Re: [PATCH v2 1/2] iommu: Add capability for pre-boot DMA protection
From: Robin Murphy
Date: Tue Mar 22 2022 - 05:53:38 EST
On 2022-03-22 09:14, Christoph Hellwig wrote:
On Fri, Mar 18, 2022 at 05:42:57PM +0000, Robin Murphy wrote:
VT-d's dmar_platform_optin() actually represents a combination of
properties fairly well standardised by Microsoft as "Pre-boot DMA
Protection" and "Kernel DMA Protection"[1]. As such, we can provide
interested consumers with an abstracted capability rather than
driver-specific interfaces that won't scale. We name it for the former
aspect since that's what external callers are most likely to be
interested in; the latter is for the IOMMU layer to handle itself.
Also use this as an opportunity to draw a line in the sand and add a
new interface so as not to introduce any more callers of iommu_capable()
which I also want to get rid of. For now it's a quick'n'dirty wrapper
function, but will evolve to subsume the internal interface in future.
[1] https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-kernel-dma-protection
Suggested-by: Christoph Hellwig <hch@xxxxxx>
Signed-off-by: Robin Murphy <robin.murphy@xxxxxxx>
I can't really think of a way in which I suggested this, but it does
looks like a good interface:
Well, you were the first to say it should be abstracted[1], and since my
initial thought that it could be hidden completely didn't pan out, I
felt I should give you credit for being right all along :)
Reviewed-by: Christoph Hellwig <hch@xxxxxx>
Thanks!
Robin.
[1] https://lore.kernel.org/linux-iommu/YjDDUUeZ%2FdvUZoDN@xxxxxxxxxxxxx/