Re: [PATCH] iommu/intel: Exclude devices using RMRRs from IOMMU API domains

From: David Woodhouse
Date: Wed May 21 2014 - 13:10:00 EST


On Wed, 2014-05-21 at 13:05 -0400, Linda Knippers wrote:
>
> > Exactly, I have a hard time bringing myself to care about supporting
> > such devices. Vendors that proliferate RMRR usage need to be aware of
> > the implications of RMRRs for all use cases of a device. First and
> > foremost, we need to lock out devices with RMRRs because we have no
> > ability to either honor or disable RMRRs when used by the IOMMU API. If
> > vendors that rely on RMRRs want to make such devices assignable by
> > providing interfaces to describe and map the area into a VM, or even a
> > mechanism to disable the RMRR, more power to them. The current
> > situation is simply unsafe and needs to be prevented.
>
> I care but I think this patch should go in until there is a better
> solution.

I was quite happy with our earlier "solution" of just assuming that
RMRRs were a boot-time thing only. Once a driver takes over the device,
or it's given to a guest, we forget the RMRRs entirely. The hardware has
no business still doing rogue DMA after we've taken control of it.

Again, it's only those who stupidly designed hardware who suffer. And
life was a lot simpler for us.

--
dwmw2

Attachment: smime.p7s
Description: S/MIME cryptographic signature