Re: [PATCH v7 1/7] iommu/vt-d: Don't switch off swiotlb if use direct dma

From: Lu Baolu
Date: Fri Aug 23 2019 - 22:18:50 EST


Hi Joerg,

On 8/23/19 4:39 PM, Joerg Roedel wrote:
On Fri, Aug 23, 2019 at 03:17:29PM +0800, Lu Baolu wrote:
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -4569,9 +4569,6 @@ static int __init platform_optin_force_iommu(void)
iommu_identity_mapping |= IDENTMAP_ALL;
dmar_disabled = 0;
-#if defined(CONFIG_X86) && defined(CONFIG_SWIOTLB)
- swiotlb = 0;
-#endif
no_iommu = 0;
return 1;
@@ -4710,9 +4707,6 @@ int __init intel_iommu_init(void)
}
up_write(&dmar_global_lock);
-#if defined(CONFIG_X86) && defined(CONFIG_SWIOTLB)
- swiotlb = 0;
-#endif

So this will cause the 64MB SWIOTLB aperture to be allocated even when
there will never be an untrusted device in the system, right? I guess
this will break some kdump setups as they need to resize their low
memory allocations to make room for the aperture because of this
patch-set.

Yes, you are right. I didn't consider the kdump case.


But I also don't see a way around this for now as untrusted devices are
usually hotplugged and might not be present at boot. So we can't make
the decision about the allocation at boot time.

If a system has any external port, through which an untrusted device
might be connected, the external port itself should be marked as an
untrusted device, and all devices beneath it just inherit this
attribution.

So during iommu driver initialization, we can easily know whether the
system has (or potentially has) untrusted devices by iterating the
device tree. I will add such check in the next version if no objections.


But this mechanism needs to be moved to the dma-iommu implementation at
some point, and then we should allocate the bounce memory pages
on-demand. We can easily do this in page-size chunks and map them
together with iommu page-tables. This way we don't need to pre-allocate
a large memory-chunk at boot.

Regards,

Joerg

Best regards,
Baolu