On Sun, Jun 08, 2014 at 12:31:29PM +0200, Christoffer Dall wrote: > On Thu, Jun 05, 2014 at 07:03:12PM +0200, Antonios Motakis wrote: > > With an ARM SMMU, interrupt remapping should always be safe from the > > SMMU's point of view, as it is properly handled by the GIC. > > > > Signed-off-by: Antonios Motakis <a.motakis@xxxxxxxxxxxxxxxxxxxxxx> > > --- > > drivers/iommu/arm-smmu.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c > > index 15ab2af..ff29402 100644 > > --- a/drivers/iommu/arm-smmu.c > > +++ b/drivers/iommu/arm-smmu.c > > @@ -1544,7 +1544,7 @@ static int arm_smmu_domain_has_cap(struct iommu_domain *domain, > > if (smmu_domain->root_cfg.smmu->features & ARM_SMMU_FEAT_COHERENT_WALK) > > caps |= IOMMU_CAP_CACHE_COHERENCY; > > > > - caps |= IOMMU_CAP_NOEXEC; > > + caps |= IOMMU_CAP_NOEXEC | IOMMU_CAP_INTR_REMAP; > > > > return !!(cap & caps); > > } > > -- > > 1.8.3.2 > > > What does IOMMU_CAP_INTR_REMAP signify exactly? Is there docs/examples > somewhere I can look at? (A quick scan of the Linux souce code doesn't > reveal much, and I'm not sure if this is purely MSI related or what...) The flag was introduced for x86 IOMMUs to detect whether an IOMMU in the system has and enables interrupt remapping to allow safe device assignment to KVM guests. Without interrupt remapping a malicious guest could attack the host with MSIs from the attached device. How are PCI MSIs implemented on ARM with SMMU and GIC enabled. MSIs are only memory dma transactions in the end, is it guaranteed on ARM that a device only sends MSI transactions it is allowed to? Joerg -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html