linux-arch.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Arnd Bergmann <arnd@arndb.de>
To: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: David Woodhouse <dwmw2@infradead.org>,
	Shamir Rabinovitch <shamir.rabinovitch@oracle.com>,
	corbet@lwn.net, linux-doc@vger.kernel.org,
	linux-arch@vger.kernel.org, Andy Lutomirski <luto@kernel.org>,
	Joerg Roedel <jroedel@suse.de>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	Sebastian Ott <sebott@linux.vnet.ibm.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Christoph Hellwig <hch@lst.de>, KVM <kvm@vger.kernel.org>,
	Martin Schwidefsky <schwidefsky@de.ibm.com>,
	linux-s390 <linux-s390@vger.kernel.org>
Subject: Re: [PATCH v1 2/2] dma-mapping-common: add DMA attribute - DMA_ATTR_IOMMU_BYPASS
Date: Fri, 30 Oct 2015 11:32:06 +0100	[thread overview]
Message-ID: <3880193.j0XDKyhAXH@wuerfel> (raw)
In-Reply-To: <1446081046.1856.55.camel@kernel.crashing.org>

On Thursday 29 October 2015 10:10:46 Benjamin Herrenschmidt wrote:
> 
> > Maybe we should at least coordinate IOMMU 'paranoid/fast' modes across
> > architectures, and then the DMA_ATTR_IOMMU_BYPASS flag would have a
> > sane meaning in the paranoid mode (and perhaps we'd want an ultra
> > -paranoid mode where it's not honoured).
> 
> Possibly, though ideally that would be a user policy but of course by
> the time you get to userspace it's generally too late.

IIRC, we have an 'iommu=force' command line switch for this, to ensure
that no device can use a linear mapping and everything goes through
the page tables. This is often useful for both debugging and as a
security measure when dealing with unpriviledged DMA access (virtual
machines, vfio, ...).

If we add a DMA_ATTR_IOMMU_BYPASS attribute, we should clearly document
which of the two we expect to take priority in cases where we have a
choice.

I wonder if the 'iommu=force' attribute is too coarse-grained though,
and if we should perhaps allow a per-device setting on architectures
that allow this.

	Arnd

  parent reply	other threads:[~2015-10-30 10:32 UTC|newest]

Thread overview: 65+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-25 16:07 [PATCH v1 1/2] dma-mapping-common: add dma_map_page_attrs API Shamir Rabinovitch
2015-10-25 16:07 ` [PATCH v1 2/2] dma-mapping-common: add DMA attribute - DMA_ATTR_IOMMU_BYPASS Shamir Rabinovitch
2015-10-28  6:30   ` David Woodhouse
2015-10-28 11:10     ` Shamir Rabinovitch
2015-10-28 11:10       ` Shamir Rabinovitch
2015-10-28 13:31       ` David Woodhouse
2015-10-28 13:31         ` David Woodhouse
2015-10-28 14:07         ` David Miller
2015-10-28 13:57           ` David Woodhouse
2015-10-28 13:57             ` David Woodhouse
2015-10-29  0:23             ` David Miller
2015-10-29  0:23               ` David Miller
2015-10-28 14:07           ` David Miller
2015-10-29  0:32         ` Benjamin Herrenschmidt
2015-10-29  0:32           ` Benjamin Herrenschmidt
2015-10-29  0:42           ` David Woodhouse
2015-10-29  0:42             ` David Woodhouse
2015-10-29  1:10             ` Benjamin Herrenschmidt
2015-10-29  1:10               ` Benjamin Herrenschmidt
2015-10-29 18:31               ` Andy Lutomirski
2015-10-29 18:31                 ` Andy Lutomirski
2015-10-29 22:35                 ` David Woodhouse
2015-11-01  7:45                   ` Shamir Rabinovitch
2015-11-01  7:45                     ` Shamir Rabinovitch
2015-11-01 21:10                     ` Benjamin Herrenschmidt
2015-11-01 21:10                       ` Benjamin Herrenschmidt
2015-11-02  7:23                       ` Shamir Rabinovitch
2015-11-02 10:00                         ` Benjamin Herrenschmidt
2015-11-02 12:07                           ` Shamir Rabinovitch
2015-11-02 20:13                             ` Benjamin Herrenschmidt
2015-11-02 21:45                               ` Arnd Bergmann
2015-11-02 21:45                                 ` Arnd Bergmann
2015-11-02 23:08                                 ` Benjamin Herrenschmidt
2015-11-02 23:08                                   ` Benjamin Herrenschmidt
2015-11-03 13:11                                   ` Christoph Hellwig
2015-11-03 13:11                                     ` Christoph Hellwig
2015-11-03 19:35                                     ` Benjamin Herrenschmidt
2015-11-03 19:35                                       ` Benjamin Herrenschmidt
2015-11-02 21:49                               ` Shamir Rabinovitch
2015-11-02 22:48                       ` David Woodhouse
2015-11-02 23:10                         ` Benjamin Herrenschmidt
2015-11-02 23:10                           ` Benjamin Herrenschmidt
2015-11-05 21:08                   ` David Miller
2015-11-05 21:08                     ` David Miller
2015-10-30  1:51                 ` Benjamin Herrenschmidt
2015-10-30  1:51                   ` Benjamin Herrenschmidt
2015-10-30 10:32               ` Arnd Bergmann [this message]
2015-10-30 10:32                 ` Arnd Bergmann
2015-10-30 23:17                 ` Benjamin Herrenschmidt
2015-10-30 23:17                   ` Benjamin Herrenschmidt
2015-10-30 23:24                   ` Arnd Bergmann
2015-11-02 14:51                 ` Joerg Roedel
2015-10-29  7:32             ` Shamir Rabinovitch
2015-11-02 14:44               ` Joerg Roedel
2015-11-02 17:32                 ` Shamir Rabinovitch
2015-11-02 17:32                   ` Shamir Rabinovitch
2015-11-05 13:42                   ` Joerg Roedel
2015-11-05 21:11                     ` David Miller
2015-11-05 21:11                       ` David Miller
2015-11-07 15:06                       ` Shamir Rabinovitch
     [not found]                         ` <CAN+hb0UvztgwNuAh93XdJEe7vgiZgNMc9mHNziHpEopg8Oi4Mg@mail.gmail.com>
2015-11-16  8:42                           ` David Woodhouse
     [not found]                             ` <CAN+hb0UWpfcS5DvgMxNjY-5JOztw2mO1r2FJAW17fn974mhxPA@mail.gmail.com>
2015-11-16 18:42                               ` Benjamin Serebrin
2015-11-16 18:42                                 ` Benjamin Serebrin
  -- strict thread matches above, loose matches on Subject: below --
2015-10-25 16:37 [PATCH v1 1/2] dma-mapping-common: add dma_map_page_attrs API Shamir Rabinovitch
2015-10-25 16:37 ` [PATCH v1 2/2] dma-mapping-common: add DMA attribute - DMA_ATTR_IOMMU_BYPASS Shamir Rabinovitch
2015-11-16  6:56 Benjamin Serebrin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3880193.j0XDKyhAXH@wuerfel \
    --to=arnd@arndb.de \
    --cc=benh@kernel.crashing.org \
    --cc=borntraeger@de.ibm.com \
    --cc=corbet@lwn.net \
    --cc=cornelia.huck@de.ibm.com \
    --cc=dwmw2@infradead.org \
    --cc=hch@lst.de \
    --cc=jroedel@suse.de \
    --cc=kvm@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-s390@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=schwidefsky@de.ibm.com \
    --cc=sebott@linux.vnet.ibm.com \
    --cc=shamir.rabinovitch@oracle.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).