Re: [PATCH 1/1] iommu/vt-d: Prevent boot failure with devices requiring ATS

From: Baolu Lu
Date: Wed Sep 04 2024 - 03:51:08 EST

Next message: Christophe Leroy: "Re: [PATCH 2/2] mm: make copy_to_kernel_nofault() not fault on user addresses"
Previous message: Christian König: "Re: [RFC PATCH 00/10] drm/panthor: Add user submission"
In reply to: Tian, Kevin: "RE: [PATCH 1/1] iommu/vt-d: Prevent boot failure with devices requiring ATS"
Next in thread: Tian, Kevin: "RE: [PATCH 1/1] iommu/vt-d: Prevent boot failure with devices requiring ATS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2024/9/4 14:49, Tian, Kevin wrote:

From: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
Sent: Wednesday, September 4, 2024 2:07 PM

SOC-integrated devices on some platforms require their PCI ATS enabled
for operation when the IOMMU is in scalable mode. Those devices are
reported via ACPI/SATC table with the ATC_REQUIRED bit set in the Flags
field.

The PCI subsystem offers the 'pci=noats' kernel command to disable PCI
ATS on all devices. Using 'pci=noat' with devices that require PCI ATS
can cause a conflict, leading to boot failure, especially if the device
is a graphics device.

To prevent this issue, check PCI ATS support before enumerating the IOMMU
devices. If any device requires PCI ATS, but PCI ATS is disabled by
'pci=noats', switch the IOMMU to operate in legacy mode to ensure
successful booting.

I guess the reason of switching to legacy mode is because the platform
automatically enables ATS in this mode, as the comment says in
dmar_ats_supported(). This should be explained otherwise it's unclear
why switching the mode can make ATS working for those devices.

Not 'automatically enable ATS,' but hardware provides something that is
equivalent to PCI ATS. The ATS capability on the device is still
disabled. That's the reason why such device must be an SOC-integrated
one.

But then doesn't it break the meaning of 'pci=noats' which means
disabling ATS physically? It's described as "do not use PCIe ATS and
IOMMU device IOTLB" in kernel doc, which is not equivalent to
"leave PCIe ATS to be managed by HW".

Therefore, the PCI ATS is not used and the syntax of pci=noats is not
broken.

and why would one want to use 'pci=noats' on a platform which
requires ats?

We don't recommend users to disable ATS on a platform which has devices
that rely on it. But nothing can prevent users from doing so. I am not
sure why it is needed. One possible reason that I can think of is about
security. Sometimes, people don't trust ATS because it allows devices to
access the memory with translated requests directly without any
permission check on the IOMMU end.

Thanks,
baolu

Next message: Christophe Leroy: "Re: [PATCH 2/2] mm: make copy_to_kernel_nofault() not fault on user addresses"
Previous message: Christian König: "Re: [RFC PATCH 00/10] drm/panthor: Add user submission"
In reply to: Tian, Kevin: "RE: [PATCH 1/1] iommu/vt-d: Prevent boot failure with devices requiring ATS"
Next in thread: Tian, Kevin: "RE: [PATCH 1/1] iommu/vt-d: Prevent boot failure with devices requiring ATS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]