tmakin/ack-tegra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ANDROID: KVM: iommu: Restrict access KVM_IOMMU_DOMAIN_IDMAP_ID

Browse Source 
KVM_IOMMU_DOMAIN_IDMAP_ID should only mirror the host stage-2,
without interaction with pv interface.

Bug: 277989609
Bug: 278749606
Change-Id: I6d9800c1a12c9f4dbfbb51c22f589614424aabaa
Signed-off-by: Mostafa Saleh <smostafa@google.com>
This commit is contained in:
Mostafa Saleh
2025-04-09 09:43:32 +00:00
parent d8d0d34c76
commit ddb4101bc0
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
arch/arm64/kvm/hyp/nvhe/iommu/iommu.c
+9
View File
@@ -490,6 +490,9 @@ size_t kvm_iommu_map_pages(pkvm_handle_t domain_id,
iova + size < iova || paddr + size < paddr)
return -E2BIG;
if (domain_id == KVM_IOMMU_DOMAIN_IDMAP_ID)
return -EINVAL;
domain = handle_to_domain(domain_id);
if (!domain || domain_get(domain))
return -ENOENT;
@@ -553,6 +556,9 @@ size_t kvm_iommu_unmap_pages(pkvm_handle_t domain_id, unsigned long iova,
iova + size < iova)
return 0;
if (domain_id == KVM_IOMMU_DOMAIN_IDMAP_ID)
return 0;
domain = handle_to_domain(domain_id);
if (!domain || domain_get(domain))
return 0;
@@ -584,6 +590,9 @@ phys_addr_t kvm_iommu_iova_to_phys(pkvm_handle_t domain_id, unsigned long iova)
if (!kvm_iommu_ops || !kvm_iommu_ops->iova_to_phys)
return -ENODEV;
if (domain_id == KVM_IOMMU_DOMAIN_IDMAP_ID)
return iova;
domain = handle_to_domain( domain_id);
if (!domain || domain_get(domain))