Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1346920

Summary: vIOMMU: prevent unsupported configurations with vfio
Product: Red Hat Enterprise Linux 7 Reporter: Alex Williamson <alex.williamson>
Component: qemu-kvm-rhevAssignee: Alex Williamson <alex.williamson>
Status: CLOSED ERRATA QA Contact: Pei Zhang <pezhang>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: alex.williamson, chayang, huding, jinzhao, juzhang, knoel, pezhang, racedoro, virt-maint, xfu
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: qemu-kvm-rhev-2.6.0-12.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-07 21:17:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alex Williamson 2016-06-15 16:11:06 UTC 
Description of problem:

vIOMMU support (VT-d emulation) is available in QEMU 2.6, but does not support the necessary notifier calling points to support an external IOMMU cache, such as necessary for vfio-pci.  We don't want users enabling configurations which we know to be broken and currently unsupported.  Prevent them.

Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1. Enable vfio-pci device with -M q35,iommu=on
2.
3.

Actual results:
VM starts, but vfio-pci device does not work


Expected results:
vfio-pci device should either work or the configuration should generate an error.  Here we're trying to enable the latter.

Additional info:
Patches posted upstream: https://lists.nongnu.org/archive/html/qemu-devel/2016-06/msg04253.html
Comment 2 Miroslav Rezanina 2016-07-08 08:39:58 UTC 
Fix included in qemu-kvm-rhev-2.6.0-12.el7
Comment 4 Pei Zhang 2016-07-14 07:05:30 UTC 
Reproduced:
Versions:
qemu-kvm-rhev-2.6.0-11.el7.x86_64

Steps:
1. Boot guest with iommu=on and vfio-pci device

# lspci | grep Eth
01:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01)
...

# /usr/libexec/qemu-kvm \
-M q35,iommu=on \
-device vfio-pci,host=01:00.0

(qemu) qemu-kvm: -device vfio-pci,host=01:00.0,bus=root.1,id=pf: iommu map to non memory area 0
qemu-kvm: -device vfio-pci,host=01:00.0,bus=root.1,id=pf: iommu map to non memory area 1000
qemu-kvm: -device vfio-pci,host=01:00.0,bus=root.1,id=pf: iommu map to non memory area 2000
...
qemu-kvm: -device vfio-pci,host=01:00.0: iommu map to non memory area f09c000
qemu-kvm: -device vfio-pci,host=01:00.0: iommu map to non memory area f09d000
...


Hi Alex,
In your description, the guest should work. But it doesn't, qemu will keep printing "qemu-kvm: -device vfio-pci,host=01:00.0,bus=root.1,id=pf: iommu map to non memory area xxx",it looks like in a indefinite loop. 

So is this bug reproduced? Thanks.


Verified:
Versions:
qemu-img-rhev-2.6.0-13.el7.x86_64

Steps:
1. Boot guest with iommu=on and vfio-pci device
# /usr/libexec/qemu-kvm \
-M q35,iommu=on \
-device vfio-pci,host=01:00.0

(qemu) qemu: hardware error: Device at bus root.1 addr 00.0 requires iommu notifier which is currently not supported by intel-iommu emulation
CPU #0:
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000206a1
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
CPU #1:
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000206a1
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
Aborted (core dumped)


Qemu quit with prompting 'hardware error' which seems to be expected. But qemu core dump. So I file a new bug[1] to track this new issue.
[1]Bug 1356445 - qemu core dump when booting with 'iommu=on' and vfio-pci
Comment 5 Alex Williamson 2016-07-14 12:52:39 UTC 
This is the expected behavior.
Comment 6 Pei Zhang 2016-08-12 00:50:51 UTC 
According to Comment 4 and Comment 5, set this bug to VERIFIED.
Comment 8 errata-xmlrpc 2016-11-07 21:17:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2673.html