One of our regular reader asks:
How do I turn on IOMMU (Linux kernel Calgary patch) DMA support under Linux?
Most modern Linux has support for IOMMU. An IOMMU is a device that will support mapping memory addresses. There is currently high-end branded server hardware that support this, but no desktop machines support IOMMU, AFAIK. An example IOMMU is the AGP and PCI Express graphics cards.
More about IOMMU
According to wikipedia:
The IOMMU or input/output memory management unit is a computer memory management unit (MMU) that connects a DMA-capable I/O bus to the primary storage memory. Like the CPU memory management unit, an IOMMU takes care of mapping virtual addresses (also called device addresses or I/O addresses) to physical addresses and some units guarantee memory protection from misbehaving devices.
[ Image: Comparison of the I/O memory management unit (IOMMU) to the memory management unit (MMU) ]
The advantages of having an IOMMU, compared to direct physical addressing of the memory, include:
- Large regions of memory can be allocated without the need to be contiguous in physical memory - the IOMMU will take care of mapping contiguous virtual addresses to fragmented physical addresses. Thus, the use of vectored I/O (scatter-gather lists) can sometimes be avoided.
- Memory protection from malicious or misbehaving devices \u2013 a device cannot read or write to memory that hasn't been explicitly allocated (mapped) for it.
- Virtualized guest operating systems can safely be granted direct access to hardware.
- In general, the IOMMU provides isolation (memory protection) and address translatio
Turn on IOMMU
In order to turn on IOMMU, you need to pass following parameter to boot kernel (assuming that support is compiled into running kernel - most modern Linux kernel / distro has support, for e.g. Fedora / CentOS / RHEL / Suse etc):
iommu=calgary
Open /etc/grub.conf or /boot/grub/menu.lst file
vi grub.conf
Append above string to kernel line:
kernel /boot/vmlinuz-2.6.17-10-generic root=UUID=317464f6-8be2-4f54-88e3-694dcc8cd3c4 ro quiet splash iommu=calgary
Save and close the file. Reboot the server.
A note about IOMMU support
Please note that you need hardware and software to support IOMMU. Above instructions will just turn on Linux kernel software support. Since current hardware support is limited to high-end expensive server most Linux distro does not enable calgary DMA address mapping with memory protection by default.
See also:
=> AMD I/O Virtualization Technology (IOMMU) Specification
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 3 comments… read them below or add one }
I was in verse of installing RHEL 4 Update 3 on my HP Proliant server of 8 GB RAM and 143 GB Hard disk.When I booted with the first CD and it asked me about the installation and pressed “Enter”.
It got stucked during the display :
Code:
running install…
running /sbin/loader
Kernel Panic – not syncing: pCI-DMA :high address but no IOMMU errorWhats this error All about?
please answer for this, can some one help out ?Comparison between Windows Server 2008, a variant of UNIX operating system and a variant of Enterprise level Linux Operating System in terms of
o Processor Management
o Memory Management
o File System Management
o I/O Management
o Applications support
I was looking into the manual of a Sapphire Pure White Fusion E350 mini-itx motherboard when I came across IOMMU, and Google sent me right to this page ;) So yeah, not only high-end branded server hardware supports this feature.