From: John Garry <john.garry@huawei.com>
To: <joro@8bytes.org>, <will@kernel.org>, <dwmw2@infradead.org>,
<baolu.lu@linux.intel.com>, <robin.murphy@arm.com>,
<corbet@lwn.net>
Cc: <linux-kernel@vger.kernel.org>,
<iommu@lists.linux-foundation.org>, <linuxarm@huawei.com>,
<thunder.leizhen@huawei.com>, <chenxiang66@hisilicon.com>,
<linux-doc@vger.kernel.org>, John Garry <john.garry@huawei.com>
Subject: [PATCH v13 3/6] iommu: Enhance IOMMU default DMA mode build options
Date: Wed, 16 Jun 2021 19:03:54 +0800 [thread overview]
Message-ID: <1623841437-211832-4-git-send-email-john.garry@huawei.com> (raw)
In-Reply-To: <1623841437-211832-1-git-send-email-john.garry@huawei.com>
From: Zhen Lei <thunder.leizhen@huawei.com>
First, add build options IOMMU_DEFAULT_{LAZY|STRICT}, so that we have the
opportunity to set {lazy|strict} mode as default at build time. Then put
the two config options in an choice, as they are mutually exclusive.
[jpg: Make choice between strict and lazy only (and not passthrough)]
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
---
.../admin-guide/kernel-parameters.txt | 3 +-
drivers/iommu/Kconfig | 40 +++++++++++++++++++
drivers/iommu/iommu.c | 2 +-
3 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index fcbb36d6eea7..d8fb36363be0 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2052,9 +2052,10 @@
throughput at the cost of reduced device isolation.
Will fall back to strict mode if not supported by
the relevant IOMMU driver.
- 1 - Strict mode (default).
+ 1 - Strict mode.
DMA unmap operations invalidate IOMMU hardware TLBs
synchronously.
+ unset - Use value of CONFIG_IOMMU_DEFAULT_{LAZY,STRICT}.
Note: on x86, the default behaviour depends on the
equivalent driver-specific parameters, but a strict
mode explicitly specified by either method takes
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index 1f111b399bca..0327a942fdb7 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -90,6 +90,46 @@ config IOMMU_DEFAULT_PASSTHROUGH
If unsure, say N here.
+choice
+ prompt "IOMMU default DMA IOTLB invalidation mode"
+ depends on IOMMU_DMA
+
+ default IOMMU_DEFAULT_STRICT
+ help
+ This option allows an IOMMU DMA IOTLB invalidation mode to be
+ chosen at build time, to override the default mode of each ARCH,
+ removing the need to pass in kernel parameters through command line.
+ It is still possible to provide common boot params to override this
+ config.
+
+ If unsure, keep the default.
+
+config IOMMU_DEFAULT_STRICT
+ bool "strict"
+ help
+ For every IOMMU DMA unmap operation, the flush operation of IOTLB and
+ the free operation of IOVA are guaranteed to be done in the unmap
+ function.
+
+config IOMMU_DEFAULT_LAZY
+ bool "lazy"
+ help
+ Support lazy mode, where for every IOMMU DMA unmap operation, the
+ flush operation of IOTLB and the free operation of IOVA are deferred.
+ They are only guaranteed to be done before the related IOVA will be
+ reused.
+
+ The isolation provided in this mode is not as secure as STRICT mode,
+ such that a vulnerable time window may be created between the DMA
+ unmap and the mappings cached in the IOMMU IOTLB or device TLB
+ finally being invalidated, where the device could still access the
+ memory which has already been unmapped by the device driver.
+ However this mode may provide better performance in high throughput
+ scenarios, and is still considerably more secure than passthrough
+ mode or no IOMMU.
+
+endchoice
+
config OF_IOMMU
def_bool y
depends on OF && IOMMU_API
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index cf58949cc2f3..60b1ec42e73b 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -29,7 +29,7 @@ static struct kset *iommu_group_kset;
static DEFINE_IDA(iommu_group_ida);
static unsigned int iommu_def_domain_type __read_mostly;
-static bool iommu_dma_strict __read_mostly = true;
+static bool iommu_dma_strict __read_mostly = IS_ENABLED(CONFIG_IOMMU_DEFAULT_STRICT);
static u32 iommu_cmd_line __read_mostly;
struct iommu_group {
--
2.26.2
WARNING: multiple messages have this Message-ID (diff)
From: John Garry <john.garry@huawei.com>
To: <joro@8bytes.org>, <will@kernel.org>, <dwmw2@infradead.org>,
<baolu.lu@linux.intel.com>, <robin.murphy@arm.com>,
<corbet@lwn.net>
Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linuxarm@huawei.com, iommu@lists.linux-foundation.org
Subject: [PATCH v13 3/6] iommu: Enhance IOMMU default DMA mode build options
Date: Wed, 16 Jun 2021 19:03:54 +0800 [thread overview]
Message-ID: <1623841437-211832-4-git-send-email-john.garry@huawei.com> (raw)
In-Reply-To: <1623841437-211832-1-git-send-email-john.garry@huawei.com>
From: Zhen Lei <thunder.leizhen@huawei.com>
First, add build options IOMMU_DEFAULT_{LAZY|STRICT}, so that we have the
opportunity to set {lazy|strict} mode as default at build time. Then put
the two config options in an choice, as they are mutually exclusive.
[jpg: Make choice between strict and lazy only (and not passthrough)]
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Reviewed-by: Robin Murphy <robin.murphy@arm.com>
---
.../admin-guide/kernel-parameters.txt | 3 +-
drivers/iommu/Kconfig | 40 +++++++++++++++++++
drivers/iommu/iommu.c | 2 +-
3 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index fcbb36d6eea7..d8fb36363be0 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2052,9 +2052,10 @@
throughput at the cost of reduced device isolation.
Will fall back to strict mode if not supported by
the relevant IOMMU driver.
- 1 - Strict mode (default).
+ 1 - Strict mode.
DMA unmap operations invalidate IOMMU hardware TLBs
synchronously.
+ unset - Use value of CONFIG_IOMMU_DEFAULT_{LAZY,STRICT}.
Note: on x86, the default behaviour depends on the
equivalent driver-specific parameters, but a strict
mode explicitly specified by either method takes
diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
index 1f111b399bca..0327a942fdb7 100644
--- a/drivers/iommu/Kconfig
+++ b/drivers/iommu/Kconfig
@@ -90,6 +90,46 @@ config IOMMU_DEFAULT_PASSTHROUGH
If unsure, say N here.
+choice
+ prompt "IOMMU default DMA IOTLB invalidation mode"
+ depends on IOMMU_DMA
+
+ default IOMMU_DEFAULT_STRICT
+ help
+ This option allows an IOMMU DMA IOTLB invalidation mode to be
+ chosen at build time, to override the default mode of each ARCH,
+ removing the need to pass in kernel parameters through command line.
+ It is still possible to provide common boot params to override this
+ config.
+
+ If unsure, keep the default.
+
+config IOMMU_DEFAULT_STRICT
+ bool "strict"
+ help
+ For every IOMMU DMA unmap operation, the flush operation of IOTLB and
+ the free operation of IOVA are guaranteed to be done in the unmap
+ function.
+
+config IOMMU_DEFAULT_LAZY
+ bool "lazy"
+ help
+ Support lazy mode, where for every IOMMU DMA unmap operation, the
+ flush operation of IOTLB and the free operation of IOVA are deferred.
+ They are only guaranteed to be done before the related IOVA will be
+ reused.
+
+ The isolation provided in this mode is not as secure as STRICT mode,
+ such that a vulnerable time window may be created between the DMA
+ unmap and the mappings cached in the IOMMU IOTLB or device TLB
+ finally being invalidated, where the device could still access the
+ memory which has already been unmapped by the device driver.
+ However this mode may provide better performance in high throughput
+ scenarios, and is still considerably more secure than passthrough
+ mode or no IOMMU.
+
+endchoice
+
config OF_IOMMU
def_bool y
depends on OF && IOMMU_API
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index cf58949cc2f3..60b1ec42e73b 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -29,7 +29,7 @@ static struct kset *iommu_group_kset;
static DEFINE_IDA(iommu_group_ida);
static unsigned int iommu_def_domain_type __read_mostly;
-static bool iommu_dma_strict __read_mostly = true;
+static bool iommu_dma_strict __read_mostly = IS_ENABLED(CONFIG_IOMMU_DEFAULT_STRICT);
static u32 iommu_cmd_line __read_mostly;
struct iommu_group {
--
2.26.2
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
next prev parent reply other threads:[~2021-06-16 11:08 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-16 11:03 [PATCH v13 0/6] iommu: Enhance IOMMU default DMA mode build options John Garry
2021-06-16 11:03 ` John Garry
2021-06-16 11:03 ` [PATCH v13 1/6] iommu: Deprecate Intel and AMD cmdline methods to enable strict mode John Garry
2021-06-16 11:03 ` John Garry
2021-06-17 19:01 ` Robin Murphy
2021-06-17 19:01 ` Robin Murphy
2021-06-18 7:43 ` John Garry
2021-06-18 7:43 ` John Garry
2021-06-16 11:03 ` [PATCH v13 2/6] iommu: Print strict or lazy mode at init time John Garry
2021-06-16 11:03 ` John Garry
2021-06-16 11:03 ` John Garry [this message]
2021-06-16 11:03 ` [PATCH v13 3/6] iommu: Enhance IOMMU default DMA mode build options John Garry
2021-06-16 11:03 ` [PATCH v13 4/6] iommu/vt-d: Add support for " John Garry
2021-06-16 11:03 ` John Garry
2021-06-17 7:32 ` Lu Baolu
2021-06-17 7:32 ` Lu Baolu
2021-06-17 8:00 ` John Garry
2021-06-17 8:00 ` John Garry
2021-06-17 19:03 ` Robin Murphy
2021-06-17 19:03 ` Robin Murphy
2021-06-18 1:46 ` Lu Baolu
2021-06-18 1:46 ` Lu Baolu
2021-06-18 7:31 ` John Garry
2021-06-18 7:31 ` John Garry
2021-06-16 11:03 ` [PATCH v13 5/6] iommu/amd: " John Garry
2021-06-16 11:03 ` John Garry
2021-06-16 11:03 ` [PATCH v13 6/6] iommu: Remove mode argument from iommu_set_dma_strict() John Garry
2021-06-16 11:03 ` John Garry
2021-06-17 7:36 ` Lu Baolu
2021-06-17 7:36 ` Lu Baolu
2021-06-17 7:41 ` John Garry
2021-06-17 7:41 ` John Garry
2021-06-18 1:52 ` Lu Baolu
2021-06-18 1:52 ` Lu Baolu
2021-06-17 18:56 ` Robin Murphy
2021-06-17 18:56 ` Robin Murphy
2021-06-18 1:51 ` Lu Baolu
2021-06-18 1:51 ` Lu Baolu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1623841437-211832-4-git-send-email-john.garry@huawei.com \
--to=john.garry@huawei.com \
--cc=baolu.lu@linux.intel.com \
--cc=chenxiang66@hisilicon.com \
--cc=corbet@lwn.net \
--cc=dwmw2@infradead.org \
--cc=iommu@lists.linux-foundation.org \
--cc=joro@8bytes.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxarm@huawei.com \
--cc=robin.murphy@arm.com \
--cc=thunder.leizhen@huawei.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.