From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steven DuChene Subject: Re: Device is ineligible for IOMMU domain attach due to platform RMRR requirement Date: Fri, 06 Mar 2015 22:10:11 -0500 Message-ID: <54FA6C13.1000002@hp.com> References: <54F9392B.3060102@hp.com> <1425622242.5200.368.camel@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org To: Alex Williamson Return-path: Received: from g2t1383g.austin.hp.com ([15.217.136.92]:42215 "EHLO g2t1383g.austin.hp.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753308AbbCGDJh (ORCPT ); Fri, 6 Mar 2015 22:09:37 -0500 Received: from g9t5008.houston.hp.com (g9t5008.houston.hp.com [15.240.92.66]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by g2t1383g.austin.hp.com (Postfix) with ESMTPS id 1549956B1 for ; Sat, 7 Mar 2015 03:09:37 +0000 (UTC) In-Reply-To: <1425622242.5200.368.camel@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: Alex: Thanks for your quick reply and the information. One question though: When you say contact the platform vendor, are you talking about the vendor of the GPU card (NVidia) or the vendor of the system hardware (HP)? I.E. is the problem in the system BIOS/firmware or in the firmware of the GPU card? This seems like this is going to be the death-knell of PCI passthrough as the likelihood of getting a system vendor to fix some obscure thing like this seems remote. On 03/06/2015 01:10 AM, Alex Williamson wrote: > On Fri, 2015-03-06 at 00:20 -0500, Steven DuChene wrote: >> I am attempting on ubuntu 14.04 to configure PCI passthrough of a NVidia >> K40 GPU card that is plugged into a HP DL580 rack mounted server. >> I have done all of the pre-work I normally have done in the past with >> pci-stub, vfio and etc but when I try an execute a qemu-system-x86_64 >> command that works on a similar version of debian, I get the following >> error in the dmesg: >> >> Device is ineligible for IOMMU domain attach due to platform RMRR >> requirement. Contact your platform vendor. >> >> I have read through the patch description from Alex at: >> >> http://lists.linuxfoundation.org/pipermail/iommu/2014-June/008816.html >> >> and I have read the IOMMU documentation at: >> >> https://www.kernel.org/doc/Documentation/Intel-IOMMU.txt >> >> but I am still not really understanding if or what the fix is for this. >> >> The ubuntu 14.04 system where I am getting this error is running >> 3.16.0-30-generic >> The debian system where I can do similar PCI passthrough of a NVidia K2 >> GPU device is running a 3.14.29-4 kernel. >> >> Can anyone provide any insight into an fix or workaround for this? > Hi Steven, > > The issue is that VT-d RMRRs are a platform imposed requirement that a > device continue to have identity mapped access to a platform defined > memory region at all times. This requirement is fundamentally > incompatible with PCI device assignment where the address space of the > assigned device is defined by the VM. The VT-d specification hints at > this restriction (8.4): > > The RMRR regions are expected to be used for legacy usages (such > as USB, UMA Graphics, etc.) requiring reserved memory. Platform > designers should avoid or limit use of reserved memory regions > since these require system software to create holes in the DMA > virtual address range available to system software and its > drivers. > > In order to support assignment of such devices and continue to honor the > RMRR, reserved memory regions would need to be imposed on the guest. > Doing this has a number of issues and it's not clear that it enables any > usable configurations due to the lack of isolation often implied by the > RMRRs. RMRRs themselves imply some sort of communication conduit to the > platform, which it's also not clear should be allowed for a guest owned > device. > > We also cannot continue the previous behavior of simply ignoring RMRRs > for assigned devices. Not only does the platform require us to honor > them, failing to do so could have implication for both the platform and > the VM health and integrity. > > As indicated by the dmesg warning, users encountering this problem > should contact their platform vendor, which is really the only course of > action that I can recommend. Only the platform vendor can tell you why > they've imposed this requirement for the device and potentially offer a > remedy to remove that requirement. KVM is not the first hypervisor to > impose this restriction for such devices. The referenced patch was > tagged for stable, so you can expect that this change will eventually > trickle through all the distributions. Sorry for the trouble, but it > really was a necessary change. Thanks, > > Alex >