On Fri, 2014-05-09 at 13:19 -0700, James Bottomley wrote:
> But for a laptop or desktop kernel, how far do we want to go?  In
> theory, once the iommu is turned on, it corrals the device, since access
> to non programmed addresses (those without IOTLB entries) produces a
> fault.  Is there anything extra we need to do beyond turning on the
> IOMMU?

Well, if it persists in misbehaving, we can try a function level reset.
Or perhaps power cycle it — we've gained the facility for power
management reasons, but we can probably use it for beating the device on
the head when it's naughty too. And some platforms can electrically
isolate misbehaving devices completely, rather than just ignoring their
DMA attempts.

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse@intel.com                              Intel Corporation