From: "Tian, Kevin" <kevin.tian@intel.com>
To: Jan Beulich <jbeulich@suse.com>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: Ian Jackson <iwj@xenproject.org>
Subject: RE: [PATCH 2/2] VT-d: Tylersburg isoch DMAR unit with no TLB space
Date: Tue, 12 Oct 2021 04:40:07 +0000 [thread overview]
Message-ID: <BN9PR11MB54332C8D22C30EBF151133338CB69@BN9PR11MB5433.namprd11.prod.outlook.com> (raw)
In-Reply-To: <a385938d-243e-1790-da1f-be7c4f5f2c3f@suse.com>
> From: Jan Beulich <jbeulich@suse.com>
> Sent: Monday, October 11, 2021 4:50 PM
>
> BIOSes, when enabling the dedicated DMAR unit for the sound device,
> need to also set a non-zero number of TLB entries in a respective
> system management register (VTISOCHCTRL). At least one BIOS is known
> to fail to do so, causing the VT-d engine to deadlock when used.
>
> Vaguely based on Linux'es e0fc7e0b4b5e ("intel-iommu: Yet another BIOS
> workaround: Isoch DMAR unit with no TLB space").
>
> To limit message string redundancy, fold parts with the IGD quirk logic.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> ---
> RFC: This requires MMCFG availability before Dom0 starts up, which is
> not generally given. We may want/need to e.g. (ab)use the
> .enable_device() hook to actually disable translation if MMCFG
> accesses become available only in the course of Dom0 booting.
make sense
> RFC: While following Linux in this regard, I'm not convinced of issuing
> the warning about the number of TLB entries when firmware set more
> than 16 (I can observe 20 on the on matching system I have access
> to.)
me either. Since you already observed 20 on one system, changing the
check to >=16 makes more sense.
The rest looks good to me:
Reviewed-by: Kevin Tian <kevin.tian@intel.com>
>
> I assume an implication is that the device in this case then may not be
> passed through to guests, but I don't see us enforcing the same anywhere
> for graphics devices when "no-igfx" is in use. Yet here I would want to
> follow whatever pre-existing model ...
>
> --- a/xen/drivers/passthrough/vtd/extern.h
> +++ b/xen/drivers/passthrough/vtd/extern.h
> @@ -100,6 +100,7 @@ int msi_msg_write_remap_rte(struct msi_d
> int intel_setup_hpet_msi(struct msi_desc *);
>
> int is_igd_vt_enabled_quirk(void);
> +bool is_azalia_tlb_enabled(const struct acpi_drhd_unit *);
> void platform_quirks_init(void);
> void vtd_ops_preamble_quirk(struct vtd_iommu *iommu);
> void vtd_ops_postamble_quirk(struct vtd_iommu *iommu);
> --- a/xen/drivers/passthrough/vtd/iommu.c
> +++ b/xen/drivers/passthrough/vtd/iommu.c
> @@ -750,27 +750,43 @@ static void iommu_enable_translation(str
> u32 sts;
> unsigned long flags;
> struct vtd_iommu *iommu = drhd->iommu;
> + static const char crash_fmt[] = "%s; crash Xen for security purpose\n";
>
> if ( drhd->gfx_only )
> {
> + static const char disable_fmt[] = XENLOG_WARNING VTDPREFIX
> + " %s; disabling IGD VT-d engine\n";
> +
> if ( !iommu_igfx )
> {
> - printk(XENLOG_INFO VTDPREFIX
> - "Passed iommu=no-igfx option. Disabling IGD VT-d engine.\n");
> + printk(disable_fmt, "passed iommu=no-igfx option");
> return;
> }
>
> if ( !is_igd_vt_enabled_quirk() )
> {
> + static const char msg[] = "firmware did not enable IGD for VT
> properly";
> +
> if ( force_iommu )
> - panic("BIOS did not enable IGD for VT properly, crash Xen for
> security purpose\n");
> + panic(crash_fmt, msg);
>
> - printk(XENLOG_WARNING VTDPREFIX
> - "BIOS did not enable IGD for VT properly. Disabling IGD VT-d
> engine.\n");
> + printk(disable_fmt, msg);
> return;
> }
> }
>
> + if ( !is_azalia_tlb_enabled(drhd) )
> + {
> + static const char msg[] = "firmware did not enable TLB for sound
> device";
> +
> + if ( force_iommu )
> + panic(crash_fmt, msg);
> +
> + printk(XENLOG_WARNING VTDPREFIX " %s; disabling ISOCH VT-d
> engine\n",
> + msg);
> + return;
> + }
> +
> /* apply platform specific errata workarounds */
> vtd_ops_preamble_quirk(iommu);
>
> --- a/xen/drivers/passthrough/vtd/quirks.c
> +++ b/xen/drivers/passthrough/vtd/quirks.c
> @@ -100,6 +100,69 @@ static void __init cantiga_b3_errata_ini
> is_cantiga_b3 = 1;
> }
>
> +/*
> + * QUIRK to work around certain BIOSes enabling the ISOCH DMAR unit for
> the
> + * Azalia sound device, but not giving it any TLB entries, causing it to
> + * deadlock.
> + */
> +bool is_azalia_tlb_enabled(const struct acpi_drhd_unit *drhd)
> +{
> + pci_sbdf_t sbdf;
> + unsigned int vtisochctrl;
> +
> + /* Only dedicated units are of interest. */
> + if ( drhd->include_all || drhd->scope.devices_cnt != 1 )
> + return true;
> +
> + /* Check for the specific device. */
> + sbdf = PCI_SBDF2(drhd->segment, drhd->scope.devices[0]);
> + if ( pci_conf_read16(sbdf, PCI_VENDOR_ID) != PCI_VENDOR_ID_INTEL ||
> + pci_conf_read16(sbdf, PCI_DEVICE_ID) != 0x3a3e )
> + return true;
> +
> + /* Check for the corresponding System Management Registers device. */
> + sbdf = PCI_SBDF(drhd->segment, 0, 0x14, 0);
> + if ( pci_conf_read16(sbdf, PCI_VENDOR_ID) != PCI_VENDOR_ID_INTEL ||
> + pci_conf_read16(sbdf, PCI_DEVICE_ID) != 0x342e )
> + return true;
> +
> + vtisochctrl = pci_conf_read32(sbdf, 0x188);
> + if ( vtisochctrl == 0xffffffff )
> + {
> + printk(XENLOG_WARNING VTDPREFIX
> + " Cannot access VTISOCHCTRL at this time\n");
> + return true;
> + }
> +
> + /*
> + * If Azalia DMA is routed to the non-isoch DMAR unit, that's fine in
> + * principle, but not consistent with the ACPI tables.
> + */
> + if ( vtisochctrl & 1 )
> + {
> + printk(XENLOG_WARNING VTDPREFIX
> + " Inconsistency between chipset registers and ACPI tables\n");
> + return true;
> + }
> +
> + /* Drop all bits other than the number of TLB entries. */
> + vtisochctrl &= 0x1c;
> +
> + /* If we have the recommended number of TLB entries, fine. */
> + if ( vtisochctrl == 16 )
> + return true;
> +
> + /* Zero TLB entries? */
> + if ( !vtisochctrl )
> + return false;
> +
> + printk(XENLOG_WARNING VTDPREFIX
> + " Recommended TLB entries for ISOCH unit is 16; firmware set %u\n",
> + vtisochctrl);
> +
> + return true;
> +}
> +
> /* check for Sandybridge IGD device ID's */
> static void __init snb_errata_init(void)
> {
prev parent reply other threads:[~2021-10-12 4:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-11 8:48 [PATCH 0/2] VT-d: correct / extend workaround(s) leaving an IOMMU disabled Jan Beulich
2021-10-11 8:49 ` [PATCH 1/2] VT-d: generalize and correct "iommu=no-igfx" handling Jan Beulich
2021-10-12 3:39 ` Tian, Kevin
2021-10-11 8:49 ` [PATCH 2/2] VT-d: Tylersburg isoch DMAR unit with no TLB space Jan Beulich
2021-10-11 10:56 ` [PATCH 0/2] VT-d: correct / extend workaround(s) leaving an IOMMU disabled [and 1 more messages] Ian Jackson
2021-10-11 11:09 ` Jan Beulich
2021-10-11 13:13 ` Ian Jackson
2021-10-12 4:40 ` Tian, Kevin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BN9PR11MB54332C8D22C30EBF151133338CB69@BN9PR11MB5433.namprd11.prod.outlook.com \
--to=kevin.tian@intel.com \
--cc=iwj@xenproject.org \
--cc=jbeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.