ACK: [SRU][B/aws, F/aws, G/aws] disable strict IOMMU TLB invalidation by default
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Oct 30 18:28:18 UTC 2020
On Fri, Oct 30, 2020 at 06:33:38PM +0100, Andrea Righi wrote:
> BugLink: https://bugs.launchpad.net/bugs/1902281
>
> [Impact]
>
> AWS requires to relax the synchronous IOMMU TLB invalidation by default
> to get a significant performance improvement on certain arm64 instance
> types (bare metal).
>
> This is not the default behavior in the upstream kernel, that enforces
> synchronous invalidations to provide a better isolation and potentially
> prevent side-channel attacks with malicious devices that can be
> registered in the same IOMMU domain.
>
> This behavior cannot be changed at run-time and it is available only via
> iommu.strict=0|1 (via kernel boot parameters - GRUB).
>
> [Test Case]
>
> It has been performance-tested by AWS.
>
> [Fix]
>
> Change iommu.strict in the kernel to be off by default. It will be
> always possible to revert this change and restore the old behavior by
> setting iommu.strict=1 in the GRUB parameters (and rebooting).
>
> [Regression Potential]
>
> The only concern about this change is that we are relaxing a security
> constraint. After considerable discussion and evaluation (also with the
> security team) the conclusion was that this change is not realistically
> affecting the particular AWS environment in terms of security and it can
> definitely provide a significant performance boost on certain arm64
> instance types.
For AWS only. VFIO does the right thing and flushes the IOTLB. This will affect
the use of DMA API, but that should be fine on clouds.
Acked-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
More information about the kernel-team
mailing list