/sys/class/iommu ??
/sys/kernel/iommu_groups ??
vfio API ??
轉自 https://blog.csdn.net/tiantao2012/article/details/60756851 ?????
https://stackoverflow.com/questions/44286683/check-for-iommu-support-on-linux
我認為不能單單從 /sys/kernel/iommu_groups 下面是否為空來判斷,因為在沒有iommu的時候,若使用vfio+noiommu模式(echo 1 > /sys/module/vfio/parameters/enable_unsafe_noiommu_mode), vfio 也會在 iommu_groups下面添加設備,此時該目錄下非空,但其實iommu不能用。
struct iommu_group *vfio_iommu_group_get(struct device *dev)
{
struct iommu_group *group;
int __maybe_unused ret;
{
struct iommu_group *group;
int __maybe_unused ret;
group = iommu_group_get(dev);
#ifdef CONFIG_VFIO_NOIOMMU
/*
* With noiommu enabled, an IOMMU group will be created for a device
* that doesn't already have one and doesn't have an iommu_ops on their
* bus. We set iommudata simply to be able to identify these groups
* as special use and for reclamation later.
*/
if (group || !noiommu || iommu_present(dev->bus))
return group;
/*
* With noiommu enabled, an IOMMU group will be created for a device
* that doesn't already have one and doesn't have an iommu_ops on their
* bus. We set iommudata simply to be able to identify these groups
* as special use and for reclamation later.
*/
if (group || !noiommu || iommu_present(dev->bus))
return group;
group = iommu_group_alloc();
if (IS_ERR(group))
return NULL;
if (IS_ERR(group))
return NULL;
iommu_group_set_name(group, "vfio-noiommu");
iommu_group_set_iommudata(group, &noiommu, NULL);
ret = iommu_group_add_device(group, dev);
if (ret) {
iommu_group_put(group);
return NULL;
}
iommu_group_set_iommudata(group, &noiommu, NULL);
ret = iommu_group_add_device(group, dev);
if (ret) {
iommu_group_put(group);
return NULL;
}
/*
* Where to taint? At this point we've added an IOMMU group for a
* device that is not backed by iommu_ops, therefore any iommu_
* callback using iommu_ops can legitimately Oops. So, while we may
* be about to give a DMA capable device to a user without IOMMU
* protection, which is clearly taint-worthy, let's go ahead and do
* it here.
*/
add_taint(TAINT_USER, LOCKDEP_STILL_OK);
dev_warn(dev, "Adding kernel taint for vfio-noiommu group on device\n");
#endif
* Where to taint? At this point we've added an IOMMU group for a
* device that is not backed by iommu_ops, therefore any iommu_
* callback using iommu_ops can legitimately Oops. So, while we may
* be about to give a DMA capable device to a user without IOMMU
* protection, which is clearly taint-worthy, let's go ahead and do
* it here.
*/
add_taint(TAINT_USER, LOCKDEP_STILL_OK);
dev_warn(dev, "Adding kernel taint for vfio-noiommu group on device\n");
#endif
return group;
}
}