iommu/arm-smmu: Disable stalling faults for all endpoints

Enabling stalling faults can result in hardware deadlock on poorly
designed systems, particularly those with a PCI root complex upstream of
the SMMU.

Although it's not really Linux's job to save hardware integrators from
their own misfortune, it *is* our job to stop userspace (e.g. VFIO
clients) from hosing the system for everybody else, even if they might
already be required to have elevated privileges.

Given that the fault handling code currently executes entirely in IRQ
context, there is nothing that can sensibly be done to recover from
things like page faults anyway, so let's rip this code out for now and
avoid the potential for deadlock.

Cc: <stable@vger.kernel.org>
Fixes: 48ec83bcbcf5 ("iommu/arm-smmu: Add initial driver support for ARM SMMUv3 devices")
Reported-by: Matt Evans <matt.evans@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>

1 files changed, 7 insertions, 27 deletions

diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c
index 4f49fe29f202..2db74ebc3240 100644
--- a/drivers/iommu/arm-smmu.c
+++ b/drivers/iommu/arm-smmu.c
@@ -686,8 +686,7 @@ static struct iommu_gather_ops arm_smmu_gather_ops = {
 
 static irqreturn_t arm_smmu_context_fault(int irq, void *dev)
 {
-        int flags, ret;
-        u32 fsr, fsynr, resume;
+        u32 fsr, fsynr;
         unsigned long iova;
         struct iommu_domain *domain = dev;
         struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
@@ -701,34 +700,15 @@ static irqreturn_t arm_smmu_context_fault(int irq, void *dev)
         if (!(fsr & FSR_FAULT))
                 return IRQ_NONE;
 
-        if (fsr & FSR_IGN)
-                dev_err_ratelimited(smmu->dev,
-                                    "Unexpected context fault (fsr 0x%x)\n",
-                                    fsr);
-
         fsynr = readl_relaxed(cb_base + ARM_SMMU_CB_FSYNR0);
-        flags = fsynr & FSYNR0_WNR ? IOMMU_FAULT_WRITE : IOMMU_FAULT_READ;
-
         iova = readq_relaxed(cb_base + ARM_SMMU_CB_FAR);
-        if (!report_iommu_fault(domain, smmu->dev, iova, flags)) {
-                ret = IRQ_HANDLED;
-                resume = RESUME_RETRY;
-        } else {
-                dev_err_ratelimited(smmu->dev,
-                    "Unhandled context fault: iova=0x%08lx, fsynr=0x%x, cb=%d\n",
-                    iova, fsynr, cfg->cbndx);
-                ret = IRQ_NONE;
-                resume = RESUME_TERMINATE;
-        }
-
-        /* Clear the faulting FSR */
-        writel(fsr, cb_base + ARM_SMMU_CB_FSR);
 
-        /* Retry or terminate any stalled transactions */
-        if (fsr & FSR_SS)
-                writel_relaxed(resume, cb_base + ARM_SMMU_CB_RESUME);
+        dev_err_ratelimited(smmu->dev,
+        "Unhandled context fault: fsr=0x%x, iova=0x%08lx, fsynr=0x%x, cb=%d\n",
+                            fsr, iova, fsynr, cfg->cbndx);
 
-        return ret;
+        writel(fsr, cb_base + ARM_SMMU_CB_FSR);
+        return IRQ_HANDLED;
 }
 
 static irqreturn_t arm_smmu_global_fault(int irq, void *dev)
@@ -837,7 +817,7 @@ static void arm_smmu_init_context_bank(struct arm_smmu_domain *smmu_domain,
         }
 
         /* SCTLR */
-        reg = SCTLR_CFCFG | SCTLR_CFIE | SCTLR_CFRE | SCTLR_M | SCTLR_EAE_SBOP;
+        reg = SCTLR_CFIE | SCTLR_CFRE | SCTLR_M | SCTLR_EAE_SBOP;
         if (stage1)
                 reg |= SCTLR_S1_ASIDPNE;
 #ifdef __BIG_ENDIAN