Hi Ingo, On Fri, May 05, 2017 at 08:59:20AM +0200, Ingo Molnar wrote: > * Joerg Roedel <jroe...@suse.de> wrote:
> > The problem solved here is that someone wants tboot for security > > reasons, but doesn't want the performance penalty of having the IOMMU > > enabled and can live with the risk of an DMA attack. > > Yes, that makes sense - but in this case it would be far more user friendly > to > make it a sysctl, not a boot option. This is also much more manageable for > distributions and also allows it to be more easily turned into a security > policy > feature. > > New boot options should be for debugging hacks in essence - any serious > hardware > configuration should be done via more user-friendly methods. I agree in general that a sysctl would be more user-friendly. But the problem is that enabling/disabling the IOMMU is a boot-time option that can't be changed at runtime. That is because this decission defines how the bus addresses are mapped to physical addresses through the dma-api. When the iommu is disabled, it is just a 1-1 mapping, but when it is enabled a physical address could end up on any address in the bus address space. Once drivers are loaded that allocate those addresses we can't change the mappings anymore as disabling the iommu would do. Regards, Joerg