Re: [PATCH 00/19] Fix Intel IOMMU breakage in kdump kernel

Linux IOMMU Development
 help / color / mirror / Atom feed

From: "Li, ZhenHua" <zhen-hual-VXdhtT5mjnY@public.gmane.org>
To: David Woodhouse <dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
Cc: Joerg Roedel <jroedel-l3A5Bk7waGM@public.gmane.org>,
	iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, "Li,
	ZhenHua" <zhen-hual-VXdhtT5mjnY@public.gmane.org>,
	dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
	jroedel-zLv9SwRftAIdnm+yROfE0A@public.gmane.org
Subject: Re: [PATCH 00/19] Fix Intel IOMMU breakage in kdump kernel
Date: Thu, 25 Jun 2015 14:35:53 +0800	[thread overview]
Message-ID: <558BA149.5060603@hp.com> (raw)
In-Reply-To: <1435070334.12045.24.camel-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>

On 06/23/2015 10:38 PM, David Woodhouse wrote:
> On Tue, 2015-06-23 at 16:06 +0200, Joerg Roedel wrote:
>> On Tue, Jun 23, 2015 at 02:31:30PM +0100, David Woodhouse wrote:
>>> However, it's still fairly gratuitous for all non-broken hardware, and
>>> will tend to hide hardware and driver bugs during testing of new
>>> hardware.
>>>
>>> I'd much rather see this limited to a blacklist of known-broken
>>> devices, an accompanied by a kernel message along the lines of
>>>
>>>   'Preserving VT-d page tables for broken HP device xxxx:xxxx'
>>>
>>> For *any* device which isn't so broken that it craps itself on taking
>>> a DMA fault and cannot be reset, this page table copy shouldn't be
>>> needed, right?
>>
>> In theory yes, but as it came to my mind recently, there is this BIOS
>> "value-add" called APEI (ACPI Platform Error Interface) which has a
>> 'Firmware first' mode.
>>
>> So when this is active the firmware handles any errors happening in the
>> system and reports them to the OS with a severity it can decide on its
>> own.
>>
>> Such errors could be DMA target aborts, for example. And I have seen
>> systems where at least rejected interrupt requests were reported to the
>> OS as fatal errors, causing a kernel panic in Linux. But the firmware is
>> also free to report ordinary DMA failures as fatal errors, who knows...
>
> Yay for BIOS value subtract.
>
> The thing is, this would be utterly broken. The IOMMU is supposed to
> protect us from rogue devices. In this hypothetical scenario, a device
> can bring the entire system down and we have no chance to isolate it
> and recover. It means that assigning devices to guests should be
> *disallowed* because it can't be done securely.
>
> On this kind of system, we might as well turn off the IOMMU entirely as
> in a lot of respects, it's only making things *worse*.
>
>> So while you are right that these changes might hide hardware and driver
>> bugs, I think it is still the best to try avoiding such faults at all
>> costs in the kdump kernel to actually get a dump, even if the device
>> would actually be able to recover from the master abort.
>
> How about an *option* to do it for all devices (which in turn can
> perhaps be triggered by a system-level blacklist for things like APEI,
> or perhaps just a system DMI match on "HP").
>
Hi David,
It is a bad idea to check the DMI match on "HP". Though I have not see
any similar problems on other systems, I believe there are. Also not
all HP systems have such problem.
I agree with a blacklist for devices.

Thanks
Zhenhua

next prev parent reply	other threads:[~2015-06-25  6:35 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-06-13  6:47 [PATCH 00/19] Fix Intel IOMMU breakage in kdump kernel Joerg Roedel
     [not found] ` <1434178047-17809-1-git-send-email-joro-zLv9SwRftAIdnm+yROfE0A@public.gmane.org>
2015-06-13  6:47   ` [PATCH 01/19] iommu/vt-d: Cleanup log messages Joerg Roedel
2015-06-13  6:47   ` [PATCH 02/19] iommu/vt-d: Init QI before root entry is allocated Joerg Roedel
2015-06-13  6:47   ` [PATCH 03/19] iommu/vt-d: Make root entry visible for hardware right after allocation Joerg Roedel
2015-06-13  6:47   ` [PATCH 04/19] iommu/vt-d: Detect pre enabled translation Joerg Roedel
2015-06-13  6:47   ` [PATCH 05/19] iommu/vt-d: Copy translation tables from old kernel Joerg Roedel
2015-06-13  6:47   ` [PATCH 06/19] iommu/vt-d: Do not re-use domain-ids from the " Joerg Roedel
2015-06-13  6:47   ` [PATCH 07/19] iommu/vt-d: Mark copied context entries Joerg Roedel
2015-06-13  6:47   ` [PATCH 08/19] iommu/vt-d: Allocate si_domain in init_dmars() Joerg Roedel
2015-06-13  6:47   ` [PATCH 09/19] iommu/vt-d: Don't do early domain assignment if kdump kernel Joerg Roedel
2015-06-13  6:47   ` [PATCH 10/19] iommu/vt-d: Don't copy translation tables if RTT bit needs to be changed Joerg Roedel
2015-06-13  6:47   ` [PATCH 12/19] iommu/vt-d: Enable Translation only if it was previously disabled Joerg Roedel
2015-06-13  6:47   ` [PATCH 13/19] iommu/vt-d: Move EIM detection to intel_prepare_irq_remapping Joerg Roedel
2015-06-13  6:47   ` [PATCH 14/19] iommu/vt-d: Move QI initializationt to intel_setup_irq_remapping Joerg Roedel
2015-06-13  6:47   ` [PATCH 15/19] iommu/vt-d: Disable IRQ remapping in intel_prepare_irq_remapping Joerg Roedel
2015-06-13  6:47   ` [PATCH 16/19] iommu/vt-d: Set IRTA in intel_setup_irq_remapping Joerg Roedel
2015-06-13  6:47   ` [PATCH 17/19] iommu/vt-d: Copy IR table from old kernel when in kdump mode Joerg Roedel
2015-06-13  6:47   ` [PATCH 18/19] iommu/vt-d: Make sure copied over IR entries are not reused Joerg Roedel
2015-06-13  6:47   ` [PATCH 19/19] iommu/vt-d: Don't disable IR when it was previously enabled Joerg Roedel
2015-06-25  6:40   ` [PATCH 00/19] Fix Intel IOMMU breakage in kdump kernel Li, ZhenHua
2015-06-13  6:47 ` [PATCH 11/19] iommu/vt-d: Don't disable translation prior to OS handover Joerg Roedel
2015-06-23 13:31 ` [PATCH 00/19] Fix Intel IOMMU breakage in kdump kernel David Woodhouse
     [not found]   ` <1435066290.12045.2.camel-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2015-06-23 14:06     ` Joerg Roedel
     [not found]       ` <20150623140631.GB2724-l3A5Bk7waGM@public.gmane.org>
2015-06-23 14:38         ` David Woodhouse
     [not found]           ` <1435070334.12045.24.camel-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
2015-06-25  6:35             ` Li, ZhenHua [this message]
2015-06-25  8:06               ` David Woodhouse

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=558BA149.5060603@hp.com \
    --to=zhen-hual-vxdhtt5mjny@public.gmane.org \
    --cc=dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
    --cc=dyoung-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
    --cc=jroedel-l3A5Bk7waGM@public.gmane.org \
    --cc=jroedel-zLv9SwRftAIdnm+yROfE0A@public.gmane.org \
    --cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox