4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Singh, Brijesh brijesh.singh@amd.com
commit b3e9b515b08e407ab3a026dc2e4d935c48d05f69 upstream.
Boris Ostrovsky reported a memory leak with device passthrough when SME is active.
The VFIO driver uses iommu_iova_to_phys() to get the physical address for an iova. This physical address is later passed into vfio_unmap_unpin() to unpin the memory. The vfio_unmap_unpin() uses pfn_valid() before unpinning the memory. The pfn_valid() check was failing because encryption mask was part of the physical address returned. This resulted in the memory not being unpinned and therefore leaked after the guest terminates.
The memory encryption mask must be cleared from the physical address in iommu_iova_to_phys().
Fixes: 2543a786aa25 ("iommu/amd: Allow the AMD IOMMU to work with memory encryption") Reported-by: Boris Ostrovsky boris.ostrovsky@oracle.com Cc: Tom Lendacky thomas.lendacky@amd.com Cc: Joerg Roedel joro@8bytes.org Cc: iommu@lists.linux-foundation.org Cc: Borislav Petkov bp@suse.de Cc: Paolo Bonzini pbonzini@redhat.com Cc: Radim Krčmář rkrcmar@redhat.com Cc: kvm@vger.kernel.org Cc: Boris Ostrovsky boris.ostrovsky@oracle.com Cc: stable@vger.kernel.org # 4.14+ Signed-off-by: Brijesh Singh brijesh.singh@amd.com Signed-off-by: Joerg Roedel jroedel@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- drivers/iommu/amd_iommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/iommu/amd_iommu.c +++ b/drivers/iommu/amd_iommu.c @@ -3071,7 +3071,7 @@ static phys_addr_t amd_iommu_iova_to_phy return 0;
offset_mask = pte_pgsize - 1; - __pte = *pte & PM_ADDR_MASK; + __pte = __sme_clr(*pte & PM_ADDR_MASK);
return (__pte & ~offset_mask) | (iova & offset_mask); }