VT-d: add "iommu=workaround_bios_bug" option

Add this option to workaround BIOS bugs. Currently it ignores DRHD
if "all" devices under its scope are not pci discoverable. This
workarounds a BIOS bug in some platforms to make VT-d work. But note
that this option doesn't guarantee security, because it might ignore
DRHD.

So there are 3 options which handle BIOS bugs differently:
  iommu=1 (default): If detect non-existent device under a DRHD's
scope, or find incorrect RMRR setting (base_address > end_address),
disable VT-d completely in Xen with warning messages. This guarantees
security when VT-d enabled, or just disable VT-d to let Xen work
without VT-d.
  iommu=force: it enforces to enable VT-d in Xen. If VT-d cannot be
enabled, it will crashes Xen. This is mainly for users who must need
VT-d.
  iommu=workaround_bogus_bios: it workarounds some BIOS bugs to make
VT-d still work.  This might be insecure because there might be a
device not protected by any DRHD if the device is re-enabled by
malicious s/w.  This is for users who want to use VT-d regardless of
security.

Signed-off-by: Weidong Han <weidong.han@intel.com>

diff --git a/xen/drivers/passthrough/iommu.c b/xen/drivers/passthrough/iommu.c
index 5c4a3d5e86f614bac5c1587b973bb9d23ac5c8c8..702d81afe97d7838a1c56b54565c41d74528e6e1 100644 (file)
--- a/xen/drivers/passthrough/iommu.c
+++ b/xen/drivers/passthrough/iommu.c
@@ -30,6 +30,8 @@ static int iommu_populate_page_table(struct domain *d);
  *   pv                         Enable IOMMU for PV domains
  *   no-pv                      Disable IOMMU for PV domains (default)
  *   force|required             Don't boot unless IOMMU is enabled
+ *   workaround_bios_bug        Workaround some bios issue to still enable
+                                VT-d, don't guarantee security
  *   passthrough                Enable VT-d DMA passthrough (no DMA
  *                              translation for Dom0)
  *   no-snoop                   Disable VT-d Snoop Control
@@ -40,6 +42,7 @@ custom_param("iommu", parse_iommu_param);
 int iommu_enabled = 1;
 int iommu_pv_enabled;
 int force_iommu;
+int iommu_workaround_bios_bug;
 int iommu_passthrough;
 int iommu_snoop = 1;
 int iommu_qinval = 1;
@@ -65,6 +68,8 @@ static void __init parse_iommu_param(char *s)
             iommu_pv_enabled = 0;
         else if ( !strcmp(s, "force") || !strcmp(s, "required") )
             force_iommu = 1;
+        else if ( !strcmp(s, "workaround_bios_bug") )
+            iommu_workaround_bios_bug = 1;
         else if ( !strcmp(s, "passthrough") )
             iommu_passthrough = 1;
         else if ( !strcmp(s, "no-snoop") )

diff --git a/xen/drivers/passthrough/vtd/dmar.c b/xen/drivers/passthrough/vtd/dmar.c
index 604a2eb830dcaecacf876e61b9aefa8e11ce8b77..544d0115b8b93db9d5dab80dadeae2ba3ebfc748 100644 (file)
--- a/xen/drivers/passthrough/vtd/dmar.c
+++ b/xen/drivers/passthrough/vtd/dmar.c
@@ -421,17 +421,21 @@ acpi_parse_one_drhd(struct acpi_dmar_entry_header *header)
         if ( invalid_cnt )
         {
             xfree(dmaru);
-            if ( invalid_cnt == dmaru->scope.devices_cnt )
+
+            if ( iommu_workaround_bios_bug &&
+                 invalid_cnt == dmaru->scope.devices_cnt )
             {
                 dprintk(XENLOG_WARNING VTDPREFIX,
-                    "  Ignore the DRHD due to all devices under "
-                    "its scope are not PCI discoverable!\n");
+                    "  Workaround BIOS bug: ignore the DRHD due to all "
+                    "devices under its scope are not PCI discoverable!\n");
             }
             else
             {
                 dprintk(XENLOG_WARNING VTDPREFIX,
-                    "  The DRHD is invalid due to some devices under "
-                    "its scope are not PCI discoverable!\n");
+                    "  The DRHD is invalid due to there are devices under "
+                    "its scope are not PCI discoverable! Pls try option "
+                    "iommu=force or iommu=workaround_bios_bug if you "
+                    "really want VT-d\n");
                 ret = -EINVAL;
             }
         }

diff --git a/xen/include/xen/iommu.h b/xen/include/xen/iommu.h
index 064a96d006c13add434302ad6eed5dc0569d19be..6ff4ebc6476acdda69f5715c359d83b10b71c878 100644 (file)
--- a/xen/include/xen/iommu.h
+++ b/xen/include/xen/iommu.h
@@ -29,6 +29,7 @@
 extern int iommu_enabled;
 extern int iommu_pv_enabled;
 extern int force_iommu;
+extern int iommu_workaround_bios_bug;
 extern int iommu_passthrough;
 extern int iommu_snoop;
 extern int iommu_qinval;