Re: [RFC v6][PATCH 4/4] intel_txt: force IOMMU on for Intel(R) TXTlaunch
From: Pavel Machek
Date: Sun Jul 05 2009 - 16:23:45 EST
On Fri 2009-07-03 10:21:11, Ingo Molnar wrote:
>
> * Pavel Machek <pavel@xxxxxx> wrote:
>
> >
> > On Tue 2009-06-30 19:31:10, Joseph Cihula wrote:
> > > The tboot module will DMA protect all of memory in order to ensure the that
> > > kernel will be able to initialize without compromise (from DMA). Consequently,
> > > the kernel must enable Intel(R) Virtualization Technology for Directed I/O
> > > (VT-d or Intel IOMMU) in order to replace this broad protection with the
> > > appropriate page-granular protection. Otherwise DMA devices will be unable
> > > to read or write from memory and the kernel will eventually panic.
> > >
> > > Because runtime IOMMU support is configurable by command line options, this
> > > patch will force it to be enabled regardless of the options specified, and will
> > > log a message if it was required to force it on.
> > >
> > >
> > > dmar.c | 7 +++++++
> > > intel-iommu.c | 17 +++++++++++++++--
> > > 2 files changed, 22 insertions(+), 2 deletions(-)
> > >
> > > Signed-off-by: Joseph Cihula <joseph.cihula@xxxxxxxxx>
> > > Signed-off-by: Shane Wang <shane.wang@xxxxxxxxx>
> >
> > NAK. Breaks user expectations, misses docs updates.
>
> What's your proposed solution? If an incompatible IOMMU option is
> specified should the kernel to disable TXT and panic?
Yes.
...and whether we decide one way or another, it needs to be documented.a
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/