# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1221040389 -3600
# Node ID 6a37b3d966f90f3c1604c9a3045d033cc5eeb4ea
# Parent  b5912430e66c900c2092c035227816f43f7caeb0
vtd: Add a command line param to enable/disable pass-through feature

Taking security into accout, it's not suitable to bypass VT-d
translation for Dom0 by default when the pass-through field in
extended capability register is set. This feature is for people/usages
who are not overly worried about security/isolation, but want better
performance.

This patch adds a command line param that controls if it's enabled or
disabled.

Signed-off-by: Weidong Han <weidong.han@intel.com>

Index: xen-3.3.1-testing/xen/drivers/passthrough/iommu.c
===================================================================
--- xen-3.3.1-testing.orig/xen/drivers/passthrough/iommu.c
+++ xen-3.3.1-testing/xen/drivers/passthrough/iommu.c
@@ -33,11 +33,13 @@ int amd_iov_detect(void);
  *   pv                         Enable IOMMU for PV domains
  *   no-pv                      Disable IOMMU for PV domains (default)
  *   force|required             Don't boot unless IOMMU is enabled
+ *   passthrough                Bypass VT-d translation for Dom0
  */
 custom_param("iommu", parse_iommu_param);
 int iommu_enabled = 0;
 int iommu_pv_enabled = 0;
 int force_iommu = 0;
+int iommu_passthrough = 0;
 
 static void __init parse_iommu_param(char *s)
 {
@@ -58,6 +60,8 @@ static void __init parse_iommu_param(cha
             iommu_pv_enabled = 0;
         else if ( !strcmp(s, "force") || !strcmp(s, "required") )
             force_iommu = 1;
+        else if ( !strcmp(s, "passthrough") )
+            iommu_passthrough = 1;
 
         s = ss + 1;
     } while ( ss );
Index: xen-3.3.1-testing/xen/drivers/passthrough/vtd/iommu.c
===================================================================
--- xen-3.3.1-testing.orig/xen/drivers/passthrough/vtd/iommu.c
+++ xen-3.3.1-testing/xen/drivers/passthrough/vtd/iommu.c
@@ -1089,7 +1089,8 @@ static int domain_context_mapping_one(
     }
 
     spin_lock_irqsave(&iommu->lock, flags);
-    if ( ecap_pass_thru(iommu->ecap) && (domain->domain_id == 0) )
+    if ( iommu_passthrough &&
+         ecap_pass_thru(iommu->ecap) && (domain->domain_id == 0) )
     {
         context_set_translation_type(*context, CONTEXT_TT_PASS_THRU);
         agaw = level_to_agaw(iommu->nr_pt_levels);
@@ -1467,7 +1468,8 @@ int intel_iommu_map_page(
     iommu = drhd->iommu;
 
     /* do nothing if dom0 and iommu supports pass thru */
-    if ( ecap_pass_thru(iommu->ecap) && (d->domain_id == 0) )
+    if ( iommu_passthrough &&
+         ecap_pass_thru(iommu->ecap) && (d->domain_id == 0) )
         return 0;
 
     pg_maddr = addr_to_dma_page_maddr(d, (paddr_t)gfn << PAGE_SHIFT_4K, 1);
@@ -1506,7 +1508,8 @@ int intel_iommu_unmap_page(struct domain
     iommu = drhd->iommu;
 
     /* do nothing if dom0 and iommu supports pass thru */
-    if ( ecap_pass_thru(iommu->ecap) && (d->domain_id == 0) )
+    if ( iommu_passthrough &&
+         ecap_pass_thru(iommu->ecap) && (d->domain_id == 0) )
         return 0;
 
     dma_pte_clear_one(d, (paddr_t)gfn << PAGE_SHIFT_4K);
Index: xen-3.3.1-testing/xen/include/xen/iommu.h
===================================================================
--- xen-3.3.1-testing.orig/xen/include/xen/iommu.h
+++ xen-3.3.1-testing/xen/include/xen/iommu.h
@@ -31,6 +31,7 @@ extern int vtd_enabled;
 extern int iommu_enabled;
 extern int iommu_pv_enabled;
 extern int force_iommu;
+extern int iommu_passthrough;
 
 #define domain_hvm_iommu(d)     (&d->arch.hvm_domain.hvm_iommu)