Make the command line docs match the actual implementation, and state that the
default behaviour is selected at compile time.
Fixes: 980d6acf1517 ("IOMMU: make DMA containment of quarantined devices optional")
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
CC: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
CC: Henry Wang <Henry.Wang@arm.com>
---
docs/misc/xen-command-line.pandoc | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc
index 6b07d0f3a17f..9a19a04157cb 100644
--- a/docs/misc/xen-command-line.pandoc
+++ b/docs/misc/xen-command-line.pandoc
@@ -1480,7 +1480,8 @@ detection of systems known to misbehave upon accesses to that port.
> Default: `new` unless directed-EOI is supported
### iommu
- = List of [ <bool>, verbose, debug, force, required, quarantine[=scratch-page],
+ = List of [ <bool>, verbose, debug, force, required,
+ quarantine=<bool>|scratch-page,
sharept, superpages, intremap, intpost, crash-disable,
snoop, qinval, igfx, amd-iommu-perdev-intremap,
dom0-{passthrough,strict} ]
@@ -1519,7 +1520,8 @@ boolean (e.g. `iommu=no`) can override this and leave the IOMMUs disabled.
successfully.
* The `quarantine` option can be used to control Xen's behavior when
- de-assigning devices from guests.
+ de-assigning devices from guests. The default behaviour is chosen at
+ compile time, and is one of `CONFIG_IOMMU_QUARANTINE_{NONE,BASIC,SCRATCH_PAGE}`.
When a PCI device is assigned to an untrusted domain, it is possible
for that domain to program the device to DMA to an arbitrary address.
base-commit: 9659b2a6d73b14620e187f9c626a09323853c459
--
2.30.2
On Tue, Oct 31, 2023 at 12:02:15PM +0000, Andrew Cooper wrote:
> Make the command line docs match the actual implementation, and state that the
> default behaviour is selected at compile time.
>
> Fixes: 980d6acf1517 ("IOMMU: make DMA containment of quarantined devices optional")
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Roger Pau Monné <roger.pau@citrix.com>
> CC: Wei Liu <wl@xen.org>
> CC: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
> CC: Henry Wang <Henry.Wang@arm.com>
> ---
> docs/misc/xen-command-line.pandoc | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line.pandoc
> index 6b07d0f3a17f..9a19a04157cb 100644
> --- a/docs/misc/xen-command-line.pandoc
> +++ b/docs/misc/xen-command-line.pandoc
> @@ -1480,7 +1480,8 @@ detection of systems known to misbehave upon accesses to that port.
> > Default: `new` unless directed-EOI is supported
>
> ### iommu
> - = List of [ <bool>, verbose, debug, force, required, quarantine[=scratch-page],
> + = List of [ <bool>, verbose, debug, force, required,
> + quarantine=<bool>|scratch-page,
I think this should be quarantine=[<bool>|scratch-page], as just using
iommu=quarantine is a valid syntax and will enable basic quarantine.
IOW: the bool or scratch-page parameters are optional.
> sharept, superpages, intremap, intpost, crash-disable,
> snoop, qinval, igfx, amd-iommu-perdev-intremap,
> dom0-{passthrough,strict} ]
> @@ -1519,7 +1520,8 @@ boolean (e.g. `iommu=no`) can override this and leave the IOMMUs disabled.
> successfully.
>
> * The `quarantine` option can be used to control Xen's behavior when
> - de-assigning devices from guests.
> + de-assigning devices from guests. The default behaviour is chosen at
> + compile time, and is one of `CONFIG_IOMMU_QUARANTINE_{NONE,BASIC,SCRATCH_PAGE}`.
Do we also want to state that the current build time default is BASIC
if the user hasn't selected otherwise?
It's kind of problematic though, as distros might select a different
build time default and then the documentation would be out of sync.
Thanks, Roger.
© 2016 - 2024 Red Hat, Inc.