

[Impact]
OS can use IOMMU to defend against DMA attacks from a PCI device like thunderbolt one.
Intel adds DMA_CTRL_PLATFORM_OPT_IN_FLAG flag in DMAR ACPI table.
Use this flag to enable IOMMU and use _DSD to identify untrusted PCI devices.

[Fix]
Enable IOMMU when BIOS supports DMA opt in flag and ExternalFacingPort in _DSD.
Disable ATS on the untrusted PCI device.

[Test]
Tested on 2 Intel platforms that supports DMA opt in flag with a thunderbolt dock station.
iommu enabled as expected with this fix.

[Regression Potential]
Upstream fix, Verified on supported platforms, no affection on not supported platforms.
Backported changes are fairly minimal.

These patches are included in 5.0 kernel, disco is good.

Erik Schmauss (1):
  ACPICA: AML parser: attempt to continue loading table after error

Lu Baolu (1):
  iommu/vt-d: Force IOMMU on for platform opt in hint

Mika Westerberg (3):
  PCI / ACPI: Identify untrusted PCI devices
  iommu/vt-d: Do not enable ATS for untrusted devices
  thunderbolt: Export IOMMU based DMA protection support to userspace

 .../ABI/testing/sysfs-bus-thunderbolt         |  9 +++
 Documentation/admin-guide/thunderbolt.rst     | 20 +++++++
 drivers/acpi/acpica/psloop.c                  | 51 ++++++++++++++++-
 drivers/acpi/acpica/psobject.c                | 30 ++++++++++
 drivers/acpi/property.c                       | 11 ++++
 drivers/iommu/dmar.c                          | 25 +++++++++
 drivers/iommu/intel-iommu.c                   | 56 ++++++++++++++++++-
 drivers/pci/pci-acpi.c                        | 19 +++++++
 drivers/pci/probe.c                           | 15 +++++
 drivers/thunderbolt/domain.c                  | 17 ++++++
 include/linux/dmar.h                          |  8 +++
 include/linux/pci.h                           |  8 +++
 12 files changed, 265 insertions(+), 4 deletions(-)

Comments

Aaron Ma March 26, 2019, 7:50 a.m. UTC | #1
On 3/15/19 1:04 PM, Aaron Ma wrote:
> BugLink: https://bugs.launchpad.net/bugs/1820153
> 
> [Impact]
> OS can use IOMMU to defend against DMA attacks from a PCI device like thunderbolt one.
> Intel adds DMA_CTRL_PLATFORM_OPT_IN_FLAG flag in DMAR ACPI table.
> Use this flag to enable IOMMU and use _DSD to identify untrusted PCI devices.
> 
> [Fix]
> Enable IOMMU when BIOS supports DMA opt in flag and ExternalFacingPort in _DSD.
> Disable ATS on the untrusted PCI device.
> 
> [Test]
> Tested on 2 Intel platforms that supports DMA opt in flag with a thunderbolt dock station.
> iommu enabled as expected with this fix.

Verified by QA's full test with a temporary build of bionic-oem kernel.
All test passed on one supported "DMA protection" system and one
non-supported "DMA protection" system.

Regards,
Aaron

> 
> [Regression Potential]
> Upstream fix, Verified on supported platforms, no affection on not supported platforms.
> Backported changes are fairly minimal.
> 
> These patches are included in 5.0 kernel, disco is good.
> 
> Erik Schmauss (1):
>   ACPICA: AML parser: attempt to continue loading table after error
> 
> Lu Baolu (1):
>   iommu/vt-d: Force IOMMU on for platform opt in hint
> 
> Mika Westerberg (3):
>   PCI / ACPI: Identify untrusted PCI devices
>   iommu/vt-d: Do not enable ATS for untrusted devices
>   thunderbolt: Export IOMMU based DMA protection support to userspace
> 
>  .../ABI/testing/sysfs-bus-thunderbolt         |  9 +++
>  Documentation/admin-guide/thunderbolt.rst     | 20 +++++++
>  drivers/acpi/acpica/psloop.c                  | 51 ++++++++++++++++-
>  drivers/acpi/acpica/psobject.c                | 30 ++++++++++
>  drivers/acpi/property.c                       | 11 ++++
>  drivers/iommu/dmar.c                          | 25 +++++++++
>  drivers/iommu/intel-iommu.c                   | 56 ++++++++++++++++++-
>  drivers/pci/pci-acpi.c                        | 19 +++++++
>  drivers/pci/probe.c                           | 15 +++++
>  drivers/thunderbolt/domain.c                  | 17 ++++++
>  include/linux/dmar.h                          |  8 +++
>  include/linux/pci.h                           |  8 +++
>  12 files changed, 265 insertions(+), 4 deletions(-)
> 
> -- 2.17.1
> -- kernel-team mailing list kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
Hui Wang March 26, 2019, 7:54 a.m. UTC | #2
On 2019/3/26 下午3:50, Aaron Ma wrote:
> On 3/15/19 1:04 PM, Aaron Ma wrote:
>> BugLink: https://bugs.launchpad.net/bugs/1820153
>>
>> [Impact]
>> OS can use IOMMU to defend against DMA attacks from a PCI device like thunderbolt one.
>> Intel adds DMA_CTRL_PLATFORM_OPT_IN_FLAG flag in DMAR ACPI table.
>> Use this flag to enable IOMMU and use _DSD to identify untrusted PCI devices.
>>
>> [Fix]
>> Enable IOMMU when BIOS supports DMA opt in flag and ExternalFacingPort in _DSD.
>> Disable ATS on the untrusted PCI device.
>>
>> [Test]
>> Tested on 2 Intel platforms that supports DMA opt in flag with a thunderbolt dock station.
>> iommu enabled as expected with this fix.
> Verified by QA's full test with a temporary build of bionic-oem kernel.
> All test passed on one supported "DMA protection" system and one
> non-supported "DMA protection" system.
>
> Regards,
> Aaron

Acked-by: Hui Wang <hui.wang@canonical.com>

>
>> [Regression Potential]
>> Upstream fix, Verified on supported platforms, no affection on not supported platforms.
>> Backported changes are fairly minimal.
>>
>> These patches are included in 5.0 kernel, disco is good.
>>
>> Erik Schmauss (1):
>>   ACPICA: AML parser: attempt to continue loading table after error
>>
>> Lu Baolu (1):
>>   iommu/vt-d: Force IOMMU on for platform opt in hint
>>
>> Mika Westerberg (3):
>>   PCI / ACPI: Identify untrusted PCI devices
>>   iommu/vt-d: Do not enable ATS for untrusted devices
>>   thunderbolt: Export IOMMU based DMA protection support to userspace
>>
>>  .../ABI/testing/sysfs-bus-thunderbolt         |  9 +++
>>  Documentation/admin-guide/thunderbolt.rst     | 20 +++++++
>>  drivers/acpi/acpica/psloop.c                  | 51 ++++++++++++++++-
>>  drivers/acpi/acpica/psobject.c                | 30 ++++++++++
>>  drivers/acpi/property.c                       | 11 ++++
>>  drivers/iommu/dmar.c                          | 25 +++++++++
>>  drivers/iommu/intel-iommu.c                   | 56 ++++++++++++++++++-
>>  drivers/pci/pci-acpi.c                        | 19 +++++++
>>  drivers/pci/probe.c                           | 15 +++++
>>  drivers/thunderbolt/domain.c                  | 17 ++++++
>>  include/linux/dmar.h                          |  8 +++
>>  include/linux/pci.h                           |  8 +++
>>  12 files changed, 265 insertions(+), 4 deletions(-)
>>
>> -- 2.17.1
>> -- kernel-team mailing list kernel-team@lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>>
AceLan Kao March 28, 2019, 3:24 a.m. UTC | #3
Acked-By: AceLan Kao <acelan.kao@canonical.com>
Khaled Elmously March 28, 2019, 6:15 a.m. UTC | #4
On 2019-03-15 13:04:13 , Aaron Ma wrote:
> BugLink: https://bugs.launchpad.net/bugs/1820153
> 
> [Impact]
> OS can use IOMMU to defend against DMA attacks from a PCI device like thunderbolt one.
> Intel adds DMA_CTRL_PLATFORM_OPT_IN_FLAG flag in DMAR ACPI table.
> Use this flag to enable IOMMU and use _DSD to identify untrusted PCI devices.
> 
> [Fix]
> Enable IOMMU when BIOS supports DMA opt in flag and ExternalFacingPort in _DSD.
> Disable ATS on the untrusted PCI device.
> 
> [Test]
> Tested on 2 Intel platforms that supports DMA opt in flag with a thunderbolt dock station.
> iommu enabled as expected with this fix.
> 
> [Regression Potential]
> Upstream fix, Verified on supported platforms, no affection on not supported platforms.
> Backported changes are fairly minimal.
> 
> These patches are included in 5.0 kernel, disco is good.
> 
> Erik Schmauss (1):
>   ACPICA: AML parser: attempt to continue loading table after error
> 
> Lu Baolu (1):
>   iommu/vt-d: Force IOMMU on for platform opt in hint
> 
> Mika Westerberg (3):
>   PCI / ACPI: Identify untrusted PCI devices
>   iommu/vt-d: Do not enable ATS for untrusted devices
>   thunderbolt: Export IOMMU based DMA protection support to userspace
> 
>  .../ABI/testing/sysfs-bus-thunderbolt         |  9 +++
>  Documentation/admin-guide/thunderbolt.rst     | 20 +++++++
>  drivers/acpi/acpica/psloop.c                  | 51 ++++++++++++++++-
>  drivers/acpi/acpica/psobject.c                | 30 ++++++++++
>  drivers/acpi/property.c                       | 11 ++++
>  drivers/iommu/dmar.c                          | 25 +++++++++
>  drivers/iommu/intel-iommu.c                   | 56 ++++++++++++++++++-
>  drivers/pci/pci-acpi.c                        | 19 +++++++
>  drivers/pci/probe.c                           | 15 +++++
>  drivers/thunderbolt/domain.c                  | 17 ++++++
>  include/linux/dmar.h                          |  8 +++
>  include/linux/pci.h                           |  8 +++
>  12 files changed, 265 insertions(+), 4 deletions(-)
> 
> -- 
> 2.17.1
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team