mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-30 07:34:12 +08:00
954a03be03
If you're bisecting why your peripherals stopped working, it's probably this CL. Specifically if you see this in your dmesg: Unexpected global fault, this could be serious ...then it's almost certainly this CL. Running your IOMMU-enabled peripherals with the IOMMU in bypass mode is insecure and effectively disables the protection they provide. There are few reasons to allow unmatched stream bypass, and even fewer good ones. This patch starts the transition over to make it much harder to run your system insecurely. Expected steps: 1. By default disable bypass (so anyone insecure will notice) but make it easy for someone to re-enable bypass with just a KConfig change. That's this patch. 2. After people have had a little time to come to grips with the fact that they need to set their IOMMUs properly and have had time to dig into how to do this, the KConfig will be eliminated and bypass will simply be disabled. Folks who are truly upset and still haven't fixed their system can either figure out how to add 'arm-smmu.disable_bypass=n' to their command line or revert the patch in their own private kernel. Of course these folks will be less secure. Suggested-by: Robin Murphy <robin.murphy@arm.com> Reviewed-by: Marc Gonzalez <marc.w.gonzalez@free.fr> Tested-by: Marc Gonzalez <marc.w.gonzalez@free.fr> Signed-off-by: Douglas Anderson <dianders@chromium.org> Signed-off-by: Will Deacon <will.deacon@arm.com>
475 lines
14 KiB
Plaintext
475 lines
14 KiB
Plaintext
# The IOVA library may also be used by non-IOMMU_API users
|
|
config IOMMU_IOVA
|
|
tristate
|
|
|
|
# IOMMU_API always gets selected by whoever wants it.
|
|
config IOMMU_API
|
|
bool
|
|
|
|
menuconfig IOMMU_SUPPORT
|
|
bool "IOMMU Hardware Support"
|
|
depends on MMU
|
|
default y
|
|
---help---
|
|
Say Y here if you want to compile device drivers for IO Memory
|
|
Management Units into the kernel. These devices usually allow to
|
|
remap DMA requests and/or remap interrupts from other devices on the
|
|
system.
|
|
|
|
if IOMMU_SUPPORT
|
|
|
|
menu "Generic IOMMU Pagetable Support"
|
|
|
|
# Selected by the actual pagetable implementations
|
|
config IOMMU_IO_PGTABLE
|
|
bool
|
|
|
|
config IOMMU_IO_PGTABLE_LPAE
|
|
bool "ARMv7/v8 Long Descriptor Format"
|
|
select IOMMU_IO_PGTABLE
|
|
depends on ARM || ARM64 || (COMPILE_TEST && !GENERIC_ATOMIC64)
|
|
help
|
|
Enable support for the ARM long descriptor pagetable format.
|
|
This allocator supports 4K/2M/1G, 16K/32M and 64K/512M page
|
|
sizes at both stage-1 and stage-2, as well as address spaces
|
|
up to 48-bits in size.
|
|
|
|
config IOMMU_IO_PGTABLE_LPAE_SELFTEST
|
|
bool "LPAE selftests"
|
|
depends on IOMMU_IO_PGTABLE_LPAE
|
|
help
|
|
Enable self-tests for LPAE page table allocator. This performs
|
|
a series of page-table consistency checks during boot.
|
|
|
|
If unsure, say N here.
|
|
|
|
config IOMMU_IO_PGTABLE_ARMV7S
|
|
bool "ARMv7/v8 Short Descriptor Format"
|
|
select IOMMU_IO_PGTABLE
|
|
depends on ARM || ARM64 || COMPILE_TEST
|
|
help
|
|
Enable support for the ARM Short-descriptor pagetable format.
|
|
This supports 32-bit virtual and physical addresses mapped using
|
|
2-level tables with 4KB pages/1MB sections, and contiguous entries
|
|
for 64KB pages/16MB supersections if indicated by the IOMMU driver.
|
|
|
|
config IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
|
|
bool "ARMv7s selftests"
|
|
depends on IOMMU_IO_PGTABLE_ARMV7S
|
|
help
|
|
Enable self-tests for ARMv7s page table allocator. This performs
|
|
a series of page-table consistency checks during boot.
|
|
|
|
If unsure, say N here.
|
|
|
|
endmenu
|
|
|
|
config IOMMU_DEBUGFS
|
|
bool "Export IOMMU internals in DebugFS"
|
|
depends on DEBUG_FS
|
|
help
|
|
Allows exposure of IOMMU device internals. This option enables
|
|
the use of debugfs by IOMMU drivers as required. Devices can,
|
|
at initialization time, cause the IOMMU code to create a top-level
|
|
debug/iommu directory, and then populate a subdirectory with
|
|
entries as required.
|
|
|
|
config IOMMU_DEFAULT_PASSTHROUGH
|
|
bool "IOMMU passthrough by default"
|
|
depends on IOMMU_API
|
|
help
|
|
Enable passthrough by default, removing the need to pass in
|
|
iommu.passthrough=on or iommu=pt through command line. If this
|
|
is enabled, you can still disable with iommu.passthrough=off
|
|
or iommu=nopt depending on the architecture.
|
|
|
|
If unsure, say N here.
|
|
|
|
config OF_IOMMU
|
|
def_bool y
|
|
depends on OF && IOMMU_API
|
|
|
|
# IOMMU-agnostic DMA-mapping layer
|
|
config IOMMU_DMA
|
|
bool
|
|
select IOMMU_API
|
|
select IOMMU_IOVA
|
|
select NEED_SG_DMA_LENGTH
|
|
|
|
config FSL_PAMU
|
|
bool "Freescale IOMMU support"
|
|
depends on PCI
|
|
depends on PHYS_64BIT
|
|
depends on PPC_E500MC || (COMPILE_TEST && PPC)
|
|
select IOMMU_API
|
|
select GENERIC_ALLOCATOR
|
|
help
|
|
Freescale PAMU support. PAMU is the IOMMU present on Freescale QorIQ platforms.
|
|
PAMU can authorize memory access, remap the memory address, and remap I/O
|
|
transaction types.
|
|
|
|
# MSM IOMMU support
|
|
config MSM_IOMMU
|
|
bool "MSM IOMMU Support"
|
|
depends on ARM
|
|
depends on ARCH_MSM8X60 || ARCH_MSM8960 || COMPILE_TEST
|
|
select IOMMU_API
|
|
select IOMMU_IO_PGTABLE_ARMV7S
|
|
help
|
|
Support for the IOMMUs found on certain Qualcomm SOCs.
|
|
These IOMMUs allow virtualization of the address space used by most
|
|
cores within the multimedia subsystem.
|
|
|
|
If unsure, say N here.
|
|
|
|
config IOMMU_PGTABLES_L2
|
|
def_bool y
|
|
depends on MSM_IOMMU && MMU && SMP && CPU_DCACHE_DISABLE=n
|
|
|
|
# AMD IOMMU support
|
|
config AMD_IOMMU
|
|
bool "AMD IOMMU support"
|
|
select SWIOTLB
|
|
select PCI_MSI
|
|
select PCI_ATS
|
|
select PCI_PRI
|
|
select PCI_PASID
|
|
select IOMMU_API
|
|
select IOMMU_IOVA
|
|
depends on X86_64 && PCI && ACPI
|
|
---help---
|
|
With this option you can enable support for AMD IOMMU hardware in
|
|
your system. An IOMMU is a hardware component which provides
|
|
remapping of DMA memory accesses from devices. With an AMD IOMMU you
|
|
can isolate the DMA memory of different devices and protect the
|
|
system from misbehaving device drivers or hardware.
|
|
|
|
You can find out if your system has an AMD IOMMU if you look into
|
|
your BIOS for an option to enable it or if you have an IVRS ACPI
|
|
table.
|
|
|
|
config AMD_IOMMU_V2
|
|
tristate "AMD IOMMU Version 2 driver"
|
|
depends on AMD_IOMMU
|
|
select MMU_NOTIFIER
|
|
---help---
|
|
This option enables support for the AMD IOMMUv2 features of the IOMMU
|
|
hardware. Select this option if you want to use devices that support
|
|
the PCI PRI and PASID interface.
|
|
|
|
config AMD_IOMMU_DEBUGFS
|
|
bool "Enable AMD IOMMU internals in DebugFS"
|
|
depends on AMD_IOMMU && IOMMU_DEBUGFS
|
|
---help---
|
|
!!!WARNING!!! !!!WARNING!!! !!!WARNING!!! !!!WARNING!!!
|
|
|
|
DO NOT ENABLE THIS OPTION UNLESS YOU REALLY, -REALLY- KNOW WHAT YOU ARE DOING!!!
|
|
Exposes AMD IOMMU device internals in DebugFS.
|
|
|
|
This option is -NOT- intended for production environments, and should
|
|
not generally be enabled.
|
|
|
|
# Intel IOMMU support
|
|
config DMAR_TABLE
|
|
bool
|
|
|
|
config INTEL_IOMMU
|
|
bool "Support for Intel IOMMU using DMA Remapping Devices"
|
|
depends on PCI_MSI && ACPI && (X86 || IA64_GENERIC)
|
|
select IOMMU_API
|
|
select IOMMU_IOVA
|
|
select NEED_DMA_MAP_STATE
|
|
select DMAR_TABLE
|
|
help
|
|
DMA remapping (DMAR) devices support enables independent address
|
|
translations for Direct Memory Access (DMA) from devices.
|
|
These DMA remapping devices are reported via ACPI tables
|
|
and include PCI device scope covered by these DMA
|
|
remapping devices.
|
|
|
|
config INTEL_IOMMU_DEBUGFS
|
|
bool "Export Intel IOMMU internals in Debugfs"
|
|
depends on INTEL_IOMMU && IOMMU_DEBUGFS
|
|
help
|
|
!!!WARNING!!!
|
|
|
|
DO NOT ENABLE THIS OPTION UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!!!
|
|
|
|
Expose Intel IOMMU internals in Debugfs.
|
|
|
|
This option is -NOT- intended for production environments, and should
|
|
only be enabled for debugging Intel IOMMU.
|
|
|
|
config INTEL_IOMMU_SVM
|
|
bool "Support for Shared Virtual Memory with Intel IOMMU"
|
|
depends on INTEL_IOMMU && X86
|
|
select PCI_PASID
|
|
select MMU_NOTIFIER
|
|
help
|
|
Shared Virtual Memory (SVM) provides a facility for devices
|
|
to access DMA resources through process address space by
|
|
means of a Process Address Space ID (PASID).
|
|
|
|
config INTEL_IOMMU_DEFAULT_ON
|
|
def_bool y
|
|
prompt "Enable Intel DMA Remapping Devices by default"
|
|
depends on INTEL_IOMMU
|
|
help
|
|
Selecting this option will enable a DMAR device at boot time if
|
|
one is found. If this option is not selected, DMAR support can
|
|
be enabled by passing intel_iommu=on to the kernel.
|
|
|
|
config INTEL_IOMMU_BROKEN_GFX_WA
|
|
bool "Workaround broken graphics drivers (going away soon)"
|
|
depends on INTEL_IOMMU && BROKEN && X86
|
|
---help---
|
|
Current Graphics drivers tend to use physical address
|
|
for DMA and avoid using DMA APIs. Setting this config
|
|
option permits the IOMMU driver to set a unity map for
|
|
all the OS-visible memory. Hence the driver can continue
|
|
to use physical addresses for DMA, at least until this
|
|
option is removed in the 2.6.32 kernel.
|
|
|
|
config INTEL_IOMMU_FLOPPY_WA
|
|
def_bool y
|
|
depends on INTEL_IOMMU && X86
|
|
---help---
|
|
Floppy disk drivers are known to bypass DMA API calls
|
|
thereby failing to work when IOMMU is enabled. This
|
|
workaround will setup a 1:1 mapping for the first
|
|
16MiB to make floppy (an ISA device) work.
|
|
|
|
config IRQ_REMAP
|
|
bool "Support for Interrupt Remapping"
|
|
depends on X86_64 && X86_IO_APIC && PCI_MSI && ACPI
|
|
select DMAR_TABLE
|
|
---help---
|
|
Supports Interrupt remapping for IO-APIC and MSI devices.
|
|
To use x2apic mode in the CPU's which support x2APIC enhancements or
|
|
to support platforms with CPU's having > 8 bit APIC ID, say Y.
|
|
|
|
# OMAP IOMMU support
|
|
config OMAP_IOMMU
|
|
bool "OMAP IOMMU Support"
|
|
depends on ARM && MMU
|
|
depends on ARCH_OMAP2PLUS || COMPILE_TEST
|
|
select IOMMU_API
|
|
---help---
|
|
The OMAP3 media platform drivers depend on iommu support,
|
|
if you need them say Y here.
|
|
|
|
config OMAP_IOMMU_DEBUG
|
|
bool "Export OMAP IOMMU internals in DebugFS"
|
|
depends on OMAP_IOMMU && DEBUG_FS
|
|
---help---
|
|
Select this to see extensive information about
|
|
the internal state of OMAP IOMMU in debugfs.
|
|
|
|
Say N unless you know you need this.
|
|
|
|
config ROCKCHIP_IOMMU
|
|
bool "Rockchip IOMMU Support"
|
|
depends on ARM || ARM64
|
|
depends on ARCH_ROCKCHIP || COMPILE_TEST
|
|
select IOMMU_API
|
|
select ARM_DMA_USE_IOMMU
|
|
help
|
|
Support for IOMMUs found on Rockchip rk32xx SOCs.
|
|
These IOMMUs allow virtualization of the address space used by most
|
|
cores within the multimedia subsystem.
|
|
Say Y here if you are using a Rockchip SoC that includes an IOMMU
|
|
device.
|
|
|
|
config TEGRA_IOMMU_GART
|
|
bool "Tegra GART IOMMU Support"
|
|
depends on ARCH_TEGRA_2x_SOC
|
|
depends on TEGRA_MC
|
|
select IOMMU_API
|
|
help
|
|
Enables support for remapping discontiguous physical memory
|
|
shared with the operating system into contiguous I/O virtual
|
|
space through the GART (Graphics Address Relocation Table)
|
|
hardware included on Tegra SoCs.
|
|
|
|
config TEGRA_IOMMU_SMMU
|
|
bool "NVIDIA Tegra SMMU Support"
|
|
depends on ARCH_TEGRA
|
|
depends on TEGRA_AHB
|
|
depends on TEGRA_MC
|
|
select IOMMU_API
|
|
help
|
|
This driver supports the IOMMU hardware (SMMU) found on NVIDIA Tegra
|
|
SoCs (Tegra30 up to Tegra210).
|
|
|
|
config EXYNOS_IOMMU
|
|
bool "Exynos IOMMU Support"
|
|
depends on ARCH_EXYNOS && MMU
|
|
depends on !CPU_BIG_ENDIAN # revisit driver if we can enable big-endian ptes
|
|
select IOMMU_API
|
|
select ARM_DMA_USE_IOMMU
|
|
help
|
|
Support for the IOMMU (System MMU) of Samsung Exynos application
|
|
processor family. This enables H/W multimedia accelerators to see
|
|
non-linear physical memory chunks as linear memory in their
|
|
address space.
|
|
|
|
If unsure, say N here.
|
|
|
|
config EXYNOS_IOMMU_DEBUG
|
|
bool "Debugging log for Exynos IOMMU"
|
|
depends on EXYNOS_IOMMU
|
|
help
|
|
Select this to see the detailed log message that shows what
|
|
happens in the IOMMU driver.
|
|
|
|
Say N unless you need kernel log message for IOMMU debugging.
|
|
|
|
config IPMMU_VMSA
|
|
bool "Renesas VMSA-compatible IPMMU"
|
|
depends on ARM || IOMMU_DMA
|
|
depends on ARCH_RENESAS || (COMPILE_TEST && !GENERIC_ATOMIC64)
|
|
select IOMMU_API
|
|
select IOMMU_IO_PGTABLE_LPAE
|
|
select ARM_DMA_USE_IOMMU
|
|
help
|
|
Support for the Renesas VMSA-compatible IPMMU found in the R-Mobile
|
|
APE6, R-Car Gen2, and R-Car Gen3 SoCs.
|
|
|
|
If unsure, say N.
|
|
|
|
config SPAPR_TCE_IOMMU
|
|
bool "sPAPR TCE IOMMU Support"
|
|
depends on PPC_POWERNV || PPC_PSERIES
|
|
select IOMMU_API
|
|
help
|
|
Enables bits of IOMMU API required by VFIO. The iommu_ops
|
|
is not implemented as it is not necessary for VFIO.
|
|
|
|
# ARM IOMMU support
|
|
config ARM_SMMU
|
|
bool "ARM Ltd. System MMU (SMMU) Support"
|
|
depends on (ARM64 || ARM) && MMU
|
|
select IOMMU_API
|
|
select IOMMU_IO_PGTABLE_LPAE
|
|
select ARM_DMA_USE_IOMMU if ARM
|
|
help
|
|
Support for implementations of the ARM System MMU architecture
|
|
versions 1 and 2.
|
|
|
|
Say Y here if your SoC includes an IOMMU device implementing
|
|
the ARM SMMU architecture.
|
|
|
|
config ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT
|
|
bool "Default to disabling bypass on ARM SMMU v1 and v2"
|
|
depends on ARM_SMMU
|
|
default y
|
|
help
|
|
Say Y here to (by default) disable bypass streams such that
|
|
incoming transactions from devices that are not attached to
|
|
an iommu domain will report an abort back to the device and
|
|
will not be allowed to pass through the SMMU.
|
|
|
|
Any old kernels that existed before this KConfig was
|
|
introduced would default to _allowing_ bypass (AKA the
|
|
equivalent of NO for this config). However the default for
|
|
this option is YES because the old behavior is insecure.
|
|
|
|
There are few reasons to allow unmatched stream bypass, and
|
|
even fewer good ones. If saying YES here breaks your board
|
|
you should work on fixing your board. This KConfig option
|
|
is expected to be removed in the future and we'll simply
|
|
hardcode the bypass disable in the code.
|
|
|
|
NOTE: the kernel command line parameter
|
|
'arm-smmu.disable_bypass' will continue to override this
|
|
config.
|
|
|
|
config ARM_SMMU_V3
|
|
bool "ARM Ltd. System MMU Version 3 (SMMUv3) Support"
|
|
depends on ARM64
|
|
select IOMMU_API
|
|
select IOMMU_IO_PGTABLE_LPAE
|
|
select GENERIC_MSI_IRQ_DOMAIN
|
|
help
|
|
Support for implementations of the ARM System MMU architecture
|
|
version 3 providing translation support to a PCIe root complex.
|
|
|
|
Say Y here if your system includes an IOMMU device implementing
|
|
the ARM SMMUv3 architecture.
|
|
|
|
config S390_IOMMU
|
|
def_bool y if S390 && PCI
|
|
depends on S390 && PCI
|
|
select IOMMU_API
|
|
help
|
|
Support for the IOMMU API for s390 PCI devices.
|
|
|
|
config S390_CCW_IOMMU
|
|
bool "S390 CCW IOMMU Support"
|
|
depends on S390 && CCW
|
|
select IOMMU_API
|
|
help
|
|
Enables bits of IOMMU API required by VFIO. The iommu_ops
|
|
is not implemented as it is not necessary for VFIO.
|
|
|
|
config S390_AP_IOMMU
|
|
bool "S390 AP IOMMU Support"
|
|
depends on S390 && ZCRYPT
|
|
select IOMMU_API
|
|
help
|
|
Enables bits of IOMMU API required by VFIO. The iommu_ops
|
|
is not implemented as it is not necessary for VFIO.
|
|
|
|
config MTK_IOMMU
|
|
bool "MTK IOMMU Support"
|
|
depends on ARM || ARM64
|
|
depends on ARCH_MEDIATEK || COMPILE_TEST
|
|
select ARM_DMA_USE_IOMMU
|
|
select IOMMU_API
|
|
select IOMMU_DMA
|
|
select IOMMU_IO_PGTABLE_ARMV7S
|
|
select MEMORY
|
|
select MTK_SMI
|
|
help
|
|
Support for the M4U on certain Mediatek SOCs. M4U is MultiMedia
|
|
Memory Management Unit. This option enables remapping of DMA memory
|
|
accesses for the multimedia subsystem.
|
|
|
|
If unsure, say N here.
|
|
|
|
config MTK_IOMMU_V1
|
|
bool "MTK IOMMU Version 1 (M4U gen1) Support"
|
|
depends on ARM
|
|
depends on ARCH_MEDIATEK || COMPILE_TEST
|
|
select ARM_DMA_USE_IOMMU
|
|
select IOMMU_API
|
|
select MEMORY
|
|
select MTK_SMI
|
|
help
|
|
Support for the M4U on certain Mediatek SoCs. M4U generation 1 HW is
|
|
Multimedia Memory Managememt Unit. This option enables remapping of
|
|
DMA memory accesses for the multimedia subsystem.
|
|
|
|
if unsure, say N here.
|
|
|
|
config QCOM_IOMMU
|
|
# Note: iommu drivers cannot (yet?) be built as modules
|
|
bool "Qualcomm IOMMU Support"
|
|
depends on ARCH_QCOM || (COMPILE_TEST && !GENERIC_ATOMIC64)
|
|
select IOMMU_API
|
|
select IOMMU_IO_PGTABLE_LPAE
|
|
select ARM_DMA_USE_IOMMU
|
|
help
|
|
Support for IOMMU on certain Qualcomm SoCs.
|
|
|
|
config HYPERV_IOMMU
|
|
bool "Hyper-V x2APIC IRQ Handling"
|
|
depends on HYPERV
|
|
select IOMMU_API
|
|
default HYPERV
|
|
help
|
|
Stub IOMMU driver to handle IRQs as to allow Hyper-V Linux
|
|
guests to run with x2APIC mode enabled.
|
|
|
|
endif # IOMMU_SUPPORT
|