From: Joerg Roedel <joro@8bytes.org>
To: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Cc: iommu@lists.linux-foundation.org, jon.grimm@amd.com,
linux-kernel@vger.kernel.org, vasant.hegde@amd.com
Subject: Re: [PATCH v2] iommu/amd: Set translation valid bit only when IO page tables are in used
Date: Fri, 13 May 2022 15:07:45 +0200 [thread overview]
Message-ID: <Yn5YIfzmerwAM30M@8bytes.org> (raw)
In-Reply-To: <20220509074815.11881-1-suravee.suthikulpanit@amd.com>
On Mon, May 09, 2022 at 02:48:15AM -0500, Suravee Suthikulpanit wrote:
> On AMD system with SNP enabled, IOMMU hardware checks the host translation
> valid (TV) and guest translation valid (GV) bits in the device
> table entry (DTE) before accessing the corresponded page tables.
>
> However, current IOMMU driver sets the TV bit for all devices
> regardless of whether the host page table is in used.
> This results in ILLEGAL_DEV_TABLE_ENTRY event for devices, which
> do not the host page table root pointer set up.
Hmm, this sound weird. In the early AMD IOMMUs it was recommended to set
TV=1 and V=1 and the rest to 0 to block all DMA from a device.
I wonder how this triggers ILLEGAL_DEV_TABLE_ENTRY errors now. It is
(was?) legal to set V=1 TV=1, mode=0 and leave the page-table empty.
When then IW=0 and IR=0, DMA is blocked. From what I remember this is a
valid setting in a DTE. Do you have an example DTE which triggers this
error message?
Regards,
Joerg
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
WARNING: multiple messages have this Message-ID (diff)
From: Joerg Roedel <joro@8bytes.org>
To: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Cc: linux-kernel@vger.kernel.org, iommu@lists.linux-foundation.org,
vasant.hegde@amd.com, jon.grimm@amd.com
Subject: Re: [PATCH v2] iommu/amd: Set translation valid bit only when IO page tables are in used
Date: Fri, 13 May 2022 15:07:45 +0200 [thread overview]
Message-ID: <Yn5YIfzmerwAM30M@8bytes.org> (raw)
In-Reply-To: <20220509074815.11881-1-suravee.suthikulpanit@amd.com>
On Mon, May 09, 2022 at 02:48:15AM -0500, Suravee Suthikulpanit wrote:
> On AMD system with SNP enabled, IOMMU hardware checks the host translation
> valid (TV) and guest translation valid (GV) bits in the device
> table entry (DTE) before accessing the corresponded page tables.
>
> However, current IOMMU driver sets the TV bit for all devices
> regardless of whether the host page table is in used.
> This results in ILLEGAL_DEV_TABLE_ENTRY event for devices, which
> do not the host page table root pointer set up.
Hmm, this sound weird. In the early AMD IOMMUs it was recommended to set
TV=1 and V=1 and the rest to 0 to block all DMA from a device.
I wonder how this triggers ILLEGAL_DEV_TABLE_ENTRY errors now. It is
(was?) legal to set V=1 TV=1, mode=0 and leave the page-table empty.
When then IW=0 and IR=0, DMA is blocked. From what I remember this is a
valid setting in a DTE. Do you have an example DTE which triggers this
error message?
Regards,
Joerg
next prev parent reply other threads:[~2022-05-13 13:07 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-09 7:48 [PATCH v2] iommu/amd: Set translation valid bit only when IO page tables are in used Suravee Suthikulpanit via iommu
2022-05-09 7:48 ` Suravee Suthikulpanit
2022-05-13 13:07 ` Joerg Roedel [this message]
2022-05-13 13:07 ` Joerg Roedel
2022-05-16 12:27 ` Suravee Suthikulpanit via iommu
2022-05-16 12:27 ` Suravee Suthikulpanit
2022-05-20 8:09 ` Joerg Roedel
2022-05-20 8:09 ` Joerg Roedel
2022-05-20 8:54 ` Robin Murphy
2022-05-20 8:54 ` Robin Murphy
2022-05-20 8:58 ` Joerg Roedel
2022-05-20 8:58 ` Joerg Roedel
2022-05-20 9:18 ` Robin Murphy
2022-05-20 9:18 ` Robin Murphy
2022-05-26 3:29 ` Suravee Suthikulpanit via iommu
2022-05-26 3:29 ` Suravee Suthikulpanit
2022-06-07 8:00 ` Joerg Roedel
2022-06-07 8:00 ` Joerg Roedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yn5YIfzmerwAM30M@8bytes.org \
--to=joro@8bytes.org \
--cc=iommu@lists.linux-foundation.org \
--cc=jon.grimm@amd.com \
--cc=linux-kernel@vger.kernel.org \
--cc=suravee.suthikulpanit@amd.com \
--cc=vasant.hegde@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.