From: Joerg Roedel <jroedel@suse.de>
To: Ingo Molnar <mingo@kernel.org>
Cc: Shaohua Li <shli@fb.com>,
linux-kernel@vger.kernel.org, gang.wei@intel.com,
hpa@linux.intel.com, kernel-team@fb.com, ning.sun@intel.com,
srihan@fb.com, alex.eydelberg@intel.com
Subject: Re: [PATCH V2] x86/tboot: add an option to disable iommu force on
Date: Fri, 5 May 2017 10:40:04 +0200 [thread overview]
Message-ID: <20170505084004.GM5077@suse.de> (raw)
In-Reply-To: <20170505065920.qagb7qvmr3iryyzj@gmail.com>
Hi Ingo,
On Fri, May 05, 2017 at 08:59:20AM +0200, Ingo Molnar wrote:
> * Joerg Roedel <jroedel@suse.de> wrote:
> > The problem solved here is that someone wants tboot for security
> > reasons, but doesn't want the performance penalty of having the IOMMU
> > enabled and can live with the risk of an DMA attack.
>
> Yes, that makes sense - but in this case it would be far more user friendly to
> make it a sysctl, not a boot option. This is also much more manageable for
> distributions and also allows it to be more easily turned into a security policy
> feature.
>
> New boot options should be for debugging hacks in essence - any serious hardware
> configuration should be done via more user-friendly methods.
I agree in general that a sysctl would be more user-friendly. But the
problem is that enabling/disabling the IOMMU is a boot-time option that
can't be changed at runtime.
That is because this decission defines how the bus addresses are mapped
to physical addresses through the dma-api. When the iommu is disabled,
it is just a 1-1 mapping, but when it is enabled a physical address
could end up on any address in the bus address space.
Once drivers are loaded that allocate those addresses we can't change
the mappings anymore as disabling the iommu would do.
Regards,
Joerg
next prev parent reply other threads:[~2017-05-05 8:40 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-26 16:18 [PATCH V2] x86/tboot: add an option to disable iommu force on Shaohua Li
2017-04-26 21:59 ` Joerg Roedel
2017-04-27 6:52 ` Ingo Molnar
2017-04-28 22:07 ` Joerg Roedel
2017-04-27 6:51 ` Ingo Molnar
2017-04-27 8:42 ` Joerg Roedel
2017-04-27 14:49 ` Shaohua Li
2017-04-27 15:18 ` Joerg Roedel
2017-04-27 15:41 ` Shaohua Li
2017-04-27 16:04 ` Joerg Roedel
2017-05-05 6:59 ` Ingo Molnar
2017-05-05 8:40 ` Joerg Roedel [this message]
2017-05-06 9:48 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170505084004.GM5077@suse.de \
--to=jroedel@suse.de \
--cc=alex.eydelberg@intel.com \
--cc=gang.wei@intel.com \
--cc=hpa@linux.intel.com \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=ning.sun@intel.com \
--cc=shli@fb.com \
--cc=srihan@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).