summaryrefslogtreecommitdiffstats
path: root/drivers/pci/ats.c
diff options
context:
space:
mode:
authorGil Kupfer <gilkup@gmail.com>2018-05-10 17:56:02 -0500
committerBjorn Helgaas <helgaas@kernel.org>2018-05-10 17:56:02 -0500
commitcef74409ea79b0a37af6889e7abf7a2a9c47979b (patch)
tree243ec22ccce2f44cf17e288ad0415691ad43f4e6 /drivers/pci/ats.c
parentf154a718e6cc0d834f5ac4dc4c3b174e65f3659e (diff)
downloadlinux-cef74409ea79b0a37af6889e7abf7a2a9c47979b.tar.gz
linux-cef74409ea79b0a37af6889e7abf7a2a9c47979b.tar.bz2
linux-cef74409ea79b0a37af6889e7abf7a2a9c47979b.zip
PCI: Add "pci=noats" boot parameter
Adds a "pci=noats" boot parameter. When supplied, all ATS related functions fail immediately and the IOMMU is configured to not use device-IOTLB. Any function that checks for ATS capabilities directly against the devices should also check this flag. Currently, such functions exist only in IOMMU drivers, and they are covered by this patch. The motivation behind this patch is the existence of malicious devices. Lots of research has been done about how to use the IOMMU as protection from such devices. When ATS is supported, any I/O device can access any physical address by faking device-IOTLB entries. Adding the ability to ignore these entries lets sysadmins enhance system security. Signed-off-by: Gil Kupfer <gilkup@cs.technion.ac.il> Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> Acked-by: Joerg Roedel <jroedel@suse.de>
Diffstat (limited to 'drivers/pci/ats.c')
-rw-r--r--drivers/pci/ats.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/pci/ats.c b/drivers/pci/ats.c
index 89305b569d3d..4923a2a8e14b 100644
--- a/drivers/pci/ats.c
+++ b/drivers/pci/ats.c
@@ -20,6 +20,9 @@ void pci_ats_init(struct pci_dev *dev)
{
int pos;
+ if (pci_ats_disabled())
+ return;
+
pos = pci_find_ext_capability(dev, PCI_EXT_CAP_ID_ATS);
if (!pos)
return;