diff options
| author | Keir Fraser <keir.fraser@citrix.com> | 2010-01-26 07:51:20 +0000 |
|---|---|---|
| committer | Keir Fraser <keir.fraser@citrix.com> | 2010-01-26 07:51:20 +0000 |
| commit | f30a5d2eceb2fa3d6145e7527cae7ff34cb70e49 (patch) | |
| tree | cb10928826a954ff3dcedfcc0f166c1ece4ecfff /.hgtags | |
| parent | 224c24a3df88e20c0fa4685284506c0c45b6b401 (diff) | |
| download | xen-f30a5d2eceb2fa3d6145e7527cae7ff34cb70e49.tar.gz xen-f30a5d2eceb2fa3d6145e7527cae7ff34cb70e49.tar.bz2 xen-f30a5d2eceb2fa3d6145e7527cae7ff34cb70e49.zip | |
VT-d: add "iommu=workaround_bios_bug" option
Add this option to workaround BIOS bugs. Currently it ignores DRHD
if "all" devices under its scope are not pci discoverable. This
workarounds a BIOS bug in some platforms to make VT-d work. But note
that this option doesn't guarantee security, because it might ignore
DRHD.
So there are 3 options which handle BIOS bugs differently:
iommu=1 (default): If detect non-existent device under a DRHD's
scope, or find incorrect RMRR setting (base_address > end_address),
disable VT-d completely in Xen with warning messages. This guarantees
security when VT-d enabled, or just disable VT-d to let Xen work
without VT-d.
iommu=force: it enforces to enable VT-d in Xen. If VT-d cannot be
enabled, it will crashes Xen. This is mainly for users who must need
VT-d.
iommu=workaround_bogus_bios: it workarounds some BIOS bugs to make
VT-d still work. This might be insecure because there might be a
device not protected by any DRHD if the device is re-enabled by
malicious s/w. This is for users who want to use VT-d regardless of
security.
Signed-off-by: Weidong Han <weidong.han@intel.com>
Diffstat (limited to '.hgtags')
0 files changed, 0 insertions, 0 deletions