summaryrefslogtreecommitdiff
path: root/kernel/dma
diff options
context:
space:
mode:
authorThomas Hellstrom <thellstrom@vmware.com>2020-03-04 14:45:27 +0300
committerBorislav Petkov <bp@suse.de>2020-03-17 13:52:58 +0300
commit17c4a2ae15a7aaefe84bdb271952678c5c9cd8e1 (patch)
treeaad4fbfa8cdc5d4111992b12a82c42ed3e61a30d /kernel/dma
parent6db73f17c5f155dbcfd5e48e621c706270b84df0 (diff)
downloadlinux-17c4a2ae15a7aaefe84bdb271952678c5c9cd8e1.tar.xz
dma-mapping: Fix dma_pgprot() for unencrypted coherent pages
When dma_mmap_coherent() sets up a mapping to unencrypted coherent memory under SEV encryption and sometimes under SME encryption, it will actually set up an encrypted mapping rather than an unencrypted, causing devices that DMAs from that memory to read encrypted contents. Fix this. When force_dma_unencrypted() returns true, the linear kernel map of the coherent pages have had the encryption bit explicitly cleared and the page content is unencrypted. Make sure that any additional PTEs we set up to these pages also have the encryption bit cleared by having dma_pgprot() return a protection with the encryption bit cleared in this case. Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com> Signed-off-by: Borislav Petkov <bp@suse.de> Reviewed-by: Christoph Hellwig <hch@lst.de> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> Link: https://lkml.kernel.org/r/20200304114527.3636-3-thomas_os@shipmail.org
Diffstat (limited to 'kernel/dma')
-rw-r--r--kernel/dma/mapping.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/dma/mapping.c b/kernel/dma/mapping.c
index 12ff766ec1fa..98e3d873792e 100644
--- a/kernel/dma/mapping.c
+++ b/kernel/dma/mapping.c
@@ -154,6 +154,8 @@ EXPORT_SYMBOL(dma_get_sgtable_attrs);
*/
pgprot_t dma_pgprot(struct device *dev, pgprot_t prot, unsigned long attrs)
{
+ if (force_dma_unencrypted(dev))
+ prot = pgprot_decrypted(prot);
if (dev_is_dma_coherent(dev) ||
(IS_ENABLED(CONFIG_DMA_NONCOHERENT_CACHE_SYNC) &&
(attrs & DMA_ATTR_NON_CONSISTENT)))