[PATCH][Eoan] UBUNTU: [Config] Disable CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT

[dann frazier]

BugLink: https://bugs.launchpad.net/bugs/1845820

Avoid a regression on ThunderX - and likely other systems - that
causes peripherals to break due to a misconfigured IOMMU. This disables
a temporary config option provided by upstream to intentionally break
systems that require the less secure passthrough mode. It's too late
in the cycle to fix ThunderX properly and, since this is a new config
in this Ubuntu release, disabling it does not introduce a security
regression from previous releases.

As per commit 954a03be ("iommu/arm-smmu: Break insecure users by disabling
bypass by default"), this config will eventually be removed upstream, so
Ubuntu will drop this workaround via a normal rebase, if not before.

Signed-off-by: dann frazier <dann.frazier at canonical.com>
---
 debian.master/config/annotations          | 3 ++-
 debian.master/config/config.common.ubuntu | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/debian.master/config/annotations b/debian.master/config/annotations
index 8bd038956f6c7..e50c72706aa1d 100644
--- a/debian.master/config/annotations
+++ b/debian.master/config/annotations
@@ -2751,7 +2751,7 @@ CONFIG_EXYNOS_IOMMU_DEBUG                       policy<{'armhf': 'n'}>
 CONFIG_IPMMU_VMSA                               policy<{'arm64': 'n', 'armhf': 'y'}>
 CONFIG_SPAPR_TCE_IOMMU                          policy<{'ppc64el': 'y'}>
 CONFIG_ARM_SMMU                                 policy<{'arm64': 'y', 'armhf': 'n'}>
-CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT       policy<{'arm64': 'y'}>
+CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT       policy<{'arm64': 'n'}>
 CONFIG_ARM_SMMU_V3                              policy<{'arm64': 'y'}>
 CONFIG_S390_CCW_IOMMU                           policy<{'s390x': 'y'}>
 CONFIG_S390_AP_IOMMU                            policy<{'s390x': 'y'}>
@@ -2762,6 +2762,7 @@ CONFIG_HYPERV_IOMMU                             policy<{'amd64': 'y', 'i386': 'y
 CONFIG_VIRTIO_IOMMU                             policy<{'arm64': 'y'}>
 #
 CONFIG_IPMMU_VMSA				note<LP:1718734>
+CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT       mark<ENFORCED> note<LP:1845820>
 
 # Menu: Device Drivers >> IOMMU Hardware Support >> Generic IOMMU Pagetable Support
 CONFIG_IOMMU_IO_PGTABLE_LPAE                    policy<{'arm64': 'y', 'armhf': 'y'}>
diff --git a/debian.master/config/config.common.ubuntu b/debian.master/config/config.common.ubuntu
index 4a2b79175b968..613da87112c72 100644
--- a/debian.master/config/config.common.ubuntu
+++ b/debian.master/config/config.common.ubuntu
@@ -735,7 +735,7 @@ CONFIG_ARM_SCPI_CPUFREQ=m
 CONFIG_ARM_SCPI_POWER_DOMAIN=m
 CONFIG_ARM_SCPI_PROTOCOL=m
 CONFIG_ARM_SDE_INTERFACE=y
-CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT=y
+CONFIG_ARM_SMMU_DISABLE_BYPASS_BY_DEFAULT=n
 CONFIG_ARM_SMMU_V3=y
 CONFIG_ARM_SMMU_V3_PMU=m
 CONFIG_ARM_SP805_WATCHDOG=m
-- 
2.23.0