Intel IOMMU operates on inclusive bounds (both generally aas well as
iommu_domain_identity_map()). Meanwhile, for_each_mem_pfn_range() uses
exclusive bounds for end_pfn. This creates an off-by-one error when
switching between the two.

Fixes: 5dfe8660a3d7 ("bootmem: Replace work_with_active_regions() with for_each_mem_pfn_range()")
Signed-off-by: Jon Pan-Doh <pandoh@google.com>
Tested-by: Sudheer Dantuluri <dantuluris@google.com>
Suggested-by: Gary Zibrat <gzibrat@google.com>
---
 drivers/iommu/intel/iommu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
index fd11a080380c..f55ec1fd7942 100644
--- a/drivers/iommu/intel/iommu.c
+++ b/drivers/iommu/intel/iommu.c
@@ -2071,7 +2071,7 @@ static int __init si_domain_init(int hw)
 		for_each_mem_pfn_range(i, nid, &start_pfn, &end_pfn, NULL) {
 			ret = iommu_domain_identity_map(si_domain,
 					mm_to_dma_pfn_start(start_pfn),
-					mm_to_dma_pfn_end(end_pfn));
+					mm_to_dma_pfn_end(end_pfn-1));
 			if (ret)
 				return ret;
 		}
-- 
2.45.2.803.g4e1b14247a-goog

On Tue, 09 Jul 2024 16:49:13 -0700, Jon Pan-Doh wrote:
> Intel IOMMU operates on inclusive bounds (both generally aas well as
> iommu_domain_identity_map()). Meanwhile, for_each_mem_pfn_range() uses
> exclusive bounds for end_pfn. This creates an off-by-one error when
> switching between the two.
> 
> 

Applied to iommu (intel/vt-d), thanks!

[1/1] iommu/vt-d: Fix identity map bounds in si_domain_init()
      https://git.kernel.org/iommu/c/31000732d56b

Cheers,
-- 
Will

https://fixes.arm64.dev
https://next.arm64.dev
https://will.arm64.dev

On 7/10/24 7:49 AM, Jon Pan-Doh wrote:
> Intel IOMMU operates on inclusive bounds (both generally aas well as
> iommu_domain_identity_map()). Meanwhile, for_each_mem_pfn_range() uses
> exclusive bounds for end_pfn. This creates an off-by-one error when
> switching between the two.
> 
> Fixes: 5dfe8660a3d7 ("bootmem: Replace work_with_active_regions() with for_each_mem_pfn_range()")
> Signed-off-by: Jon Pan-Doh<pandoh@google.com>
> Tested-by: Sudheer Dantuluri<dantuluris@google.com>

Do you mind telling me on which platform did you test this fix? My
understanding is that modern VT-d hardware supports hardware pass
through mode, hence this piece of code won't be executed anymore.

> Suggested-by: Gary Zibrat<gzibrat@google.com>
> ---
>   drivers/iommu/intel/iommu.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> index fd11a080380c..f55ec1fd7942 100644
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -2071,7 +2071,7 @@ static int __init si_domain_init(int hw)
>   		for_each_mem_pfn_range(i, nid, &start_pfn, &end_pfn, NULL) {
>   			ret = iommu_domain_identity_map(si_domain,
>   					mm_to_dma_pfn_start(start_pfn),
> -					mm_to_dma_pfn_end(end_pfn));
> +					mm_to_dma_pfn_end(end_pfn-1));
>   			if (ret)
>   				return ret;
>   		}

Thanks,
baolu

On Tue, Jul 9, 2024 at 7:45 PM Baolu Lu <baolu.lu@linux.intel.com> wrote:
> Do you mind telling me on which platform did you test this fix? My
> understanding is that modern VT-d hardware supports hardware pass
> through mode, hence this piece of code won't be executed anymore.

We tested it in a VM using an emulated vIOMMU setup. Hope that helps.

Thanks,
Jon

On 2024/7/12 15:05, Jon Pan-Doh wrote:
> On Tue, Jul 9, 2024 at 7:45 PM Baolu Lu<baolu.lu@linux.intel.com>  wrote:
>> Do you mind telling me on which platform did you test this fix? My
>> understanding is that modern VT-d hardware supports hardware pass
>> through mode, hence this piece of code won't be executed anymore.
> We tested it in a VM using an emulated vIOMMU setup. Hope that helps.

Okay, that's fine then. If you send a new version, you can take my

Reviewed-by: Lu Baolu <baolu.lu@linux.intel.com>

Thanks,
baolu

> From: Jon Pan-Doh <pandoh@google.com>
> Sent: Wednesday, July 10, 2024 7:49 AM
> 
> Intel IOMMU operates on inclusive bounds (both generally aas well as

s/aas/as/

> iommu_domain_identity_map()). Meanwhile, for_each_mem_pfn_range()
> uses
> exclusive bounds for end_pfn. This creates an off-by-one error when
> switching between the two.
> 
> Fixes: 5dfe8660a3d7 ("bootmem: Replace work_with_active_regions() with
> for_each_mem_pfn_range()")

this doesn't appear to be the original commit introducing this bug.

Even the old work_with_active_regions() way used exclusive end_pfn
while it's not adjusted when calling iommu_domain_identity_map().

> Signed-off-by: Jon Pan-Doh <pandoh@google.com>
> Tested-by: Sudheer Dantuluri <dantuluris@google.com>
> Suggested-by: Gary Zibrat <gzibrat@google.com>

otherwise,

Reviewed-by: Kevin Tian <kevin.tian@intel.com>

On Tue, Jul 9, 2024 at 5:49 PM Tian, Kevin <kevin.tian@intel.com> wrote:
> s/aas/as/

Ack.

> > Fixes: 5dfe8660a3d7 ("bootmem: Replace work_with_active_regions() with
> > for_each_mem_pfn_range()")
>
> this doesn't appear to be the original commit introducing this bug.
>
> Even the old work_with_active_regions() way used exclusive end_pfn
> while it's not adjusted when calling iommu_domain_identity_map().

Oops. I did not look far enough back. I believe the correct tag is

Fixes: c5395d5c4a82 ("intel-iommu: Clean up iommu_domain_identity_map()")

I'll send out a v2 once Baolu's comments are addressed.

Thanks,
Jon