Re: IOMMU and graphics cards

From: David Woodhouse
Date: Tue Apr 28 2009 - 11:29:22 EST

Next message: Rik van Riel: "Re: Swappiness vs. mmap() and interactive response"
Previous message: Ralf Baechle: "Re: [PATCH] txx9dmac: Fix clearing of CHAR register in 32-bitkernel"
In reply to: Joerg Roedel: "IOMMU and graphics cards"
Next in thread: Joerg Roedel: "Re: IOMMU and graphics cards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2009-04-28 at 17:05 +0200, Joerg Roedel wrote:
> Hi David,
>
> as I have seen the VT-d code implements a workaround for broken graphics
> card drivers. What it does, when enabled, is giving each grahics device
> direct access to all physical memory. I really don't like to implement
> this but a similar workaround for the AMD IOMMU seems to be necessary.
> The biggest problem here is that this kind of workaround disables device
> isolation for graphics cards. Device isolation is the main reason for
> using an IOMMU in an unvirtualized environment. So if this workaround is
> enabled it is as good as disable the IOMMU at all.

For that device, yes. The IOMMU still catches errors from _other_
devices, of course.

But I agree that it's a crap thing to have to do, and there are probably
a number of ways we could make it slightly less crap. For a start, we
could at least refrain from mapping the kernel text -- the card has no
business DMAing there, whatever happens.

> Thats why I think a kernel compile option for this workaround is not
> sufficient. Distributors will probably enable this in their kernels
> which also disables device isolation even if the user don't want to use
> these broken drivers.

Yes, that makes a lot of sense.

Is the reason you're doing this actually because of broken drivers? Or
just because of the performance implications? I've heard both cited as
reasons for the 1:1 mapping... and if it's mostly the former, then
perhaps the best way for me to help you is to stop enabling the option
in Fedora (rawhide, at least), so that the buggy drivers get _fixed_ and
you don't get stuck with "it works on Intel, why can't you make it
work?" reports?

> I think we should change that and provide a better way which allows to
> enable this workaround only if it is required (and it should be
> transparent to the user which IOMMU is built into the system).
> We have several options to do this:
>
> * Implement a kernel command line option to enable/disable the
> workaround (what should be default?)
> * Use the IOMMU-API and write a kernel module which creates a
> direct mapped protection domain and assigns the graphics
> cards to it (need to be done carefully to not break graphics
> drivers which do everything right and use the DMA-API)
> * Any other great idea?
>
> So what do you (and all the others reading this :-) think? I would
> prefer the way of implementing a module but there may also be reasons
> against this. I would like this to be disussed before I implement the
> workaround for the AMD IOMMU.

I think I also prefer your second option. I don't like having this as a
hack in the IOMMU code.

--
David Woodhouse Open Source Technology Centre
David.Woodhouse@xxxxxxxxx Intel Corporation

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rik van Riel: "Re: Swappiness vs. mmap() and interactive response"
Previous message: Ralf Baechle: "Re: [PATCH] txx9dmac: Fix clearing of CHAR register in 32-bitkernel"
In reply to: Joerg Roedel: "IOMMU and graphics cards"
Next in thread: Joerg Roedel: "Re: IOMMU and graphics cards"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]