lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 26 Jun 2024 10:37:26 +0800
From: Baolu Lu <baolu.lu@...ux.intel.com>
To: "Tian, Kevin" <kevin.tian@...el.com>, Joerg Roedel <joro@...tes.org>,
 "Liu, Yi L" <yi.l.liu@...el.com>, Jacob Pan <jacob.jun.pan@...ux.intel.com>
Cc: baolu.lu@...ux.intel.com, Will Deacon <will@...nel.org>,
 Robin Murphy <robin.murphy@....com>,
 "iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/2] iommu/vt-d: Remove hardware automatic ATS dependency

On 6/26/24 9:53 AM, Tian, Kevin wrote:
>> From: Baolu Lu <baolu.lu@...ux.intel.com>
>> Sent: Tuesday, June 25, 2024 4:40 PM
>>
>> On 2024/6/25 10:32, Tian, Kevin wrote:
>>>> From: Lu Baolu<baolu.lu@...ux.intel.com>
>>>> Sent: Monday, June 24, 2024 1:25 PM
>>>>
>>>> If a device is listed in the SATC table with ATC_REQUIRED flag set, it
>>>> indicates that the device has a functional requirement to enable its ATC
>>>> (via the ATS capability) for device operation. However, when IOMMU is
>>>> running in the legacy mode, ATS could be automatically supported by the
>>>> hardware so that the OS has no need to support the ATS functionality.
>>> hmm I don't think "has no need to support" matches...
>>>
>>>> This is a backward compatibility feature which enables older OSs. Since
>>>> Linux VT-d implementation has already supported ATS features for a long
>>>> time, there is no need to rely on this compatibility hardware. Remove it
>>>> to make the driver future-proof.
>>>>
>>>> Signed-off-by: Lu Baolu<baolu.lu@...ux.intel.com>
>>>> ---
>>>>    drivers/iommu/intel/iommu.c | 9 +--------
>>>>    1 file changed, 1 insertion(+), 8 deletions(-)
>>>>
>>>> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
>>>> index 07e394dfccc1..b63347c8bf5d 100644
>>>> --- a/drivers/iommu/intel/iommu.c
>>>> +++ b/drivers/iommu/intel/iommu.c
>>>> @@ -3056,14 +3056,7 @@ static bool dmar_ats_supported(struct pci_dev
>>>> *dev, struct intel_iommu *iommu)
>>>>    	dev = pci_physfn(dev);
>>>>    	satcu = dmar_find_matched_satc_unit(dev);
>>>>    	if (satcu)
>>>> -		/*
>>>> -		 * This device supports ATS as it is in SATC table.
>>>> -		 * When IOMMU is in legacy mode, enabling ATS is done
>>>> -		 * automatically by HW for the device that requires
>>>> -		 * ATS, hence OS should not enable this device ATS
>>>> -		 * to avoid duplicated TLB invalidation.
>>>> -		 */
>>> ...what above comment tries to convey.
>>>
>>> If this comment is valid, it's not about whether the OS itself supports
>>> ATS. instead it's a requirement for the OS to not manage ATS when
>>> it's already managed by HW.
>>>
>>> Unless there is a way to disable hw management with this change...
>>
>> This comment is not correct. The hardware automatic ATS is for older OS
>> compatible purposes, where the ATS is not aware of by the OS yet, but
>> ATS is functionally required for some SOC-integrated accelerators.
>>
>> The HAS specification for those platforms states that OSs supporting ATS
>> (so-called enlightened OSs) don't require automatic ATS anymore.
>>
>>   From the iommu driver's point of view, automatic ATS is not part of the
>> VT-d spec and also not enumerable, hence it should be transparent.
>>
> 
> I'm curious how automatic ATS can be disabled otherwise the old
> comment still makes sense as you will have both HW and SW
> managing ATS and then duplicated invalidations.
> 
> Is there a BIOS option to disable automatic ATS? Then the user will
> need to know which kernel version supports ATS to decide.
> 
> Or is it automatically enabled/disabled based on whether the
> IOMMU is in legacy or scalable mode? If yes then we may still want
> to disable SW-managed ATS when the IOMMU is in legacy mode to
> avoid duplicated invalidations.
> 
> btw ATS support was introduced long long time ago:
> 
> commit 93a23a7271dfb811b3adb72779054c3a24433112
> Author: Yu Zhao <yu.zhao@...el.com>
> Date:   Mon May 18 13:51:37 2009 +0800
> 
>      VT-d: support the device IOTLB
> 
>      Enable the device IOTLB (i.e. ATS) for both the bare metal and KVM
>      environments.
> 
>      Signed-off-by: Yu Zhao <yu.zhao@...el.com>
>      Signed-off-by: David Woodhouse <David.Woodhouse@...el.com>
> 
> while this hw-managed ATS was supported much later:
> 
> commit 97f2f2c5317f55ae3440733a090a96a251da222b
> Author: Yian Chen <yian.chen@...el.com>
> Date:   Tue Mar 1 10:01:59 2022 +0800
> 
>      iommu/vt-d: Enable ATS for the devices in SATC table
> 
>      Starting from Intel VT-d v3.2, Intel platform BIOS can provide additional
>      SATC table structure. SATC table includes a list of SoC integrated devices
>      that support ATC (Address translation cache).
> 
>      Enabling ATC (via ATS capability) can be a functional requirement for SATC
>      device operation or optional to enhance device performance/functionality.
>      This is determined by the bit of ATC_REQUIRED in SATC table. When IOMMU is
>      working in scalable mode, software chooses to always enable ATS for every
>      device in SATC table because Intel SoC devices in SATC table are trusted to
>      use ATS.
> 
>      On the other hand, if IOMMU is in legacy mode, ATS of SATC capable devices
>      can work transparently to software and be automatically enabled by IOMMU
>      hardware. As the result, there is no need for software to enable ATS on
>      these devices.
> 
>      This also removes dmar_find_matched_atsr_unit() helper as it becomes dead
>      code now.
> 
>      Signed-off-by: Yian Chen <yian.chen@...el.com>
>      Link: https://lore.kernel.org/r/20220222185416.1722611-1-yian.chen@intel.com
>      Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com>
>      Link: https://lore.kernel.org/r/20220301020159.633356-13-baolu.lu@linux.inte
>      Signed-off-by: Joerg Roedel <jroedel@...e.de>
> 
> That history doesn't appear to support your argument that it's only
> for old OS which is not aware of ATS...

Software has no means to disable automatic ATS. Therefore it's not
expected to turn on the ATS in the device while the iommu is in legacy
mode. I will drop this change.

Best regards,
baolu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ