1*732de3e7SXingang WangBYPASS IOMMU PROPERTY 2*732de3e7SXingang Wang===================== 3*732de3e7SXingang Wang 4*732de3e7SXingang WangDescription 5*732de3e7SXingang Wang=========== 6*732de3e7SXingang WangTraditionally, there is a global switch to enable/disable vIOMMU. All 7*732de3e7SXingang Wangdevices in the system can only support go through vIOMMU or not, which 8*732de3e7SXingang Wangis not flexible. We introduce this bypass iommu property to support 9*732de3e7SXingang Wangcoexist of devices go through vIOMMU and devices not. This is useful to 10*732de3e7SXingang Wangpassthrough devices with no-iommu mode and devices go through vIOMMU in 11*732de3e7SXingang Wangthe same virtual machine. 12*732de3e7SXingang Wang 13*732de3e7SXingang WangPCI host bridges have a bypass_iommu property. This property is used to 14*732de3e7SXingang Wangdetermine whether the devices attached on the PCI host bridge will bypass 15*732de3e7SXingang Wangvirtual iommu. The bypass_iommu property is valid only when there is a 16*732de3e7SXingang Wangvirtual iommu in the system, it is implemented to allow some devices to 17*732de3e7SXingang Wangbypass vIOMMU. When bypass_iommu property is not set for a host bridge, 18*732de3e7SXingang Wangthe attached devices will go through vIOMMU by default. 19*732de3e7SXingang Wang 20*732de3e7SXingang WangUsage 21*732de3e7SXingang Wang===== 22*732de3e7SXingang WangThe bypass iommu feature support PXB host bridge and default main host 23*732de3e7SXingang Wangbridge, we add a bypass_iommu property for PXB and default_bus_bypass_iommu 24*732de3e7SXingang Wangfor machine. Note that default_bus_bypass_iommu is available only when 25*732de3e7SXingang Wangthe 'q35' machine type on x86 architecture and the 'virt' machine type 26*732de3e7SXingang Wangon AArch64. Other machine types do not support bypass iommu for default 27*732de3e7SXingang Wangroot bus. 28*732de3e7SXingang Wang 29*732de3e7SXingang Wang1. The following is the bypass iommu options: 30*732de3e7SXingang Wang (1) PCI expander bridge 31*732de3e7SXingang Wang qemu -device pxb-pcie,bus_nr=0x10,addr=0x1,bypass_iommu=true 32*732de3e7SXingang Wang (2) Arm default host bridge 33*732de3e7SXingang Wang qemu -machine virt,iommu=smmuv3,default_bus_bypass_iommu=true 34*732de3e7SXingang Wang (3) X86 default root bus bypass iommu: 35*732de3e7SXingang Wang qemu -machine q35,default_bus_bypass_iommu=true 36*732de3e7SXingang Wang 37*732de3e7SXingang Wang2. Here is the detailed qemu command line for 'virt' machine with PXB on 38*732de3e7SXingang WangAArch64: 39*732de3e7SXingang Wang 40*732de3e7SXingang Wangqemu-system-aarch64 \ 41*732de3e7SXingang Wang -machine virt,kernel_irqchip=on,iommu=smmuv3,default_bus_bypass_iommu=true \ 42*732de3e7SXingang Wang -device pxb-pcie,bus_nr=0x10,id=pci.10,bus=pcie.0,addr=0x3.0x1 \ 43*732de3e7SXingang Wang -device pxb-pcie,bus_nr=0x20,id=pci.20,bus=pcie.0,addr=0x3.0x2,bypass_iommu=true \ 44*732de3e7SXingang Wang 45*732de3e7SXingang WangAnd we got: 46*732de3e7SXingang Wang - a default host bridge which bypass SMMUv3 47*732de3e7SXingang Wang - a pxb host bridge which go through SMMUv3 48*732de3e7SXingang Wang - a pxb host bridge which bypass SMMUv3 49*732de3e7SXingang Wang 50*732de3e7SXingang Wang3. Here is the detailed qemu command line for 'q35' machine with PXB on 51*732de3e7SXingang Wangx86 architecture: 52*732de3e7SXingang Wang 53*732de3e7SXingang Wangqemu-system-x86_64 \ 54*732de3e7SXingang Wang -machine q35,accel=kvm,default_bus_bypass_iommu=true \ 55*732de3e7SXingang Wang -device pxb-pcie,bus_nr=0x10,id=pci.10,bus=pcie.0,addr=0x3 \ 56*732de3e7SXingang Wang -device pxb-pcie,bus_nr=0x20,id=pci.20,bus=pcie.0,addr=0x4,bypass_iommu=true \ 57*732de3e7SXingang Wang -device intel-iommu \ 58*732de3e7SXingang Wang 59*732de3e7SXingang WangAnd we got: 60*732de3e7SXingang Wang - a default host bridge which bypass iommu 61*732de3e7SXingang Wang - a pxb host bridge which go through iommu 62*732de3e7SXingang Wang - a pxb host bridge which bypass iommu 63*732de3e7SXingang Wang 64*732de3e7SXingang WangLimitations 65*732de3e7SXingang Wang=========== 66*732de3e7SXingang WangThere might be potential security risk when devices bypass iommu, because 67*732de3e7SXingang Wangdevices might send malicious dma request to virtual machine if there is no 68*732de3e7SXingang Wangiommu isolation. So it would be necessary to only bypass iommu for trusted 69*732de3e7SXingang Wangdevice. 70*732de3e7SXingang Wang 71*732de3e7SXingang WangImplementation 72*732de3e7SXingang Wang============== 73*732de3e7SXingang WangThe bypass iommu feature includes: 74*732de3e7SXingang Wang - Address space 75*732de3e7SXingang Wang Add bypass iommu property check of PCI Host and do not get iommu address 76*732de3e7SXingang Wang space for devices bypass iommu. 77*732de3e7SXingang Wang - Arm SMMUv3 support 78*732de3e7SXingang Wang We traverse all PCI root bus and get bus number ranges, then build explicit 79*732de3e7SXingang Wang RID mapping for devices which do not bypass iommu. 80*732de3e7SXingang Wang - X86 IOMMU support 81*732de3e7SXingang Wang To support Intel iommu, we traverse all PCI host bridge and get information 82*732de3e7SXingang Wang of devices which do not bypass iommu, then fill the DMAR drhd struct with 83*732de3e7SXingang Wang explicit device scope info. To support AMD iommu, add check of bypass iommu 84*732de3e7SXingang Wang when traverse the PCI hsot bridge. 85*732de3e7SXingang Wang - Machine and PXB options 86*732de3e7SXingang Wang We add bypass iommu options in machine option for default root bus, and add 87*732de3e7SXingang Wang option for PXB also. Note that the default value of bypass iommu is false, 88*732de3e7SXingang Wang so that the devices will by default go through iommu if there exist one. 89*732de3e7SXingang Wang 90