12/1/14 IOMMU: A Detailed view Anurup M. Sanil Kumar D. Nov, 2014 HUAWEI TECHNOLOGIES CO., LTD. Security Level: Security Level: Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture n Summary Input/Outpu t Memory Management Unit IOMMU Memory Physical Address Space Virtual Addresses /Device Addresses HUAWEI TECHNOLOGIES CO., LTD. Physical Addresses IOMMU MMU Device CPU Virtual Address Space Page 3 Why IOMMU ? • Address Translation Without IOMMU many devices are unable to address • Isolation the complete address range supported by the host IODevices can corrupt the memory without memory isolation processor Device VA IOMMU TLB HIT IOTLB 1 Physical Memory 2 or 4 Translation Logic TLB MIS S 2 3 Physical Memory Physical Memory Access Denied TLB UPDA TE Device System Bus IO Page Table 3 System Bus Page Fault / Invalid Memory IOMMU provides the unique address translation for the device address to address more than its actual capability. (This translation is independent of MMU) HUAWEI TECHNOLOGIES CO., LTD. IOMMU IO Device IOMMU provides memory protection and enables secure memory access Page 4 IOMMU: Pros and Cons Pros Cons Large Memory Allocation; No need to be physically contiguous • Degradation of performance from translation and management overhead (can be mitigated by a TLB) • Devices can access physical memory addresses higher than 4GB (non-DAC devices as well) • Can be programmed to make the memory region appear to be contiguous to the device on the bus . • • • Consumption of physical memory for the added I/O page (translation) tables. This can be mitigated if the tables can be shared with the processor. Device Isolation (avoid DMA attacks) Peripheral memory paging can be supported by an IOMMU. (PCIe Address Translation Services (ATS) Page Request Interface (PRI) extension can detect and signal the need for memory manager services.) • • Interrupt remapping. HUAWEI TECHNOLOGIES CO., LTD. Page 5 Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture n Summary HUAWEI TECHNOLOGIES CO., LTD. Page 6 IOMMU in ARM •IOMMU in ARM is named as System Memory Management Unit (SMMU) •Supports Address translation and isolation •Two stage transaltion to support Virtualization ● Stage 1, from VA (Virtual address) to IPA (Intermediate Physical Address) ● Stage 2, from IPA to PA (Physical Address) – hypervisor will define translation tables to perform this. •ARM releases SMMU specifications to support the implementations Memory •http://infocenter.arm.com •Currently SMMUv2 is the latest official release •The mainline Linux kernel has the SMMUv2 driver implemented Physical Address Space SMMU MMU Device CPU •This driver currently supports (drivers/iommu/arm_smmu.c) •SMMUv1 and v2 implementations •Stream-matching and stream-indexing •v7/v8 long-descriptor format Virtual Address Space •Non-secure access to the SMMU •4k and 64k pages, with contiguous pte hints •Up to 42-bit addressing (dependent on VA_BITS) •Context fault reporting HUAWEI TECHNOLOGIES CO., LTD. Page 7 Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture n Summary HUAWEI TECHNOLOGIES CO., LTD. Page 8 Use cases DMA 4GB 4GB 0 X1 X1 0 Under Guest OS control 4GB SMMU DMA DMA 0 A1 An Virtual Address space An Access Denied Device SMMU HUAWEI TECHNOLOGIES CO., LTD. An Xn A1 0 A1 0 Intermediate Physical Address space Physical Address space Enables devices to address more than its addressing capability without DAC or bounce buffers n Two stage address translation helps to manage virtual devices along with isolation n Memory protection helps in DMA and Virtualization use cases n Scatter gather DMA capabilities n High performance user space drivers n Physical Memory System Bus Stage 1 Xn 4GB X1 4GB Guest OS1 I/O address space Guest OSn CPU copies from bounce buffer to destination Xn Stage 2 CPU address space Stage 1 CPU address space Virtualization Page 9 Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture n Summary HUAWEI TECHNOLOGIES CO., LTD. Page 10 Software Architecture Device/User 1 Device/User n DMA Mapping /arch/arm/mm IOMMU Main Driver (/drivers/iommu/*) ARM SMMU(IOMMU) HW Support HUAWEI TECHNOLOGIES CO., LTD. Clients that uses the iommu Attaches clients to use iommu awared dma ops (dma-mappings.c) Almost all the features of IOMMU are abstracted at this layer (iommu.c, arm-smmu.c …) Support IOMMU support on Hardware Page 11 Code Flow: DMA API to IOMMU dma-mapping.c iommu.c arm_smmu.c dma-mapping.c (arch\arm\mm) Device driver DMA Mapping /arch/<ARCH>/mm IOMMU Main Driver (/drivers/iommu/*) IOMMU HW Support HUAWEI TECHNOLOGIES CO., LTD. iommu.c Page 12 Code Flow: IOMMU to Specific IOMMU Drive r iommu.c Device driver arm_smmu.c DMA Mapping /arch/<ARCH>/mm IOMMU Main Driver (/drivers/iommu/*) IOMMU HW Support HUAWEI TECHNOLOGIES CO., LTD. Page 13 Contents n IOMMU Introduction n IOMMU for ARM n Use cases n Software Architecture n Summary HUAWEI TECHNOLOGIES CO., LTD. Page 14 Summary ARM SMMU is getting refined and new versions with more features expected In Linux Kernel, iommu developments are active, especially for ARM SMMU New drivers and features (PCIe/ATS, VFIO…) Focus on Virtualization Support and extensions Performance optimizations [email protected] HUAWEI TECHNOLOGIES CO., LTD. [email protected] Page 15 IOMMU Mailing List HUAWEI TECHNOLOGIES CO., LTD. Page 16 Thank you www.huawei.com [email protected] [email protected] Reference http://en.wikipedia.org/wiki/IOMMU - IOMMU information http://infocenter.arm.com/help/topic/com.arm.doc.ihi0062c/IHI0062C_system_mmu_architecture_specification.pdf - ARM SMMU v2 specification Linux kernel mainline source code 3.17 HUAWEI TECHNOLOGIES CO., LTD. Page 18
© Copyright 2024 ExpyDoc
