Date: Thu, 16 Nov 2017 18:22:03 +0000 (UTC) From: John Baldwin <jhb@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r325900 - in stable: 10/sys/amd64/vmm/io 11/sys/amd64/vmm/io Message-ID: <201711161822.vAGIM3QP038986@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhb Date: Thu Nov 16 18:22:03 2017 New Revision: 325900 URL: https://svnweb.freebsd.org/changeset/base/325900 Log: MFC 325039: Rework pass through changes in r305485 to be safer. Specifically, devices that do not support PCI-e FLR and were not gracefully shutdown by the guest OS could continue to issue DMA requests after the VM was terminated. The changes in r305485 meant that those DMA requests were completed against the host's memory which could result in random memory corruption. Instead, leave ppt devices that are not attached to a VM disabled in the IOMMU and only restore the devices to the host domain if the ppt(4) driver is detached from a device. As an added safety belt, disable busmastering for a pass-through device when before adding it to the host domain during ppt(4) detach. PR: 222937 Modified: stable/10/sys/amd64/vmm/io/iommu.c stable/10/sys/amd64/vmm/io/ppt.c Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/amd64/vmm/io/iommu.c stable/11/sys/amd64/vmm/io/ppt.c Directory Properties: stable/11/ (props changed) Modified: stable/10/sys/amd64/vmm/io/iommu.c ============================================================================== --- stable/10/sys/amd64/vmm/io/iommu.c Thu Nov 16 16:00:01 2017 (r325899) +++ stable/10/sys/amd64/vmm/io/iommu.c Thu Nov 16 18:22:03 2017 (r325900) @@ -158,6 +158,7 @@ iommu_init(void) { int error, bus, slot, func; vm_paddr_t maxaddr; + devclass_t dc; device_t dev; if (!iommu_enable) @@ -195,6 +196,7 @@ iommu_init(void) */ iommu_create_mapping(host_domain, 0, 0, maxaddr); + dc = devclass_find("ppt"); for (bus = 0; bus <= PCI_BUSMAX; bus++) { for (slot = 0; slot <= PCI_SLOTMAX; slot++) { for (func = 0; func <= PCI_FUNCMAX; func++) { @@ -202,7 +204,15 @@ iommu_init(void) if (dev == NULL) continue; - /* Everything belongs to the host domain. */ + /* Skip passthrough devices. */ + if (dc != NULL && + device_get_devclass(dev) == dc) + continue; + + /* + * Everything else belongs to the host + * domain. + */ iommu_add_device(host_domain, pci_get_rid(dev)); } Modified: stable/10/sys/amd64/vmm/io/ppt.c ============================================================================== --- stable/10/sys/amd64/vmm/io/ppt.c Thu Nov 16 16:00:01 2017 (r325899) +++ stable/10/sys/amd64/vmm/io/ppt.c Thu Nov 16 18:22:03 2017 (r325900) @@ -154,6 +154,7 @@ ppt_attach(device_t dev) ppt = device_get_softc(dev); + iommu_remove_device(iommu_host_domain(), pci_get_rid(dev)); num_pptdevs++; TAILQ_INSERT_TAIL(&pptdev_list, ppt, next); ppt->dev = dev; @@ -175,6 +176,8 @@ ppt_detach(device_t dev) return (EBUSY); num_pptdevs--; TAILQ_REMOVE(&pptdev_list, ppt, next); + pci_disable_busmaster(dev); + iommu_add_device(iommu_host_domain(), pci_get_rid(dev)); return (0); } @@ -368,7 +371,6 @@ ppt_assign_device(struct vm *vm, int bus, int slot, in true); pci_restore_state(ppt->dev); ppt->vm = vm; - iommu_remove_device(iommu_host_domain(), pci_get_rid(ppt->dev)); iommu_add_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); return (0); } @@ -397,7 +399,6 @@ ppt_unassign_device(struct vm *vm, int bus, int slot, ppt_teardown_msi(ppt); ppt_teardown_msix(ppt); iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); - iommu_add_device(iommu_host_domain(), pci_get_rid(ppt->dev)); ppt->vm = NULL; return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201711161822.vAGIM3QP038986>