github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/cpvmm/vmm/include/hw/vtd.h

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/cpvmm/vmm/include/hw/vtd.h (about)

     1  /*
     2   * Copyright (c) 2013 Intel Corporation
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *     http://www.apache.org/licenses/LICENSE-2.0
     8   * Unless required by applicable law or agreed to in writing, software
     9   * distributed under the License is distributed on an "AS IS" BASIS,
    10   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    11   * See the License for the specific language governing permissions and
    12   * limitations under the License.
    13   */
    14  
    15  #ifndef _VTD_H
    16  #define _VTD_H
    17  
    18  #include "vmm_defs.h"
    19  #include "vtd_domain.h"
    20  #include "lock.h"
    21  #include "vtd_hw_layer.h"
    22  #include "vmm_startup.h"
    23  
    24  typedef enum {
    25      DMA_BLOCK_WRITE,            // clear W bit only
    26      DMA_UNBLOCK_WRITE,          // set W bit only
    27      
    28      DMA_REMAPPING,              // redirect both DMA read and write to a dummy page.
    29      DMA_RESTORE_MAPPING,        // restore to previous mapping
    30      
    31      DMA_BLOCK_READ,             // clear R bit only
    32      DMA_UNBLOCK_READ,           // set R bit only
    33      
    34      DMA_BLOCK_READ_WRITE,       // block both DMA read and write access (NOT-present)
    35      DMA_UNBLOCK_READ_WRITE      // restore both DMA read and write access (NOT-present)
    36  }DMA_BLOCK_TYPE;
    37  
    38  
    39  BOOLEAN vtd_initialize(const VMM_MEMORY_LAYOUT* vmm_memory_layout,const VMM_APPLICATION_PARAMS_STRUCT* application_params, HVA dmar_hva);
    40  void vtd_deinitialize(void);
    41  
    42  /* Function: vtd_is_vtd_available
    43  *  Description: This function should be called after vtd_initialize, it returns whether vtd is available.
    44  *  Input: void
    45  *  Return value: TRUE - VT-d hardware exists and initialized successfully.
    46  *                FALSE - VT-d is not available.
    47  */
    48  BOOLEAN vtd_is_vtd_available(void);
    49  
    50  /* Function: vtd_inv_iotlb_global
    51  *  Description: This function flushes all iotlb
    52  *  Input: void
    53  *  Return value: void
    54  */
    55  void vtd_inv_iotlb_global(void);
    56  
    57  /* Function: vtd_set_dma_blocking
    58  *  Description: This function enables modifying VT-d mappings to avoid DMA attacking. 
    59  *                    for different DMA_BLOCK_TYPE, it will update the permission of an existing
    60  *                    mapping or remap some dva to a dummy page.
    61  *  Notice: whenever this function is called, please call vtd_inv_iotlb_global to flush TLB, 
    62  *                    otherwise, the system may use the stale mappings.
    63  *  Input: type  - currently only block and unblock write are using.
    64  *             gpa   - the DMA target address , gpa is the same as dva from the perspective of DMA devices.
    65                        gpa must be 4KB alignment.
    66  *             size   - size of contigous DMA region. size must be an integer multiple of 4KB.
    67  *  Return value: TRUE - successfully modified the VT-d mapping.
    68  *                       FALSE - parameters assertion failed or fail to modify the mapping.
    69  */
    70  BOOLEAN vtd_set_dma_blocking (DMA_BLOCK_TYPE type, UINT64 gpa, UINT32 size);
    71  
    72  UINT32 vtd_num_supported_domains(struct _VTD_DMA_REMAPPING_HW_UNIT *dmar);
    73  
    74  #endif