ACK: [SRU][B/aws, F/aws, G/aws] disable strict IOMMU TLB invalidation by default
Colin Ian King
colin.king at canonical.com
Fri Oct 30 18:11:04 UTC 2020
On 30/10/2020 17:33, Andrea Righi wrote:
> BugLink: https://bugs.launchpad.net/bugs/1902281
> AWS requires to relax the synchronous IOMMU TLB invalidation by default
> to get a significant performance improvement on certain arm64 instance
> types (bare metal).
> This is not the default behavior in the upstream kernel, that enforces
> synchronous invalidations to provide a better isolation and potentially
> prevent side-channel attacks with malicious devices that can be
> registered in the same IOMMU domain.
> This behavior cannot be changed at run-time and it is available only via
> iommu.strict=0|1 (via kernel boot parameters - GRUB).
> [Test Case]
> It has been performance-tested by AWS.
> Change iommu.strict in the kernel to be off by default. It will be
> always possible to revert this change and restore the old behavior by
> setting iommu.strict=1 in the GRUB parameters (and rebooting).
> [Regression Potential]
> The only concern about this change is that we are relaxing a security
> constraint. After considerable discussion and evaluation (also with the
> security team) the conclusion was that this change is not realistically
> affecting the particular AWS environment in terms of security and it can
> definitely provide a significant performance boost on certain arm64
> instance types.
This does concern me, but since it's been OK'd with the folk in the know
I'll OK this.
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team