lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20190814133841.7095-1-joro@8bytes.org>
Date:   Wed, 14 Aug 2019 15:38:31 +0200
From:   Joerg Roedel <joro@...tes.org>
To:     Joerg Roedel <joro@...tes.org>
Cc:     corbet@....net, tony.luck@...el.com, fenghua.yu@...el.com,
        tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com,
        x86@...nel.org, linux-doc@...r.kernel.org,
        linux-ia64@...r.kernel.org, iommu@...ts.linux-foundation.org,
        linux-kernel@...r.kernel.org, Thomas.Lendacky@....com,
        Suravee.Suthikulpanit@....com
Subject: [PATCH 00/10 v2] Cleanup IOMMU passthrough setting (and disable IOMMU Passthrough when SME is active)

Hi,

This patch-set started out small to overwrite the default passthrough
setting (through CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y) when SME is active.

But on the way to that Tom reminded me that the current ways to
configure passthrough/no-passthrough modes for IOMMU on x86 is a mess.
So I added a few more patches to clean that up a bit, getting rid of the
iommu_pass_through variable on the way.This information is now kept only
in iommu code, with helpers to change that setting from architecture
code.

And of course this patch-set still disables IOMMU Passthrough mode when
SME is active even when CONFIG_IOMMU_DEFAULT_PASSTHROUGH=y is set.

The reason for that change is that SME with passthrough mode turned out
to be fragile with devices requiring SWIOTLB, mainly because SWIOTLB has
a maximum allocation size of 256kb and a limit overall size of the
bounce buffer.

Therefore having IOMMU in translation mode by default is better when SME
is active on a system.

Please review.

Thanks,

	Joerg

Changes since v1:

	- Cleaned up the kernel command line parameters to
	  configure passthrough/translated mode, getting rid
	  of the global iommu_pass_through variable

Joerg Roedel (10):
  iommu: Add helpers to set/get default domain type
  iommu/amd: Request passthrough mode from IOMMU core
  iommu/vt-d: Request passthrough mode from IOMMU core
  x86/dma: Get rid of iommu_pass_through
  ia64: Get rid of iommu_pass_through
  iommu: Remember when default domain type was set on kernel command
    line
  iommu: Print default domain type on boot
  iommu: Set default domain type at runtime
  iommu: Disable passthrough mode when SME is active
  Documentation: Update Documentation for iommu.passthrough

 .../admin-guide/kernel-parameters.txt         |  2 +-
 arch/ia64/include/asm/iommu.h                 |  2 -
 arch/ia64/kernel/pci-dma.c                    |  2 -
 arch/x86/include/asm/iommu.h                  |  1 -
 arch/x86/kernel/pci-dma.c                     | 11 +--
 drivers/iommu/amd_iommu.c                     |  6 +-
 drivers/iommu/intel-iommu.c                   |  2 +-
 drivers/iommu/iommu.c                         | 83 +++++++++++++++++--
 include/linux/iommu.h                         | 16 ++++
 9 files changed, 101 insertions(+), 24 deletions(-)

-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ