[Xen-devel] [PATCH v2 2/2] VT-d: reconcile iommu_inclusive_mapping and iommu=dom0-strict

The documentation for the iommu_inclusive_mapping Xen command line option

"Use this to work around firmware issues providing incorrect RMRR entries"

Unfortunately this workaround does not function correctly if the dom0-strict
iommu option is also specified.

The documentation goes on to say:

"Rather than only mapping RAM pages for IOMMU accesses for Dom0, with this
 option all pages up to 4GB, not marked as unusable in the E820 table, will
 get a mapping established."

This patch modifies the VT-d hardware domain initialization code such that
the workaround will continue to function in dom0-strict mode, by mapping
all pages not marked as unusable *unless* they are RAM pages not assigned
to dom0.

 - Make sure that the initial mapping only applies to PV dom0.
 docs/misc/xen-command-line.markdown   | 4 +++-
 xen/drivers/passthrough/vtd/iommu.c   | 2 +-
 xen/drivers/passthrough/vtd/x86/vtd.c | 8 ++++++++
 xen/include/xen/iommu.h               | 2 +-
 4 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/docs/misc/xen-command-line.markdown 
index b75471b51a..ff3c86cfb0 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1213,7 +1213,9 @@ wait descriptor timed out', try increasing this value.
 Use this to work around firmware issues providing incorrect RMRR entries.
 Rather than only mapping RAM pages for IOMMU accesses for Dom0, with this
 option all pages up to 4GB, not marked as unusable in the E820 table, will
-get a mapping established.
+get a mapping established. Note that this option is only applicable to a
+PV dom0 and if `dom0-strict` mode is enabled then conventional RAM pages
+not assigned to dom0 will not be mapped.
 ### irq\_ratelimit (x86)
 > `= <integer>`
diff --git a/xen/drivers/passthrough/vtd/iommu.c 
index 08bce92d40..1710256823 100644
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -1304,7 +1304,7 @@ static void __hwdom_init intel_iommu_hwdom_init(struct 
domain *d)
     struct acpi_drhd_unit *drhd;
-    if ( !iommu_passthrough && !need_iommu(d) )
+    if ( !iommu_passthrough && is_pv_domain(d) )
         /* Set up 1:1 page table for hardware domain. */
diff --git a/xen/drivers/passthrough/vtd/x86/vtd.c 
index f75360f279..af38503118 100644
--- a/xen/drivers/passthrough/vtd/x86/vtd.c
+++ b/xen/drivers/passthrough/vtd/x86/vtd.c
@@ -143,6 +143,14 @@ void __hwdom_init vtd_set_hwdom_mapping(struct domain *d)
         if ( xen_in_range(pfn) )
+        /*
+         * If dom0-strict mode is enabled then exclude conventional RAM
+         * and let the common code map dom0's pages.
+         */
+        if ( iommu_dom0_strict &&
+             page_is_ram_type(pfn, RAM_TYPE_CONVENTIONAL) )
+            continue;
         tmp = 1 << (PAGE_SHIFT - PAGE_SHIFT_4K);
         for ( j = 0; j < tmp; j++ )
diff --git a/xen/include/xen/iommu.h b/xen/include/xen/iommu.h
index 33c8b221dc..6b42e3b876 100644
--- a/xen/include/xen/iommu.h
+++ b/xen/include/xen/iommu.h
@@ -29,7 +29,7 @@
 #include <asm/iommu.h>
 extern bool_t iommu_enable, iommu_enabled;
-extern bool_t force_iommu, iommu_verbose;
+extern bool_t force_iommu, iommu_dom0_strict, iommu_verbose;
 extern bool_t iommu_workaround_bios_bug, iommu_igfx, iommu_passthrough;
 extern bool_t iommu_snoop, iommu_qinval, iommu_intremap, iommu_intpost;
 extern bool_t iommu_hap_pt_share;

