* Joerg Roedel <jroe...@suse.de> wrote:
> Hi Ingo,
>
> On Fri, May 05, 2017 at 08:59:20AM +0200, Ingo Molnar wrote:
> > * Joerg Roedel <jroe...@suse.de> wrote:
>
> > > The problem solved here is that someone wants tboot for security
> > > reasons, but doesn't want the performance penalty of having the IOMMU
> > > enabled and can live with the risk of an DMA attack.
> >
> > Yes, that makes sense - but in this case it would be far more user friendly
> > to
> > make it a sysctl, not a boot option. This is also much more manageable for
> > distributions and also allows it to be more easily turned into a security
> > policy
> > feature.
> >
> > New boot options should be for debugging hacks in essence - any serious
> > hardware
> > configuration should be done via more user-friendly methods.
>
> I agree in general that a sysctl would be more user-friendly. But the
> problem is that enabling/disabling the IOMMU is a boot-time option that
> can't be changed at runtime.
>
> That is because this decission defines how the bus addresses are mapped
> to physical addresses through the dma-api. When the iommu is disabled,
> it is just a 1-1 mapping, but when it is enabled a physical address
> could end up on any address in the bus address space.
>
> Once drivers are loaded that allocate those addresses we can't change
> the mappings anymore as disabling the iommu would do.
Ok - that makes sense - I withdraw my objections:
Acked-by: Ingo Molnar <mi...@kernel.org>
Thanks,
Ingo
