• Alex Williamson's avatar
    iommu/amd: Only unmap large pages from the first pte · ed2f0795
    Alex Williamson authored
    commit 60d0ca3c upstream.
    
    If we use a large mapping, the expectation is that only unmaps from
    the first pte in the superpage are supported.  Unmaps from offsets
    into the superpage should fail (ie. return zero sized unmap).  In the
    current code, unmapping from an offset clears the size of the full
    mapping starting from an offset.  For instance, if we map a 16k
    physically contiguous range at IOVA 0x0 with a large page, then
    attempt to unmap 4k at offset 12k, 4 ptes are cleared (12k - 28k) and
    the unmap returns 16k unmapped.  This potentially incorrectly clears
    valid mappings and confuses drivers like VFIO that use the unmap size
    to release pinned pages.
    
    Fix by refusing to unmap from offsets into the page.
    Signed-off-by: default avatarAlex Williamson <alex.williamson@redhat.com>
    Signed-off-by: default avatarJoerg Roedel <joro@8bytes.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    ed2f0795
amd_iommu.c 96.9 KB