Intel IOMMU (VT-d) initialization for Linux

大哥您好

已于 2024-02-22 18:47:48 修改

阅读量1.1k

点赞数 14

分类专栏： Linux 文章标签： linux

于 2023-12-12 12:24:27 首次发布

本文链接：https://blog.csdn.net/u014485786/article/details/134938735

版权

Linux 专栏收录该内容

15 篇文章 0 订阅

订阅专栏

influence factors
Combinations

influence factors

boot options

intel_iommu_setup

intel_iommu=on,off,igfx_off,forcedac,strict,sp_off,sm_on,tboot_noforce,nobounce

iommu_setup

iommu=off,force,noforce,biomerge,panic,nopanic,merge,nomerge,forcesac,allowdac,nodac,usedac,soft,pt,nopt

TXT/tboot

Intel® Trusted Execution Technology and trusted boot

CONFIG_INTEL_TXT
boot_params.tboot_addr

If tboot is enabled, we may get the following kernel log during tboot_probe():

pr_info("found shared page at phys addr 0x%llx:\n",
		boot_params.tboot_addr);

platform opt in

CONFIG_DMAR_TABLE
ACPI_SIG_DMAR ----> DMAR_PLATFORM_OPT_IN

Intel VT-d DMAR table

‘iasl’ is a tool that can translate AML binary files to readable ASL source files. Install it on Ubuntu:

apt-get install iasl

Parse ‘DMAR’ e.g.,

ubuntu@ubuntu-01:~/$ sudo iasl -p ~/result -d /sys/firmware/acpi/tables/DMAR

Intel ACPI Component Architecture
ASL+ Optimizing Compiler/Disassembler version 20180105
Copyright (c) 2000 - 2018 Intel Corporation

Input file /sys/firmware/acpi/tables/DMAR, Length 0x50 (80) bytes
ACPI: DMAR 0x0000000000000000 000050 (v02 INTEL  EDK2     00000002      01000013)
Acpi Data Table [DMAR] decoded
Formatted output:  /home/ubuntu/result.dsl - 2458 bytes

View the result.dsl:

[000h 0000   4]                    Signature : "DMAR"    [DMA Remapping table]
[004h 0004   4]                 Table Length : 00000050
[008h 0008   1]                     Revision : 02
[009h 0009   1]                     Checksum : 3D
[00Ah 0010   6]                       Oem ID : "INTEL "
[010h 0016   8]                 Oem Table ID : "EDK2    "
[018h 0024   4]                 Oem Revision : 00000002
[01Ch 0028   4]              Asl Compiler ID : "    "
[020h 0032   4]        Asl Compiler Revision : 01000013

[024h 0036   1]           Host Address Width : 26
[025h 0037   1]                        Flags : 05
[026h 0038  10]                     Reserved : 00 00 00 00 00 00 00 00 00 00
...

We can see the ‘flags’ is ‘05’, refer to the following definition:

/* DMAR Flags */
#define DMAR_INTR_REMAP         0x1
#define DMAR_X2APIC_OPT_OUT     0x2
#define DMAR_PLATFORM_OPT_IN    0x4

untrusted pci devices

Refer to this article from LWN:
Bounce buffers for untrusted devices

A PCI device is marked untrusted if the firmware marks its root port as external (currently only if the ExternalFacingPort ACPI property is set); that should be the case for Thunderbolt devices.

Combinations

Assumes：

BIOS Intel VT-d is enabled
CONFIG_INTEL_IOMMU_DEFAULT_ON is not set
No trusted boot

intel_iommu=		iommu=			(no optin) or (no untrusted dev)	initialization result
on	off	on	off	pt	(no optin) or (no untrusted dev)	initialization result
					yes	off
	yes					off
					no	pt
		yes			no	pt
			yes		no	pt
yes						on
yes				yes		pt
yes			yes		yes	off
yes			yes		no	on