[PATCH 1/2] x86/amd-iommu: enable iommu before attaching devices
joro at 8bytes.org
Sat Apr 3 13:38:36 EDT 2010
On Fri, Apr 02, 2010 at 11:59:32AM -0400, Vivek Goyal wrote:
> 1. kernel crashes, we leave IOMMU enabled.
True for everything except gart and amd iommu.
> a. So during this small window when iommu is disabled and we enable
> it back, any inflight DMA will passthrough possibly to an
> unintended physical address as translation is disabled and it
> can corrupt the kdump kenrel.
> b. Even after enabling the iommu, I guess we will continue to
> use cached DTE, and translation information to handle any
> in-flight DMA. The difference is that now iommus are enabled
> so any in-flight DMA should go to the address as intended in
> first kenrel and should not corrupt anything.
> 3. Once iommus are enabled again, we allocated and initilize protection
> domains. We attach devices to domains. In the process we flush the
> DTE, PDE and IO TLBs.
> c. Looks like do_attach->set_dte_entry(), by default gives write
> permission (IW) to all the devices. I am assuming that at
> this point of time translation is enabled and possibly unity
No, The IW bit in the DTE must be set because all write permission bits
(DTE and page tabled) are ANDed to determine if a device can write to a
particular address. So as long as the paging mode is unequal to zero the
hardware will walk the page-table first to find out if the device has
write permission. With paging mode == 0 your statement about read-write
unity-mapping is true. This is used for a pass-through domain (iommu=pt)
More information about the kexec