From: Weidong Han <weidong.han@intel.com>
To: Noboru Iwamatsu <n_iwamatsu@jp.fujitsu.com>
Cc: "linux@eikelenboom.it" <linux@eikelenboom.it>,
"Cihula, Joseph" <joseph.cihula@intel.com>,
"xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>,
"Kay, Allen M" <allen.m.kay@intel.com>,
"keir.fraser@eu.citrix.com" <keir.fraser@eu.citrix.com>
Subject: Re: [PATCH] VT-d: improve RMRR validity checking
Date: Tue, 26 Jan 2010 13:51:13 +0800 [thread overview]
Message-ID: <4B5E82D1.8060206@intel.com> (raw)
In-Reply-To: <4B5E4276.90308@jp.fujitsu.com>
[-- Attachment #1: Type: text/plain, Size: 2556 bytes --]
I implemented a patch for it. Noboru, pls have a try on your machine.
If you use default iommu=1, VT-d will be disabled with warning messages.
If you use iommu=workaround_bios_bug, it should enable VT-d and works
for you.
If you use iommu=force, it panics.
patch title: VT-d: add "iommu=workaround_bios_bug" option
patch description:
Add this option to workaround BIOS bugs. Currently it ignores DRHD
if "all" devices under its scope are not pci discoverable. This
workarounds a BIOS bug in some platforms to make VT-d work. But note
that this option doesn't guarantee security, because it might ignore DRHD.
So there are 3 options which handle BIOS bugs differently:
iommu=1 (default): If detect non-existent device under a DRHD's
scope, or find incorrect RMRR setting (base_address > end_address),
disable VT-d completely in Xen with warning messages. This guarantees
security when VT-d enabled, or just disable VT-d to let Xen work without
VT-d.
iommu=force: it enforces to enable VT-d in Xen. If VT-d cannot be
enabled, it will crashes Xen. This is mainly for users who must need VT-d.
iommu=workaround_bogus_bios: it workarounds some BIOS bugs to make
VT-d still work. This might be insecure because there might be a device
not protected by any DRHD if the device is re-enabled by malicious s/w.
This is for users who want to use VT-d regardless of security.
Signed-off-by: Weidong Han <weidong.han@intel.com>
Regards,
Weidong
Noboru Iwamatsu wrote:
> Weidong, Keir,
>
> I agree your suggestions.
>
> Noboru.
>
>
>> Keir Fraser wrote:
>>
>>> On 25/01/2010 10:45, "Sander Eikelenboom" <linux@eikelenboom.it> wrote:
>>>
>>>
>>>> a) Could be discussed if panic should be default instead of disabling
>>>> iommu or
>>>> not, although there seem to be a lot of broken bioses, so that would
>>>> lead to a
>>>> lot of machines not booting.
>>>>
>>> Absolutely not acceptable. Warn and completely disable IOMMU is the
>>> correct
>>> default causing least pain to the most end users.
>>>
>>> -- Keir
>>>
>>>
>> Agree. It should not crash Xen by default due to BIOS issues.
>> warn-and-disable is better. It won't impact common Xen users, and if a
>> user really wants to use VT-d, he can try iommu=workaround_bogus_bios,
>> or directly report to OEM vendor to get it fixed in BIOS. As VT-d is
>> used more and more widely, I think the BIOS issues will be found and
>> fixed more quickly than before, thus the situation should be better.
>>
>> Regards,
>> Weidong
>>
>>
>>
>>
>
>
>
[-- Attachment #2: workaround-bios.patch --]
[-- Type: text/plain, Size: 3218 bytes --]
diff -r 5dabbf2826c5 xen/drivers/passthrough/iommu.c
--- a/xen/drivers/passthrough/iommu.c Mon Jan 25 09:58:53 2010 +0800
+++ b/xen/drivers/passthrough/iommu.c Tue Jan 26 21:17:46 2010 +0800
@@ -30,6 +30,8 @@ static int iommu_populate_page_table(str
* pv Enable IOMMU for PV domains
* no-pv Disable IOMMU for PV domains (default)
* force|required Don't boot unless IOMMU is enabled
+ * workaround_bios_bug Workaround some bios issue to still enable
+ VT-d, don't guarantee security
* passthrough Enable VT-d DMA passthrough (no DMA
* translation for Dom0)
* no-snoop Disable VT-d Snoop Control
@@ -40,6 +42,7 @@ int iommu_enabled = 1;
int iommu_enabled = 1;
int iommu_pv_enabled;
int force_iommu;
+int iommu_workaround_bios_bug;
int iommu_passthrough;
int iommu_snoop = 1;
int iommu_qinval = 1;
@@ -65,6 +68,8 @@ static void __init parse_iommu_param(cha
iommu_pv_enabled = 0;
else if ( !strcmp(s, "force") || !strcmp(s, "required") )
force_iommu = 1;
+ else if ( !strcmp(s, "workaround_bios_bug") )
+ iommu_workaround_bios_bug = 1;
else if ( !strcmp(s, "passthrough") )
iommu_passthrough = 1;
else if ( !strcmp(s, "no-snoop") )
diff -r 5dabbf2826c5 xen/drivers/passthrough/vtd/dmar.c
--- a/xen/drivers/passthrough/vtd/dmar.c Mon Jan 25 09:58:53 2010 +0800
+++ b/xen/drivers/passthrough/vtd/dmar.c Tue Jan 26 21:16:49 2010 +0800
@@ -421,17 +421,21 @@ acpi_parse_one_drhd(struct acpi_dmar_ent
if ( invalid_cnt )
{
xfree(dmaru);
- if ( invalid_cnt == dmaru->scope.devices_cnt )
+
+ if ( iommu_workaround_bios_bug &&
+ invalid_cnt == dmaru->scope.devices_cnt )
{
dprintk(XENLOG_WARNING VTDPREFIX,
- " Ignore the DRHD due to all devices under "
- "its scope are not PCI discoverable!\n");
+ " Workaround BIOS bug: ignore the DRHD due to all "
+ "devices under its scope are not PCI discoverable!\n");
}
else
{
dprintk(XENLOG_WARNING VTDPREFIX,
- " The DRHD is invalid due to some devices under "
- "its scope are not PCI discoverable!\n");
+ " The DRHD is invalid due to there are devices under "
+ "its scope are not PCI discoverable! Pls try option "
+ "iommu=force or iommu=workaround_bios_bug if you "
+ "really want VT-d\n");
ret = -EINVAL;
}
}
diff -r 5dabbf2826c5 xen/include/xen/iommu.h
--- a/xen/include/xen/iommu.h Mon Jan 25 09:58:53 2010 +0800
+++ b/xen/include/xen/iommu.h Tue Jan 26 21:17:08 2010 +0800
@@ -29,6 +29,7 @@ extern int iommu_enabled;
extern int iommu_enabled;
extern int iommu_pv_enabled;
extern int force_iommu;
+extern int iommu_workaround_bios_bug;
extern int iommu_passthrough;
extern int iommu_snoop;
extern int iommu_qinval;
[-- Attachment #3: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
next prev parent reply other threads:[~2010-01-26 5:51 UTC|newest]
Thread overview: 76+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-01-21 2:46 [PATCH] VT-d: improve RMRR validity checking Han, Weidong
2010-01-21 8:25 ` Noboru Iwamatsu
2010-01-21 8:38 ` Han, Weidong
2010-01-21 10:03 ` Noboru Iwamatsu
2010-01-21 10:08 ` Noboru Iwamatsu
2010-01-21 10:19 ` Weidong Han
2010-01-21 10:27 ` Keir Fraser
2010-01-21 10:49 ` Weidong Han
2010-01-21 12:19 ` Noboru Iwamatsu
2010-01-21 12:46 ` Weidong Han
2010-01-21 14:01 ` Keir Fraser
2010-01-21 14:17 ` Sander Eikelenboom
2010-01-21 14:33 ` Keir Fraser
2010-01-22 2:12 ` Weidong Han
2010-01-22 2:38 ` Noboru Iwamatsu
2010-01-22 2:53 ` Weidong Han
2010-01-22 3:16 ` Noboru Iwamatsu
2010-01-22 8:47 ` Weidong Han
2010-01-22 9:19 ` Sander Eikelenboom
2010-01-22 12:15 ` Weidong Han
2010-01-22 12:32 ` Pasi Kärkkäinen
2010-01-23 12:40 ` Weidong Han
2010-01-23 13:08 ` Pasi Kärkkäinen
2010-01-23 14:33 ` Sander Eikelenboom
2010-01-23 14:54 ` [PATCH] VT-d: improve RMRR validity checking, documenting boot options Pasi Kärkkäinen
2010-01-25 16:40 ` Stephen Spector
2010-01-25 16:58 ` Documentation Xen-hypervisor and Dom0 xen-related boot options (was Re: [PATCH] VT-d: improve RMRR validity checking, documenting boot options) Sander Eikelenboom
2010-01-25 20:56 ` Stephen Spector
2010-01-27 11:33 ` Pasi Kärkkäinen
2010-01-25 7:06 ` [PATCH] VT-d: improve RMRR validity checking Noboru Iwamatsu
2010-01-25 7:56 ` Weidong Han
2010-01-25 9:02 ` Sander Eikelenboom
2010-01-25 9:11 ` Weidong Han
2010-01-25 9:22 ` Noboru Iwamatsu
2010-01-25 10:08 ` Weidong Han
2010-01-25 10:45 ` Sander Eikelenboom
2010-01-25 13:43 ` Keir Fraser
2010-01-25 13:57 ` Christian Tramnitz
2010-01-25 14:10 ` Weidong Han
2010-01-26 1:16 ` Noboru Iwamatsu
2010-01-26 5:51 ` Weidong Han [this message]
2010-01-26 6:38 ` Noboru Iwamatsu
2010-01-26 6:42 ` Weidong Han
2010-01-25 14:12 ` Weidong Han
2010-01-25 14:13 ` Han, Weidong
2010-03-09 21:39 ` Alex Williamson
2010-03-09 21:30 ` Konrad Rzeszutek Wilk
2010-03-09 21:57 ` Alex Williamson
2010-03-09 22:22 ` Konrad Rzeszutek Wilk
2010-03-09 23:05 ` Alex Williamson
2010-03-09 23:25 ` Alex Williamson
2010-03-10 2:13 ` Alex Williamson
2010-03-10 2:40 ` Weidong Han
2010-03-10 3:18 ` Alex Williamson
2010-03-10 3:28 ` Weidong Han
2010-03-10 3:37 ` Alex Williamson
2010-03-10 4:25 ` Weidong Han
2010-03-10 4:47 ` Alex Williamson
2010-03-10 7:03 ` Weidong Han
2010-03-10 13:56 ` Alex Williamson
2010-03-10 18:06 ` Alex Williamson
2010-03-11 2:11 ` Weidong Han
2010-03-11 2:32 ` Alex Williamson
2010-03-11 3:44 ` Weidong Han
2010-03-11 4:52 ` Alex Williamson
2010-03-11 8:30 ` Weidong Han
2010-01-21 15:28 ` Andrew Lyon
2010-01-21 15:04 ` Keir Fraser
2010-01-22 1:35 ` Noboru Iwamatsu
2010-01-21 10:13 ` Weidong Han
2010-01-21 12:09 ` Noboru Iwamatsu
2010-01-21 12:38 ` Weidong Han
2010-01-22 0:23 ` Noboru Iwamatsu
2010-01-21 8:45 ` Andrew Lyon
2010-01-21 10:03 ` Weidong Han
2010-01-21 9:15 ` Keir Fraser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B5E82D1.8060206@intel.com \
--to=weidong.han@intel.com \
--cc=allen.m.kay@intel.com \
--cc=joseph.cihula@intel.com \
--cc=keir.fraser@eu.citrix.com \
--cc=linux@eikelenboom.it \
--cc=n_iwamatsu@jp.fujitsu.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.